Page 1 H3C S5500-EI Series Ethernet Switches Operation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: 20071120-C-1.01 Product Version: Release 2102...
Page 2 Copyright © 2007, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
Page 3: About This Manual
About This Manual Related Documentation In addition to this manual, each H3C S5500-EI Series Ethernet Switches documentation set includes the following: Manual Description H3C S5500-EI Series Ethernet Switches It provides information for the system Installation Manual installation. H3C S5500-EI Series Ethernet Switches...
Page 4 Part Contents Introduces DLDP and the related 9 DLDP configurations. Introduces STP, BRDU tunnel and the 10 MSTP related configurations. Introduces the basic routing information, 11 IP Routing-GR Overview the classification of routing protocols, and GR fundamental. Introduces IPv4 routing related 12 IPv4 Routing configurations, such as static routing, RIP, OSPF, IS-IS, BGP, and route policy.
Page 5 Part Contents Introduces basic configuration for file 28 File System Management system management. Introduces the configuration to analyze and 29 Information Center diagnose networks using the information center. 30 System Maintaining and Introduces daily system maintenance and Debugging debugging. Introduces NQA and the related 31 NQA configurations.
Page 6 Convention Description Items (keywords or arguments) in square brackets [ ] are optional. Alternative items are grouped in braces and separated by { x | y | ... } vertical bars. One is selected. Optional alternative items are grouped in square brackets [ x | y | ...
Page 7: Table Of Contents
1.3 Software Version Release ....................1-2 Chapter 2 Documentation and Product Version ................ 2-1 2.1 Documentation and Software Version ................2-1 2.2 H3C S5500-EI Series Ethernet Switch Documentation Set ..........2-1 Chapter 3 Product Overview ......................3-1 3.1 Preface..........................3-1 3.2 Product Models ........................
Page 8: Chapter 1 Obtaining The Documentation
Software release notes 1.1 CD-ROM H3C delivers a CD-ROM together with each device. The CD-ROM contains a complete product document set, including the operation manual, command manual, installation manual, and compatibility manual. After installing the reader program provided by the CD-ROM, you can search for the desired contents in a convenient way through the reader interface.
Page 9: Software Version Release
Operation Manual – Overview H3C S5500-EI Series Ethernet Switches Chapter 1 Obtaining the Documentation 1.3 Software Version Release With software upgrade, new software features may be added. You can acquire the information about the newly added software features through software release notes.
Page 10: Chapter 2 Documentation And Product Version
H3C S5500-EI Series Ethernet Switches Operation Manual-Release 2102 and H3C S5500-EI Series Ethernet Switches Command Manual-Release 2102 apply to S5500-EI series Ethernet switches with their software version being Release 2102. 2.2 H3C S5500-EI Series Ethernet Switch Documentation Set Table 2-1 H3C S5500-EI series Ethernet switch documentation set...
Page 11: Chapter 3 Product Overview
Chapter 3 Product Overview 3.1 Preface H3C S5500-EI Series Ethernet Switches (hereinafter referred to as the S5500-EI series) are Gigabit Ethernet switching products developed by H3C. The S5500-EI series have abundant service features. They provide the IPv6 forwarding function and 10GE uplink interfaces.
Page 12 Operation Manual – Overview H3C S5500-EI Series Ethernet Switches Chapter 3 Product Overview Number of Console Model Ports service ports port 24 100/1,000 M SFP ports + 8 10/100/1,000 H3C S5500-28F-EI M Combo electrical ports + 2 10GE module slots...
Page 13: Chapter 4 Networking Applications
10GE ports are supported. Networking is very flexible. The S5500-EI series can apply to Gigabit Ethernet to the desktop (GTTD) access of enterprise networks, user access of campus networks, and connection of data center server clusters.
Page 14 Operation Manual – Overview H3C S5500-EI Series Ethernet Switches Chapter 4 Networking Applications Ethernet cables, the S5500-EI series can provide power to IP phone, WLAN AP, and other PD devices that support IEEE 802.3af to facilitate network maintenance and management.
Page 15 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Logging In to an Ethernet Switch ................1-1 1.1 Logging In to an Ethernet Switch..................1-1 1.2 Introduction to the User Interface ..................1-1 1.2.1 Supported User Interfaces ..................
Page 16 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Table of Contents Chapter 4 Logging in Using Modem.................... 4-1 4.1 Introduction ........................4-1 4.2 Configuration on the Administrator Side................4-1 4.3 Configuration on the Switch Side..................4-1 4.3.1 Modem Configuration....................4-1 4.3.2 Switch Configuration ....................
Page 17: Chapter 1 Logging In To An Ethernet Switch
VTY users. Note: As the AUX port and the console port of an H3C series switch are the same one, you will be in the AUX user interface if you log in through this port. 1.2.2 User Interface Number Two kinds of user interface index exist: absolute user interface index and relative user interface index.
Page 18: Common User Interface Configuration
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 1 Logging In to an Ethernet Switch A relative user interface index can be obtained by appending a number to the identifier of a user interface type. It is generated by user interface type. The...
Page 19 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 1 Logging In to an Ethernet Switch To do… Use the command… Remarks Optional The default timeout time of a user interface is 10 minutes. With the timeout time being...
Page 20: Chapter 2 Logging In Through The Console Port
Chapter 2 Logging In Through the Console Port Chapter 2 Logging In Through the Console Port Note: The default system name of S5500-EI series Ethernet switches is H3C, that is, the command line prompt is H3C. All the following examples take H3C as the command line prompt.
Page 21 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port Figure 2-1 Diagram for setting the connection to the console port If you use a PC to connect to the console port, launch a terminal emulation utility (such as Terminal in Windows 3.X or HyperTerminal in Windows 9X/Windows...
Page 22: Console Port Login Configuration
Figure 2-4 Set port parameters terminal window Turn on the switch. The user will be prompted to press the Enter key if the switch successfully completes POST (power-on self test). The prompt (such as <H3C>) appears after the user presses the Enter key.
Page 23 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port Table 2-2 Common configuration of console port login Configuration Description Optional Baud rate The default baud rate is 9,600 bps. Optional Check mode...
Page 24: Console Port Login Configurations For Different Authentication Modes
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port Caution: Changing of console port configuration terminates the connection to the console port. To establish the connection again, you need to modify the configuration of the termination emulation utility running on your PC accordingly.
Page 25: Console Port Login Configuration With Authentication Mode Being None
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port Authentication Console port login configuration Description mode Optional AAA configuration Specify to specifies whether Local authentication is perform local to perform local performed by default.
Page 26 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port To do… Use the command… Remarks Required Configure not to authentication-mode By default, users logging in authenticate users none through the console port are not authenticated.
Page 27: Configuration Example
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port To do… Use the command… Remarks Optional The default history command Set the history command history-command buffer size is 10. That is, a...
Page 28 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port The screen can contain up to 30 lines. The history command buffer can contain up to 20 commands. The timeout time of the AUX user interface is 6 minutes.
Page 29: Console Port Login Configuration With Authentication Mode Being Password
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port the PC, to make the configuration consistent with that on the switch. Refer to section 2.2 “Setting Up the Connection to the Console Port”...
Page 30 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port To do… Use the command… Remarks Optional Define a shortcut key escape-key { default | The default shortcut key for aborting tasks character } combination for aborting tasks is <...
Page 31 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port Table 2-5 Determine the command level (B) Scenario Command Authentication level User type Command mode The user privilege level level command not Level 3...
Page 32 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port III. Configuration procedure # Enter system view. <H3C> system-view # Enter AUX user interface view. [H3C] user-interface aux 0 # Specify to authenticate the user logging in through the console port using the local password.
Page 33: Console Port Login Configuration With Authentication Mode Being Scheme
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port 2.6 Console Port Login Configuration with Authentication Mode Being Scheme 2.6.1 Configuration Procedure To do… Use the command… Remarks — Enter system view...
Page 34 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port To do… Use the command… Remarks Optional Set the The default baud rate of the AUX baud speed speed-value port (also the console port) is 9,600 rate bps.
Page 35 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port To do… Use the command… Remarks Optional The default timeout time of a user interface is 10 minutes. With the timeout time being 10...
Page 36 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port 2.6.2 Configuration Example I. Network requirements Assume the switch is configured to allow you to login through Telnet, and your user level is set to the administrator level (level 3). After you telnet to the switch, you need to limit the console user at the following aspects.
Page 37 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 2 Logging In Through the Console Port # Set the service type to Terminal, Specify commands of level 2 are available to the user logging in to the AUX user interface.
Page 38: Chapter 3 Logging In Through Telnet
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet Chapter 3 Logging In Through Telnet 3.1 Introduction You can telnet to a remote switch to manage and maintain the switch. To achieve this, you need to configure both the switch and the Telnet terminal properly.
Page 39: Telnet Configurations For Different Authentication Modes
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet Table 3-2 Common Telnet configuration Configuration Description Optional Configure the command level available to users By default, commands of level 0 are logging in to the VTY user...
Page 40 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet Table 3-3 Telnet configurations for different authentication modes Authentication Telnet configuration Description mode Perform Perform Optional common common Telnet None Refer to Table 3-2. configuration...
Page 41: Telnet Configuration With Authentication Mode Being None
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet 3.2 Telnet Configuration with Authentication Mode Being None 3.2.1 Configuration Procedure To do… Use the command… Remarks Enter system view system-view — Enable the Telnet server...
Page 42 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet To do… Use the command… Remarks Optional The default history command Set the history command history-command buffer size is 10. That is, a buffer size...
Page 43 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet The screen can contain up to 30 lines. The history command buffer can contain up to 20 commands. The timeout time of VTY 0 is 6 minutes.
Page 44: Telnet Configuration With Authentication Mode Being Password
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet 3.3 Telnet Configuration with Authentication Mode Being Password 3.3.1 Configuration Procedure To do… Use the command… Remarks Enter system view system-view — Enable the Telnet server...
Page 45 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet To do… Use the command… Remarks Optional By default, the screen can Set the maximum number contain up to 24 lines. screen-length of lines the screen can...
Page 46 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet 3.3.2 Configuration Example I. Network requirements Assume that you are a level 3 AUX user and want to perform the following configuration for Telnet users logging in to VTY 0: Authenticate users logging in to VTY 0 using the local password.
Page 47: Telnet Configuration With Authentication Mode Being Scheme
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet [H3C-ui-vty0] history-command max-size 20 # Set the timeout time to 6 minutes. [H3C-ui-vty0] idle-timeout 6 3.4 Telnet Configuration with Authentication Mode Being Scheme 3.4.1 Configuration Procedure To do…...
Page 48 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet To do… Use the command… Remarks Required The specified AAA scheme Configure to determines whether to authentication-mode authenticate users authenticate users locally or scheme locally or remotely remotely.
Page 49 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet To do… Use the command… Remarks Optional The default timeout time of a user interface is 10 minutes. With the timeout time being 10 minutes, the connection to a...
Page 50 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet Scenario Command Authenticat level User type Command ion mode The user privilege level level command is not executed, and the service-type command does not specify the available command level.
Page 51 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet 3.4.2 Configuration Example I. Network requirements Assume that you are a level 3 AUX user and want to perform the following configuration for Telnet users logging in to VTY 0: Configure the name of the local user to be “guest”.
Page 52: Telnet Connection Establishment
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet [H3C-ui-vty0] protocol inbound telnet # Set the maximum number of lines the screen can contain to 30. [H3C-ui-vty0] screen-length 30 # Set the maximum number of commands the history command buffer can store to 20.
Page 53 Step 5: Enter the password when the Telnet window displays “Login authentication” and prompts for login password. The CLI prompt (such as <H3C>) appears if the password is correct. If all VTY user interfaces of the switch are in use, you will fail to establish the connection and receive the message that says “All user interfaces are used, please try...
Page 54: Telnetting To Another Switch From The Current Switch
You can use the ip host to assign a host name to a switch. Step 4: Enter the password. If the password is correct, the CLI prompt (such as <H3C>) appears. If all VTY user interfaces of the switch are in use, you will fail to establish the...
Page 55 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 3 Logging In Through Telnet connection and receive the message that says “All user interfaces are used, please try later!”. Step 5: After successfully Telnetting to the switch, you can configure the switch or display the information about the switch by executing corresponding commands.
Page 56: Chapter 4 Logging In Using Modem
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 4 Logging in Using Modem Chapter 4 Logging in Using Modem 4.1 Introduction The administrator can log in to the console port of a remote switch using a modem through PSTN (public switched telephone network) if the remote switch is connected to the PSTN through a modem to configure and maintain the switch remotely.
Page 57: Switch Configuration
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 4 Logging in Using Modem ATS0=1 ----------------------- Configure to answer automatically after the first ring AT&D ----------------------- Ignore DTR signal AT&K0 ----------------------- Disable flow control AT&R1 ----------------------- Ignore RTS signal AT&S0...
Page 58: Modem Connection Establishment
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 4 Logging in Using Modem II. Configuration on switch when the authentication mode is password Refer to section "Console Port Login Configuration with Authentication Mode Being Password” III. Configuration on switch when the authentication mode is scheme Refer to section "Console Port Login Configuration with Authentication Mode...
Page 59 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 4 Logging in Using Modem Modem serial cable Telephone line Modem PSTN Modem Telephone number of the romote end: 82882285 Console port Figure 4-1 Establish the connection by using modems...
Page 60 Step 5: Provide the password when prompted. If the password is correct, the prompt (such as <H3C>) appears. You can then configure or manage the switch. You can also enter the character ? at anytime for help. Refer to the following chapters for information about the configuration commands.
Page 61: Http Connection Establishment
Network Management System 5.1 Introduction An S5500-EI series switch has a Web server built in. You can log in to an S5500-EI series switch through a Web browser and manage and maintain the switch intuitively by interacting with the built-in Web server.
Page 62: Web Server Shutdown/Startup
Operation Manual – Login Chapter 5 Logging in Through Web-based Network H3C S5500-EI Series Ethernet Switches Management System <H3C> system-view [H3C] interface vlan-interface 1 [H3C-Vlan-interface1] ip address 10.153.17.82 255.255.255.0 Step 2: Configure the user name and the password for the Web-based network management system.
Page 63: Displaying Web Users
Operation Manual – Login Chapter 5 Logging in Through Web-based Network H3C S5500-EI Series Ethernet Switches Management System To do… Use the command… Remarks — Enter system view system-view Required Execute this command in Shut down the Web undo ip http enable system view.
Page 64: Chapter 6 Logging In Through Nms
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 6 Logging in Through NMS Chapter 6 Logging in Through NMS 6.1 Introduction You can also log in to a switch through an NMS (network management station), and then configure and manage the switch through the agent module on the switch.
Page 65: Configuring Source Ip Address For Telnet Service Packets
Operation Manual – Login Chapter 7 Configuring Source IP Address for Telnet H3C S5500-EI Series Ethernet Switches Service Packets Chapter 7 Configuring Source IP Address for Telnet Service Packets Go to these sections for information you are interested in: Overview...
Page 66: Displaying The Source Ip Address/Interface Specified For Telnet Packets
Operation Manual – Login Chapter 7 Configuring Source IP Address for Telnet H3C S5500-EI Series Ethernet Switches Service Packets II. Configuration in system view Table 7-2 Configure a source IP address for service packets in system view To do… Use the command…...
Page 67: Chapter 8 Controlling Login Users
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 8 Controlling Login Users Chapter 8 Controlling Login Users 8.1 Introduction A switch provides ways to control different types of login users, as listed in Table 8-1. Table 8-1 Ways to control different types of login users...
Page 68: Controlling Telnet Users By Source And Destination Ip Addresses
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 8 Controlling Login Users To do… Use the command… Remarks Enter system view system-view — acl [ ipv6 ] number As for the acl number Create a basic ACL or...
Page 69: Controlling Telnet Users By Source Mac Addresses
Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 8 Controlling Login Users To do… Use the command… Remarks Quit to system view quit — user-interface [ type ] Enter user interface view first-number — [ last-number ] Required...
Page 70: Controlling Network Management Users By Source Ip Addresses
8.3 Controlling Network Management Users by Source IP Addresses You can manage a S5500-EI series Ethernet switch through network management software. Network management users can access switches through SNMP. You need to perform the following two operations to control network management users by source IP addresses.
Page 71 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 8 Controlling Login Users 8.3.1 Prerequisites The controlling policy against network management users is determined, including the source IP addresses to be controlled and the controlling actions (permitting or denying).
Page 72 Operation Manual – Login H3C S5500-EI Series Ethernet Switches Chapter 8 Controlling Login Users Note: You can specify different ACLs while configuring the SNMP community name, the SNMP group name and the SNMP user name. As SNMP community name is a feature of SNMPv1 and SNMPv2c, the specified ACLs...
Page 73: Controlling Web Users By Source Ip Address
[H3C] snmp-agent usm-user v2c h3cuser h3cgroup acl 2000 8.4 Controlling Web Users by Source IP Address You can manage a S5500-EI series Ethernet switch remotely through Web. Web users can access a switch through HTTP connections. You need to perform the following two operations to control Web users by source IP addresses.
Page 74: Disconnecting A Web User By Force
# Define a basic ACL. <H3C> system-view [H3C] acl number 2030 match-order config [H3C-acl-basic-2030] rule 1 permit source 10.110.100.52 0 [H3C-acl-basic-2030] rule 2 deny source any # Apply the ACL to only permit the Web users sourced from the IP address of 10.110.100.52 to access the switch.
Page 75 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 VLAN Configuration ....................1-1 1.1 Introduction to VLAN......................1-1 1.1.1 VLAN Overview ....................... 1-1 1.1.2 VLAN Fundamental....................1-2 1.1.3 VLAN Classification....................1-4 1.2 Configuring Basic VLAN Attributes ..................1-4 1.3 Basic VLAN Interface Configuration ..................
Page 76 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Table of Contents 3.1.1 GARP ........................3-1 3.1.2 GVRP ........................3-4 3.1.3 Protocols and Standards..................3-5 3.2 GVRP Configuration Task List................... 3-5 3.3 Configuring GVRP ......................3-5 3.3.1 Enabling GVRP ....................... 3-5 3.3.2 Configuring GARP Timers..................
Page 77: Chapter 1 Vlan Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Chapter 1 VLAN Configuration When configuring VLAN, go to these sections for information you are interested in: Introduction to VLAN Configuring Basic VLAN Attributes Basic VLAN Interface Configuration...
Page 78: Vlan Fundamental
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration VLAN 2 Switch A Switch B Router VLAN 5 Figure 1-1 A VLAN diagram A VLAN is not restricted by physical factors, that is to say, hosts that reside in different network segments may belong to the same VLAN, users in a VLAN can be connected to the same switch, or span across multiple switches or routers.
Page 79 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Figure 1-2 The format of a traditional Ethernet frame IEEE802.1Q defines a four-byte VLAN Tag between the DA&SA field and the Type field to carry VLAN-related information, as shown in Figure 1-3.
Page 80: Vlan Classification
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration 1.1.3 VLAN Classification Based on how VLANs are established, VLANs fall into different categories. The following types are the most commonly used: Port-based MAC address-based Protocol-based IP-subnet-based...
Page 81: Basic Vlan Interface Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Note: As the default VLAN, VLAN 1 cannot be created or removed. You cannot manually create or remove reserved VLANs, which are reserved for specific functions. Dynamic VLANs cannot be removed using the undo vlan command.
Page 82: Port-Based Vlan Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Optional By default, a VLAN interface is up. The state of a VLAN interface also depends on the states of the ports in the VLAN. If...
Page 83 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration A Trunk port only allows packets from the default VLAN to be sent without the Tag label. II. Default VLAN You can configure the default VLAN for a port. By default, VLAN 1 is the default VLAN for all ports.
Page 84: Configuring An Access-Port-Based Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Inbound packets handling Outbound packets If no tag is Port type If a tag is carried in the handling carried in the packet packet Strip the tag and...
Page 85: Configuring A Trunk-Port-Based Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Follow these steps to configure the Access-port-based VLAN in Ethernet port view/port group view: To do… Use the command… Remarks Enter system view — system-view Enter Use either command...
Page 86: Configuring A Hybrid-Port-Based Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Required Allow the specified port trunk permit vlan By default, all Trunk ports VLANs to pass through { vlan-id-list | all }...
Page 87: Mac Address-Based Vlan Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Optional Configure the default port hybrid pvid vlan VLAN 1 is the default by VLAN of the Hybrid port vlan-id default...
Page 88: Configuring A Mac Address-Based Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Auto configuration though the authentication server (that is, VLAN issuing) The device associates MAC addresses and VLANs dynamically based on the information provided by the authentication server. If a user goes offline, the corresponding MAC address-to-VLAN association is removed automatically.
Page 89: Protocol-Based Vlan Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do... Use the command... Remarks Optional By default, VLANs are Configure VLAN vlan precedence { mac-vlan preferentially matched matching precedence | ip-subnet-vlan } based on MAC addresses.
Page 90 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Enter system view system-view — Required If the specified VLAN does Enter VLAN view vlan vlan-id not exist, this command creates the VLAN and then enters its view.
Page 91: Configuring Ip-Subnet-Based Vlan
Caution: At present, the AppleTalk-based protocol template cannot be associated with a port on an S5500-EI series Ethernet switch. Do not configure both the dsap-id and ssap-id arguments in the protocol-vlan command as 0xe0 or 0xff when configuring the user-defined template for llc encapsulation.
Page 92: Displaying And Maintaining Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Required The configured IP network Configure the association ip-subnet-vlan segment or IP address between an IP subnet with [ ip-subnet-index ] ip...
Page 93: Vlan Configuration Example
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration To do... Use the command… Remarks Display the protocol display protocol-vlan information and protocol vlan { vlan-id [ to vlan-id ] Available in any view indexes of specified...
Page 94 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration [DeviceA-vlan2] quit [DeviceA] vlan 100 [DeviceA-vlan100] vlan 6 to 50 Please wait... Done. # Enter GigabitEthernet 1/0/1 port view. [DeviceA] interface GigabitEthernet 1/0/1 # Configure GigabitEthernet 1/0/1 as a Trunk port and configure its default VLAN ID as 100.
Page 95 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 1 VLAN Configuration Mdi type: auto Link delay is 0(sec) Port link-type: trunk Tagged VLAN ID : 2, 6-50, 100 Untagged VLAN ID : 2, 6-50, 100 Port priority: 0...
Page 96: Chapter 2 Voice Vlan Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Chapter 2 Voice VLAN Configuration When configuring Voice VLAN, go to these sections for information you are interested Introduction to Voice VLAN Configuring Voice VLAN Displaying and Maintaining Voice VLAN Voice VLAN Configuration 2.1 Introduction to Voice VLAN...
Page 97: Voice Vlan Modes On A Port
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Note: As the first 24 bits of a MAC address (in binary format), an OUI address is a globally unique identifier assigned to a vendor by IEEE (Institute of Electrical and Electronics Engineers).
Page 98 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Table 2-2 Voice VLAN operating mode and the corresponding voice traffic types Port voice VLAN mode Voice traffic type Port link type Access: not supported Trunk: supported provided that...
Page 99: Security Mode And Normal Mode For The Voice Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Caution: If the voice traffic sent by an IP phone is tagged and that the access port has 802.1x authentication and Guest VLAN enabled, assign different VLAN IDs for the voice VLAN, the default VLAN of the access port, and the 802.1x guest VLAN.
Page 100: Configuring Voice Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration In the two modes, the port processes a packet with other VLAN tag in the same way, that is, forwards the packet if the VLAN is allowed on the port, or discards the packet if the VLAN is not allowed on the port.
Page 101: Configuring Voice Vlan Mode On A Port To Manual Mode
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration To do... Use the command... Remarks Required Enable the voice VLAN voice vlan enable feature on the port Not enabled by default Note: Do not configure a VLAN as both a protocol-based VLAN and a voice VLAN.
Page 102: Displaying And Maintaining Voice Vlan
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration To do... Use the command... Remarks Refer to Configuring an Use one of the three Access port Access-Port-Based approaches. Add the VLAN. ports in After you add an Access...
Page 103: Voice Vlan Configuration Examples
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration 2.4 Voice VLAN Configuration Examples 2.4.1 Automatic Voice VLAN Mode Configuration Example I. Network requirement Create VLAN 2 and configure it as a voice VLAN with an aging time of 100 minutes.
Page 104 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration # Configure the voice VLAN mode on GigabitEthernet 1/0/1 as automatic. (Optional, by default, the voice VLAN mode on a port is automatic mode) [DeviceA] interface GigabitEthernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] voice vlan mode auto # Configure GigabitEthernet 1/0/1 as a Hybrid port.
Page 105: Manual Voice Vlan Mode Configuration Example
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration <DeviceA> 2.4.2 Manual Voice VLAN Mode Configuration Example I. Network requirement Create VLAN 2 and configure it as a voice VLAN. The voice traffic sent by the IP phones is untagged. Configure GigabitEthernet 1/0/1 as a Hybrid port and as the access port.
Page 106 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 2 Voice VLAN Configuration # Configure GigabitEthernet 1/0/1 as a Hybrid port. [DeviceA-GigabitEthernet1/0/1]port link-type access Please wait... Done. [DeviceA-GigabitEthernet1/0/1]port link-type hybrid # Configure the default VLAN of GigabitEthernet 1/0/1 as voice VLAN and add the voice VLAN to the list of tagged VLANs whose packets can pass through the port.
Page 107: Chapter 3 Gvrp Configuration
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration Chapter 3 GVRP Configuration GARP VLAN Registration Protocol (GVRP) is a GARP application. It functions based on the operating mechanism of GARP to maintain and propagate dynamic VLAN registration information for the GVRP devices on the network.
Page 108 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration participant sends LeaveAll messages upon the expiration of the LeaveAll timer, which is triggered when the GARP participant is created. Join messages, Leave messages, and LeaveAll message make sure the reregistration and deregistration of GARP attributes are performed in an orderly way.
Page 109 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration attributes with other participants by making or withdrawing declarations of attributes and at the same time, based on received declarations or withdrawals, handles attributes of other participants. When a port receives an attribute declaration, it registers the attribute;...
Page 110 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration Field Description Value Consists of an Attribute Length, an Attribute Attribute –– Event, and an Attribute Value Number of octets occupied by an attribute, Attribute Length 2 to 255 (in bytes)
Page 111: Protocols And Standards
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration forbidden registration type thus allows only VLAN 1 to pass through even though it is configured to carry all VLANs. 3.1.3 Protocols and Standards GVRP is described in IEEE 802.1Q.
Page 112: Configuring Garp Timers
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration To do… Use the command… Remarks Configure the GVRP Optional gvrp registration { fixed | registration mode on forbidden | normal } The default is normal. the port...
Page 113: Displaying And Maintaining Gvrp
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration Table 3-2 Dependencies of GARP timers Timer Lower limit Upper limit Not greater than half of Hold 10 centiseconds the join timer setting Not less than two times...
Page 114: Gvrp Configuration Examples
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration 3.5 GVRP Configuration Examples 3.5.1 GVRP Configuration Example I I. Network requirements Configure GVRP for dynamic VLAN information registration and update among devices, adopting the normal registration mode on ports.
Page 115: Gvrp Configuration Example Ii
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration [DeviceB-GigabitEthernet1/0/1] quit # Create VLAN 3 (a static VLAN). [DeviceB] vlan 3 Verify the configuration # Display dynamic VLAN information on Device A. [DeviceA] display vlan dynamic Now, the following dynamic VLAN exist(s): # Display dynamic VLAN information on Device B.
Page 116: Gvrp Configuration Example Iii
Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration [DeviceA-GigabitEthernet1/0/1] gvrp registration fixed [DeviceA-GigabitEthernet1/0/1] quit # Create VLAN 2 (a static VLAN). [DeviceA] vlan 2 Configure Device B # Enable GVRP globally. <DeviceB> system-view [DeviceB] gvrp # Configure port GigabitEthernet 1/0/1 as a Trunk port, allowing all VLANs to pass.
Page 117 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration III. Configuration procedure Configure Device A # Enable GVRP globally. <DeviceA> system-view [DeviceA] gvrp # Configure port GigabitEthernet 1/0/1 as a Trunk port, allowing all VLANs to pass.
Page 118 Operation Manual – VLAN H3C S5500-EI Series Ethernet Switches Chapter 3 GVRP Configuration IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 00e0-fc55-0010 Description: GigabitEthernet1/0/1 Interface Loopback is not set Media type is twisted pair Port hardware type is 1000_BASE_T Unknown-speed mode, unknown-duplex mode...
Page 119 Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Addressing Configuration ..................1-1 1.1 IP Addressing Overview ....................1-1 1.1.1 IP Address Classes....................1-1 1.1.2 Special Case IP Addresses..................1-2 1.1.3 Subnetting and Masking..................
Page 120: Chapter 1 Ip Addressing Configuration
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration Chapter 1 IP Addressing Configuration When assigning IP addresses to interfaces on your device, go to these sections for information you are interested in:...
Page 121: Special Case Ip Addresses
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration Table 1-1 describes the address ranges of these five classes. Currently, the first three classes of IP addresses are used in quantity.
Page 122: Configuring Ip Addresses
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration Each subnet mask comprises 32 bits related to the corresponding bits in an IP address. In a subnet mask, the part containing consecutive ones identifies the combination of net-id and subnet-id whereas the part containing consecutive zeros identifies the host-id.
Page 123: Assigning An Ip Address To An Interface
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration Note: This chapter only covers how to assign an IP address manually. For other approaches, refer to DHCP Configuration. This section includes:...
Page 124: Ip Addressing Configuration Example
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration 1.2.2 IP Addressing Configuration Example I. Network requirements As shown in Figure 1-3, VLAN-interface 1 on Switch is connected to a LAN comprising two segments: 172.16.1.0/24 and 172.16.2.0/24.
Page 125 Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration PING 172.16.1.2: 56 data bytes, press CTRL_C to break Reply from 172.16.1.2: bytes=56 Sequence=1 ttl=255 time=25 ms Reply from 172.16.1.2: bytes=56 Sequence=2 ttl=255 time=27 ms Reply from 172.16.1.2: bytes=56 Sequence=3 ttl=255 time=26 ms...
Page 126: Displaying And Maintaining Ip Addressing
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 1 IP Addressing Configuration 1.3 Displaying and Maintaining IP Addressing To do… Use the command… Remarks Display information about a display ip interface specified or all Layer 3 interfaces...
Page 127: Chapter 2 Ip Performance Configuration
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration Chapter 2 IP Performance Configuration When configuring IP performance, go to these sections for information you are interested in: IP Performance Overview...
Page 128: Enabling Forwarding Of Directed Broadcasts To A Directly Connected Network
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration Follow these steps to enable the device to receive directed broadcasts: To do… Use the command… Remarks — Enter system view system-view...
Page 129 Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration II. Network diagram Figure 2-1 Network diagram for receiving and forwarding directed broadcasts III. Configuration procedure Configure Switch A # Enable Switch A to receive directed broadcasts.
Page 130: Configuring Tcp Attributes
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration 2.3 Configuring TCP Attributes 2.3.1 Configuring TCP Optional Parameters TCP optional parameters that can be configured include: synwait timer: When sending a SYN packet, TCP starts the synwait timer. If no response packets are received within the synwait timer timeout, the TCP connection is not successfully created.
Page 131 Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration I. Advantage of sending ICMP error packets There are three kinds of ICMP error packets: redirect packets, timeout packets and destination unreachable packets. Their sending conditions and functions are as follows.
Page 132 Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration If the source uses “strict source routing" to send packets, but the intermediate device finds the next hop specified by the source is not directly connected, the device will send the source a “source routing failure”...
Page 133: Displaying And Maintaining Ip Performance
Operation Manual – IP Addressing and IP Performance H3C S5500-EI Series Ethernet Switches Chapter 2 IP Performance Configuration 2.5 Displaying and Maintaining IP Performance To do… Use the command… Remarks Display current TCP connection state display tcp status Display TCP connection statistics...
Page 134 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 QinQ Configuration ..................... 1-1 1.1 Introduction to QinQ......................1-1 1.1.1 Understanding QinQ ....................1-1 1.1.2 Implementations of QinQ ..................1-2 1.1.3 Modification of TPID Value of QinQ Frames............1-3 1.2 Configuring Basic QinQ .....................
Page 135: Chapter 1 Qinq Configuration
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration Chapter 1 QinQ Configuration When configuring QinQ, go to these sections for information you are interested in: Introduction to QinQ Configuring Basic QinQ Configuring Selective QinQ...
Page 136: Implementations Of Qinq
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration Figure 1-1 Single-tagged frame structure vs. double-tagged Ethernet frame structure Advantages of QinQ: Addresses the shortage of public VLAN ID resource. Enables customers to plan their own VLAN IDs, without running into conflicts with public network VLAN IDs.
Page 137: Modification Of Tpid Value Of Qinq Frames
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration 1.1.3 Modification of TPID Value of QinQ Frames A VLAN tag uses the tag protocol identifier (TPID) field to identify the protocol type of the tag. The value of this field, as defined in IEEE 802.1Q, is 0x8100.
Page 138: Configuring Basic Qinq
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration Protocol type Value IPX/SPX 0x8137 IS-IS 0x8000 LACP 0x8809 802.1x 0x888E Cluster 0x88A7 Reserved 0xFFFD/0xFFFE/0xFFFF 1.2 Configuring Basic QinQ Follow these steps to configure basic QinQ: To do...
Page 139: Configuring The Tpid Value To Be Carried In Vlan Tags
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration Follow these steps to configure selective QinQ: To do... Use the command... Remarks Enter system view — system-view Enter Required interface interface-type Ethernet Use either command.
Page 140: Qinq Configuration Example
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration 1.5 QinQ Configuration Example I. Network requirements Provider A and Provider B are service provider network access devices. Customer A, Customer B and Customer C are customer network access devices.
Page 141 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration III. Configuration procedure Note: With this configuration, the user must allow the QinQ packets to pass between the devices of the service providers. Configuration on Provider A # Enter system view.
Page 142 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 1 QinQ Configuration # Configure GigabitEthernet 1/0/3 as a trunk port, and permit frames of VLAN 1000 and VLAN 2000 to pass. [ProviderA] interface GigabitEthernet 1/0/3 [ProviderA-GigabitEthernet1/0/3] port link-type trunk...
Page 143: Chapter 2 Bpdu Tunneling Configuration
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Chapter 2 BPDU Tunneling Configuration When configuring BPDU tunneling, go to these sections for information you are interested in: Introduction to BPDU Tunneling Configuring BPDU Isolation...
Page 144 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration II. BPDU transparent transmission As shown in Figure 2-1, the upper part is the service provider network, and the lower part represents the customer networks. The customer networks include network A and network B.
Page 145: Configuring Bpdu Isolation
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration 2.2 Configuring BPDU Isolation Perform the following tasks to configure BPDU isolation: To do... Use the command... Remarks Enter system view system-view — Optional Enable BPDU tunneling...
Page 146: Configuring Destination Multicast Mac Address For Bpdu Tunnel Frames
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration To do... Use the command... Remarks Enter Ethernet interface interface-type Required port view interface-number Use either command. Enter Configurations made in Ethernet Ethernet port view will...
Page 147: Bpdu Tunneling Configuration Example
Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Follow these steps to configure destination multicast MAC address for BPDU tunnel frames: To do… Use the command… Remarks Enter system view system-view — Configure the...
Page 148 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration III. Configuration procedure Configuration on Provider A # Configure BPDU transparent transmission on GigabitEthernet 1/0/1. <ProviderA> system-view [ProviderA] interface GigabitEthernet 1/0/1 [ProviderA-GigabitEthernet1/0/1] port access vlan 2...
Page 149 Operation Manual – QinQ-BPDU Tunneling H3C S5500-EI Series Ethernet Switches Chapter 2 BPDU Tunneling Configuration Note: When STP works stably on the customer network, if Customer A acts as the root bridge, the ports of Customer C and Customer D connected with Provider C can receive BPDUs from Customer A.
Page 150 Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Port Correlation Configuration................... 1-1 1.1 Ethernet Port Configuration ....................1-1 1.1.1 Performing Basic Ethernet Port Configuration ............1-1 1.1.2 Combo Port Configuration..................1-2 1.1.3 Enabling Flow Control on an Ethernet Port.............
Page 151: Chapter 1 Port Correlation Configuration
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Chapter 1 Port Correlation Configuration When configuring Ethernet ports, go to these sections for information you are interested in: Ethernet Port Configuration Maintaining and Displaying an Ethernet Port 1.1 Ethernet Port Configuration...
Page 152: Combo Port Configuration
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Similarly, if you configure the transmission rate for an Ethernet port by using the speed command with the auto keyword specified, the transmission rate is determined through auto-negotiation too.
Page 153: Enabling Flow Control On An Ethernet Port
A double Combo port can only be a layer 2 Ethernet interface. Note: Currently, only Dual-Combo ports are supported on S5500-EI series switches. II. Configuring Combo port state Follow these steps to configure the state for a double Combo port: To do...
Page 154: Enabling Loopback Test On An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration To do... Use the command... Remarks Required Enable flow control flow-control Turned off by default 1.1.4 Configuring the Suppression Time of Physical-Link-State Change on an Ethernet Port An Ethernet port operates in one of the two physical link states: up or down.
Page 155: Configuring A Port Group
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Follow these steps to enable Ethernet port loopback test: To do... Use the command... Remarks Enter system view system-view — interface interface-type Enter Ethernet port view —...
Page 156 Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Follow these steps to configure a port group: To do... Use the command... Remarks Enter system view system-view — Enter manual port port-group manual —...
Page 157: Setting The Interval For Collecting Ethernet Port Statistics
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Follow these steps to set the broadcast/multicast/unknown unicast storm suppression ratios: To do... Use the command... Remarks Enter system view — system-view Enter Either is required.
Page 158: Enabling Forwarding Of Jumbo Frames
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration To do… Use the command… Remarks Enter system view system-view — interface interface-type Optional interface-number Configure the interval for By default, the interval for...
Page 159 Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration With loopback detection enabled on an Ethernet port, the device checks the port for external loopback periodically. Once a loopback is detected on the port, the system does the following: If loops are detected on a port that is of access type, the port will be shutdown.
Page 160: Configuring The Cable Type For An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration 1.1.11 Configuring the Cable Type for an Ethernet Port Two types of Ethernet cables can be used to connect Ethernet devices: crossover cable and straight-through cable. To accommodate these two types of cables, an...
Page 161: Configuring The Storm Constrain Function On An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration The length of the faulty cable if there is any fault. The system will return the check result in 5 seconds. Follow these steps to test the current operating state of the cable connected to an Ethernet port: To do...
Page 162 Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration brought up by using the undo shutdown command or disabling the storm constrain function. Follow these steps to configure the storm constrain function on an Ethernet port: To do…...
Page 163: Maintaining And Displaying An Ethernet Port
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 1 Port Correlation Configuration Note: For network stability consideration, configure the interval for generating traffic statistics to a value that is not shorter than the default. The storm constrain function is applicable to multicast packets and broadcast packets on a port, and you can specify the upper and lower threshold for each of the two types of packets.
Page 164: Chapter 2 Port Isolation Configuration
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 2 Port Isolation Configuration Chapter 2 Port Isolation Configuration When configuring port isolation, go to these sections for information you are interested Introduction to Port Isolation Configuring an Isolation Group...
Page 165: Displaying Isolation Groups
Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 2 Port Isolation Configuration To do… Use the command… Remarks Required Add a port to an port-isolate enable isolation group as No ports are added to the group group-number an ordinary port isolation group by default.
Page 166 Operation Manual – Port Correlation Configuration H3C S5500-EI Series Ethernet Switches Chapter 2 Port Isolation Configuration III. Configuration procedure # Add ports GigabitEthernet1/0/1, GigabitEthernet1/0/2 and GigabitEthernet1/0/3 to the isolation group. <Device> system-view [Device] interface GigabitEthernet1/0/1 [Device-GigabitEthernet1/0/1] port-isolate enable [Device-GigabitEthernet1/0/1] quit...
Page 167 Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Link Aggregation Overview ..................1-1 1.1 Link Aggregation ........................ 1-1 1.1.1 LACP ........................1-1 1.1.2 Consistency Considerations for Ports in an Aggregation ........1-1 1.2 Approaches to Link Aggregation..................
Page 168: Chapter 1 Link Aggregation Overview
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview Chapter 1 Link Aggregation Overview This chapter covers these topics: Link Aggregation Approaches to Link Aggregation Load Sharing in a Link Aggregation Group Service Loop Group Aggregation Port Group 1.1 Link Aggregation...
Page 169 Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview Table 1-1 Consistency considerations for ports in an aggregation Category Considerations State of port-level STP (enabled or disabled) Attribute of the link (point-to-point or otherwise) connected to...
Page 170: Approaches To Link Aggregation
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview 1.2 Approaches to Link Aggregation Two ways are available for implementing link aggregation, as described in Manual Link Aggregation Static LACP link aggregation. 1.2.1 Manual Link Aggregation I.
Page 171: Static Lacp Link Aggregation
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview III. Port Configuration Considerations in manual aggregation As mentioned above, in a manual aggregation group, only ports with configurations consistent with those of the reference port can become selected. These configurations...
Page 172: Load Sharing In A Link Aggregation Group
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview As there is a limit on the number of selected ports, not all selected-port candidates can become selected ports. Before the limit is reached, all the candidates are set to the selected state.
Page 173: Service Loop Group
At present, you may specify to redirect four types of services, IPv6 (IPv6 unicast), IPv6mc (IPv6 multicast), tunnel, and MPLS. Note: Currently, the S5500-EI series Ethernet switches support to redirect tunnel services only. After creating a service-loop group, assign ports that support its service type to the...
Page 174: Aggregation Port Group
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 1 Link Aggregation Overview After assigning a port to a service-loop group, you may configure it with other non-conflicting settings, such as QoS. If this group is performing load sharing, it continues to function in this way even after all selected ports but one are removed to ensure ongoing service.
Page 175: Chapter 2 Link Aggregation Configuration
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration Chapter 2 Link Aggregation Configuration When configuring link aggregation, go to these sections for information you are interested in: Configuring Link Aggregation Displaying and Maintaining Link Aggregation Link Aggregation Configuration Example 2.1 Configuring Link Aggregation...
Page 176: Configuring A Static Lacp Link Aggregation Group
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration For a manual aggregation group containing only one port, the only way to remove the port from it is to remove the aggregation group. To make an aggregation group to function properly, make sure the selected states of the ports on the both sides of the same link are the same.
Page 177: Configuring An Aggregation Group Name
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration Note: When making configuration, be aware that after a load-balancing aggregation group changes to a non-load balancing group due to resources exhaustion, either of the...
Page 178: Entering Aggregation Port Group View
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration Note: You can remove any service loop group except those that are currently referenced by modules. For a service loop group containing only one port, the only way to remove the port from it is to remove the service loop group.
Page 179: Link Aggregation Configuration Example
Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration To do… Use the command… Remarks Display detailed information about display link-aggregation Available in any view specified or all link verbose [ agg-id ] aggregation groups...
Page 180 Operation Manual – Link Aggregation H3C S5500-EI Series Ethernet Switches Chapter 2 Link Aggregation Configuration <SwitchA> system-view [SwitchA] link-aggregation group 1 mode manual # Add ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to the group. [SwitchA] interface GigabitEthernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-aggregation group 1...
Page 181 Operation Manual – MAC Address Table Management H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 MAC Address Table Management Configuration ............. 1-1 1.1 Introduction to MAC Address Table................... 1-1 1.2 Configuring MAC Address Table Management ..............1-2 1.2.1 Configuring MAC Address Entries ................
Page 182: Chapter 1 Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table Management H3C S5500-EI Series Ethernet Switches Configuration Chapter 1 MAC Address Table Management Configuration When configuring MAC address table management, go to these sections for information you are interested in:...
Page 183: Configuring Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table Management H3C S5500-EI Series Ethernet Switches Configuration Note: Dynamically learned MAC addresses cannot overwrite static MAC address entries, but the latter can overwrite the former. As shown in...
Page 184: Configuring Mac Address Aging Timer
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table Management H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Enter system view system-view — mac-address blackhole mac-address vlan vlan-id Add/modify a MAC mac-address { dynamic | static }...
Page 185: Displaying And Maintaining Mac Address Table Management
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table Management H3C S5500-EI Series Ethernet Switches Configuration 1.2.3 Configuring the Maximum Number of MAC Addresses an Ethernet Port or a Port Group Can Learn To prevent a MAC address table from getting so large that it may degrade forwarding performance, you may restrict the number of MAC addresses that can be learned.
Page 186: Mac Address Table Management Configuration Example
Operation Manual – MAC Address Table Management Chapter 1 MAC Address Table Management H3C S5500-EI Series Ethernet Switches Configuration 1.4 MAC Address Table Management Configuration Example I. Network requirements Log onto your device from the Console port to configure MAC address table management as follows: Set the aging timer to 500 seconds for dynamic MAC address entries.
Page 187 Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Source Guard Configuration .................. 1-1 1.1 IP Source Guard Overview ....................1-1 1.2 Configuring a Static Binding Entry ..................1-1 1.3 Configuring Dynamic Binding Function ................
Page 188: Chapter 1 Ip Source Guard Configuration
Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration Chapter 1 IP Source Guard Configuration When configuring IP Source Guard, go to these sections for information you are interested in: IP Source Guard Overview...
Page 189: Configuring Dynamic Binding Function
Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration To do… Use the command… Remarks — Enter system view system-view interface interface-type — Enter interface view interface-number Required user-bind { ip-address ip-address |...
Page 190: Displaying Ip Source Guard
Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration 1.4 Displaying IP Source Guard To do… Use the command… Remarks display user-bind [ interface Display information interface-type interface-number | Available in any...
Page 191 Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration II. Network diagram Figure 1-1 Network diagram for configuring static binding entries III. Configuration procedure Configure Switch A # Configure the IP addresses of various interfaces (omitted).
Page 192: Dynamic Binding Function Configuration Example
Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration [SwitchB-GigabitEthernet1/0/1] user-bind ip-address 192.168.0.1 mac-address 0001-0203-0406 [SwitchB-GigabitEthernet1/0/1] quit # Configure port GigabitEthernet1/0/2 of Switch B to allow only IP packets with the source MAC address of 00-01-02-03-04-07 and the source IP address of 192.168.0.2 to pass.
Page 193 Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration Note: For detailed configuration of DHCP Server, refer to DHCP Configuration in this manual. II. Network diagram Figure 1-2 Network diagram for configuring dynamic binding III.
Page 194: Failed To Configure Static Binding Entries And Dynamic Binding Function
Operation Manual – IP Source Guard H3C S5500-EI Series Ethernet Switches Chapter 1 IP Source Guard Configuration Type IP Address MAC Address Lease VLAN Interface ==== =============== ============== ============ ==== ================= 192.168.0.1 0001-0203-0406 86335 GigabitEthernet1/0/1 As you see, port GigabitEthernet1/0/1 has obtained the dynamic entries generated by DHCP Snooping after it is configured with dynamic binding function.
Page 195 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 DLDP Configuration ....................1-1 1.1 Overview ..........................1-1 1.1.1 DLDP Introduction ....................1-2 1.1.2 DLDP Fundamentals....................1-3 1.2 DLDP Configuration Task List ..................1-10 1.2.1 Enabling DLDP......................
Page 196: Chapter 1 Dldp Configuration
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Chapter 1 DLDP Configuration When performing DLDP configuration, go to these sections for information you are interested in: Overview DLDP Configuration Task List Enabling DLDP Setting DLDP Mode...
Page 197: Dldp Introduction
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Device A GE1/0/50 GE1/0/51 GE1/0/51 GE1/0/50 Device B Figure 1-1 Unidirectional fiber link: cross-connected fiber Device A GE1/0/50 GE1/0/51 GE1/0/50 GE1/0/51 Device B Figure 1-2 Unidirectional fiber link: fiber not connected or disconnected 1.1.1 DLDP Introduction...
Page 198: Dldp Fundamentals
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration connected correctly and if packets can be exchanged between the two devices. Note that DLDP is not implemented through auto-negotiation. 1.1.2 DLDP Fundamentals I. DLDP link states...
Page 199 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration II. DLDP timers Table 1-2 DLDP timers DLDP timer Description Determines the Interval to send Advertisement packets with RSY tag, which defaults to 1 second. When a device transits to the active DLDP link state, it...
Page 200 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration DLDP timer Description In the enhanced mode, this timer is triggered if no packet is received from a neighbor when the entry aging timer expires. Enhanced timer is set to 10 seconds.
Page 201 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Table 1-3 DLDP mode and neighbor entry aging Detecting a Removing the Triggering the neighbor after the DLDP neighbor entry Enhanced timer after corresponding mode immediately after the...
Page 202 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration IV. DLDP authentication mode You can prevent network attacks and illegal detect through DLDP authentication. Three DLDP authentication modes exist, as described below. Non-authentication. In this mode, the sending side sets the Authentication field and the Authentication type field of DLDP packets to 0.
Page 203 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration The packet is dropped if the setting of the interval for sending Advertisement packets it carries conflicts with the corresponding local setting. Other processes. Table 1-5 Procedures for processing different types of DLDP packets...
Page 204 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Packet type Processing procedure Check to see if If not, no process is performed. the local port is RecoverProbe in Disable or packet If yes, returns RecoverEcho packets.
Page 205: Dldp Configuration Task List
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration DLDP neighbor Description state A neighbor is in this state when the link connecting it is detected to be a unidirectional link. After a device transits to this state, the...
Page 206: Setting Dldp Mode
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration To do… Use the command… Remarks Enter system view system-view — Required Enable DLDP dldp enable globally Globally disabled by default Enter Either of the two is required.
Page 207: Setting The Delaydown Timer
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Follow these steps to set the interval for sending Advertisement packets: To do… Use the command… Remarks Enter system view system-view — Optional Set the interval for...
Page 208: Setting The Port Shutdown Mode
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration 1.2.5 Setting the Port Shutdown Mode On detecting a unidirectional link, the ports can be shut down in one of the following two modes. Manual mode. This mode applies to networks with low performance, where normal links may be treated as unidirectional links.
Page 209: Resetting Dldp State
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration Caution: To enable DLDP to operate properly, make sure the DLDP authentication modes and the passwords of the both sides of a link are the same. 1.2.7 Resetting DLDP State After a unidirectional link is detected, DLDP shuts down the corresponding port.
Page 210: Displaying And Maintaining Dldp
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration To do… Use the command… Remarks Enter system view system-view — Enter Either is required. interface interface-type Ethernet Enter The configuration interface-number port view Ethernet performed in Ethernet port...
Page 211 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration II. Network diagram Device A GE1/0/50 GE1/0/51 GE1/0/51 GE1/0/50 Device B Figure 1-4 Network diagram for DLDP configuration III. Configuration procedure Configuration on Device A # Enable DLDP on GigabitEthernet1/0/50 and GigabitEthernet 1/0/51.
Page 212: Troubleshooting
Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration DLDP interval : 6s DLDP work-mode : enhance DLDP authentication-mode : none DLDP unidirectional-shutdown : auto DLDP delaydown-timer : 2s The number of enabled ports is 2.
Page 213 Operation Manual – DLDP H3C S5500-EI Series Ethernet Switches Chapter 1 DLDP Configuration DLDP authentication modes/passwords on Device A and Device B are not the same. Solution: Make sure the interval for sending Advertisement packets, the authentication mode, and the password on Device A and Device B are the same.
Page 214 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 MSTP Configuration ....................1-1 1.1 MSTP Overview ......................... 1-1 1.1.1 Introduction to STP ....................1-1 1.1.2 Introduction to MSTP .................... 1-11 1.1.3 Protocols and Standards..................1-18 1.2 Configuration Task List ....................
Page 215 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Table of Contents 1.6.1 Configuration Prerequisites................... 1-41 1.6.2 Configuration Procedure ..................1-42 1.6.3 Configuration Example..................1-43 1.7 Configuring No Agreement Check ................... 1-44 1.7.1 Prerequisites ......................1-45 1.7.2 Configuration Procedure ..................1-45 1.7.3 Configuration Example..................
Page 216: Chapter 1 Mstp Configuration
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Chapter 1 MSTP Configuration When configuring MSTP, go to these sections for information you are interested in: MSTP Overview Configuring the Root Bridge Configuring Leaf Nodes Performing mCheck...
Page 217 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration III. Basic concepts in STP Root bridge A tree network must have a root; hence the concept of “root bridge” has been introduced in STP. There is one and only one root bridge in the entire network, and the root bridge can change alone with changes of the network topology.
Page 218 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Device A AP 1 AP 2 CP 1 BP 1 Device B Device C BP 2 CP 2 Figure 1-1 A schematic diagram of designated bridges and designated ports IV.
Page 219 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: For the convenience of description, the description and examples below involve only four parts of a configuration BPDU: Root bridge ID (in the form of device priority)
Page 220 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: Principle for configuration BPDU comparison: The configuration BPDU that has the lowest root bridge ID has the highest priority. If all the configuration BPDUs have the same root bridge ID, they will be compared for their root path costs.
Page 221 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Step Description The device compares the calculated configuration BPDU with the configuration BPDU on the port of which the port role is to be defined, and does different things according to the comparison result:...
Page 222 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Table 1-4 Initial state of each device Device Port name BPDU of port {0, 0, 0, AP1} Device A {0, 0, 0, AP2} {1, 0, 1, BP1}...
Page 223 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration BPDU of port after Device Comparison process comparison Port BP1 receives the configuration BPDU of Device A {0, 0, 0, AP1}. Device B finds that the received...
Page 224 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration BPDU of port after Device Comparison process comparison Port CP1 receives the configuration BPDU of Device A {0, 0, 0, AP2}. Device C finds that the received...
Page 225 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-3 The final calculated spanning tree Note: To facilitate description, the spanning tree calculation process in this example is simplified, while the actual process is more complicated.
Page 226: Introduction To Mstp
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration STP timers STP calculations need three important timing parameters: forward delay, hello time, and max age. Forward delay is the delay time for device state transition. A path failure will cause re-calculation of the spanning tree, and the spanning tree structure will change accordingly.
Page 227 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: In RSTP, a newly elected root port can enter the forwarding state rapidly if this condition is met: The old root port on the device has stopped forwarding data and the upstream designated port has started forwarding data.
Page 228 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-4 Basic concepts in MSTP MST region A multiple spanning tree region (MST region) is composed of multiple devices in a switched network and network segments among them. These devices have the...
Page 229 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration VLAN-to-instance mapping table As an attribute of an MST region, the VLAN-to-instance mapping table describes the mapping relationships between VLANs and MST instances. In Figure 1-4, for example,...
Page 230 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Figure 1-4, for example, the common root bridge is a device in region A0. Boundary port A boundary port is a port that connects an MST region to another MST configuration, or to a single spanning-tree region running STP, or to a single spanning-tree region running RSTP.
Page 231 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Connecting to the common root bridge Edge ports Port 2 MST region Port 1 Master port Alternate port Port 6 Port 5 Backup port Designated port Port 3...
Page 232 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: When in different MST instances, a port can be in different states. The role a boundary port plays in an MSTI is consistent with the role it plays in the CIST.
Page 233: Configuration Task List
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration calculation process, which is similar to spanning tree calculation in STP, for each spanning tree. For details, refer to How STP works. In MSTP, a VLAN packet is forwarded along the following paths: Within an MST region, the packet is forwarded along the corresponding MSTI.
Page 234 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Task Remarks Configuring an MST Region Required Specifying the Root Bridge or a Secondary Root Optional Bridge Configuring the Work Mode of MSTP Device Optional Configuring the Priority of the Current Device...
Page 235: Configuring The Root Bridge
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Task Remarks Performing mCheck Optional Configuring Digest Snooping Optional Configuring No Agreement Check Optional Configuring Protection Functions Optional Note: In a network containing switches with both GVRP and MSTP enabled, GVRP messages travel along the CIST.
Page 236 (a 802.1s-defined protocol selector, which is 0 by default and cannot be configured), MST region name, VLAN-to-MSTI mapping table, and revision level. The H3C series support only the MST region name, VLAN-to-MSTI mapping table, and revision level. Switches with the settings of these parameters being the same are assigned to the same MST region.
Page 237: Specifying The Root Bridge Or A Secondary Root Bridge
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.2 Specifying the Root Bridge or a Secondary Root Bridge MSTP can determine the root bridge of a spanning tree through MSTP calculation. Alternatively, you can specify the current device as the root bridge using the commands provided by the system.
Page 238: Configuring The Work Mode Of Mstp Device
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration There is one and only one root bridge in effect in a spanning tree instance. If two or more devices have been designated to be root bridges of the same spanning tree instance, MSTP will select the device with the lowest MAC address as the root bridge.
Page 239: Configuring The Priority Of The Current Device
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration In MSTP mode, all ports of the device send out MSTP BPDUs. If the device detects that it is connected with a legacy STP device, the port connecting with the legacy STP device will automatically migrate to STP-compatible mode.
Page 240: Configuring The Maximum Hops Of An Mst Region
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Caution: Upon specifying the current device as the root bridge or a secondary root bridge, you cannot change the priority of the device. During root bridge selection, if all devices in a spanning tree have the same priority, the one with the lowest MAC address will be selected as the root bridge of the spanning tree.
Page 241: Configuring The Network Diameter Of A Switched Network
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: A larger maximum hops setting means a larger size of the MST region. Only the maximum hops configured on the regional root bridge can restrict the size of the MST region.
Page 242: Configuring Timers Of Mstp
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.7 Configuring Timers of MSTP MSTP involves three timers: forward delay, hello time and max age. You can configure these three parameters for MSTP to calculate spanning trees.
Page 243 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Caution: The length of the forward delay time is related to the network diameter of the switched network. Typically, the larger the network diameter is, the longer the forward delay time should be.
Page 244: Configuring The Timeout Factor
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.8 Configuring the Timeout Factor After the network topology is stabilized, each non-root-bridge device forwards configuration BPDUs to the surrounding devices at the interval of hello time to check whether any link is faulty.
Page 245: Configuring Ports As Edge Ports
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration I. Configuration procedure Follow these steps to configure the maximum transmission rate of a port or a group of ports: To do... Use the command... Remarks Enter system view —...
Page 246 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration I. Configuration procedure Follow these steps to specify a port or a group of ports as edge port(s): To do... Use the command... Remarks Enter system view —...
Page 247 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration I. Configuration procedure Follow these steps to configure whether a port or a group of ports connect to point-to-point links: To do... Use the command... Remarks Enter system view —...
Page 248 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.3.12 Configuring the Mode a Port Uses to Recognize/Send MSTP Packets A port can send/recognize MSTP packets of two formats: 802.1s-compliant standard format, and Compatible format By default, the packet format recognition mode of a port is auto, namely the port automatically distinguishes the two MSTP packet formats, and determines the format of packets it will send based on the recognized format.
Page 249: Enabling The Output Of Port State Transition Information
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration II. Configuration example # Configure GigabitEthernet 1/0/1 to receive and send standard-format MSTP packets. <Sysname> system-view [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] stp compliance dot1s 1.3.13 Enabling the Output of Port State Transition Information In a large-scale, MSTP-enabled network, there are a large number of MSTP instances, so ports may frequently transition from one state to another.
Page 250: Configuring Leaf Nodes
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Optional MSTP is disabled on ports Enable the MSTP feature by default and stp enable on the port(s) automatically enabled on all ports after it is enabled globally on the device.
Page 251: Configuring Path Costs Of Ports
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.4.5 Configuring Ports as Edge Ports Refer to Configuring Ports as Edge Ports in the section about root bridge configuration. 1.4.6 Configuring Path Costs of Ports Path cost is a parameter related to the rate of port-connected links. On an MSTP-compliant device, ports can have different priorities in different MST instances.
Page 252 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Private Link speed Duplex state 802.1d-1998 802.1t standard Single Port 200,000 Aggregated Link 2 Ports 100,000 100 Mbps Aggregated Link 3 Ports 66,666 Aggregated Link 4 Ports...
Page 253: Configuring Port Priority
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Required By default, MSTP Configure the path cost of stp [ instance instance-id ] automatically the port(s) cost cost calculates the path cost of each port.
Page 254: Enabling Output Of Port State Transition Information
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Optional stp [ instance Configure the port priority instance-id ] port priority 128 for all Ethernet ports priority by default. Note: When the priority of a port is changed, MSTP will re-calculate the role of the port and initiate a state transition.
Page 255: Performing Mcheck
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.5 Performing mCheck Ports on an MSTP-compliant device have three working modes: STP compatible mode, RSTP mode, and MSTP mode. In a switched network, if a port on the device running MSTP (or RSTP) connects to a device running STP, this port will automatically migrate to the STP-compatible mode.
Page 256: Configuring Digest Snooping
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Caution: The stp mcheck command is meaningful only when the device works in the MSTP (or RSTP) mode, not in the STP-compatible mode. 1.5.3 Configuration Example # Perform mCheck on port GigabitEthernet 1/0/1.
Page 257: Configuration Procedure
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration 1.6.2 Configuration Procedure Follow these steps to configure Digest Snooping: To do... Use the command... Remarks Enter system view — system-view Enter Required Ethernet interface interface-type Use either command.
Page 258 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Caution: You can only enable the Digest Snooping feature on the device connected to another vendor’s device that uses a private key to calculate the configuration digest.
Page 259: Configuring No Agreement Check
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration III. Configuration procedure Enable Digest Snooping on Device A # Enable Digest Snooping on GigabitEthernet1/0/1. <DeviceA> system-view [DeviceA] interface GigabitEthernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] stp config-digest-snooping # Enable global Digest Snooping.
Page 260 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Upstream Switch Downstream switch Proposal for rapid transition Root port blocks other non-edge ports , changes to forwarding state and sends Agreement to upstream switch Designated port...
Page 261: Configuring Protection Functions
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Required Enable No Agreement Check no-agreement-check Not enabled by default Note: The No Agreement Check feature can only take effect on the root port or Alternate port after enabled.
Page 262: Configuration Prerequisites
Loop guard TC-BPDU attack guard Note: The S5500-EI series Ethernet switches support the BPDU guard, root guard and loop guard functions. Among loop guard, root guard and edge port setting, only one function can take effect on the same port at the same time.
Page 263: Enabling Root Guard
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Follow these steps to enable BPDU guard: To do... Use the command... Remarks Enter system view — system-view Required Enable the BPDU guard stp bpdu-protection function on the device Disabled by default 1.8.3 Enabling Root Guard...
Page 264: Enabling Loop Guard
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration To do... Use the command... Remarks Enter system view — system-view Enter Required Ethernet interface interface-type Use either command. interface interface-number Configurations made in Enter view Ethernet interface view...
Page 265 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Follow these steps to enable loop guard: To do... Use the command... Remarks Enter system view — system-view Enter Required Ethernet interface interface-type Use either command. interface...
Page 266: Displaying And Maintaining Mstp
Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Note: We recommend that you keep this feature enabled. 1.9 Displaying and Maintaining MSTP To do... Use the command... Remarks View the information about Available in any...
Page 267 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Device A and Device B are convergence layer devices, while Device C and Device D are access layer devices. VLAN 10 and VLAN 30 are terminated on the...
Page 268 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration # Define Device A as the root bridge of MST instance 1. [DeviceA] stp instance 1 root primary # View the MST region configuration information that has taken effect.
Page 269 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration Configuration on Device C # Enter MST region view. <DeviceC> system-view [DeviceC] stp region-configuration [DeviceC-mst-region] region-name example # Configure the region name, VLAN-to-instance mappings and revision level of the MST region.
Page 270 Operation Manual – MSTP H3C S5500-EI Series Ethernet Switches Chapter 1 MSTP Configuration [DeviceD-mst-region] instance 3 vlan 30 [DeviceD-mst-region] instance 4 vlan 40 [DeviceD-mst-region] revision-level 0 # Activate MST region configuration manually. [DeviceD-mst-region] active region-configuration [DeviceD-mst-region] quit # View the MST region configuration information that has taken effect.
Page 271 Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IP Routing Overview....................1-1 1.1 IP Routing and Routing Table.................... 1-1 1.1.1 Routing ........................1-1 1.1.2 Routing Through a Routing Table ................1-1 1.2 Routing Protocol Overview ....................
Page 272: Chapter 1 Ip Routing Overview
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview Chapter 1 IP Routing Overview Go to these sections for information you are interested in: IP Routing and Routing Table Routing Protocol Overview Displaying and Maintaining a Routing Table Note: The term “router”...
Page 273 Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview Network mask: Specifies, in company with the destination address, the address of the destination network. A logical AND operation between the destination address and the network mask yields the address of the destination network. For example, if the destination address is 129.102.8.10 and the mask 255.255.0.0, the address...
Page 274: Routing Protocol Overview
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview Router A Router F 17.0.0.1 17.0.0.0 17.0.0.3 16.0.0.2 11.0.0.2 17.0.0.2 Router D 16.0.0.0 11.0.0.0 14.0.0.3 11.0.0.1 16.0.0.1 14.0.0.2 14.0.0.4 Router B Router G 14.0.0.0 15.0.0.2...
Page 275: Routing Protocols And Routing Priority
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview I. Operational scope Interior gateway protocols (IGPs): Work within an autonomous system, including RIP, OSPF, and IS-IS. Exterior gateway protocols (EGPs): Work between autonomous systems. The most popular one is BGP.
Page 276: Load Balancing And Route Backup
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview The following table lists some routing protocols and the default priorities for routes found by them: Routing approach Priority DIRECT OSPF IS-IS STATIC OSPF ASE...
Page 277: Route Recursion
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview II. Route backup Route backup can help improve network reliability. With route backup, you can configure multiple routes to the same destination, expecting the one with the highest priority to be the main route and all the rest backup routes.
Page 278 Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 1 IP Routing Overview To do… Use the command… Remarks Display routing display ip routing-table information permitted by ip-prefix ip-prefix-name an IPv4 prefix list [ verbose ] display ip routing-table...
Page 279: Chapter 2 Gr Overview
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 2 GR Overview Chapter 2 GR Overview Go to these sections for information you are interested in: Introduction to Graceful Restart Basic Concepts in Graceful Restart Graceful Restart Communication Procedure...
Page 280: Graceful Restart Communication Procedure
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 2 GR Overview GR Session: A Graceful Restart session, which is the negotiation between the GR Restarter and the GR Helper. A GR session includes restart notification and communications across restart.
Page 281 Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 2 GR Overview GR Restarter restarting Figure 2-2 Restarting process for the GR Restarter As illustrated in Figure 2-2. The GR Helper detects that the GR Restarter has restarted its routing protocol and assumes that it will recover within the GR Time.
Page 282: Graceful Restart Mechanism For Several Commonly Used Protocols
Operation Manual – IP Routing-GR Overview H3C S5500-EI Series Ethernet Switches Chapter 2 GR Overview Figure 2-4 The GR Restarter obtains topology and routing information from the GR Helper As illustrated in Figure 2-4, the GR Restarter obtains the necessary topology and routing information from all its neighbors through the GR sessions between them and calculates its own routing table based on this information.
Page 283 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Static Routing Configuration..................1-1 1.1 Introduction ........................1-1 1.1.1 Static Route......................1-1 1.1.2 Default Route ......................1-1 1.1.3 Application Environment of Static Routing.............. 1-2 1.2 Configuring a Static Route....................
Page 284 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 2.4.6 Configuring RIPv2 Message Authentication ............2-15 2.4.7 Specifying a RIP Neighbor ..................2-16 2.5 Displaying and Maintaining RIP..................2-16 2.6 RIP Configuration Examples.................... 2-17 2.6.1 Configuring RIP Version..................2-17 2.7 Troubleshooting RIP ......................
Page 285 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 3.7.3 Specifying an LSA Transmission Delay ..............3-34 3.7.4 Specifying SPF Calculation Interval ..............3-34 3.7.5 Specifying the LSA Minimum Repeat Arrival Interval ........... 3-35 3.7.6 Specifying the LSA Generation Interval ..............3-35 3.7.7 Disabling Interfaces from Sending OSPF Packets ..........
Page 286 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 4.4.2 Specifying a Priority for IS-IS ................4-20 4.4.3 Configuring IS-IS Link Cost................... 4-21 4.4.4 Configuring the Maximum Number of Equal Cost Routes ........4-23 4.4.5 Configuring IS-IS Route Summarization ............... 4-23 4.4.6 Advertising a Default Route ..................
Page 287 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 5.4.1 Prerequisites ......................5-22 5.4.2 Configuring BGP Route Redistribution..............5-23 5.4.3 Configuring BGP Route Summarization ............... 5-23 5.4.4 Advertising a Default Route to a Peer or Peer Group........... 5-24 5.4.5 Configuring BGP Route Distribution Filtering Policies ..........
Page 288 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 6.3.1 Prerequisites ......................6-4 6.3.2 Defining an IPv4 prefix List ..................6-4 6.3.3 Defining an AS Path List ..................6-5 6.3.4 Defining a Community List ..................6-5 6.3.5 Defining an Extended Community List..............
Page 289: Chapter 1 Static Routing Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration Chapter 1 Static Routing Configuration When configuring a static route, go to these sections for information you are interested Introduction Configuring a Static Route Application Environment of Static Routing...
Page 290: Application Environment Of Static Routing
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration You can create the default route with both destination and mask being 0.0.0.0, and some dynamic routing protocols, such as OSPF, RIP and IS-IS, can also generate the default route.
Page 291: Detecting Reachability Of The Static Route's Nexthop
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration To do… Use the command… Remarks Enter system view system-view — Required ip route-static dest-address { mask | By default, mask-length } { next-hop-address |...
Page 292: Displaying And Maintaining Static Routes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration I. Network requirements To detect the reachability of a static route's nexthop through a Track entry, you need to create a Track first. For detailed Track configuration procedure, refer to Track Configuration.
Page 293 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration 1.5 Configuration Example I. Network requirements The IP addresses and masks of the switches and hosts are shown in the following figure. Static routes are required for interconnection between any two hosts.
Page 294 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 Static Routing Configuration Routing Tables: Public Destinations : 7 Routes : 7 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/0 Static 60 1.1.4.2 Vlan500 1.1.2.0/24 Direct 0 1.1.2.3 Vlan300 1.1.2.3/32 Direct 0 127.0.0.1...
Page 295: Chapter 2 Rip Configuration
The term “router” in this document refers to a router in a generic sense or a Layer 3 switch. The S5500-EI series only support single RIP process. When configuring RIP, go to these sections for information you are interested in:...
Page 296 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration RIP prevents routing loops by implementing the split horizon and poison reverse functions. II. RIP routing table A RIP router has a routing table containing routing entries of all reachable destinations, and each routing entry contains: Destination address: IP address of a host or a network.
Page 297: Operation Of Rip
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Triggered updates. A router advertises updates once the metric of a route is changed rather than after the update period expires to speed up network convergence.
Page 298: Rip Message Format
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration 2.1.4 RIP Message Format I. RIPv1 message format A RIPv1 message consists of a header and up to 25 route entries. Figure 2-1 shows the format of RIPv1 message.
Page 299: Supported Rip Features
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Next Hop: If set to 0.0.0.0, it indicates that the originator of the route is the best next hop; otherwise it indicates a next hop better than the originator of the route.
Page 300: Configuring Rip Basic Functions
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration RFC 2082: RIPv2 MD5 Authentication 2.2 Configuring RIP Basic Functions 2.2.1 Configuration Prerequisites Before configuring RIP basic functions, configure IP addresses for interfaces, making all adjacent nodes reachable to each other at the network layer.
Page 301 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Return to system view quit — interface interface-type Enter interface view — interface-number Optional Enable the interface to rip input...
Page 302: Configuring Rip Route Control
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks interface Enter interface view –– interface-type interface-number rip version { 1 | 2 Specify a RIP version [ broadcast |...
Page 303: Configuring Ripv2 Route Summarization
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks rip metricout Optional Define an outbound [ route-policy additional routing metric 1 by default route-policy-name ] value 2.3.2 Configuring RIPv2 Route Summarization Route summarization means that subnets in a natural network are summarized with a natural network that is sent to other networks.
Page 304: Disabling Host Route Reception
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Note: You need to disable RIPv2 route automatic summarization before advertising a summary route on an interface. 2.3.3 Disabling Host Route Reception Sometimes a router may receive many host routes from the same network, which are not helpful for routing and occupy a large amount of network resources.
Page 305: Configuring Inbound/Outbound Route Filtering
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Note: The router enabled to advertise a default route does not receive default routes from RIP neighbors. 2.3.5 Configuring Inbound/Outbound Route Filtering The device supports route filtering. You can filter routes by configuring the inbound and outbound route filtering policies via referencing an ACL or IP prefix list.
Page 306: Configuring Rip Route Redistribution
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Follow these steps to configure a priority for RIP: To do… Use the command… Remarks Enter system view system-view –– Enter RIP view rip [ process-id ] ––...
Page 307: Configuring Split Horizon And Poison Reverse
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration To do… Use the command… Remarks Optional timers { garbage-collect The default update timer, garbage-collect-value | Configure values for RIP timeout timer, suppress suppress suppress-value timers...
Page 308: Configuring The Maximum Number Of Load Balanced Routes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration II. Enabling poison reverse The poison reverse function allows an interface to advertise the routes received from it, but the metric of these routes is set to 16, making them unreachable.
Page 309: Enabling Source Ip Address Check On Incoming Rip Updates
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration 2.4.5 Enabling Source IP Address Check on Incoming RIP Updates You can enable source IP address check on incoming RIP updates. For a message received on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface.
Page 310: Specifying A Rip Neighbor
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration 2.4.7 Specifying a RIP Neighbor Usually, RIP sends messages to broadcast or multicast addresses. On non broadcast or multicast links, you need to manually specify RIP neighbors. If a specified neighbor is not directly connected, you must disable source address check on incoming updates.
Page 311: Rip Configuration Examples
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration 2.6 RIP Configuration Examples 2.6.1 Configuring RIP Version I. Network requirements As shown in Figure 2-4, enable RIPv2 on all interfaces on Switch A and Switch B.
Page 312: Troubleshooting Rip
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Configure RIP version # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary # Configure RIPv2 on Switch B. [SwitchB] rip [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary # Display the RIP routing table on Switch A.
Page 313: Route Oscillation Occurred
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 RIP Configuration Use the display rip command to check whether some interface is disabled 2.7.2 Route Oscillation Occurred Symptom: When all links work well, route oscillation occurs on the RIP network. After displaying the routing table, you may find some routes appear and disappear in the routing table intermittently.
Page 314: Chapter 3 Ospf Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Chapter 3 OSPF Configuration Note: The term “router” in this document refers to a router in a generic sense or a Layer 3 switch. Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the Internet Engineering Task Force (IETF).
Page 315: Basic Concepts
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Loop-free: Computes routes with the shortest path first (SPF) algorithm according to the collected link states, so no route loops are generated. Area partition: Allows an AS to be split into different areas for ease of management and the routing information transmitted between areas is summarized to reduce network bandwidth consumption.
Page 316 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration IV. OSPF packets OSPF uses five types of packets: Hello packet: Periodically sent to find and maintain neighbors, containing the values of some timers, information about the DR, BDR and known neighbors.
Page 317: Ospf Area Partition And Route Summarization
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Opaque LSA: A proposed type of LSA, the format of which consists of a standard LSA header and application specific information. Opaque LSAs are used by the OSPF protocol or by some application to distribute information into the OSPF routing domain.
Page 318 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-1 OSPF area partition After area partition, area border routers perform route summarization to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes.
Page 319 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-2 OSPF router types III. Backbone area and virtual links Each AS has a backbone area, which is responsible for distributing routing information between none-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area.
Page 320 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Another application of virtual links is to provide redundant links. If the backbone area cannot maintain internal connectivity due to a physical link failure, configuring a virtual link can guarantee logical connectivity in the backbone area, as shown below.
Page 321 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration NSSA area. When traveling to the NSSA ABR, Type-7 LSAs are translated into Type-5 LSAs by the ABR for advertisement to other areas. In the following figure, the OSPF AS contains three areas: Area 1, Area 2 and Area 0.
Page 322: Classification Of Ospf Networks
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration segment. The ABR in the area distributes only the summary LSA to reduce the scale of LSDBs on routers in other areas. ASBR route summarization If summarization for redistributed routes is configured on an ASBR, it will summarize redistributed Type-5 LSAs that fall into the specified address range.
Page 323: Dr And Bdr
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration P2MP (point-to-multipoint): By default, OSPF considers no link layer protocol as P2MP, which is a conversion from other network types such as NBMA in general. On P2MP networks, packets are sent to multicast addresses (224.0.0.5).
Page 324 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration the new DR in a very short period by avoiding adjacency establishment and DR reelection. Meanwhile, other routers elect another BDR, which requires a relatively long period but has no influence on routing calculation.
Page 325: Ospf Packet Formats
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.1.5 OSPF Packet Formats OSPF packets are directly encapsulated into IP packets. OSPF has the IP protocol number 89. The OSPF packet format is shown below (taking a LSU packet as an example).
Page 326 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration II. Hello packet A router sends hello packets periodically to neighbors to find and maintain neighbor relationships and to elect the DR/BDR, including information about values of timers, DR, BDR and neighbors already known.
Page 327 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration The DD packet format: Version Packet length Router ID Area ID Checksum AuType Authentication Authentication Interface MTU Options 0 0 0 0 0 I DD sequence number...
Page 328 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Version Packet length Router ID Area ID Checksum AuType Authentication Authentication LS type Link state ID Advertising router Figure 3-12 LSR packet format Major fields: LS type: Type number of the LSA to be requested. Type 1 for example indicates the Router LSA.
Page 329 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration LSAs can be acknowledged in a single Link State Acknowledgment packet. The following figure gives its format. Figure 3-14 LSAck packet format VII. LSA header format All LSAs have the same header, as shown in the following figure.
Page 330 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration VIII. Formats of LSAs Router LSA Figure 3-16 Router LSA format Major fields: Link State ID: ID of the router that originated the LSA. V (Virtual Link): Set to 1 if the router that originated the LSA is a virtual link endpoint.
Page 331 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Figure 3-17 Network LSA format Major fields: Link State ID: The interface address of the DR Network Mask: The mask of the network (a broadcast or NBMA network)
Page 332 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: A Type-3 LSA can be used to advertise a default route, having the Link State ID and Network Mask set to 0.0.0.0. AS external LSA An AS external LSA originates from an ASBR, describing routing information to a destination outside the AS.
Page 333: Supported Ospf Features
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration An NSSA external LSA originates from the ASBR in a NSSA and is flooded in the NSSA area only. It has the same format as the AS external LSA.
Page 334: Ospf Configuration Task List
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration After an OSPF GR Restarter restarts OSPF, it needs to perform the following two tasks in order to re-synchronize its LSDB with its neighbors. To obtain once again effective OSPF neighbor information, supposing the adjacencies are not changed.
Page 335 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Task Remarks Configuring OSPF Route Summarization Optional Configuring OSPF Inbound Route Filtering Optional Configuring ABR Type-3 LSA Filtering Optional Configuring an OSPF Cost for an Interface...
Page 336: Configuring Ospf Basic Functions
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.3 Configuring OSPF Basic Functions You need to enable OSPF, specify an interface and area ID first before performing other tasks. 3.3.1 Prerequisites Before configuring OSPF, you need to configure IP addresses for interfaces, making neighboring nodes accessible with each other at the network layer.
Page 337: Configuring Ospf Area Parameters
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: An OSPF process ID is unique. A network segment can only belong to one area. It is recommended to configure a description for each OSPF process to help identify purposes of processes and for ease of management and memorization.
Page 338: Configuring Ospf Network Types
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Optional Configure the area as a stub [ no-summary ] stub area Not configured by default nssa Optional Configure the area as...
Page 339: Configuring The Ospf Network Type For An Interface
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.5.1 Prerequisites Before configuring OSPF network types, you have configured: IP addresses for interfaces, making neighboring nodes accessible with each other at network layer. OSPF basic functions.
Page 340: Configuring A Router Priority For An Ospf Interface
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.5.4 Configuring a Router Priority for an OSPF Interface For broadcast or NBMA interfaces, you can configure router priorities for DR/BDR election. Follow these steps to configure a router priority for an OSPF interface: To do…...
Page 341: Configuring Ospf Inbound Route Filtering
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Configuring route summarization between OSPF areas on an ABR Configuring route summarization when redistributing routes into OSPF on an ASBR Follow these steps to configure route summarization between OSPF areas on an ABR: To do…...
Page 342: Configuring Abr Type-3 Lsa Filtering
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: Since OSPF is a link state-based interior gateway protocol, routing information is contained in LSAs. However, OSPF cannot filter LSAs. Using the filter-policy import command is to filter routes computed by OSPF, and only routes not filtered out are installed into the routing table.
Page 343: Configuring The Maximum Number Of Ospf Routes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Optional Configure a bandwidth bandwidth-reference The value defaults to 100 reference value value Mbps. Note: If no OSPF cost is configured for an interface, OSPF computes the cost automatically: Interface OSPF cost= Bandwidth reference value/Interface bandwidth.
Page 344: Configuring A Priority For Ospf
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.6.8 Configuring a Priority for OSPF A router may run multiple routing protocols, and it sets a priority for each protocol. When a route found by several routing protocols, the route found by the protocol with the highest priority will be selected.
Page 345: Configuring Ospf Network Optimization
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Optional By default, the default Configure the default cost is 1, default upper parameters for default { cost cost | limit...
Page 346: Configuring Ospf Packet Timers
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration OSPF basic functions. 3.7.2 Configuring OSPF Packet Timers You can configure the following timers on OSPF interfaces as needed: Hello timer: Interval for sending hello packets. It must be identical on OSPF neighbors.
Page 347: Specifying An Lsa Transmission Delay
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: The hello and dead intervals restore to default values after you change the network type for an interface. The dead interval should be at least four times the hello interval on an interface.
Page 348: Specifying The Lsa Minimum Repeat Arrival Interval
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: With this task configured, when network changes are not frequent, SPF calculation applies at the minimum-interval. If network changes become frequent, SPF calculation interval is incremented by incremental-interval•2 (n is the number of calculation times) each time a calculation occurs, up to the maximum-interval.
Page 349: Disabling Interfaces From Sending Ospf Packets
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Optional By default, the maximum lsa-generation-interval interval is 5 seconds, the Configure the LSA maximum-interval minimum interval is 0 generation interval...
Page 350: Configuring Stub Routers
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.7.8 Configuring Stub Routers A stub router is used for traffic control. It tells other OSPF routers not to use it to forward data, but they can have a route to it.
Page 351: Adding The Interface Mtu Into Dd Packets
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks interface interface-type Enter interface view — interface-number Configure the ospf authentication mode authentication-mode (simple authentication) for simple [ plain | cipher ]...
Page 352: Making External Route Selection Rules Defined In Rfc1583 Compatible
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Specify the maximum Optional lsdb-overflow-limit number of external LSAs number No limitation by default in the LSDB 3.7.12 Making External Route Selection Rules Defined in RFC1583 Compatible The selection of an external route from multiple LSAs defined in RFC2328 is different from the one defined in RFC1583.
Page 353: Enabling The Advertisement And Reception Of Opaque Lsas
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks snmp-agent trap enable ospf [ process-id ] [ ifauthfail | ifcfgerror | ifrxbadpkt | ifstatechange | iftxretransmit | lsdbapproachoverflow |...
Page 354 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks Enter system view system-view — ospf [ process-id | Enter OSPF view — router-id router-id ] * Enable the advertisement...
Page 355: Configuring The Ospf Gr Helper
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: With the graceful-restart command used, a device can act as a GR Restarter and a GR Helper. Without the graceful-restart command used, a device can only act as a GR Helper.
Page 356: Displaying And Maintaining Ospf
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.9 Displaying and Maintaining OSPF To do… Use the command… Remarks Display OSPF brief display ospf [ process-id ] brief information display ospf [ process-id ]...
Page 357: Ospf Configuration Examples
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration To do… Use the command… Remarks reset ospf [ process-id ] counters [ neighbor Reset OSPF counters [ interface-type interface-number ] [ router-id ] ] Available in user...
Page 358 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure OSPF basic functions # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit...
Page 359 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Verify the configuration # Display information about neighbors on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 10.2.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors Router ID: 10.3.1.1...
Page 360 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Intra Area: 3 Inter Area: 2 ASE: 0 NSSA: 0 # Display the Link State Database on Switch A. [SwitchA] display ospf lsdb OSPF Process 1 with Router ID 10.2.1.1 Link State Database Area: 0.0.0.0...
Page 361: Configuring An Ospf Stub Area
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration # On Switch D, ping the IP address 10.4.1.1 to check connectivity. [SwitchD] ping 10.4.1.1 PING 10.4.1.1: 56 data bytes, press CTRL_C to break Request time out Reply from 10.4.1.1: bytes=56 Sequence=2 ttl=253 time=15 ms...
Page 362 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchD-ospf-1] import-route static [SwitchD-ospf-1] quit # Display ABR/ASBR information on Switch C. [SwitchC] display ospf abr-asbr OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR...
Page 363 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchA] ospf [SwitchA-ospf-1] area 1 [SwitchA-ospf-1-area-0.0.0.1] stub [SwitchA-ospf-1-area-0.0.0.1] quit [SwitchA-ospf-1] quit # Configure Switch C. [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] stub [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit...
Page 364: Configuring An Ospf Nssa Area
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1...
Page 365 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration III. Configuration procedure Configure IP addresses for interfaces. Configure OSPF basic functions (refer to Configuring OSPF Basic Functions). Configure Area 1 as an NSSA area. # Configure Switch A.
Page 366: Configuring Ospf Dr Election
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchC] ospf [SwitchC-ospf-1] import-route static [SwitchC-ospf-1] quit # Display OSPF routing information on Switch D. [SwitchD-ospf-1] display ospf routing OSPF Process 1 with Router ID 10.5.1.1...
Page 367 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration II. Network diagram Switch A Switch D Vlan-int1 Vlan-int1 196.1.1.1/24 196.1.1.4/24 Vlan-int1 Vlan-int1 196.1.1.3/24 196.1.1.2/24 Switch C Switch B Figure 3-24 Network diagram for OSPF DR election configuration III.
Page 368 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration # Configure Switch D. <SwitchD> system-view [SwitchD] router id 4.4.4.4 [SwitchD] ospf [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit # Display OSPF neighbor information on Switch A.
Page 369 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [RouterA-Vlan-interface1] quit # Configure Switch B. [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] ospf dr-priority 0 [SwitchB-Vlan-interface1] quit # Configure Switch C. [SwitchC] interface vlan-interface 1 [SwitchC-Vlan-interface1] ospf dr-priority 2 [SwitchC-Vlan-interface] quit # Display neighbor information on Switch D.
Page 370 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: In the above output, you can find the priority configuration does not take effect immediately. Restart OSPF process (omitted) # Display neighbor information on Switch D.
Page 371: Configuring Ospf Virtual Links
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration Note: If the neighbor state is full, it means Switch D has established the adjacency with the neighbor. If the neighbor state is 2-way, it means the two switches are neither the DR nor the BDR, and they do not exchange LSAs.
Page 372 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration II. Network diagram Figure 3-25 Network diagram for OSPF virtual link configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure OSPF basic functions # Configure Switch A.
Page 373 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 192.168.1.0/24 1562 Stub 192.168.1.1 1.1.1.1 0.0.0.1 Total Nets: 2 Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0 Note: Since Area 2 has no direct connection to Area 0, the OSPF routing table of Router A has no route to Area 2.
Page 374: Ospf Graceful Restart Configuration Example
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration 3.10.6 OSPF Graceful Restart Configuration Example I. Network requirements Switch A, Switch B and Switch C that belong to the same autonomous system and the same OSPF routing domain are GR capable.
Page 375: Troubleshooting Ospf Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration [SwitchB-Vlan-interface100] ip address 192.1.1.2 255.255.255.0 [SwitchB-Vlan-interface100] ospf dr-priority 0 [SwitchB-Vlan-interface100] quit [SwitchB] router id 2.2.2.2 [SwitchB] ospf 100 [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization [SwitchB-ospf-100] graceful-restart help 2000 [SwitchB-ospf-100] area 0 [SwitchB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255...
Page 376: Incorrect Routing Information
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 OSPF Configuration III. Processing steps Display OSPF neighbor information using the display ospf peer command. Display OSPF interface information using the display ospf interface command. Ping the neighbor router’s IP address to check connectivity.
Page 377 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Chapter 4 IS-IS Configuration When configuring IS-IS, go to these sections for information you are interested in: IS-IS Overview IS-IS Configuration Task List Configuring IS-IS Basic Functions...
Page 378 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Routing domain (RD). A group of ISs exchange routing information with the same routing protocol in a routing domain. Area. An area is a division unit in a routing domain. The IS-IS protocol allows a routing domain to be divided into multiple areas.
Page 379 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Generally, a router only needs one area address, and all nodes in the same routing domain must share the same area address. However, a router can have three area addresses at most to support smooth area merging, partitioning and switching.
Page 380: Is-Is Area
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration 4.1.2 IS-IS Area I. Two-level hierarchy IS-IS uses two-level hierarchy in the routing domain to support large scale routing networks. A large routing domain is divided into multiple Areas. The Level-1 router is in charge of forwarding routes within an area, and the Level-2 router is in charge of forwarding routes between areas.
Page 381 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-2 IS-IS topology Figure 4-3 shows another network topology running the IS-IS protocol. The Level-1-2 routers connect the Level-1 and Level-2 routers, and also form the IS-IS backbone together with the Level-2 routers.
Page 382: Is-Is Network Type
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Both the IS-IS Level-1 and Level-2 routers use the SPF algorithm to generate the Shortest Path Tree (SPT). III. Interface routing hierarchy type You can configure the routing type for each interface. For a Level-1-2 router, one interface may establish Level-1 adjacency with a router, and another one may establish Level-2 adjacency with another router.
Page 383 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: For the Non-Broadcast Multi-Access (NBMA) network, such as ATM, you need to configure point-to-point or broadcast network on its configured subinterfaces. IS-IS does not run on Point to Multipoint (P2MP) links.
Page 384: Is-Is Pdu Format
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: On IS-IS broadcast networks, all routers are adjacent with each other. The DIS is responsible for the synchronization of their LSDBs. 4.1.4 IS-IS PDU Format I.
Page 385 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Maximum Area Address: Maximum number of area addresses supported. Table 4-1 PDU type Type PDU Type Acronym Level-1 LAN IS-IS hello PDU L1 LAN IIH Level-2 LAN IS-IS hello PDU...
Page 386 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-7 L1/L2 LAN IIH format Reserved/Circuit Type: The first 6 bits are reserved with value 0. The last 2 bits indicates router types: 00 means reserved, 01 indicates L1, 10 indicates L2, and 11 indicates L1/2.
Page 387 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-8 P2P IIH format Instead of the priority and LAN ID fields in the LAN IIH, the P2P IIH has a Local Circuit ID field.
Page 388 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-9 L1/L2 LSP format PDU Length: Total length of the PDU in bytes. Remaining Lifetime: LSP remaining lifetime in seconds. LSP ID: Consists of the system ID, the pseudonode ID (one byte) and the LSP fragment number (one byte).
Page 389 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Figure 4-10 LSDB overload IS Type: Type of the router generating the LSP. V. SNP format The Sequence Number PDU (SNP) confirms the latest received LSPs. It is similar to the Acknowledge packet, but more efficient.
Page 390 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request new LSPs from neighbors.
Page 391: Is-Is Features Supported
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration CLV Code Name PDU Type LSP Entries Authentication Information IIH, LSP, SNP IP Internal Reachability Information Protocols Supported IIH, LSP IP External Reachability Information L2 LSP...
Page 392 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration III. Management tag Management tag carries the management information of the IP address prefixes and BGP community attribute. It controls the redistribution from other routing protocols.
Page 393 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration virtual router. An extended LSP fragment is advertised by a virtual system identified by additional system ID. Operation modes The LSP fragment extension feature operates in two modes on an IS-IS router: Mode-1: It applies to a network where some routers do not support LSP fragment extension.
Page 394: Is-Is Configuration Task List
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration RFC 1195 - Use of OSI IS-IS for Routing in TCP/IP and Dual Environments RFC 2763 - Dynamic Hostname Exchange Mechanism for IS-IS RFC 2966 - Domain-wide Prefix Distribution with Two-Level IS-IS...
Page 395: Configuring Is-Is Basic Functions
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Task Remarks Configuring a DIS Priority for an Interface Optional Configuring IS-IS Timers Optional Disabling an Interface from Sending/Receiving IS-IS Optional Hello Packets Configuring LSP Parameters...
Page 396: Configuring Is-Is Routing Information Control
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Required Enable an IS-IS process isis enable [ process-id ] on the interface Disabled by default Optional By default, the network...
Page 397: Configuring Is-Is Link Cost
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Optional preference { route-policy Specify a priority for IS-IS route-policy-name | preference } * 15 by default 4.4.3 Configuring IS-IS Link Cost...
Page 398 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks cost-style { narrow | wide | wide-compatible | Optional Specify an IS-IS cost style { compatible | Defaulted as narrow.
Page 399: Configuring The Maximum Number Of Equal Cost Routes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: In the case no interface cost is specified in interface view or system view and automatic cost calculation is enabled: When the cost style is wide or wide-compatible, IS-IS automatically calculates the...
Page 400: Configuring Inbound Route Filtering
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Follow these steps to configure route summarization: To do… Use the command... Remarks Enter system view system-view — Enter IS-IS view isis [ process-id ] ––...
Page 401: Configuring Route Redistribution
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks filter-policy { acl-number | Required Configure inbound ip-prefix ip-prefix-name | route filtering route-policy Not configured by default route-policy-name } import 4.4.8 Configuring Route Redistribution...
Page 402: Tuning And Optimizing Is-Is Network
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: If a filter policy is specified, only routes passing it can be advertised into Level-1 area. You can specify a routing policy in the import-route isis level-2 into level-1 command to filter routes from Level-2 to Level-1.
Page 403 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Enter system view system-view –– interface interface-type Enter interface view –– interface-number Optional Specify the interval isis timer hello seconds...
Page 404: Disabling An Interface From Sending/Receiving Is-Is Hello Packets
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: On the broadcast link, you can specify different intervals for Level-1 and Level-2 hello packets; if no level is specified, the interval applies to both Level-1 and Level-2 hello packets, but only takes effect on the level of the current process;...
Page 405 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration The router will discard a LSP with incorrect checksum. You can configure the router to ignore the incorrect checksum, which means a LSP will be processed even with an incorrect LSP checksum.
Page 406: Configuring Spf Parameters
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Optional Not added by default If the mesh-blocked isis mesh-group Add the interface to a keyword is included, the [ mesh-group-number |...
Page 407: Configuring Dynamic Host Name Mapping
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration 4.5.7 Configuring Dynamic Host Name Mapping Follow these steps to configure the dynamic host name mapping: To do… Use the command... Remarks Enter system view system-view ––...
Page 408: Configuring Lsdb Overload Tag
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration authentication enabled Level-2 routers in the backbone must adopt the same authentication mode and share the same password. The authentication configured on an interface applies to the hello packet in order to authenticate neighbors.
Page 409: Logging The Adjacency Changes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration The overload tag can be used for troubleshooting as well. You can temporarily isolate a router from the IS-IS network by setting the overload tag. Follow these steps to configure the LSDB overload tag: To do…...
Page 410: Enabling Snmp Trap
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks Required Enable the interface to send small hello packets isis small-hello Standard hello packets that have no padding field are sent by default.
Page 411: Displaying And Maintaining Is-Is
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Note: A device can act as both the GR Restarter and GR Helper at the same time. Follow these steps to configure GR on the GR Restarter and GR Helper respectively: To do…...
Page 412: Is-Is Configuration Example
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration To do… Use the command… Remarks display isis route [ ipv4 ] Display IS-IS routing Available in any [ [ level-1 | level-2 ] | verbose ] *...
Page 413 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure IS-IS # Configure Switch A. <SwitchA> system-view [SwitchA] isis 1 [SwitchA-isis-1] is-level level-1 [SwitchA-isis-1] network-entity 10.0000.0000.0001.00...
Page 414 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 100 [SwitchD-Vlan-interface100] isis enable 1 [SwitchD-Vlan-interface100] quit [SwitchD] interface vlan-interface 300 [SwitchD-Vlan-interface300] isis enable 1 [SwitchD-Vlan-interface300] quit Verify the configuration # Display the IS-IS LSDB of each switch to check the LSP integrity.
Page 415 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [SwitchC] display isis lsdb Database information for ISIS(1) -------------------------------- Level-1 Link State Database LSPID Seq Num Checksum Holdtime Length...
Page 416 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration 0000.0000.0004.01-00* 0x00000002 0xec96 1007 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload # Display the IS-IS routing information of each switch. Level-1 switches should have a default route with the next hop being the Level-1-2 switch.
Page 417: Dis Selection Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration ------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------- 192.168.0.0/24 NULL Vlan300 Direct D/L/- 10.1.1.0/24 NULL Vlan100 Direct D/L/- 10.1.2.0/24 NULL Vlan200 Direct D/L/- 172.16.0.0/16 NULL Vlan300 192.168.0.2...
Page 418 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration II. Network diagram Figure 4-15 Network diagram for DIS selection III. Configuration procedure Configure an IP address for each interface (omitted) Enable IS-IS # Configure Switch A.
Page 419 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration [SwitchC-Vlan-interface100] isis enable 1 [SwitchC-Vlan-interface100] quit # Configure Switch D. <SwitchD> system-view [SwitchD] isis 1 [SwitchD-isis-1] network-entity 10.0000.0000.0004.00 [SwitchD-isis-1] is-level level-2 [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 100...
Page 420 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration [SwitchC] display isis interface Interface information for ISIS(1) --------------------------------- Interface: Vlan-interface100 IPV4.State IPV6.State Type Down 1497 L1/L2 Yes/No # Display information about IS-IS interfaces of Switch D.
Page 421 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64 System Id: 0000.0000.0004 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up...
Page 422: Is-Is Graceful Restart Configuration Example
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration IPV4.State IPV6.State Type Down 1497 L1/L2 No/No # Display information about IS-IS neighbors and interfaces of Switch D. [SwitchD] display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0001...
Page 423 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration III. Configuration procedure Configure IP addresses of the interfaces on each switch and configure IS-IS. Follow Figure 4-16 to configure the IP address and subnet mask of each interface. The configuration procedure is omitted.
Page 424 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IS-IS Configuration Interface Vlan1 T1 Timer Status: Remaining Time: 1 RA Not Received Complete CSNP Not Received Number of T1 Pre Expiry: 0 IS-IS(1) Level-2 Restart Status Restart Interval: 150...
Page 425: Chapter 5 Bgp Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Chapter 5 BGP Configuration The Border Gateway Protocol (BGP) is a dynamic inter-AS route discovery protocol. When configuring BGP, go to these sections for information you are interested in:...
Page 426: Formats Of Bgp Messages
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Using TCP as its transport layer protocol to enhance reliability Supporting CIDR Substantially reducing bandwidth occupation by advertising updating routes only and applicable to advertising a great amount of routing information on the Internet...
Page 427 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Marker: The 16-byte field is used for BGP authentication. If no authentication information is available, then the Marker must be all ones. Length: The 2-byte unsigned integer indicates the total length of the message.
Page 428 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-3 BGP Update message format Each Update message can advertise a group of feasible routes with similar attributes, which are contained in the network layer reachable information (NLRI) field. The Path Attributes field carries attributes of these routes that are used by BGP for routing.
Page 429: Bgp Path Attributes
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration V. Keepalive Keepalive messages are sent between peers to maintain connectivity. Its format contains only the message header. VI. Route-refresh A route-refresh message is sent to a peer to request the resending of the specified address family routing information.
Page 430 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Name Category AGGREGATOR Optional transitive COMMUNITY Optional transitive MULTI_EXIT_DISC (MED) Optional non-transitive ORIGINATOR_ID Optional non-transitive CLUSTER_LIST Optional non-transitive II. Usage of BGP path attributes ORIGIN ORIGIN is a well-known mandatory attribute and defines the origin of routing information and how a route becomes a BGP route.
Page 431 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 8.0.0.0 AS 10 D=8.0.0.0 D=8.0.0.0 (10) (10) AS 40 AS 20 D=8.0.0.0 D=8.0.0.0 (40,10) (20,10) D=8.0.0.0 (30,20,10) AS 30 AS 50 Figure 5-6 AS_PATH attribute In general, a BGP router does not receive routes containing the local AS number to avoid routing loops.
Page 432 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration When sending a received route to an EBGP peer, a BGP speaker sets the NEXT_HOP for the route to the address of the sending interface. When sending a route received from an EBGP peer to an IBGP peer, a BGP speaker does not modify the NEXT_HOP attribute.
Page 433 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration In general, BGP compares MEDs of routes to the same AS only. Note: You can use the compare-different-as-med command to force BGP to compare MED values of routes to different ASs.
Page 434: Bgp Route Selection
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration No_Advertise: After received, routes with this attribute cannot be advertised to other BGP peers. No_Export_Subconfed: After received, routes with this attribute cannot be advertised out the local AS or other ASs in the local confederation.
Page 435 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration on route recursion is always enabled on the switch rather than configured using commands. BGP differs from IGP in the implementation of load balancing in the following:...
Page 436: Ibgp And Igp Synchronization
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration only once, with AS_PATH unchanged, NEXT_HOP changed to Router C’s address. Other BGP transitive attributes apply according to route selection rules. III. BGP route advertisement rules...
Page 437: Settlements For Problems Caused By Large Scale Bgp Networks
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration routing table can the IBGP router add the route into its BGP routing table and advertise the route to the EBGP peer. You can disable the synchronization feature in the following cases: The local AS is not a transitive AS (AS20 is a transitive AS in the above figure).
Page 438 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-12 BGP route dampening III. Peer group A peer group is a collection of peers with the same attributes. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If configuration of the peer group is changed, configuration of group members is also changed.
Page 439 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Besides using the well-known community attribute, you can define the extended community attribute using a community list to help define a routing policy. V. Route reflector IBGP peers should be fully meshed to maintain connectivity.
Page 440 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-14 Network diagram for route reflectors When clients of a route reflector are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. The system supports using related commands to disable route reflection in this case.
Page 441: Bgp Gr
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Figure 5-15 Confederation network diagram From the perspective of a non-confederation speaker, it needs not know sub-ASs in the confederation. The ID of the confederation is the number of the AS. In the above figure, AS200 is the confederation ID.
Page 442 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration After the restart, the GR Restarter will reestablish a GR session with its peer and send a new GR message notifying the completion of restart. Routing information is exchanged between them for the GR Restarter to create a new routing table and forwarding table with stale routing information removed.
Page 443: Bgp Configuration Task List
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Note: For information about the IPv6 extension application, refer to IPv6 BGP Configuration in IPv6 Routing. This chapter gives no detailed commands related to any specific extension application in MP-BGP address family view.
Page 444: Configuring Bgp Basic Functions
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Task Remarks Configuring BGP Peer Groups Optional Configuring BGP Community Optional Configuring a Large Scale BGP Network Configuring a BGP Route Reflector Optional Configuring a BGP Confederation...
Page 445 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks peer { group-name | Required Specify the AS number of ip-address } as-number a peer or a peer group Not specified by default...
Page 446: Controlling Route Distribution And Reception
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Note: It is required to specify for a BGP router a router ID, a 32-bit unsigned integer and the unique identifier of the router in the AS.
Page 447: Configuring Bgp Route Redistribution
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.4.2 Configuring BGP Route Redistribution BGP can advertise the routing information of the local AS to peering ASs, but it redistributes routing information from IGP into BGP rather than self-finding. During route redistribution, BGP can filter routing information from specific routing protocols.
Page 448: Advertising A Default Route To A Peer Or Peer Group
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Follow these steps to configure BGP route summarization: To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number — Configure...
Page 449: Configuring Bgp Route Reception Filtering Policies
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number — filter-policy { acl-number Required to choose any; | ip-prefix Not configured by default;...
Page 450: Enabling Bgp And Igp Route Synchronization
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks sequence: Reference an AS path peer { group-name | ACL to filter routing ip-address } as-path-acl filter-policy import information from a...
Page 451: Configuring Bgp Route Dampening
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.4.8 Configuring BGP Route Dampening By configuring BGP route dampening, you can suppress unstable routes from neither adding them to the local routing table nor advertising them to BGP peers.
Page 452 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Use the To do… Remarks command… Configure the Optional default med default MED med-value 0 by default value Enable the comparison of Optional compare-different- MED of routes...
Page 453 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Use the To do… Remarks command… Configure repeating times Optional peer { group-name | of local AS ip-address } The local AS number can number in...
Page 454: Tuning And Optimizing Bgp Networks
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Note: Using a routing policy can set preferences for routes matching it. Routes not matching it use the default preferences. If other conditions are identical, the route with the smallest MED value is selected as the best external route.
Page 455 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration bgp command to soft-reset BGP connections, to refresh the BGP routing table and apply the new policy without tearing down BGP connections. Configure BGP authentication BGP employs TCP as the transport protocol. To enhance security, you can configure BGP to perform MD5 authentication when establishing a TCP connection.
Page 456 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Disable BGP route-refresh peer { group-name | Optional ip-address } multi-protocol capability-advertise Enabled by default extensions for conventional a peer/peer...
Page 457: Configuring A Large Scale Bgp Network
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Note: The maximum keepalive interval should be one third of the holdtime and no less than 1 second. The holdtime is no less than 3 seconds unless it is set to 0.
Page 458: Configuring Bgp Community
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number — Create an IBGP group group-name Optional peer group [ internal ]...
Page 459: Configuring A Bgp Route Reflector
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Enter system view system-view — Enter BGP view bgp as-number — Advertise the community peer { group-name | attribute to a...
Page 460: Configuring A Bgp Confederation
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Note: In general, it is not required to make clients of a route reflector fully meshed. The route reflector forwards routing information between clients. If clients are fully meshed, you can disable route reflection between clients to reduce routing costs.
Page 461: Configuring Bgp Gr
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.8 Configuring BGP GR Note: A device can act as both a GR Restarter and GR Helper at the same time. Follow these steps to configure BGP GR: To do…...
Page 462: Displaying And Maintaining Bgp
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.9 Displaying and Maintaining BGP 5.9.1 Displaying BGP To do… Use the command… Remarks Display peer group display bgp group [ group-name ] information Display advertised BGP...
Page 463: Resetting Bgp Connections
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration To do… Use the command… Remarks Display routing information display bgp routing-table matching a regular regular-expression expression as-regular-expression Display BGP routing display bgp routing-table statistic statistics 5.9.2 Resetting BGP Connections...
Page 464 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int100 8.1.1.1/8 Switch D Vlan-int400 9.1.1.2/24 Vlan-int200 200.1.1.2/24 Vlan-int500 9.1.2.2/24 Switch B Vlan-int400 9.1.1.1/24...
Page 465 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchD-bgp] quit Configure the EBGP connection # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.1.1 as-number 65009 # Inject network 8.0.0.0/8 to the BGP routing table.
Page 466 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration # Display BGP routing table information on Switch B. [SwitchB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped,...
Page 467 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale...
Page 468: Bgp And Igp Synchronization Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.10.2 BGP and IGP Synchronization Configuration I. Network requirements As shown below, OSPF is used as the IGP protocol in AS65009, where Switch C is a non-BGP switch.
Page 469 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration # Display routing table information on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped,...
Page 470: Bgp Load Balancing And Med Attribute Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Total Number of Routes: 2 BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale...
Page 471 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration II. Network diagram AS 65009 Switch B AS 65008 Vlan-int200 200.1.1.1/24 Vlan-int100 Vlan-int200 Vlan-int400 8.1.1.1/8 200.1.1.2/24 EBGP 9.1.1.1/24 IBGP Vlan-int400 EBGP Vlan-int300 9.1.1.2/24 200.1.2.2/24 Vlan-int300 Switch A 200.1.2.1/24...
Page 472 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchC-bgp] quit # Display the routing table on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped,...
Page 473: Bgp Community Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchB] bgp 65009 [SwitchB-bgp] default med 100 # Display the routing table on Switch A. [SwitchA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, >...
Page 474 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration III. Configuration procedure Configure IP addresses for interfaces (omitted) Configure EBGP # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 10 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.2.2 as-number 20 [SwitchA-bgp] network 9.1.1.0 255.255.255.0...
Page 475 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration # Display the routing table on Switch C. [SwitchC] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - damped,...
Page 476: Bgp Route Reflector Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration 5.10.5 BGP Route Reflector Configuration I. Network requirements In the following figure, all switches run BGP. Between Switch A and Switch B is an EBGP connection, between Switch C and Switch B, and between Switch C and Switch D are IBGP connections.
Page 477 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 193.1.1.2 as-number 200 [SwitchC-bgp] peer 194.1.1.2 as-number 200 [SwitchC-bgp] quit # Configure Switch D.
Page 478: Bgp Confederation Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf PrefVal Path/Ogn i 1.0.0.0 193.1.1.2 100i Switch D learned route 1.0.0.0/8 from Switch C.
Page 479 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchA-bgp] confederation peer-as 65002 65003 [SwitchA-bgp] peer 10.1.1.2 as-number 65002 [SwitchA-bgp] peer 10.1.1.2 next-hop-local [SwitchA-bgp] peer 10.1.2.2 as-number 65003 [SwitchA-bgp] peer 10.1.2.2 next-hop-local [SwitchA-bgp] quit # Configure Switch B.
Page 480 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchE] bgp 65001 [SwitchE-bgp] router-id 5.5.5.5 [SwitchE-bgp] confederation id 200 [SwitchE-bgp] peer 10.1.4.1 as-number 65001 [SwitchE-bgp] peer 10.1.5.1 as-number 65001 [SwitchE-bgp] quit Configure the EBGP connection between AS100 and AS200.
Page 481: Bgp Path Selection Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration AS-path : (65001) 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, external-confed, best, Not advertised to any peers yet # Display the BGP routing table on Switch D.
Page 482 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int101 1.0.0.1/8 Switch D Vlan-int400 195.1.1.1/24 Vlan-int100 192.1.1.1/24 Vlan-int300 194.1.1.1/24 Vlan-int200 193.1.1.1/24 Switch C Vlan-int400 195.1.1.2/24...
Page 483 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit Configure BGP connections # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 100 [SwitchA-bgp] peer 192.1.1.2 as-number 200 [SwitchA-bgp] peer 193.1.1.2 as-number 200...
Page 484 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 50 [SwitchA-route-policy] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 100 [SwitchA-route-policy] quit # Apply routing policy apply_med_50 to the route advertised to peer 193.1.1.2 (Switch...
Page 485: Troubleshooting Bgp
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration [SwitchC] bgp 200 [SwitchC-bgp] peer 193.1.1.1 route-policy localpref import [SwitchC-bgp] quit # Display the routing table on Switch D. [SwitchD] display bgp routing-table Total Number of Routes: 2 BGP Local router ID is 194.1.1.1...
Page 486 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 BGP Configuration Use the display tcp status command to check the TCP connection. Check whether an ACL disabling TCP port 179 is configured. 5-62...
Page 487: Introduction To Routing Policy
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Chapter 6 Routing Policy Configuration Note: The term “router” refers to a router in a generic sense or a Layer 3 switch running routing protocols.
Page 488 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration When distributing or receiving routing information, a router can use a routing policy to filter routing information. For example, a router receives or advertises only routing information that matches the criteria of a routing policy;...
Page 489: Routing Policy Application
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration V. Extended community list Extended community list (extcommunity-list) applies to BGP only. It involves two attributes: Route-Target extcommunity for VPN, Source of Origin extcommunity. An extcommunity-list specifies matching conditions according to the two attributes.
Page 490: Defining Filtering Lists
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Task Creating a Routing Policy Configuring a Routing Policy Defining if-match Clauses for the Routing Policy Defining apply Clauses for the Routing Policy 6.3 Defining Filtering Lists 6.3.1 Prerequisites...
Page 491: Defining An Extended Community List
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration <Sysname> system-view [Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16 [Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16 [Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16 [Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32...
Page 492: Configuring A Routing Policy
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Follow these steps to define an extended community list: To do… Use the command… Remarks Enter system view system-view — Required ip extcommunity-list Define an extended...
Page 493 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Note: If a node has the permit keyword specified, routing information meeting the node’s conditions will be handled using the apply clauses of this node, without needing to match against the next node.
Page 494: Defining Apply Clauses For The Routing Policy
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration To do… Use the command… Remarks if-match community { basic-community-list- Optional Match routes having community number attributes in the specified community Not configured [ whole-match ] |...
Page 495 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration To do… Use the command… Remarks Enter system view system-view — route-policy Required Create a routing policy route-policy-name and enter its view { permit | deny } node...
Page 496: Displaying And Maintaining The Routing Policy
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration To do… Use the command… Remarks Optional Set a tag value for RIP, apply tag value OSPF or IS-IS routes Not set by default Note: The apply ip-address next-hop command do not apply to redistributed IPv4 routes.
Page 497 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration II. Network diagram Figure 6-1 Network diagram for routing policy application to route redistribution III. Configuration procedure Specify IP addresses for interfaces (omitted). Configure IS-IS # Configure Switch C.
Page 498 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable [SwitchB-Vlan-interface200] quit Configure OSPF and route redistribution # Configure Switch A: enable OSPF. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255...
Page 499 Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration [SwitchB] acl number 2002 [SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [SwitchB-acl-basic-2002] quit # Configure an IP prefix list named prefix-a, letting pass route 172.17.1.0/24. [SwitchB] ip ip-prefix prefix-a index 10 permit 172.17.1.0 24 Configure a routing policy.
Page 500: Troubleshooting Routing Policy Configuration
Operation Manual – IPv4 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0 6.7 Troubleshooting Routing Policy Configuration 6.7.1 IPv4 Routing Information Filtering Failure I. Symptom Filtering routing information failed, while routing protocol runs normally.
Page 501 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IPv6 Static Routing Configuration ................1-1 1.1 Introduction to IPv6 Static Routing ..................1-1 1.1.1 Features of IPv6 Static Routes ................1-1 1.1.2 Default IPv6 Route ....................
Page 502 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 3.1.4 Timers of OSPFv3....................3-3 3.1.5 OSPFv3 Features Supported.................. 3-3 3.1.6 Related RFCs......................3-3 3.2 IPv6 OSPFv3 Configuration Task List ................3-3 3.3 Configuring OSPFv3 Basic Functions ................3-4 3.3.1 Prerequisites ......................
Page 503 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 4.5 IPv6 IS-IS Configuration Example ..................4-5 Chapter 5 IPv6 BGP Configuration ....................5-1 5.1 IPv6 BGP Overview ......................5-1 5.2 Configuration Task List ...................... 5-2 5.3 Configuring IPv6 BGP Basic Functions ................5-3 5.3.1 Prerequisites ......................
Page 504 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Table of Contents 5.9 IPv6 BGP Configuration Examples.................. 5-23 5.9.1 IPv6 BGP Basic Configuration ................5-23 5.9.2 IPv6 BGP Route Reflector Configuration.............. 5-25 5.10 Troubleshooting IPv6 BGP Configuration..............5-27 5.10.1 No IPv6 BGP Peer Relationship Established............5-27 Chapter 6 Routing Policy Configuration ..................
Page 505: Chapter 1 Ipv6 Static Routing Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration Chapter 1 IPv6 Static Routing Configuration Note: The term “router” in this document refers to a Layer 3 switch running routing protocols. 1.1 Introduction to IPv6 Static Routing Static routes are special routes that are manually configured by network administrators.
Page 506: Displaying And Maintaining Ipv6 Static Routes
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration 1.2.2 Configuring an IPv6 Static Route Follow these steps to configure an IPv6 static route: To do... Use the commands… Remarks — Enter system view...
Page 507 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration II. Network diagram Figure 1-1 Network diagram for static routes III. Configuration procedure Configure the IPv6 addresses of all VLAN interfaces (Omitted) Configure IPv6 static routes.
Page 508 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration Destination: ::/0 Protocol : Static NextHop : 4::2 Preference: 60 Interface : Vlan200 Cost Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0...
Page 509 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Static Routing Configuration 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 62/62/63 ms...
Page 510: Introduction To Ripng
The term “router” in this document refers to a Layer 3 switch running routing protocols. The S5500-EI series only support single RIPng process. 2.1 Introduction to RIPng RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng.
Page 511: Ripng Packet Format
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Destination address: IPv6 address of a host or a network. Next hop address: IPv6 address of a neighbor along the path to the destination. Egress interface: Outbound interface that forwards IPv6 packets.
Page 512: Ripng Packet Processing Procedure
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Figure 2-3 shows the format of the IPv6 prefix RTE. IPv6 prefix (16 octets) Route tag Prefix length Metric Figure 2-3 IPv6 prefix RTE format IPv6 prefix: Destination IPv6 address prefix.
Page 513: Configuring Ripng Basic Functions
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration 2.2 Configuring RIPng Basic Functions In this section, you are presented with the information to configure the basic RIPng features. You need to enable RIPng first before configuring other tasks, but it is not necessary for RIPng related interface configurations, such as assigning an IPv6 address.
Page 514: Configuring Ripng Route Summarization
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Define an IPv6 ACL before using it for route filtering. Refer to ACL configuration for related information. Define an IPv6 address prefix list before using it for route filtering. Refer to section 6.2.2 "Defining an IPv6 Prefix...
Page 515: Configuring A Ripng Route Filtering Policy
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration To do... Use the command... Remarks Enter system view system-view –– interface interface-type Enter interface view –– interface-number ripng default-route Required Advertise a default route...
Page 516: Configuring Ripng Route Redistribution
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration To do... Use the command... Remarks Enter system view system-view — Enter RIPng view ripng [ process-id ] — Optional Configure a RIPng preference [ route-policy...
Page 517 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration Follow these steps to configure RIPng timers: To do... Use the command... Remarks Enter system view system-view — Enter RIPng view ripng [ process-id ] —...
Page 518: Configuring Zero Field Check On Ripng Packets
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration To do... Use the command... Remarks Optional Enable the split horizon ripng split-horizon function Enabled by default Note: Generally, you are recommended to enable the split horizon to prevent routing loops.
Page 519: Configuring The Maximum Number Of Equal Cost Routes For Load Balancing
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration 2.4.4 Configuring the Maximum Number of Equal Cost Routes for Load Balancing Follow these steps to configure the maximum number of equal cost RIPng routes for load balancing: To do...
Page 520 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration III. Configuration procedure Configure the IPv6 address for each interface (omitted) Configure basic RIPng functions # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ripng 1...
Page 521 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100 Dest 1::/64, via FE80::20F:E2FF:FE23:82F5, cost...
Page 522 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 2 IPv6 RIPng Configuration [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100 Dest 1::/64, via FE80::20F:E2FF:FE23:82F5, cost...
Page 523: Chapter 3 Ipv6 Ospfv3 Configuration
Note: The term “router” in this document refers to a Layer 3 switch running routing protocols. The S5500-EI series only support single OSPFv3 process. 3.1 Introduction to OSPFv3 3.1.1 OSPFv3 Overview OSPFv3 is OSPF (Open Shortest Path First) version 3 for short, supporting IPv6 and compliant with RFC2740 (OSPF for IPv6).
Page 524: Ospfv3 Lsa Types
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Figure 3-1 OSPFv3 packet header Major fields: Version #: Version of OSPF, which is 3 for OSPFv3. Type: Type of OSPF packet, from 1 to 5 are hello, DD, LSR, LSU, and LSAck respectively.
Page 525: Timers Of Ospfv
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.1.4 Timers of OSPFv3 Timers in OSPFv3 include: OSPFv3 packet timer LSA delay timer SPF timer I. OSPFv3 packet timer Hello packets are sent periodically between neighboring routers for finding and maintaining neighbor relationships, or for DR/BDR election.
Page 526: Configuring Ospfv3 Basic Functions
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Task Remarks Configuring OSPFv3 Basic Functions Required Configuring an OSPFv3 Stub Area Optional Configuring OSPFv3 Area Parameters Configuring OSPFv3 Virtual Links Optional Configuring OSPFv3 Route...
Page 527: Configuring Ospfv3 Area Parameters
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks interface interface-type — Enter interface view interface-number Required Enable OSPFv3 on the ospfv3 process-id area area-id interface [ instance instance-id ]...
Page 528: Configuring Ospfv3 Virtual Links
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks Required Configure the area as a stub [ no-summary ] stub area Not configured by default Configure the default...
Page 529: Configuring Ospfv3 Routing Information Management
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Note: Both ends of a virtual link are ABRs that are configured with the vlink-peer command. 3.5 Configuring OSPFv3 Routing Information Management This section is to configure management of OSPF routing information advertisement and reception, and route redistribution from other protocols.
Page 530: Configuring Link Costs For Ospfv3 Interfaces
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Follow these steps to configure inbound route filtering: To do... Use the command... Remarks — Enter system view system-view — Enter OSPFv3 view ospfv3 [ process-id ]...
Page 531: Configuring A Priority For Ospfv
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.5.6 Configuring a Priority for OSPFv3 A router may run multiple routing protocols. The system assigns a priority for each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.
Page 532: Tuning And Optimizing An Ospfv3 Network
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Note: Using the import-route command on a router makes the router become an ASBR. Since OSPFv3 is a link state based routing protocol, it cannot directly filter LSAs to be advertised.
Page 533: Configuring The Dr Priority For An Interface
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks Optional Configure the dead ospfv3 timer dead seconds interval [ instance instance-id ] 40 seconds by default ospfv3 timer retransmit...
Page 534: Ignoring Mtu Check For Dd Packets
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.6.4 Ignoring MTU Check for DD Packets When LSAs are few in DD packets, it is unnecessary to check MTU in DD packets in order to improve efficiency.
Page 535: Displaying And Maintaining Ospfv
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks Required Enable the logging on log-peer-change neighbor state changes Enabled by default 3.7 Displaying and Maintaining OSPFv3 To do...
Page 536: Ospfv3 Configuration Examples
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration To do... Use the command... Remarks display ospfv3 [ process-id ] request-list [ { external | inter-prefix | inter-router | Display OSPFv3 link state intra-prefix | link | network |...
Page 537 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration III. Configuration procedure Configure IPv6 addresses for interfaces (omitted) Configure OSPFv3 basic functions # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 [SwitchA-ospfv3-1] router-id 1.1.1.1...
Page 538 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration <SwitchD> system-view [SwitchD] ipv6 [SwitchD] ospfv3 [SwitchD-ospfv3-1] router-id 4.4.4.4 [SwitchD-ospfv3-1] quit [SwitchD] interface Vlan-interface 400 [SwitchD-Vlan-interface400] ospfv3 1 area 2 [SwitchD-Vlan-interface400] quit # Display OSPFv3 neighbor information on Switch B.
Page 539 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 *Destination: 2001:1::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Vlan400...
Page 540: Configuring Ospfv3 Dr Election
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Vlan400 *Destination: 2001:3::/64 Type : IA Cost NextHop...
Page 541 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration II. Network diagram Figure 3-3 Network diagram for OSPFv3 DR election configuration III. Configuration procedure Configure IPv6 addresses for interfaces (omitted) Configure OSPFv3 basic functions # Configure Switch A <SwitchA>...
Page 542 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit # Configure Switch D <SwitchD> system-view [SwitchD] ipv6 [SwitchD] ospfv3 [SwitchD-ospfv3-1] router-id 4.4.4.4...
Page 543 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration [SwitchB-Vlan-interface200] quit #Configure the DR priority of Switch C as 2. [SwitchC] interface Vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 dr-priority 2 [SwitchC-Vlan-interface100] quit # Display neighbor information on Switch A. You can find DR priorities have been updated, but DR and BDR are not changed.
Page 544: Troubleshooting Ospfv3 Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration 3.3.3.3 Full/Backup 00:00:32 Vlan100 3.9 Troubleshooting OSPFv3 Configuration 3.9.1 No OSPFv3 Neighbor Relationship Established I. Symptom No OSPF neighbor relationship can be established. II. Analysis If the physical link and lower protocol work well, check OSPF parameters configured on interfaces.
Page 545 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 3 IPv6 OSPFv3 Configuration Use the display ospfv3 lsdb command to display Link State Database information to check integrity. Display information about area configuration using display current-configuration configuration command. If more than two areas are configured, at least one area is connected to the backbone.
Page 546: Chapter 4 Ipv6 Is-Is Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration Chapter 4 IPv6 IS-IS Configuration Note: IPv6 IS-IS supports all the features of IPv4 IS-IS except that it advertises IPv6 routing information instead. This document describes only IPv6 IS-IS exclusive configuration tasks.
Page 547: Configuring Ipv6 Is-Is Basic Functions
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration 4.2 Configuring IPv6 IS-IS Basic Functions Note: You can implement IPv6 inter-networking through configuring IPv6 IS-IS in IPv6 network environment. 4.2.1 Configuration Prerequisites Before the configuration, accomplish the following tasks first:...
Page 548: Configuring Ipv6 Is-Is Routing Information Control
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration 4.3 Configuring IPv6 IS-IS Routing Information Control 4.3.1 Configuration Prerequisites You need to complete the IPv6 IS-IS basic function configuration before configuring this task. 4.3.2 Configuration Procedure Follow these steps to configure IPv6 IS-IS routing information control: To do...
Page 549: Displaying And Maintaining Ipv6 Is-Is
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration Note: The ipv6 filter-policy export command, usually used in combination with the ipv6 import-route command, filters redistributed routes when advertising them to other routers. If no protocol is specified, routes redistributed from all routing protocols are filtered before advertisement.
Page 550: Ipv6 Is-Is Configuration Example
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration 4.5 IPv6 IS-IS Configuration Example I. Network requirements As shown in Figure 4-1, Switch A, Switch B, Switch C and Switch D reside in the same autonomous system, and all are enabled with IPv6.
Page 551: Operation Manual – Ipv6 Routing
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 4 IPv6 IS-IS Configuration [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] ipv6 enable [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis ipv6 enable 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00...
Page 552: Chapter 5 Ipv6 Bgp Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Chapter 5 IPv6 BGP Configuration Note: This chapter describes only configuration for IPv6 BGP. For other related information, refer to the part discussing IPv4 routing.
Page 553 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.2 Configuration Task List Complete the following tasks to configure IPv6 BGP: Task Remarks Configuring an IPv6 Peer Required Advertising a Local IPv6 Route Optional...
Page 554: Configuring Ipv6 Bgp Basic Functions
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.3 Configuring IPv6 BGP Basic Functions 5.3.1 Prerequisites Before configuring this task, you need to: Specify IP addresses for interfaces. Enable IPv6. Note: You need create a peer group before configuring basic functions for it. For related...
Page 555: Configuring A Preferred Value For Routes From A Peer/Peer Group
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks network ipv6-address Required Add a local route into IPv6 prefix-length [ short-cut | Not added by BGP routing table...
Page 556: Allowing The Establishment Of A Non-Direct Ebgp Connection
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Enter IPv6 address family — ipv6-family view Required By default, IPv6 BGP peer { ipv6-group-name Specify the source interface...
Page 557: Configuring A Description For A Peer/Peer Group
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Caution: In general, direct links should be available between EBGP peers. If not, you can use the peer ebgp-max-hop command to establish a multi-hop TCP connection in between.
Page 558: Logging Peer State Changes
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.3.9 Logging Peer State Changes Follow these steps to configure to log on the session and event information of a peer/peer group: To do... Use the command...
Page 559: Advertising A Default Route To A Peer/Peer Group
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Enable default route Optional redistribution into the IPv6 default-route imported Not enabled by default BGP routing table import-route protocol...
Page 560: Configuring Route Reception Policy
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Enter BGP view Required bgp as-number Enter IPv6 address family — ipv6-family view filter-policy...
Page 561: Configuring Ipv6 Bgp And Igp Route Synchronization
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view — Enter BGP view bgp as-number Enter IPv6 address family — ipv6-family view filter-policy...
Page 562: Configuring Route Dampening
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration By default, when a BGP router receives an IBGP route, it only checks the reachability of the route’s next hop before advertisement. If the synchronization feature is configured, only the IBGP route is advertised by IGP can the route be advertised to EBGP peers.
Page 563: Configuring The Med Attribute
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Configured IPv6 BGP basic functions 5.5.2 Configuring IPv6 BGP Preference and Default LOCAL_PREF and NEXT_HOP Attributes Follow these steps to perform this configuration: To do...
Page 564: Configuring The As_Path Attribute
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Enter BGP view Required bgp as-number Enter IPv6 address — ipv6-family family view Optional...
Page 565: Tuning And Optimizing Ipv6 Bgp Networks
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Substitute local AS number for the AS peer { ipv6-group-name | Optional number of a peer/peer ipv6-address } Not substituted by default...
Page 566: Configuring Ipv6 Bgp Soft Reset
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks — Enter system view system-view Enter BGP view Required bgp as-number Enter IPv6 address family — ipv6-family view Specify keepalive...
Page 567 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration II. Perform manual soft-reset Follow these steps to perform manual soft reset: To do... Use the command... Remarks — Enter system view system-view Enter BGP view...
Page 568: Configuring A Large Scale Ipv6 Bgp Network
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.7 Configuring a Large Scale IPv6 BGP Network In a large-scale IPv6 BGP network, configuration and maintenance become no convenient due to too many peers. In this case, configuring peer groups makes management easier and improves route distribution efficiency.
Page 569 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks peer ipv6-address Required group ipv6-group-name Add a peer into the group [ as-number Not added by default as-number ] II.
Page 570: Configuring Ipv6 Bgp Community
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Create an EBGP peer group ipv6-group-name Required group external Required Specify the AS number of peer ipv6-address an IPv6 peer...
Page 571: Configuring An Ipv6 Bgp Route Reflector
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Enter IPv6 address family — ipv6-family view peer { ipv6-group-name | Apply a routing policy to Required ipv6-address }...
Page 572: Displaying And Maintaining Ipv6 Bgp Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Note: In general, since the route reflector forwards routing information between clients, it is not required to make clients of a route reflector fully meshed. If clients are fully meshed, it is recommended to disable route reflection between clients to reduce routing costs.
Page 573: Resetting Ipv6 Bgp Connections
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration To do... Use the command... Remarks Display IPv6 BGP display bgp ipv6 routing-table dampening parameter dampening parameter information Display IPv6 BGP routing display bgp ipv6 routing-table...
Page 574: Ipv6 Bgp Configuration Examples
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration 5.9 IPv6 BGP Configuration Examples Note: Some examples for IPv6 BGP configuration are similar to those of BGP-4, so refer to the sections covering BGP in the IPv4 routing part for related information.
Page 575 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration # Configure Switch C. <SwitchC> system-view [SwitchC] ipv6 [SwitchC] bgp 65009 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] ipv6-family [SwitchC-bgp-af-ipv6] peer 9:3::1 as-number 65009 [SwitchC-bgp-af-ipv6] peer 9:2::2 as-number 65009...
Page 576: Ipv6 Bgp Route Reflector Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Total number of peers : 3 Peers in established state : 3 Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 10::2 4 65008 0 00:01:16 Established...
Page 577 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration III. Configuration procedure Configure IPv6 addresses for VLAN interfaces (omitted) Configure IPv6 BGP basic functions # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] bgp 100 [SwitchA-bgp] router-id 1.1.1.1...
Page 578: Troubleshooting Ipv6 Bgp Configuration
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 BGP Configuration Use the display bgp ipv6 routing-table command on Switch B and Switch D respectively, you can find both of them have learned the network 1::/64.
Page 579: Routing Policy
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Chapter 6 Routing Policy Configuration 6.1 Introduction to Routing Policy 6.1.1 Routing Policy A routing policy is used on the router for route inspection, filtering, attributes modifying when routes are received, advertised, or redistributed.
Page 580 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration III. AS-path AS path is only applicable to IPv6 BGP. There is an AS-path field in the IPv6 BGP packet. An AS path list specifies matching conditions according to the AS-path field.
Page 581: Defining An Ipv6 Prefix List
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration IP-prefix list name Matching address range Extcommunity list sequence number 6.2.2 Defining an IPv6 Prefix List Identified by name, each IPv6 prefix list can comprise multiple items. Each item specifies a matching address range in the form of network prefix, which is identified by index number.
Page 582 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Follow these steps to define an AS path ACL: To do... Use the command... Remarks — Enter system view system-view ip as-path as-path-number Required Define an AS path...
Page 583 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.3 Configuring a Routing Policy A routing policy is used to filter routing information according to some attributes, and modify some attributes of the routing information that matches the routing policy. Match criteria can be configured using filters above mentioned.
Page 584 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Note: If a node has the permit keyword specified, routing information meeting the node’s conditions will be handled using the apply clauses of this node, without needing to match against the next node.
Page 585 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration To do... Use the command... Remarks Match BGP routes having extended if-match extcommunity Optional attributes contained in ext-comm-list-number&<1- Not configured by default the extended community 16>...
Page 586 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration To do... Use the command... Remarks Specify a community list according to which to Optional apply comm-list delete community comm-list-number delete Not configured by default...
Page 587: Applying Routing Policy When Redistributing Ipv6 Routes
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration 6.4 Displaying and Maintaining the Routing Policy To do... Use the command... Remarks Display IPv6 BGP AS display ip as-path [ as-path-number ] path ACL information...
Page 588 Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration <SwitchA> system-view [SwitchA] ipv6 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ipv6 address 10::1 32 [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200 [SwitchA-Vlan-interface200] ipv6 address 11::1 32 [SwitchA-Vlan-interface200] quit # Enable RIPng on VLAN-interface 100.
Page 589: Ipv6 Routing Information Filtering Failure
Operation Manual – IPv6 Routing H3C S5500-EI Series Ethernet Switches Chapter 6 Routing Policy Configuration Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::7D58:0:CA03:1 on Vlan-interface 100 Dest 10::/32, via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 18 Sec...
Page 590 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 IPv6 Basics Configuration ..................1-1 1.1 IPv6 Overview........................1-1 1.1.1 IPv6 Features ......................1-2 1.1.2 Introduction to IPv6 Address ................... 1-3 1.1.3 Introduction to IPv6 Neighbor Discovery Protocol ..........1-7 1.1.4 IPv6 PMTU Discovery ...................
Page 591 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Table of Contents 3.3 Configuring IPv6 Manual Tunnel ..................3-4 3.3.1 Configuration Prerequisites..................3-4 3.3.2 Configuration Procedure ..................3-4 3.3.3 Configuration Example.................... 3-6 3.4 Configuring 6to4 Tunnel ....................3-9 3.4.1 Configuration Prerequisites..................3-9 3.4.2 Configuration Procedure ..................
Page 592: Chapter 1 Ipv6 Basics Configuration
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Chapter 1 IPv6 Basics Configuration When configuring IPv6 basics, go to these sections for information you are interested IPv6 Overview IPv6 Basics Configuration Task List Configuring Basic IPv6 Functions...
Page 593: Ipv6 Features
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.1.1 IPv6 Features I. Header format simplification IPv6 cuts down some IPv4 header fields or move them to the IPv6 extension headers to reduce the length of the basic IPv6 header. IPv6 uses the basic header with a fixed length, thus making IPv6 packet handling simple and improving the forwarding efficiency.
Page 594: Introduction To Ipv6 Address
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Stateless address configuration means that a host automatically configures an IPv6 address and related information on basis of its own link-layer address and the prefix information advertised by a router.
Page 595 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Leading zeros in each group can be removed. For example, the above-mentioned address represented shorter format 2001:0:130F:0:0:9C0:876A:130B. If an IPv6 address contains two or more consecutive groups of zeros, they can be replaced by the double-colon :: option.
Page 596 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Note: There are no broadcast addresses in IPv6. Their function is superseded by multicast addresses. The type of an IPv6 address is designated by the first several bits called format prefix.
Page 597 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration to any physical interface. Like the loopback address in IPv4, it may be used by a node to send an IPv6 packet to itself. Unassigned address: The unicast address "::” is called the unassigned address and may not be assigned to any node.
Page 598: Introduction To Ipv6 Neighbor Discovery Protocol
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Figure 1-2 Convert a MAC address into an EUI-64 interface identifier 1.1.3 Introduction to IPv6 Neighbor Discovery Protocol IPv6 Neighbor Discovery Protocol (NDP) uses five types of ICMPv6 messages to...
Page 599 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration ICMPv6 message Number Function Used to respond to an RS message With the RA message suppression disabled, Router advertisement the router regularly sends an RA message...
Page 600 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration II. Neighbor reachability detection After node A acquires the link-layer address of its neighbor node B, node A can verify whether node B is reachable according to NS and NA messages.
Page 601: Ipv6 Pmtu Discovery
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration The router/prefix discovery is implemented through RS and RA messages. The router/prefix discovery procedure is as follows: After started, a node sends an RS message to request the router for the address prefix and other configuration information for the purpose of autoconfiguration.
Page 602: Introduction To Ipv6 Dns
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration The path MTU (PMTU) discovery mechanism is to find the minimum MTU of all links in the path from the source to the destination. Figure 1-5 shows the working procedure of the PMTU discovery.
Page 603: Ipv6 Basics Configuration Task List
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration RFC 1881: IPv6 Address Allocation Management RFC 1887: An Architecture for IPv6 Unicast Address Allocation RFC 1981: Path MTU Discovery for IP version 6 RFC 2375: IPv6 Multicast Address Assignments RFC 2460: Internet Protocol, Version 6 (IPv6) Specification.
Page 604: Configuring An Ipv6 Unicast Address
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Follow these steps to enable the IPv6 packet forwarding function: To do... Use the command... Remarks Enter system view — system-view Required Enable the IPv6 packet...
Page 605 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do... Use the command... Remarks Automatically Optional generate a ipv6 address auto By default, after an link-local link-local IPv6 site-local address address or Configure aggregatable...
Page 606: Configuring Ipv6 Ndp
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.4 Configuring IPv6 NDP 1.4.1 Configuring a Static Neighbor Entry The IPv6 address of a neighbor node can be resolved into a link-layer address dynamically through NS and NA messages or through a manually configured neighbor entry.
Page 607: Configuring Parameters Related To An Ra Message
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Follow these steps to configure the maximum number of neighbors dynamically learned: To do… Use the command… Remarks Enter system view system-view — interface interface-type Enter interface view —...
Page 608 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Parameters Description This field is used to set the lifetime of the router that sends RA messages to serve as the default router of hosts. Router lifetime...
Page 609 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks Optional By default, the maximum interval for sending RA messages is 600 seconds, and the minimum interval is 200 seconds.
Page 610: Configuring The Number Of Attempts To Send An Ns Message For Dad
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks Optional By default, the neighbor reachable time on the ipv6 nd nud Set the reachable time local interface is 30,000...
Page 611: Configuring The Aging Time For Pmtu
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration the smaller one between the two values, the host fragments the packet according to the smaller value. Follow these steps to configure a static PMTU for a specified address: To do…...
Page 612: Configuring Icmpv6 Packet Sending
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Follow these steps to configure IPv6 TCP properties: To do… Use the command… Remarks Enter system view — system-view Optional Set the finwait timer of tcp ipv6 timer...
Page 613: Enable Sending Of Multicast Echo Replies
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.7.2 Enable Sending of Multicast Echo Replies If hosts are capable of relying multicast echo requests, Host A can attack Host B by sending an echo request with the source being Host B to a multicast address, then all the hosts in the multicast group will send echo replies to Host B.
Page 614: Displaying And Maintaining Ipv6 Basics Configuration
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks Enter system view system-view — Enable the dynamic Required domain name dns resolve Disabled by default. resolution function Required dns server ipv6...
Page 615 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration To do… Use the command… Remarks display ipv6 neighbors { all | dynamic Display the total number of | interface interface-type neighbor entries satisfying interface-number | static | vlan vlan-id }...
Page 616: Ipv6 Configuration Example
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration 1.10 IPv6 Configuration Example I. Network requirements Two switches are directly connected through two Ethernet ports. The Ethernet ports belong to VLAN 2. Configure different types of IPv6 addresses for VLAN-interface 2 respectively on Switch A and Switch B to verify the connectivity between two switches.
Page 617 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration # Configure an EUI-64 address for VLAN-interface 2. [SwitchB-Vlan-interface2] ipv6 address 2001::/64 eui-64 # Configure an aggregatable global unicast address for VLAN-interface 2. [SwitchB-Vlan-interface2] ipv6 address 3001::2/64 IV.
Page 618 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration Hosts use stateless autoconfig for addresses # From Switch A, ping the link-local address, EUI-64 address, and aggregatable global unicast address respectively. If the configurations are correct, the three types of IPv6 addresses above can be pinged.
Page 619: Troubleshooting Ipv6 Basics Configuration
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 1 IPv6 Basics Configuration bytes=56 Sequence=5 hop limit=255 time = 60 ms --- 2001::20F:E2FF:FE00:1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/58/70 ms...
Page 620: Chapter 2 Dual Stack Configuration
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 2 Dual Stack Configuration Chapter 2 Dual Stack Configuration When configuring dual stack, go to these sections for information you are interested in: Dual Stack Overview Configuring Dual Stack 2.1 Dual Stack Overview Dual stack is the most direct approach to making IPv6 nodes compatible with IPv4 nodes.
Page 621 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 2 Dual Stack Configuration Follow these steps to configure dual stack on a gateway: To do… Use the command… Remarks Enter system view — system-view Required Enable the IPv6 packet forwarding...
Page 622: Chapter 3 Tunneling Configuration
Note: NTP-related commands are available in tunnel interface view on H3C S5500-EI series Ethernet Switches, but NTP features cannot be enabled after you execute the NTP commands. For related information about NTP, refer to NTP Configuration.
Page 623 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: The devices at both ends of an IPv6 over IPv4 tunnel must support IPv4/IPv6 dual stack. Figure 3-1 Principle of IPv6 over IPv4 tunnel The IPv6 over IPv4 tunnel processes packets in the following way: A host in the IPv6 network sends an IPv6 packet to the device at the source end of the tunnel.
Page 624 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration If the IPv4 address of the tunnel destination cannot be acquired from the destination address of the IPv6 packet, it needs to be configured manually. Such a tunnel is called a configured tunnel.
Page 625: Tunneling Configuration Task List
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration destination address of an IPv6 packet and the IPv6 address of a tunnel interface both adopt special addresses: ISATAP addresses. The ISATAP address format is prefix(64bit):0:5EFE:ip-address. The ip-address is in the form of a.b.c.d or abcd:efgh, where abcd:efgh represents a 32-bit source IPv4 address.
Page 626 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Required Create a tunnel interface and interface tunnel By default, there is no enter tunnel interface view number tunnel interface on the device.
Page 627 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: After a tunnel interface is deleted, all the above features configured on the tunnel interface will be deleted. If the addresses of the tunnel interfaces at the two ends of a tunnel are not in the same network segment, a forwarding route through the tunnel to the peer must be configured so that the encapsulated packet can be forwarded normally.
Page 628 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration III. Configuration procedure Configuration on Switch A # Enable IPv6. <SwitchA> system-view [SwitchA] ipv6 # Configure a link aggregation group. Disable STP on the port before adding it into the link aggregation group.
Page 629 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchB-GigabitEthernet1/0/1] port link-aggregation group 1 [SwitchB-GigabitEthernet1/0/1] quit # Configure an IPv4 address for VLAN-interface 100. [SwitchB] vlan 100 [SwitchB-vlan100] port GigabitEthernet 1/0/2 [SwitchB-vlan100] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ip address 192.168.50.1 255.255.255.0...
Page 630: Configuring 6To4 Tunnel
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration Global unicast address(es): 3001::2, subnet is 3001::/64 Joined group address(es): FF02::1:FFA8:3201 FF02::1:FF00:2 FF02::2 FF02::1 MTU is 1500 bytes ND reachable time is 30000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses # Ping the IPv6 address of the peer tunnel interface from Switch A.
Page 631 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Enter system view system-view — Required By default, the IPv6 Enable IPv6 ipv6 packet forwarding function is disabled. Required Create a tunnel interface...
Page 632 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration Caution: Only one automatic tunnel can be configured at the same tunnel source. No destination address needs to be configured for an automatic tunnel because the destination address can automatically be obtained from the IPv4 address embedded in the IPv4-compatible IPv6 address.
Page 633 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration II. Network diagram IPv4 netwok 6to4 switch 6to4 switch Vlan-int100 Vlan-int100 2.1.1.1/24 5.1.1.1/24 Vlan-int101 Vlan-int101 2002:0201:0101:1::1/64 2002:0501:0101:1::1/64 Switch A Switch B Host A Host B 2002:0201:0101:1::2/64 2002:0501:0101:1::2/64 Figure 3-4 Network diagram for a 6to4 tunnel III.
Page 634 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchA-vlan101] port GigabitEthernet 1/0/3 [SwitchA-vlan101] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] ipv6 address 2002:0201:0101:1::1/64 [SwitchA-Vlan-interface101] quit # Configure a 6to4 tunnel. [SwitchA] interface tunnel 0 [SwitchA-Tunnel0] ipv6 address 2002:201:101::1/64...
Page 635 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration [SwitchB] ip route-static 2.1.1.1 24 [nexthop] # Configure an IPv6 address for VLAN-interface 101. [SwitchB] vlan 101 [SwitchB-vlan101] port GigabitEthernet 1/0/3 [SwitchB-vlan101] quit [SwitchB] interface vlan-interface 101...
Page 636: Configuring Isatap Tunnel
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration 3.5 Configuring ISATAP Tunnel 3.5.1 Configuration Prerequisites IP addresses are configured for interfaces such as VLAN interface, and loopback interface on the device. Such an interface can serve as the source interface of a tunnel to ensure that the tunnel destination address is reachable.
Page 637 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration To do… Use the command… Remarks Required By default, the tunnel mode is manual. The same tunnel-protocol tunnel type should Set an ISATAP tunnel ipv6-ipv4 isatap be configured at both ends of the tunnel.
Page 638 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration 3.5.3 Configuration Example I. Network requirements The destination address of a tunnel is an ISATAP address. It is required that IPv6 hosts in the IPv4 network can access the IPv6 network via an ISATAP tunnel.
Page 639 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration [Switch-Vlan-interface101] ip address 2.1.1.1 255.0.0.0 [Switch-Vlan-interface101] quit # Configure an ISATAP tunnel. [Switch] interface tunnel 0 [Switch-Tunnel0] ipv6 address 2001::1/64 eui-64 [Switch-Tunnel0] source vlan-interface 101 [Switch-Tunnel0] tunnel-protocol ipv6-ipv4 isatap # Configure the tunnel to reference link aggregation group 1 in tunnel interface view.
Page 640: Displaying And Maintaining Tunneling Configuration
Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration C:\>ipv6 if 2 Interface 2: Automatic Tunneling Pseudo-Interface Guid {48FCE3FC-EC30-E50E-F1A7-71172AEEE3AE} does not use Neighbor Discovery uses Router Discovery routing preference 1 EUI-64 embedded IPv4 address: 2.1.1.2 router link-layer address: 2.1.1.1...
Page 641 Operation Manual – IPv6 H3C S5500-EI Series Ethernet Switches Chapter 3 Tunneling Configuration Solution: Follow the steps below: The common cause is that the physical interface of the tunnel source is not up. Use the display interface tunnel or display ipv6 interface tunnel commands to view whether the physical interface of the tunnel source is up.
Page 642 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 Multicast Overview ...................... 1-1 1.1 Introduction to Multicast..................... 1-1 1.1.1 Comparison of Information Transmission Techniques..........1-1 1.1.2 Roles in Multicast ....................1-4 1.1.3 Advantages and Applications of Multicast .............. 1-5 1.2 Multicast Models ........................
Page 643 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents 2.6.4 Configuring the Function of Dropping Unknown Multicast Data ......2-19 2.6.5 Configuring IGMP Report Suppression..............2-20 2.6.6 Configuring Maximum Multicast Groups that Can Be Joined on a Port....2-20 2.6.7 Configuring Multicast Group Replacement ............
Page 644 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents 3.7 Displaying and Maintaining MLD Snooping..............3-21 3.8 MLD Snooping Configuration Examples................3-22 3.8.1 Simulated Joining....................3-22 3.8.2 Static Router Port Configuration ................3-24 3.8.3 MLD Snooping Querier Configuration ..............3-27 3.9 Troubleshooting MLD Snooping ..................
Page 645 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents 6.7.2 Inconsistent Memberships on Routers on the Same Subnet........ 6-18 Chapter 7 PIM Configuration......................7-1 7.1 PIM Overview........................7-1 7.1.1 Introduction to PIM-DM ................... 7-2 7.1.2 How PIM-DM Works....................7-2 7.1.3 Introduction to PIM-SM ...................
Page 646 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents 7.8 Troubleshooting PIM Configuration ................. 7-51 7.8.1 Failure of Building a Multicast Distribution Tree Correctly ........7-51 7.8.2 Multicast Data Abnormally Terminated on an Intermediate Router ...... 7-53 7.8.3 RPs Unable to Join SPT in PIM-SM..............
Page 647 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Table of Contents 9.2 Configuration Task List ...................... 9-6 9.3 Configuring Multicast Routing and Forwarding..............9-6 9.3.1 Configuration Prerequisites..................9-6 9.3.2 Enabling IP Multicast Routing ................. 9-7 9.3.3 Configuring Multicast Static Routes ................ 9-7 9.3.4 Configuring a Multicast Route Match Rule..............
Page 648: Chapter 1 Multicast Overview
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Chapter 1 Multicast Overview Note: This manual chiefly focuses on the IP multicast technology and device operations. Unless otherwise stated, the term “multicast” in this document refers to IP multicast.
Page 649 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-1 Unicast transmission Assume that Hosts B, D and E need this information. The information source establishes a separate transmission channel for each of these hosts.
Page 650 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-2 Broadcast transmission Assume that only Hosts B, D, and E need the information. If the information source broadcasts the information, Hosts A and C also receive it. In addition to information security issues, this also causes traffic flooding on the same network.
Page 651: Roles In Multicast
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-3 Multicast transmission Assume that Hosts B, D and E need the information. To receive the information correctly, these hosts need to join a receiver set, which is known as a multicast group.
Page 652: Advantages And Applications Of Multicast
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview For a better understanding of the multicast concept, you can assimilate multicast transmission to the transmission of TV programs, as shown in Table 1-1. Table 1-1 An analogy between TV transmission and multicast transmission...
Page 653: Multicast Models
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Any other point-to-multiple-point data distribution application. 1.2 Multicast Models Based on how the receivers treat the multicast sources, there are two multicast models: I. ASM model In the ASM model, any sender can send information to a multicast group as a multicast source, and numbers of receivers can join a multicast group identified by a group address and obtain multicast information addressed to that multicast group.
Page 654: Multicast Addresses
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview hosts, and the TCP/IP stack must support reception and transmission of multicast data. 1.3.1 Multicast Addresses To allow communication between multicast sources and multicast group members, network-layer multicast addresses, namely, multicast IP addresses must be provided.
Page 655 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Note: The membership of a group is dynamic. Hosts can join or leave multicast groups at any time. “Glop” is a mechanism for assigning multicast addresses between different autonomous systems (ASs).
Page 656 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview Figure 1-4 IPv6 multicast format 0xFF: 8 bits, indicating that this address is an IPv6 multicast address. Flags: 4 bits, of which the high-order flag is reserved and set to 0; the definition and usage of the second bit can be found in RFC 3956;...
Page 657 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview IPv4 multicast MAC addresses As defined by IANA, the high-order 24 bits of an IPv4 multicast MAC address are 0x01005e, bit 25 is 0x0, and the low-order 23 bits are the low-order 23 bits of a multicast IPv4 address.
Page 658: Multicast Protocols
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview 1.3.2 Multicast Protocols Note: Generally, we refer to IP multicast working at the network layer as Layer 3 multicast and the corresponding multicast protocols as Layer 3 multicast protocols, which include IGMP/MLD, PIM/IPv6 PIM, and MSDP;...
Page 659 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview connected with the hosts. These protocols define the mechanism of establishing and maintaining group memberships between hosts and Layer 3 multicast devices. Multicast routing protocols A multicast routing protocol runs on Layer 3 multicast devices to establish and maintain multicast routes and forward multicast packets correctly and efficiently.
Page 660: Multicast Packet Forwarding Mechanism
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 1 Multicast Overview IGMP Snooping/MLD Snooping Running on Layer 2 devices, Internet Group Management Protocol Snooping (IGMP Snooping) and Multicast Listener Discovery Snooping (MLD Snooping) are multicast constraining mechanisms that manage and control multicast groups by listening to and...
Page 661: Chapter 2 Igmp Snooping Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Chapter 2 IGMP Snooping Configuration When configuring IGMP Snooping, go to the following sections for information you are interested in: IGMP Snooping Overview IGMP Snooping Configuration Task List...
Page 662: Basic Concepts In Igmp Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Multicast packet transmission Multicast packet transmission without IGMP Snooping when IGMP Snooping runs Multicast router Multicast router Source Source Layer 2 switch Layer 2 switch Host A...
Page 663 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Router port: A router port is a port on the Ethernet switch that leads switch towards the Layer 3 multicast device (DR or IGMP querier). In the figure, Ethernet 1/0/1 of Switch A and Ethernet 1/0/1 of Switch B are router ports.
Page 664: Work Mechanism Of Igmp Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: The port aging mechanism of IGMP Snooping works only for dynamic ports; a static port will never age out. 2.1.3 Work Mechanism of IGMP Snooping...
Page 665 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration If a forwarding table entry exists for the reported group and the port is included in the outgoing port list, which means that this port is already a member port, the switch resets the member port aging timer for that port.
Page 666: Processing Of Multicast Protocol Messages
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration forwards it through all its router ports in the VLAN and all member ports for that multicast group, and performs the following: If any IGMP report in response to the group-specific query is heard on a member port before its aging timer expires, this means that some host attached to the port is receiving or expecting to receive multicast data for that multicast group.
Page 667: Igmp Snooping Configuration Task List
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.2 IGMP Snooping Configuration Task List Complete these tasks to configure IGMP Snooping: Task Remarks Enabling IGMP Snooping Required Configuring Basic Functions of IGMP Configuring the Version of IGMP...
Page 668: Configuring Basic Functions Of Igmp Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: Configurations made in IGMP Snooping view are effective for all VLANs, while configurations made in VLAN view are effective only for ports belonging to the current VLAN.
Page 669: Configuring The Version Of Igmp Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Note: IGMP Snooping must be enabled globally before it can be enabled in a VLAN. After enabling IGMP Snooping in a VLAN, you cannot enable IGMP and/or PIM on the corresponding VLAN interface, and vice versa.
Page 670 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Enable IGMP Snooping in the VLAN or enable IGMP on the desired VLAN interface Configure the corresponding port groups. Before configuring IGMP Snooping port functions, prepare the following data:...
Page 671: Configuring Static Ports
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration To do... Use the command... Remarks Optional Configure member port igmp-snooping aging time host-aging-time interval 260 seconds by default 2.4.3 Configuring Static Ports If all the hosts attached to a port are interested in the multicast data addressed to a...
Page 672: Configuring Simulated Joining
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.4.4 Configuring Simulated Joining Generally, a host running IGMP responds to IGMP queries from the IGMP querier. If a host fails to respond due to some reasons, the multicast router may deem that no member of this multicast group exists on the network segment, and therefore will remove the corresponding forwarding path.
Page 673: Configuring Fast Leave Processing
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.4.5 Configuring Fast Leave Processing The fast leave processing feature allows the switch to process IGMP leave group messages in a fast way. With the fast leave processing feature enabled, when receiving an IGMP leave group message on a port, the switch immediately removes that port from the outgoing port list of the forwarding table entry for the indicated group.
Page 674: Configuring Igmp Snooping Querier
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Caution: If fast leave processing is enabled on a port to which more than one host is attached, when one host leaves a multicast group, the other hosts attached to the port and interested in the same multicast group will fail to receive multicast data for that group.
Page 675: Configuring Igmp Queries And Responses
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Caution: It is meaningless to configure an IGMP Snooping querier in a multicast network running IGMP. Although an IGMP Snooping querier does not take part in IGMP querier elections, it may affect IGMP querier elections because it sends IGMP general queries with a low source IP address.
Page 676: Configuring Source Ip Address Of Igmp Queries
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Configuring IGMP queries and responses in a VLAN Follow these steps to configure IGMP queries and responses in a VLAN: To do... Use the command...
Page 677: Configuring An Igmp Snooping Policy
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration To do... Use the command... Remarks igmp-snooping Configure the source IP Optional special-query source-ip address of IGMP { current-interface | 0.0.0.0 by default group-specific queries ip-address }...
Page 678: Configuring Multicast Source Port Filtering
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration I. Configuring a multicast group filter globally Follow these steps to configure a multicast group filter globally: To do... Use the command... Remarks Enter system view system-view —...
Page 679: Configuring The Function Of Dropping Unknown Multicast Data
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration To do... Use the command... Remarks Enter system view system-view — Enter IGMP Snooping igmp-snooping — view Required Enable multicast source source-deny port port filtering interface-list Disabled by default II.
Page 680: Configuring Igmp Report Suppression
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration To do... Use the command... Remarks Enter system view system-view — Enter VLAN view vlan vlan-id — Enable the function of Required igmp-snooping dropping unknown drop-unknown...
Page 681: Configuring Multicast Group Replacement
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Follow these steps to configure the maximum number of multicast groups that can be joined on a port or ports: To do... Use the command... Remarks Enter system view —...
Page 682 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration I. Configuring multicast group replacement globally Follow these steps to configure multicast group replacement globally: To do... Use the command... Remarks Enter system view system-view —...
Page 683: Displaying And Maintaining Igmp Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration 2.7 Displaying and Maintaining IGMP Snooping To do... Use the command... Remarks View the information of IGMP display igmp-snooping group Available in Snooping multicast groups [ vlan vlan-id ] [ verbose ]...
Page 684 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Network diagram Receiver Host A Source Receiver Vlan100 GE1/0/4 GE1/0/2 GE1/0/1 GE1/0/1 GE1/0/3 1.1.1.2/24 10.1.1.1/24 Router A Switch A Host B GE1/0/2 1.1.1.1/24 IGMP querier...
Page 685 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration [SwitchA] vlan 100 [SwitchA-vlan100] port GigabitEthernet 1/0/1 to GigabitEthernet 1/0/4 [SwitchA-vlan100] igmp-snooping enable [SwitchA-vlan100] quit # Enable simulated host joining on GigabitEthernet 1/0/3 and GigabitEthernet 1/0/4 respectively.
Page 686 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration As shown above, GigabitEthernet 1/0/3 and GigabitEthernet 1/0/4 of Switch A have joined multicast group 224.1.1.1. 2.8.2 Static Router Port Configuration I. Network requirements As shown in...
Page 687 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Network diagram Source Switch A GE1/0/2 GE1/0/1 1.1.1.2/24 10.1.1.1/24 GE1/0/1 Router A 1.1.1.1/24 IGMP querier Switch C GE1/0/5 GE1/0/2 GE1/0/2 Host C Switch B Receiver...
Page 688 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration # Create VLAN 100, assign GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to this VLAN, and enable IGMP Snooping in the VLAN. [SwitchA] vlan 100 [SwitchA-vlan100] port GigabitEthernet 1/0/1 to GigabitEthernet 1/0/3...
Page 689: Igmp Snooping Querier Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Total 1 MAC Group(s). Port flags: D-Dynamic port, S-Static port, A-Aggregation port, C-Copy port Subvlan flags: R-Real VLAN, C-Copy VLAN Vlan(id):100. Total 1 IP Group(s). Total 1 IP Source(s).
Page 690 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Network diagram Querier GE1/0/1 GE1/0/2 Switch A Switch B Switch C GE1/0/1 GE1/0/1 GE1/0/2 GE1/0/3 GE1/0/2 GE1/0/3 Source Receiver Receiver Receiver Host A Host B Host C 1.1.1.1/24...
Page 691: Troubleshooting Igmp Snooping Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration # Create VLAN 100, add GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to VLAN 100, and enable IGMP Snooping in this VLAN. [SwitchB] vlan 100 [SwitchB-vlan100] port GigabitEthernet 1/0/1 to GigabitEthernet 1/0/3...
Page 692: Configured Multicast Group Policy Fails To Take Effect
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration II. Analysis IGMP Snooping is not enabled. III. Solution Enter the display current-configuration command to view the running status of IGMP Snooping. If IGMP Snooping is not enabled, use the igmp-snooping command to enable IGMP Snooping globally, and then use igmp-snooping enable command to enable IGMP Snooping in VLAN view.
Page 693 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 2 IGMP Snooping Configuration Use the display igmp-snooping group command to check whether any port has been configured as a static member port of any multicast group. If so, check whether this configuration conflicts with the configured multicast group policy.
Page 694: Chapter 3 Mld Snooping Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Chapter 3 MLD Snooping Configuration When configuring MLD Snooping, go to these sections for information you are interested in: MLD Snooping Overview MLD Snooping Configuration Task List...
Page 695: Basic Concepts In Mld Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration IPv6 multicast packet transmission IPv6 multicast packet transmission without MLD Snooping when MLD Snooping runs Multicast router Multicast router Source Source Layer 2 switch Layer 2 switch...
Page 696 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Router port: A router port is a port on the Ethernet switch that leads switch towards the Layer-3 multicast device (DR or MLD querier). In the figure, Ethernet 1/0/1 of Switch A and Ethernet 1/0/1 of Switch B are router ports.
Page 697: How Mld Snooping Works
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: The port aging mechanism of MLD Snooping works only for dynamic ports; a static port will never age out. 3.1.3 How MLD Snooping Works A switch running MLD Snooping performs different actions when it receives different MLD messages, as follows: I.
Page 698 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration If a forwarding table entry exists for the reported IPv6 multicast group and the port is included in the outgoing port list, which means that this port is already a member port, the switch resets the member port aging timer for that port.
Page 699: Mld Snooping Configuration Task List
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration If no MLD report in response to the MLD multicast-address-specific query is heard on a member port before its aging timer expires, this means that no hosts attached to the port are still listening to that IPv6 multicast group address.
Page 700: Configuring Basic Functions Of Mld Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: Configurations made in MLD Snooping view are effective for all VLANs, while configurations made in VLAN view are effective only for ports belonging to the current VLAN.
Page 701: Configuring The Version Of Mld Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: MLD Snooping must be enabled globally before it can be enabled in a VLAN. After enabling MLD Snooping in a VLAN, you cannot enable MLD and/or IPv6 PIM on the corresponding VLAN interface, and vice versa.
Page 702 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Configure the corresponding port groups Before configuring MLD Snooping port functions, prepare the following data: Aging time of router ports Aging timer of member ports IPv6 multicast group and IPv6 multicast source addresses 3.4.2 Configuring Aging Timers for Dynamic Ports...
Page 703 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration 3.4.3 Configuring Static Ports If all the hosts attached to a port is interested in the IPv6 multicast data addressed to a particular IPv6 multicast group, you can configure that port as a static member port for that IPv6 multicast group.
Page 704 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration To avoid this situation from happening, you can enable simulated joining on a port of the switch, namely configure the port as a simulated member host for an IPv6 multicast group.
Page 705: Configuring Mld Snooping Querier
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration In VLANs where only one host is attached to each port, fast leave processing helps improve bandwidth and resource usage. I. Configuring fast leave processing globally Follow these steps to configure fast leave processing globally: To do...
Page 706: Enabling Mld Snooping Querier
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Enable MLD Snooping in the VLAN. Before configuring MLD Snooping querier, prepare the following data: MLD general query interval, MLD last-member query interval, Maximum response time for MLD general queries, Source IPv6 address of MLD general queries, and Source IPv6 address of MLD multicast-address-specific queries.
Page 707 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Upon receiving an MLD query (general query or group-specific query), a host starts a timer for each IPv6 multicast group it has joined. This timer is initialized to a random...
Page 708: Configuring Source Ipv6 Addresses Of Mld Queries
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration To do... Use the command... Remarks Configure the MLD mld-snooping Optional last-member query last-listener-query-inter 1 second by default interval val interval Caution: Make sure that the MLD query interval is greater than the maximum response time for MLD general queries;...
Page 709: Configuring An Ipv6 Multicast Group Filter
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Enable MLD Snooping in the VLAN Before configuring an MLD Snooping policy, prepare the following data: IPv6 ACL rule for IPv6 multicast group filtering The maximum number of IPv6 multicast groups that can pass the ports 3.6.2 Configuring an IPv6 Multicast Group Filter...
Page 710: Configuring Ipv6 Multicast Source Port Filtering
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration To do... Use the command... Remarks Required No IPv6 filter configured by Configure an IPv6 multicast mld-snooping group-policy default, namely group filter acl6-number [ vlan vlan-list ]...
Page 711: Configuring Dropping Unknown Ipv6 Multicast Data
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration To do... Use the command... Remarks Required Enable IPv6 multicast source mld-snooping source-deny Disabled by port filtering default Note: When enabled to filter IPv6 multicast data based on the source ports, the device is automatically enabled to filter IPv4 multicast data based on the source ports.
Page 712: Configuring Maximum Multicast Groups That That Can Be Joined On A Port
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Layer 2 device, the Layer 3 device directly connected with it will receive duplicate MLD reports from these members. With the MLD report suppression function enabled, within a query interval, the Layer 2...
Page 713: Configuring Ipv6 Multicast Group Replacement
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: When the number of IPv6 multicast groups that can be joined on a port reaches the maximum number configured, the system deletes all the forwarding entries persistent to that port from the MLD Snooping forwarding table, and the hosts on this port need to join IPv6 multicast groups again.
Page 714: Displaying And Maintaining Mld Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Configuring IPv6 multicast group replacement on a port or a group of ports Follow these steps to configure IPv6 multicast group replacement on a port or a group of ports: To do...
Page 715: Mld Snooping Configuration Examples
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: The reset mld-snooping group command cannot clear MLD Snooping multicast group information for static joins. 3.8 MLD Snooping Configuration Examples 3.8.1 Simulated Joining I. Network requirements...
Page 716 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Configure Router A # Enable IPv6 multicast routing, enable IPv6 PIM-DM on each interface, and enable MLDv1 on GigabitEthernet 1/0/1. <RouterA> system-view [RouterA] multicast ipv6 routing-enable...
Page 717 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Vlan(id):100. Total 1 IP Group(s). Total 1 IP Source(s). Total 1 MAC Group(s). Router port(s):total 1 port. GE1/0/1 (D) ( 00:01:30 ) IP group(s):the following ip group(s) match to one mac group.
Page 718 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Note: If no static router port is configured, when the path of Switch A—Switch B—Switch C gets blocked, at least one MLD query-response cycle must be completed before the IPv6 multicast data can flow to the receivers along the new path of Switch A—Switch C,...
Page 719 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration [RouterA-GigabitEthernet 1/0/2] pim ipv6 dm [RouterA-GigabitEthernet 1/0/2] quit Configure Switch A # Enable MLD Snooping globally. <SwitchA> system-view [SwitchA] mld-snooping [SwitchA-mld-snooping] quit # Create VLAN 100, assign GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to this VLAN, and enable MLD Snooping in the VLAN.
Page 720: Mld Snooping Querier Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Verify the configuration # View the detailed information about MLD Snooping multicast groups in VLAN 100 on Switch A. [SwitchA] display mld-snooping group vlan 100 verbose Total 1 IP Group(s).
Page 721 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration II. Network diagram Figure 3-5 Network diagram for MLD Snooping querier configuration III. Configuration procedure Configure switch A # Enable IPv6 forwarding and enable MLD Snooping globally.
Page 722: Troubleshooting Mld Snooping
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration [SwitchB] vlan 100 [SwitchB-vlan100] port GigabitEthernet 1/0/1 to GigabitEthernet 1/0/3 [SwitchB-vlan100] mld-snooping enable Configuration on Switch C # Enable IPv6 forwarding and enable MLD Snooping globally.
Page 723: Configured Ipv6 Multicast Group Policy Fails To Take Effect
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration III. Solution Enter the display current-configuration command to view the running status of MLD Snooping. If MLD Snooping is not enabled, use the mld-snooping command to enable MLD Snooping globally, and then use mld-snooping enable command to enable MLD Snooping in VLAN view.
Page 724 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 3 MLD Snooping Configuration Use the display mld-snooping group command to check whether any port has been configured as a static member port of any IPv6 multicast group. If so, check whether this configuration conflicts with the configured IPv6 multicast group policy.
Page 725: Chapter 4 Multicast Vlan Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 4 Multicast VLAN Configuration Chapter 4 Multicast VLAN Configuration 4.1 Introduction to Multicast VLAN As shown in Figure 4-1, in the traditional multicast programs-on-demand mode, when hosts that belong to different VLANs, Host A, Host B and Host C require multicast programs on demand service, Router A needs to forward a separate copy of the multicast data in each VLAN.
Page 726: Displaying And Maintaining Multicast Vlan
The VLAN to be configured as the multicast VLAN and the VLANs to be configured as sub-VLANs of the multicast VLAN must exist. The number of sub-VLANs of the multicast VLAN must not exceed the system-defined limit (an S5500-EI series Ethernet switch supports a maximum of one multicast VLAN and 127 sub-VLANs). Caution: You cannot configure any multicast VLAN or a sub-VLAN of a multicast VLAN on a device with IP multicast routing or routing enabled.
Page 727 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 4 Multicast VLAN Configuration IGMP is required on Router A, and IGMP Snooping is required on Switch A. Router A is the IGMP querier. Switch A’s GigabitEthernet 1/0/1 belongs to VLAN 1024, GigabitEthernet 1/0/2...
Page 728 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 4 Multicast VLAN Configuration [RouterA-GigabitEthernet 1/0/1] igmp enable [RouterA-GigabitEthernet 1/0/1] quit [RouterA] interface GigabitEthernet 1/0/2 [RouterA-GigabitEthernet 1/0/2] pim dm [RouterA-GigabitEthernet 1/0/2] quit Configure Switch A # Enable IGMP Snooping globally.
Page 729: Chapter 5 Ipv6 Multicast Vlan Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 Multicast VLAN Configuration Chapter 5 IPv6 Multicast VLAN Configuration 5.1 Introduction to IPv6 Multicast VLAN As shown in Figure 5-1, in the traditional IPv6 multicast programs-on-demand mode, when hosts that belong to different VLANs, Host A, Host B and Host C require IPv6 multicast programs on demand service, Router A needs to forward a separate copy of the IPv6 multicast data in each VLAN.
Page 730: Displaying And Maintaining Ipv6 Multicast Vlan
IPv6 multicast VLAN must exist. The total number of sub-VLANs of an IPv6 multicast VLAN must not exceed the system-defined limit (an S5500-EI series Ethernet switch supports a maximum of one IPv6 multicast VLAN and 127 sub-VLANs).
Page 731: Ipv6 Multicast Vlan Configuration Examples
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 Multicast VLAN Configuration 5.4 IPv6 Multicast VLAN Configuration Examples I. Network requirements As shown in Figure 5-2, Router A connects to an IPv6 multicast source (Source) through GigabitEthernet 1/0/2, and to Switch A through GigabitEthernet 1/0/1.
Page 732 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 5 IPv6 Multicast VLAN Configuration # Enable IPv6 multicast routing, enable IPv6 PIM-DM on each interface, and enable MLD on GigabitEthernet 1/0/1. <RouterA> system-view [RouterA] multicast ipv6 routing-enable [RouterA] interface GigabitEthernet 1/0/1...
Page 733: Chapter 6 Igmp Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration Chapter 6 IGMP Configuration When configuring IGMP, go to the following sections for the information you are interested in: IGMP Overview IGMP Configuration Task List IGMP Configuration Example...
Page 734 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration querier election mechanism is required to determine which router will act as the IGMP querier on the subnet. In IGMPv1, the designated router (DR) elected by a multicast routing protocol (such as PIM) serves as the IGMP querier.
Page 735: Enhancements Provided By Igmpv
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration G1. This mechanism, known as IGMP report suppression, helps reduce traffic over the local subnet. At the same time, because Host A is interested in G2, it sends a report to the multicast group address of G2.
Page 736: Enhancements In Igmpv
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration II. “Leave group” mechanism In IGMPv1, when a host leaves a multicast group, it does not send any notification to the multicast router. The multicast router relies on host response timeout to know whether a group no longer has members.
Page 737 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration is interested only in the multicast data that Source 1 sends to G but not in the data from Source 2. Source 1 Host A Receiver Host B...
Page 738: Igmp Configuration Task List
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration list. If the specified multicast source list is empty, this means that the report sender has left the reported multicast group. IS_EX: The source filtering mode is Exclude, namely, the report sender requests the multicast data from any sources but those defined in the specified multicast source list.
Page 739: Configuring Basic Functions Of Igmp
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration Note: Configurations performed in IGMP view are effective on all interfaces, while configurations performed in interface view are effective on the current interface only. If a feature is not configured for an interface in interface view, the global configuration performed in IGMP view will apply to that interface.
Page 740: Configuring Igmp Versions
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration 6.3.3 Configuring IGMP Versions Because messages vary with different IGMP versions, the same IGMP version should be configured for all routers on the same subnet before IGMP can work properly.
Page 741: Adjusting Igmp Performance
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration To do... Use the command... Description Required Configure the interface igmp static-group An interface is not a static as a static member of a group-address [ source...
Page 742: Configuring Igmp Message Options
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration Before adjusting IGMP performance, prepare the following data: IGMP general query interval IGMP querier’s robustness variable Maximum response time for IGMP general queries IGMP last-member query interval Other querier present interval 6.4.2 Configuring IGMP Message Options...
Page 743: Configuring Igmp Query And Response Parameters
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration II. Configuring IGMP packet options on an interface Follow these steps to configure IGMP packet options on an interface: To do... Use the command... Description Enter system view system-view —...
Page 744 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration For IGMP group-specific queries, you can configure the IGMP last member query interval to fill their Max Response time field. Namely, for IGMP group-specific queries, the maximum response time equals the IGMP last member query interval.
Page 745: Configuring Igmp Fast Leave Processing
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration To do... Use the command... Description Configure the maximum igmp Optional response time for IGMP max-response-time 10 seconds by default general queries interval igmp Optional Configure the IGMP last...
Page 746: Displaying And Maintaining Igmp
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration 6.5 Displaying and Maintaining IGMP To do... Use the command... Description display igmp group View IGMP multicast group [ group-address | interface Available in information interface-type interface-number ]...
Page 747: Igmp Configuration Example
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration 6.6 IGMP Configuration Example I. Network requirements Receivers receive VOD information through the multicast mode. Receivers of different organizations form stub networks N1 and N2, and Host A and Host C are receivers in N1 and N2 respectively.
Page 748 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration Configure the OSPF protocol for interoperation among the switches. Ensure the network-layer interoperation among Switch A, Switch B and Switch C on the PIM network and dynamic update of routing information among the switches through a unicast routing protocol.
Page 749: Troubleshooting Igmp
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration Querier for IGMP: 10.110.2.1 (this router) Total 1 IGMP Group reported 6.7 Troubleshooting IGMP 6.7.1 No Member Information on the Receiver-Side Router I. Symptom When a host sends a report for joining multicast group G, there is no member information of the multicast group G on the router closest to that host.
Page 750: Inconsistent Memberships On Routers On The Same Subnet
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 6 IGMP Configuration 6.7.2 Inconsistent Memberships on Routers on the Same Subnet I. Symptom Different memberships are maintained on different IGMP routers on the same subnet. II. Analysis A router running IGMP maintains multiple parameters for each interface, and these parameters influence one another, forming very complicated relationships.
Page 751: Chapter 7 Pim Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Chapter 7 PIM Configuration When configuring PIM, go to these sections for information you are interested in: PIM Overview Configuring PIM-DM Configuring PIM-SM Configuring PIM-SSM Configuring PIM Common Information...
Page 752: Introduction To Pim-Dm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: To facilitate description, a network comprising PIM-capable routers is referred to as a “PIM domain” in this document. 7.1.1 Introduction to PIM-DM PIM-DM is a type of dense mode multicast protocol. It uses the “push mode” for multicast forwarding, and is suitable for small-sized networks with densely distributed multicast members.
Page 753 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: Every activated interface on a router sends hello messages periodically, and thus learns the PIM neighboring information pertinent to the interface. II. SPT establishment The process of building an SPT is the process of “flood and prune”.
Page 754 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Figure 7-1 SPT establishment The “flood and prune” process takes place periodically. A pruned state timeout mechanism is provided. A pruned branch restarts multicast forwarding when the pruned state times out and then is pruned again when it no longer has any multicast receiver.
Page 755: Introduction To Pim-Sm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration IV. Assert If multiple multicast routers exist on a multi-access subnet, duplicate packets may flow to the same subnet. To shut off duplicate flows, the assert mechanism is used for election of a single multicast forwarder on a multi-access network.
Page 756: How Pim-Sm Works
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration PIM-SM is a type of sparse mode multicast protocol. It uses the “pull mode” for multicast forwarding, and is suitable for large- and medium-sized networks with sparsely and widely distributed multicast group members.
Page 757 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration I. Neighbor discovery PIM-SM uses exactly the same neighbor discovery mechanism as PIM-DM does. Refer Neighbor discovery. II. DR election PIM-SM also uses hello messages to elect a designated router (DR) for a multi-access network.
Page 758 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Routers on the multi-access network send hello messages to one another. The hello messages contain the router priority for DR election. The router with the highest DR priority will become the DR.
Page 759 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Figure 7-4 BSR and C-RPs IV. RPT establishment Figure 7-5 RPT establishment in a PIM-SM domain As shown in Figure 7-5, the process of building an RPT is as follows: When a receiver joins a multicast group G, it uses an IGMP message to inform the directly connected DR.
Page 760 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration The multicast data addressed to the multicast group G flows through the RP, reaches the corresponding DR along the established RPT, and finally is delivered to the receiver.
Page 761: Introduction To Bsr Admin-Scope Regions In Pim-Sm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration The subsequent multicast data from the multicast source travels along the established SPT to the RP, and then the RP forwards the data along the RPT to the receivers.
Page 762 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration II. Relationship between BSR admin-scope regions and the global scope zone A better understanding of the global scope zone and BSR admin-scope regions should be based on two aspects: geographical space and group address range.
Page 763: Ssm Model Implementation In Pim
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Figure 7-8 Relationship between BSR admin-scope regions and the global scope zone in group address ranges Figure 7-8, the group address ranges of admin-scope-scope regions BSR1 and BSR2 have no intersection, whereas the group address range of BSR3 is a subset of the address range of BSR1.
Page 764 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration The SSM model provides a solution for source-specific multicast. It maintains the relationships between hosts and routers through IGMPv3. In actual application, part of the PIM-SM technique is adopted to implement the SSM model.
Page 765 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration As shown in Figure 7-9, Host B and Host C are multicast information receivers. They send IGMPv3 report messages denoted as (Include S, G) to the respective DRs to express their interest in the information of the specific multicast source S.
Page 766: Configuring Pim-Dm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration 7.2 Configuring PIM-DM 7.2.1 PIM-DM Configuration Task List Complete these tasks to configure PIM-DM: Task Remarks Enabling PIM-DM Required Enabling State Refresh Optional Configuring State Refresh Parameters...
Page 767: Enabling State Refresh
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do... Use the command... Remarks Required Enable PIM-DM pim dm Disabled by default Caution: All the interfaces of the same router must work in the same PIM mode.
Page 768: Configuring Pim-Dm Graft Retry Period
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration control the propagation scope of state refresh messages, you need to configure an appropriate TTL value based on the network size. Follow these steps to configure state refresh parameters: To do...
Page 769: Configuring Pim-Sm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration 7.3 Configuring PIM-SM Note: A device can serve as a C-RP and a C-BSR at the same time. 7.3.1 PIM-SM Configuration Task List Complete these tasks to configure PIM-SM:...
Page 770 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Bootstrap timeout time An ACL rule defining a legal C-RP address range and the range of multicast groups to be served C-RP-Adv interval C-RP timeout time The IP address of a static RP...
Page 771: Configuring A Bsr
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration 7.3.4 Configuring a BSR Note: The BSR is dynamically elected from a number of C-BSRs. Because it is unpredictable which router will finally win a BSR election, the commands introduced in this section must be configured on all C-BSRs.
Page 772 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration perform neighbor check and RPF check on BSR messages and discard unwanted messages. When a router in the network is controlled by an attacker or when an illegal router...
Page 773 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do... Use the command... Remarks c-bsr global Required Configure a global-scope [ hash-length No global-scope C-BSRs C-BSR hash-length | priority by default priority ] * III. Configuring an admin-scope C-BSR By default, a PIM-SM domain has only one BSR.
Page 774 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Follow these steps to configure a BSR admin-scope region boundary: To do... Use the command... Remarks Enter system view system-view — interface interface-type Enter interface view —...
Page 775: Configuring An Rp
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: About the bootstrap timeout time: By default, the bootstrap timeout time is determined by this formula: Bootstrap timeout = Bootstrap interval × 2 + 10. The default bootstrap interval is 60 seconds, so the default bootstrap timeout = 60 ×...
Page 776 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do… Use the command… Remarks static-rp rp-address Optional Configure a static RP [ acl-number ] No static RP by default [ preferred ] II. Configuring a C-RP In a PIM-SM domain, you can configure routers that intend to become the RP as C-RPs.
Page 777 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration III. Enabling auto-RP Auto-RP announcement and discovery messages are respectively addressed to the multicast group addresses 224.0.1.39 and 224.0.1.40. With auto-RP enabled on a device, the device can receive these two types of messages and record the RP information carried in such messages.
Page 778: Configuring Pim-Sm Register Messages
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: The commands introduced in this section are to be configured on C-RPs. For the configuration of other timers in PIM-SM, refer to Configuring PIM Common Timers.
Page 779: Disabling Rpt-To-Spt Switchover
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do... Use the command... Remarks Optional Configure a filtering rule register-policy No register filtering rule by for register messages acl-number default Optional Configure the device to...
Page 780: Configuring Pim-Ssm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: The support for the timer spt-switch command depends on the specific device model. Typically, you need to configure the above-mentioned parameters on the receiver-side DR and the RP only. Since both the DR and RP are elected, however, you should carry out these configurations on the routers that may win the DR election and on the C-RPs that may win RP elections.
Page 781: Configuring The Ssm Group Range
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration 7.4.3 Enabling PIM-SM The SSM model is implemented based on some subsets of PIM-SM. Therefore, a router is PIM-SSM capable after you enable PIM-SM on it. When deploying a PIM-SM domain, you are recommended to enable PIM-SM on all interfaces of non-border routers (border routers are PIM-enabled routers located on the boundary of BSR admin-scope regions).
Page 782: Configuring Pim Common Information
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: The commands introduced in this section are to be configured on all routers in the PIM domain. Caution: Make sure that the same SSM group range is configured on all routers in the entire domain.
Page 783: Configuring A Pim Filter
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration 7.5.2 Configuration Prerequisites Before configuring PIM common information, complete the following tasks: Configure any unicast routing protocol so that all devices in the domain are interoperable at the network layer.
Page 784: Configuring Pim Hello Options
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: Generally, a smaller distance from the filter to the multicast source results in a more remarkable filtering effect. This filter works not only on independent multicast data but also on multicast data encapsulated in register messages.
Page 785 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration new generation ID. If a PIM router finds that the generation ID in a hello message from the upstream router has changed, it assumes that the status of the upstream neighbor is lost or the upstream neighbor has changed.
Page 786: Configuring Pim Common Timers
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do... Use the command... Remarks Optional Configure the prune delay pim hello-option 500 milliseconds by time (LAN-delay) lan-delay interval default Optional Configure the prune pim hello-option...
Page 787 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration I. Configuring PIM common timers globally Follow these steps to configure PIM common timers globally: To do... Use the command... Remarks Enter system view system-view — Enter PIM view —...
Page 788: Configuring Join/Prune Message Limits
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Note: If there are no special networking requirements, we recommend that you use the default settings. 7.5.6 Configuring Join/Prune Message Limits A larger join/prune message size will result in loss of a larger amount of information when a message is lost;...
Page 789: Pim Configuration Examples
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration To do... Use the command... Remarks View the information Available in any about unacknowledged display pim grafts view graft messages View the PIM information display pim interface...
Page 790 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Switch A connects to stub network N1 through VLAN-interface 100, and to Switch D through VLAN-interface 103. Switch B and Switch C connect to stub network N2 through their respective VLAN-interface 200, and to Switch D through VLAN-interface 101 and VLAN-interface 102 respectively.
Page 791 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration among the switches through a unicast routing protocol. Detailed configuration steps are omitted here. Enable IP multicast routing, and enable PIM-DM on each interface # Enable IP multicast routing on Switch A, enable PIM-DM on each interface, and enable IGMPv2 on VLAN-interface 100, which connects Switch A to the stub network.
Page 792 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Carry out the display pim neighbor command to view the PIM neighboring relationships among the switches. For example: # View the PIM neighboring relationships on Switch D.
Page 793: Pim-Sm Configuration Example
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration The information on Switch B and Switch C is similar to that on Switch A. # View the PIM routing table information on Switch D. [SwitchD] display pim routing-table Total 0 (*, G) entry;...
Page 794 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int100 10.110.1.1/24 Switch D Vlan-int300 10.110.5.1/24 Vlan-int101 192.168.1.1/24 Vlan-int101 192.168.1.2/24 Vlan-int102 192.168.9.1/24 Vlan-int105 192.168.4.2/24...
Page 795 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration <SwitchA> system-view [SwitchA] multicast routing-enable [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] igmp enable [SwitchA-Vlan-interface100] pim sm [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] pim sm [SwitchA-Vlan-interface101] quit [SwitchA] interface vlan-interface 102...
Page 796 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration [SwitchA] display pim bsr-info Elected BSR Address: 192.168.9.2 Priority: 0 Hash mask length: 30 State: Accept Preferred Scope: Not scoped Uptime: 01:40:40 Next BSR message scheduled at: 00:01:42 # View the BSR information and the locally configured C-RP information in effect on Switch E.
Page 797 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Assume that Host A needs to receive information addressed to the multicast group G (225.1.1.1/24). An RPT will be built between Switch A and Switch E. When the multicast source S (10.110.5.100/24) registers with the RP, an SPT will be built between Switch D...
Page 798: Pim-Ssm Configuration Example
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Upstream interface: Vlan-interface300 Upstream neighbor: NULL RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: Vlan-interface105 Protocol: pim-sm, UpTime: 00:00:42, Expires:00:02:06 # View the PIM routing table information on Switch E.
Page 799 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int100 10.110.1.1/24 Switch D Vlan-int300 10.110.5.1/24 Vlan-int101 192.168.1.1/24 Vlan-int101 192.168.1.2/24 Vlan-int102 192.168.9.1/24 Vlan-int105 192.168.4.2/24...
Page 800 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration <SwitchA> system-view [SwitchA] multicast routing-enable [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] igmp enable [SwitchA-Vlan-interface100] igmp version 3 [SwitchA-Vlan-interface100] pim sm [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] pim sm...
Page 801: Troubleshooting Pim Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration multicast routing entries. You can use the display pim routing-table command to view the PIM routing table information on each switch. For example: # View the PIM routing table information on Switch A.
Page 802 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration II. Analysis When PIM-DM runs on the entire network, multicast data is flooded from the first hop router connected with the multicast source to the last hop router connected with the clients along the SPT.
Page 803: Multicast Data Abnormally Terminated On An Intermediate Router
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration Check that the same PIM mode is enabled on related interfaces. Use the display pim interface verbose command to check whether the same PIM mode is enabled on the RPF interface and the corresponding interface of the RPF neighbor router.
Page 804: No Unicast Route Between Bsr And C-Rps In Pim-Sm
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration II. Analysis As the core of a PIM-SM domain, the RPs serve specific multicast groups. Multiple RPs can coexist in a network. Make sure that the RP information on all routers is exactly the same, and a specific group is mapped to the same RP.
Page 805 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 7 PIM Configuration and the BSR. Make sure that each C-RP has a unicast route to the BSR, the BSR has a unicast route to each C-RP, and all the routers in the entire network have a unicast route to the RP.
Page 806: Chapter 8 Msdp Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Chapter 8 MSDP Configuration When configuring MSDP, go to these sections for information you are interested in: MSDP Overview MSDP Configuration Task List Displaying and Maintaining MSDP...
Page 807: How Msdp Works
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Caution: MSDP is applicable only if the intra-domain multicast protocol is PIM-SM. MSDP is meaningful only for the any-source multicast (ASM) model. 8.1.2 How MSDP Works I. MSDP peers...
Page 808 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration data from the multicast source arrives, the receiver-side MSDP peer forwards the data to the receivers along the RPT. Intermediate MSDP peer: an MSDP peer with multicast remote MSDP peers, like RP 2.
Page 809 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Receiver DR 2 MSDP peers Multicast packets SA message RP 2 Join message PIM-SM 2 Register message DR 1 Source PIM-SM 4 RP 1 RP 3 PIM-SM 1...
Page 810 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration hop towards DR 1 at the multicast source side, so that it can directly join the SPT rooted at the source over other PIM-SM domains. Then, the multicast data can flow along the SPT to RP 2 and is forwarded by RP 2 to the receivers along the RPT.
Page 811 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Source RP 1 RP 5 RP 9 RP 8 AS 1 AS 5 Mesh group AS 3 RP 2 RP 3 AS 2 MSDP peers RP 4...
Page 812 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration When RP 8 receives the SA message from RP 7 An EBGP route exists between two MSDP peers in different ASs. Because the SA message is from an MSDP peer (RP 7) in a different AS, and the MSDP peer is the next hop on the EBGP route to the source-side RP, RP 8 accepts the message and forwards it to its other peer (RP 9).
Page 813 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration The work process of Anycast RP is as follows: The multicast source registers with the nearest RP. In this example, Source registers with RP 1, with its multicast data encapsulated in the register message.
Page 814: Msdp Configuration Task List
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration 8.2 MSDP Configuration Task List Complete these tasks to configure MSDP: Task Remarks Enabling MSDP Required Configuring Basic Functions of Creating an MSDP Peer Connection Required MSDP...
Page 815: Creating An Msdp Peer Connection
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration To do... Use the command... Remarks Enter system view system-view — Required Enable IP multicast multicast routing routing-enable Disabled by default Required Enable MSDP and enter msdp...
Page 816: Configuring An Msdp Peer Connection
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration To do... Use the command... Remarks Required static-rpf-peer Configure a static RPF peer-address [ rp-policy No static RPF peer peer ip-prefix-name ] configured by default Note: If only one MSDP peer is configured on a router, this MSDP will be registered as a static RPF peer.
Page 817: Configuring An Msdp Mesh Group
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration 8.4.3 Configuring an MSDP Mesh Group An AS may contain multiple MSDP peers. You can use the MSDP mesh group mechanism to avoid SA message flooding among these MSDP peers and optimize the multicast traffic.
Page 818: Configuring Sa Messages Related Parameters
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration When a new MSDP peer is created, or when a previously deactivated MSDP peer connection is reactivated, or when a previously failed MSDP peer attempts to resume operation, a TCP connection is required.
Page 819: Configuring Sa Request Messages
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration message containing the multicast packet in an SA message and sends it out. After receiving the SA message, the remote RP decapsulates the SA message and delivers the multicast data contained in the register message to the receivers along the RPT.
Page 820: Configuring An Sa Message Filtering Rule
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration To do... Use the command... Remarks Optional peer peer-address Configure a filtering rule sa-request-policy [ acl SA request messages are for SA request messages acl-number ] not filtered by default...
Page 821: Configuring Sa Message Cache
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration To do... Use the command... Remarks Configure the minimum TTL value of multicast Optional peer peer-address packets to be minimum-ttl ttl-value 0 by default encapsulated in SA messages 8.5.5 Configuring SA Message Cache...
Page 822: Msdp Configuration Examples
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration To do... Use the command... Remarks View the (S, G) entry display msdp sa-cache Available in information in the MSDP [ group-address | source-address | any view...
Page 823 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration II. Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int103 10.110.1.2/24 Switch D Vlan-int104 10.110.4.2/24 Vlan-int100 10.110.2.1/24 Vlan-int300 10.110.5.1/24 Vlan-int200 10.110.3.1/24 Switch E Vlan-int105 10.110.6.1/24...
Page 824 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration # Enable IP multicast routing on Switch A, enable PIM-SM on each interface, and enable IGMP on the host-side interface VLAN-interface 200. <SwitchA> system-view [SwitchA] multicast routing-enable...
Page 825 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration [SwitchC-bgp] peer 192.168.3.2 as-number 200 [SwitchC-bgp] import-route ospf 1 [SwitchC-bgp] quit # Configure IBGP on Switch E, and redistribute OSPF routes. [SwitchE] bgp 200 [SwitchE-bgp] router-id 3.3.3.3 [SwitchE-bgp] peer 192.168.3.1 as-number 200...
Page 826 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 192.168.1.2 4 200 6 00:13:09 Established # View the information about BGP peering relationships on Switch C. [SwitchC] display bgp peer BGP local router ID : 2.2.2.2...
Page 827 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration 192.168.1.1 100? *> 192.168.1.1/32 0.0.0.0 *> 192.168.1.2/32 0.0.0.0 192.168.1.1 100? *> 192.168.3.0 0.0.0.0 192.168.3.2 *> 192.168.3.1/32 0.0.0.0 *> 192.168.3.2/32 0.0.0.0 192.168.3.2 When the multicast source in PIM-SM 1 (Source 1) and the multicast source in PIM-SM 2 (Source 2) send multicast information, receivers in PIM-SM 1 and PIM-SM 3 can receive the multicast data.
Page 828: Inter-As Multicast Configuration Leveraging Static Rpf Peers
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration MSDP Peer 192.168.1.2, AS 200 Description: Information about connection status: State: Up Up/down time: 00:15:47 Resets: 0 Connection interface: Vlan-interface101 (192.168.1.1) Number of sent/received messages: 16/16 Number of discarded output messages: 0...
Page 829 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Switch E, so that any switch can receive SA messages only from its static RPF peer(s) and permitted by the corresponding filtering policy. II. Network diagram AS 100...
Page 830 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Enable IP multicast routing, enable PIM-SM and IGMP, and configure a PIM-SM domain border # Enable IP multicast routing on Switch A, enable PIM-SM on each interface, and enable IGMP on the host-side interface VLAN-interface 200.
Page 831 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration [SwitchB-msdp] peer 192.168.1.2 connect-interface vlan-interface 101 [SwitchB-msdp] static-rpf-peer 192.168.3.1 rp-policy list-df [SwitchB-msdp] static-rpf-peer 192.168.1.2 rp-policy list-df [SwitchB-msdp] quit # Configure Switch B as a static RPF peer of Switch C.
Page 832: Anycast Rp Configuration
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Peer's Address State Up/Down time SA Count Reset Count 192.168.1.1 01:07:09 # View the brief MSDP peer information on Switch E. [SwitchE] display msdp brief MSDP Peer Brief Information...
Page 833 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration II. Network diagram Source 1 Source 2 Switch A Switch C Switch E Vlan-int300 Vlan-int400 Receiver 1 Receiver 2 Switch B Switch D Vlan-int100 Vlan-int200 Loop10 Loop10...
Page 834 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] igmp enable [SwitchB-Vlan-interface100] pim sm [SwitchB-Vlan-interface100] quit [SwitchB] interface vlan-interface 103 [SwitchB-Vlan-interface103] pim sm [SwitchB-Vlan-interface103] quit [SwitchB] interface Vlan-interface 101 [SwitchB-Vlan-interface101] pim sm...
Page 835 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Verify the configuration You can use the display msdp brief command to view the brief information of MSDP peering relationships between the switches. # View the brief MSDP peer information on Switch B.
Page 836 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration (10.110.5.100, 225.1.1.1) RP: 10.1.1.1 (local) Protocol: pim-sm, Flag: SPT 2MSDP ACT UpTime: 00:46:28 Upstream interface: Vlan-interface103 Upstream neighbor: 10.110.2.2 RPF prime neighbor: 10.110.2.2 Downstream interface(s) information: Total number of downstreams: 1...
Page 837: Troubleshooting Msdp
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Protocol: pim-sm, Flag: SPT 2MSDP ACT UpTime: 00:40:22 Upstream interface: Vlan-interface104 Upstream neighbor: 10.110.4.2 RPF prime neighbor: 10.110.4.2 Downstream interface(s) information: Total number of downstreams: 1 1: Vlan-interface200...
Page 838: Inter-Rp Communication Faults In Anycast Rp Application
Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration II. Analysis The import-source command is used to control sending (S, G) entries through SA messages to MSDP peers. If this command is executed without the acl-number argument, all the (S, G) entries will be filtered off, namely no (S, G) entries of the local domain will be advertised.
Page 839 Operation Manual – Multicast H3C S5500-EI Series Ethernet Switches Chapter 8 MSDP Configuration Check the configuration of the originating-rp command. In the Anycast RP application environment, be sure to use the originating-rp command to configure the RP address in the SA messages, which must be the local interface address.
Page 840: Multicast Routing And Forwarding Overview
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Chapter 9 Multicast Routing and Forwarding Configuration When configuring multicast routing and forwarding, go to these sections for information you are interested in: Multicast Routing and Forwarding Overview...
Page 841: Rpf Mechanism
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration 9.1.2 RPF Mechanism When creating multicast routing table entries, a multicast routing protocol uses the reverse path forwarding (RPF) mechanism to ensure multicast data delivery along the correct path.
Page 842 Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration unicast route; instead, it relies on the existing unicast routing information or multicast static routes in creating multicast routing entries. When performing an RPF check, a router searches its unicast routing table and multicast static routing table at the same time.
Page 843: Multicast Static Routes
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Figure 9-1 RPF check process A multicast packet from Source arrives on VLAN-interface 1 of Switch C, and the corresponding forwarding entry does not exist in the multicast forwarding table of Switch C.
Page 844: Multicast Traceroute
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration unicast RPF route and the optimal multicast static route respectively from the routing tables, and uses one of them as the RPF route after comparison.
Page 845: Configuring Multicast Routing And Forwarding
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Request, with the IGMP Type field set to 0x1F, and Response, with the IGMP Type field set to 0x1E. III. Process of multicast traceroute The querier sends a query to the last-hop router.
Page 846: Enabling Ip Multicast Routing
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration The maximum number of routing entries in a multicast forwarding table 9.3.2 Enabling IP Multicast Routing Before configuring any Layer 3 multicast functionality, you must enable IP multicast routing.
Page 847: Configuring A Multicast Route Match Rule
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Follow these steps to configure a multicast static route: To do... Use the command... Remarks Enter system view system-view — ip rpf-route-static source-address { mask |...
Page 848: Configuring A Multicast Forwarding Range
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Follow these steps to configure multicast load splitting: To do... Use the command... Remarks Enter system view system-view — multicast load-splitting Required Configuring multicast load...
Page 849: Tracing A Multicast Path
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration routing protocol. In addition, newly added downstream nodes cannot be installed to the routing entry into the forwarding table. If the configured maximum number of routing entries in the multicast forwarding table is smaller than the current number, the routes in excess of the configured limit will not be deleted immediately;...
Page 850: Displaying And Maintaining Multicast Routing And Forwarding
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration 9.4 Displaying and Maintaining Multicast Routing and Forwarding To do... Use the command... Remarks display multicast boundary View the multicast [ group-address [ mask | mask-length ] ]...
Page 851: Configuration Examples
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration Caution: The reset command clears the information in the multicast routing table or the multicast forwarding table, and thus may cause failure of multicast transmission.
Page 852 Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration III. Configuration procedure Configure the interface IP addresses and enable unicast routing on each switch Configure the IP address and subnet mask for each interface as per Figure 9-3.
Page 853: Creating An Rpf Route
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration [SwitchB] display multicast rpf-info 50.1.1.100 RPF information about source 50.1.1.100: RPF interface: Vlan-interface102, RPF neighbor: 30.1.1.2 Referenced route/mask: 50.1.1.0/24 Referenced route type: igp Route selection rule: preference-preferred...
Page 854 Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration II. Network diagram PIM-DM OSPF domain Switch A Switch B Switch C Vlan-int102 Vlan-int102 Vlan-int101 30.1.1.2/24 30.1.1.1/24 20.1.1.1/24 Vlan-int101 20.1.1.2/24 Vlan-int300 Vlan-int200 Vlan-int100 50.1.1.1/24 40.1.1.1/24...
Page 855 Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] pim dm [SwitchC-Vlan-interface300] quit [SwitchC] interface vlan-interface 102 [SwitchC-Vlan-interface102] pim dm [SwitchC-Vlan-interface102] quit The configuration on Switch B is similar to that on Switch A. The specific configuration steps are omitted here.
Page 856: Troubleshooting Multicast Routing And Forwarding
Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration As shown above, the RPF routes to Source 2 exist on Switch B and Switch C. The source is the configured static route. 9.6 Troubleshooting Multicast Routing and Forwarding 9.6.1 Multicast Static Route Failure...
Page 857 Operation Manual – Multicast Chapter 9 Multicast Routing and H3C S5500-EI Series Ethernet Switches Forwarding Configuration II. Analysis If a multicast forwarding boundary has been configured through the multicast boundary command, any multicast packet will be kept from crossing the boundary.
Page 858 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 802.1x Configuration ....................1-1 1.1 802.1x Overview ........................ 1-1 1.1.1 Architecture of 802.1x ..................... 1-1 1.1.2 Operation of 802.1x....................1-3 1.1.3 EAP Encapsulation over LANs................1-4 1.1.4 EAP Encapsulation over RADIUS................
Page 859 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Table of Contents Chapter 4 MAC Authentication Configuration................4-1 4.1 MAC Authentication Overview ................... 4-1 4.1.1 RADIUS-Based MAC Authentication ..............4-1 4.1.2 Local MAC Authentication..................4-2 4.2 Related Concepts ......................4-2 4.2.1 MAC Authentication Timers ..................
Page 860: Chapter 1 802.1X Configuration
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Chapter 1 802.1x Configuration When configuring 802.1x, go to these sections for information you are interested in: 802.1x Overview Configuring 802.1x Configuring a Guest VLAN Displaying and Maintaining 802.1x 802.1x Configuration Example...
Page 861 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Figure 1-1 Architecture of 802.1x Supplicant system: A system at one end of the LAN segment, which is authenticated by the authenticator system at the other end. A supplicant system is usually a user-end device and initiates 802.1x authentication through 802.1x client...
Page 862: Operation Of 802.1X
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration II. Controlled port and uncontrolled port An authenticator provides ports for supplicants to access the LAN. Each of the ports can be regarded as two logical ports: a controlled port and an uncontrolled port.
Page 863: Eap Encapsulation Over Lans
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration After a user passes the authentication, the authentication server passes information about the user to the authenticator, which then controls the status of the controlled port according to the instruction of the authentication server.
Page 864 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Type Description Frame for carrying alerting information compliant to Alert Standard Forum (ASF). EAPOL-Encapsulated-ASF-Alert (a A frame of this type carries network value of 0x04) management-related information like warning messages and is terminated at the authenticator.
Page 865: Eap Encapsulation Over Radius
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Data: Content of the EAP packet. This field is zero or more bytes and its format is determined by the Code field. 1.1.4 EAP Encapsulation over RADIUS Two attributes of RADIUS are intended for supporting EAP authentication: EAP-Message and Message-Authenticator.
Page 866 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration An 802.1x authenticator system communicates with a remotely located RADIUS server in two modes: EAP relay and EAP termination. The following description takes the first case as an example to show the 802.1x authentication process.
Page 867 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Figure 1-8 Message exchange in EAP relay mode When a user launches the 802.1x client software and enters the registered username and password, the 802.1x client software generates an EAPOL-Start frame and sends it to the authenticator to initiate an authentication process.
Page 868 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration After receiving the RADIUS Access-Challenge packet, the authenticator relays the contained EAP-Request/MD5 Challenge packet to the supplicant. When receiving the EAP-Request/MD5 Challenge packet, the supplicant uses the...
Page 869: X Timers
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration RADIUS EAPOL Authenticator system RADUIS Supplicant system server EAPOL - Start EAP- Resquest / Identity EAP- Response / Identity EAP - Request / MD 5 challenge...
Page 870: Implementation Of 802.1X In The Devices
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration when an authenticator multicasts an EAP-Request/Identity frame. Once an authenticator sends an EAP-Request/Identity frame to a supplicant, it starts this timer. If this timer expires but it receives no response from the supplicant, it retransmits the request.
Page 871: Features Working Together With 802.1X
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Note: After an 802.1x supplicant passes authentication, the authentication server sends authorization information to the authenticator. If the authorization information contains VLAN authorization information, the authenticator adds the port connecting the supplicant to the assigned VLAN.
Page 872 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration II. Guest VLAN Guest VLAN allows unauthenticated users to access some special resources. Guest VLAN is the default VLAN that a supplicant on a port can access without authentication.
Page 873: Configuring 802.1X
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration 1.2 Configuring 802.1x 1.2.1 Configuration Prerequisites 802.1x provides a user identity authentication scheme. However, 802.1x cannot implement the authentication scheme solely by itself. RADIUS or local authentication must be configured to work with 802.1x.
Page 874: Configuring 802.1X For A Port
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration To do… Use the command… Remarks Set the maximum number Optional of attempts to send an dot1x retry authentication request to max-retry-value 2 by default a supplicant...
Page 875 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration To do… Use the command… Remarks Enter system view system-view — In system dot1x interface view interface-list Enable Required 802.1x for Use either approach. interface interface-type...
Page 876: Configuring A Guest Vlan
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration In EAP relay authentication mode, the authenticator encapsulates the 802.1x user information in the EAP attributes of RADIUS packets and sends the packets to the RADIUS server for authentication. In this case, you can configure the user-name-format command but it does not take effect.
Page 877: Displaying And Maintaining 802.1X
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Note: You can specify a tagged VLAN as the guest VLAN for a Hybrid port, but the guest VLAN does not take effect. Similarly, if a guest VLAN for a Hybrid port is in operation, you cannot configure the guest VLAN to carry tags.
Page 878 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration A server group with two RADIUS servers is connected to the switch. The IP addresses of the servers are 10.1.1.1 and 10.1.1.2 respectively. Use the former as the primary authentication/secondary accounting server, and the latter as the secondary authentication/primary accounting server.
Page 879 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration [Sysname] local-user localuser [Sysname-luser-localuser] service-type lan-access [Sysname-luser-localuser] password simple localpass [Sysname-luser-localuser] attribute idle-cut 20 [Sysname-luser-localuser] quit # Create RADIUS scheme radius1 and enter its view. [Sysname] radius scheme radius1 # Configure the IP addresses of the primary authentication and accounting RADIUS servers.
Page 880: Guest Vlan Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration [Sysname-isp-aabbcc.net] access-limit enable 30 # Enable the idle cut function and set the idle cut interval. [Sysname-isp-aabbcc.net] idle-cut enable 20 [Sysname-isp-aabbcc.net] quit # Configure aabbcc.net as the default domain.
Page 881 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration II. Network diagrams Update server Authenticator server VLAN 10 VLAN 2 GE1/0/4 GE1/0/3 VLAN 1 VLAN 5 GE1/0/1 GE1/0/2 Switch Internet Supplicant Figure 1-11 Network diagram for guest VLAN configuration...
Page 882 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration Update server Authenticator server VLAN 10 VLAN 2 GE1/0/4 GE1/0/3 VLAN 5 VLAN 5 GE1/0/1 GE1/0/2 Switch Internet VLAN 5 Supplicant Figure 1-13 Network diagram when the supplicant passes authentication III.
Page 883: Acl Assignment Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration [Sysname-GigabitGigabitEthernet1/0/1] dot1x port-method portbased # Set the port access control mode to auto. [Sysname-GigabitGigabitEthernet1/0/1] dot1x port-control auto [Sysname-GigabitGigabitEthernet1/0/1] quit # Create VLAN 10. [Sysname] vlan 10 [Sysname-vlan10] quit # Specify port GigabitEthernet 1/0/1 to use VLAN 10 as its guest VLAN.
Page 884 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration III. Configuration procedure # Configure the IP addresses of the interfaces. (Omitted) # Configure the RADIUS scheme. <Sysname> system-view [Sysname] radius scheme 2000 [Sysname-radius-2000] primary authentication 10.1.1.1 1812 [Sysname-radius-2000] primary accounting 10.1.1.2 1813...
Page 885 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 1 802.1x Configuration 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss 1-26...
Page 886: Chapter 2 Ead Fast Deployment Configuration
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration Chapter 2 EAD Fast Deployment Configuration When configuring EAD fast deployment, go to these sections for information you are interested in: EAD Fast Deployment Overview...
Page 887 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration 2.2.2 Configuration Procedure I. Configuring a freely accessible network segment A freely accessible network segment, also called a free IP, is a network segment that users can access before passing 802.1x authentication.
Page 888: Displaying And Maintaining Ead Fast Deployment
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration III. Setting the EAD rule timeout time With the EAD fast deployment function, a user is authorized by an EAD rule (generally an ACL rule) to access the freely accessible network segment before passing authentication.
Page 889 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration II. Network diagram Internet Free IP: WEB server 192.168.1.3/24 GE1/0/1 192.168.1.0/24 192.168.1.1/24 Host Switch 192.168.1.10/24 Figure 2-1 Network diagram for EAD fast deployment III. Configuration procedure...
Page 890: Troubleshooting Ead Fast Deployment
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 2 EAD Fast Deployment Configuration Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Reply from 192.168.1.3: bytes=32 time<1ms TTL=128 Ping statistics for 192.168.1.3:...
Page 891: Chapter 3 Habp Configuration
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 3 HABP Configuration Chapter 3 HABP Configuration When configuring HABP, go to these sections for the information you are interested in: Introduction to HABP Configuring HABP Displaying and Maintaining HABP 3.1 Introduction to HABP...
Page 892: Configuring An Habp Client
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 3 HABP Configuration Follow these steps to configure an HABP server: To do… Use the command… Remarks Enter system view system-view — Optional Enable HABP habp enable Enabled by default...
Page 893: Chapter 4 Mac Authentication Configuration
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration Chapter 4 MAC Authentication Configuration When configuring MAC authentication, go to these sections for information you are interested in: MAC Authentication Overview Related Concepts Configuring MAC Authentication...
Page 894: Local Mac Authentication
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration If the authentication succeeds, the user will be granted permission to access the network resources. 4.1.2 Local MAC Authentication In local MAC authentication, the device performs authentication of users locally and...
Page 895: Vlan Assigning
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration Caution: If the quiet MAC is the same as the static MAC configured or an authentication-passed MAC, then the quiet function is not effective. 4.2.3 VLAN Assigning For separation of users from restricted network resources, a more general way is to put the users and restricted resources into different VLANs.
Page 896 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration Caution: For local authentication: The type of username and password of a local user must be consistent with that used for MAC authentication. All the letters in the MAC address to be used as the username and password of a local user must be in lower case.
Page 897: Displaying And Maintaining Mac Authentication
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration To do… Use the command… Remarks mac-authentication Optional user-name-format By default, the user’s { fixed [ account name ] Configure the username source MAC address...
Page 898 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes. II. Network Diagram Figure 4-1 Network diagram for local MAC authentication III.
Page 899: Radius-Based Mac Authentication Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration Fixed password:123456 Offline detect period is 180s Quiet period is 60s. Server response timeout value is 100s The max allowed user number is 1024 per slot Current user number amounts to 1 Current domain is aabbcc.net...
Page 900 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration [Sysname] radius scheme 2000 [Sysname-radius-2000] primary authentication 10.1.1.1 1812 [Sysname-radius-2000] primary accounting 10.1.1.2 1813 [Sysname-radius-2000] key authentication abc [Sysname-radius-2000] key accounting abc [Sysname-radius-2000] user-name-format without-domain [Sysname-radius-2000] quit # Specify the AAA schemes for the ISP domain.
Page 901: Acl Assigning Configuration Example
Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration GigabitGigabitEthernet1/0/1 is link-up MAC address authentication is Enabled Authenticate success: 1, failed: 0 Current online user number is 1 MAC ADDR Authenticate state AuthIndex 00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 4.5.3 ACL Assigning Configuration Example...
Page 902 Operation Manual – 802.1x-HABP-MAC Authentication H3C S5500-EI Series Ethernet Switches Chapter 4 MAC Authentication Configuration [Sysname-radius-2000] quit # Create an ISP domain and specify the AAA schemes. [Sysname] domain 2000 [Sysname-isp-2000] authentication default radius-scheme 2000 [Sysname-isp-2000] authorization default radius-scheme 2000...
Page 903 Operation Manual – AAA RADIUS HWTACACS H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 AAA/RADIUS/HWTACACS Configuration ..............1-1 1.1 AAA/RADIUS/HWTACACS Overview ................1-1 1.1.1 Introduction to AAA ....................1-1 1.1.2 Introduction to RADIUS................... 1-3 1.1.3 Introduction to HWTACACS..................1-9 1.1.4 Protocols and Standards..................
Page 904 Operation Manual – AAA RADIUS HWTACACS H3C S5500-EI Series Ethernet Switches Table of Contents 1.6.1 Displaying and Maintaining AAA ................1-39 1.6.2 Displaying and Maintaining RADIUS..............1-39 1.6.3 Displaying and Maintaining HWTACACS ............. 1-40 1.7 AAA/RADIUS/HWTACACS Configuration Examples ............1-40 1.7.1 AAA for Telnet Users by a HWTACACS Server ...........
Page 905 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Chapter 1 AAA/RADIUS/HWTACACS Configuration When configuring AAA/RADIUS/HWTACACS, go to these sections for information you are interested in: AAA/RADIUS/HWTACACS Overview AAA/RADIUS/HWTACACS Configuration Task List Configuring AAA...
Page 906 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Internet User RADIUS server HWTACACS server Figure 1-1 AAA networking diagram When a user tries to establish a connection to the NAS and obtain the rights to access other networks or some network resources, the NAS authenticates the user or the corresponding connection.
Page 907: Introduction To Radius
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration AAA can be implemented through multiple protocols. Currently, the device supports using RADIUS and HWTACACS for AAA, and RADIUS is often used in practice. 1.1.2 Introduction to RADIUS Remote Authentication Dial-In User Service (RADIUS) is a distributed information interaction protocol in the client/server model.
Page 908 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration II. Security authentication mechanism Information exchanged between the RADIUS client and the RADIUS server is authenticated with a shared key, which is never transmitted over the network, thus enhancing the security of information exchange.
Page 909 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration The RADIUS server authenticates the username and password. If the authentication succeeds, it sends back an Access-Accept message containing the information of user’s right. If the authentication fails, it returns an Access-Reject message.
Page 910 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Table 1-1 Main values of the Code field Code Packet type Description From the client to the server. A packet of this type carries user information for the server to authenticate the user.
Page 911 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Type: One byte, in the range 1 to 255. It indicates the type of the attribute. Commonly used attributes for RADIUS authentication and authorization are listed Table 1-2.
Page 912 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Attribute type Attribute type Vendor-Specific ARAP-Security Session-Timeout ARAP-Security-Data Idle-Timeout Password-Retry Termination-Action Prompt Called-Station-Id Connect-Info Calling-Station-Id Configuration-Token NAS-Identifier EAP-Message Proxy-State Message-Authenticator Login-LAT-Service Tunnel-Private-Group-id Login-LAT-Node Tunnel-Assignment-id Login-LAT-Group...
Page 913: Introduction To Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Vendor-ID (four bytes): Indicates the ID of the vendor. Its most significant byte is 0 and the other three bytes contain a code complying with RFC 1700. The vendor ID of H3C is 2011.
Page 914 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration HWTACACS RADIUS Protocol packets are complicated and authorization is independent of Protocol packets are simple and authentication. Authentication and authorization is combined with authorization can be deployed on authentication.
Page 915 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration User HWTACACS client HWTACACS server 1) The user logs in 2) Start-authentication packet 3) Authentication response requesting the username 4) Request for username 5) The user enters the username...
Page 916: Aaa/Radius/Hwtacacs Configuration Task List
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration The HWTACACS server sends back an authentication response, requesting the login password. Upon receipt of the response, the HWTACACS client requests of the user the login password.
Page 917 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Task Remarks Required For local authentication, refer to Configuring Local User Attributes. Configuring an AAA Authentication For RADIUS authentication, refer to Scheme for an ISP Domain Configuring RADIUS.
Page 918: Configuring Aaa
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration III. HWTACACS configuration task list Task Remarks Creating a HWTACAS scheme Required Specifying the HWTACACS Authentication Servers Required Specifying the HWTACACS Authorization Servers Optional Specifying the HWTACACS Accounting Servers...
Page 919: Configuring Isp Domain Attributes
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Follow these steps to create an ISP domain: To do… Use the command… Remarks Enter system view system-view — Create an ISP domain and enter ISP domain...
Page 920: Configuring An Aaa Authentication Scheme For An Isp Domain
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Enable the self-service server localization Optional function and specify the self-service-url { disable URL of the self-service | enable url-string }...
Page 921: Configuring An Aaa Authorization Scheme For An Isp Domain
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks authentication default { hwtacacs-scheme Specify the default hwtacacs-scheme-name Optional authentication scheme for [ local ] | local | none |...
Page 922 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration If you do not perform any authorization configuration, the system-default domain uses the local authorization scheme. With the authorization scheme of none, the users are not required to be authorized, in which case an authenticated user has the default right.
Page 923: Configuring An Aaa Accounting Scheme For An Isp Domain
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks authorization login { hwtacacs-scheme Optional hwtacacs-scheme-name Specify the authorization The default authorization [ local ] | local | none |...
Page 924 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Determine the access mode or service type to be configured. With AAA, you can configure an accounting scheme specifically for each access mode and service type, limiting the accounting protocols that can be used for access.
Page 925: Configuring Local User Attributes
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: With the accounting optional command configured, a user that will be disconnected otherwise can use the network resources even when there is no available accounting server or the communication with the current accounting server fails.
Page 926 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Required Specify the service-type { lan-access service types | { ssh | telnet | terminal } * No service is authorized...
Page 927: Tearing Down User Connections Forcibly
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: With the local-user password-display-mode cipher-force command configured, a local user password is always displayed in cipher text, regardless of the configuration of the password command. In this case, if you use the save...
Page 928: Configuring Radius
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.4 Configuring RADIUS The RADIUS protocol is configured scheme by scheme. After creating a RADIUS scheme, you need to configure the IP addresses and UDP ports of the RADIUS servers for the scheme.
Page 929: Configuring The Radius Accounting Servers And Relevant Parameters
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Required Configure the IP address The defaults are as and UDP port of the follows: primary authentication primary RADIUS ip-address [ port-number ] 0.0.0.0 for the IP address,...
Page 930 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Optional The defaults are as Configure the IP address follows: and UDP port of the secondary accounting secondary RADIUS ip-address [ port-number ] 0.0.0.0 for the IP address,...
Page 931: Setting The Shared Key For Radius Packets
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.4.4 Setting the Shared Key for RADIUS Packets The RADIUS client and RADIUS server use the MD5 algorithm to encrypt packets exchanged between them and a shared key to verify the packets. Only when the same key is used can they properly receive the packets and make responses.
Page 932: Setting The Supported Radius Server Type
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: The maximum number of retransmission attempts of RADIUS packets multiplied by the RADIUS server response timeout period cannot be greater than 75. Refer to the timer response-timeout command in the command manual for configuring RADIUS server response timeout period.
Page 933: Configuring Attributes Related To The Data Sent To The Radius Server
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration If the secondary server fails, the device restores the status of the primary server to active immediately. If the primary server has resumed, the device turns to use the primary server and stops communicating with the secondary server.
Page 934 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Enter system view system-view — radius trap { accounting-server-do Optional Enable the RADIUS trap wn | function Disabled by default...
Page 935: Setting Timers Regarding Radius Servers
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.4.9 Setting Timers Regarding RADIUS Servers There are three timers regarding RADIUS servers: RADIUS server response timeout (response-timeout): If a NAS receives no response from the RADIUS server in a period of time after sending a RADIUS request (authentication/authorization or accounting request), it has to resend the request so that the user has more opportunity to obtain the RADIUS service.
Page 936: Configuring Radius Accounting-On
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: The product of the maximum number of retransmission attempts of RADIUS packets and the RADIUS server response timeout period cannot be greater than 75.
Page 937: Configuring An Ip Address For The Security Policy Server
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: If the system has no authentication scheme enabled with the accounting-on function when you execute the accounting-on enable command, you need to save the configuration and restart the device so that the command takes effect.
Page 938: Configuring Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.5 Configuring HWTACACS 1.5.1 Creating a HWTACAS scheme The HWTACACS protocol is configured on a per scheme basis. Before performing other HWTACACS configurations, follow these steps to create a HWTACACS scheme and enter HWTACACS scheme view: To do…...
Page 939: Specifying The Hwtacacs Authorization Servers
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: The IP addresses of the primary and secondary authentication servers cannot be the same. Otherwise, the configuration fails. You can remove an authentication server only when no active TCP connection for sending authentication packets is using it.
Page 940: Setting The Shared Key For Hwtacacs Packets
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Enter system view system-view — Create a HWTACACS Required scheme and enter hwtacacs scheme HWTACACS scheme hwtacacs-scheme-name Not defined by default...
Page 941: Configuring Attributes Related To The Data Sent To The Tacacs Server
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Follow these steps to set the shared key for HWTACACS packets: To do… Use the command… Remarks Enter system view system-view — Create a HWTACACS...
Page 942: Setting Timers Regarding Hwtacacs Servers
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration Note: If a HWTACACS server does not support a username with the domain name, you can configure the device to remove the domain name before sending the username to the server.
Page 943: Displaying And Maintaining Aaa/Radius/Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.6 Displaying and Maintaining AAA/RADIUS/HWTACACS 1.6.1 Displaying and Maintaining AAA To do… Use the command… Remarks Display the configuration information of a specified Available in any...
Page 944: Displaying And Maintaining Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration To do… Use the command… Remarks Clear the statistics on the Available in user reset local-server statistics local server view 1.6.3 Displaying and Maintaining HWTACACS To do…...
Page 945 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration II. Network diagram Authentication/Accounting server 10.1.1.1/24 Internet Telnet user Switch Figure 1-7 Configure AAA for Telnet users by a HWTACACS server III. Configuration procedure # Configure the IP addresses of various interfaces (omitted).
Page 946: Aaa For Telnet Users By Separate Servers
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration [Switch-isp-1] authentication default hwtacacs-scheme hwtac [Switch-isp-1] authorization default hwtacacs-scheme hwtac [Switch-isp-1] accounting default hwtacacs-scheme hwtac [Switch-isp-hwtacacs] accounting default hwtacacs-scheme hwtac 1.7.2 AAA for Telnet Users by Separate Servers I.
Page 947 Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration # Enable the Telnet server on the switch. <Switch> system-view [Switch] telnet server enable # Configure the switch to use AAA for Telnet users. [Switch] user-interface vty 0 4...
Page 948: Troubleshooting Aaa/Radius/Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration 1.8 Troubleshooting AAA/RADIUS/HWTACACS 1.8.1 Troubleshooting RADIUS Symptom1: User authentication/authorization always fails. Analysis: A communication failure exists between the NAS and the RADIUS server. The username is not in the format of userid@isp-name or no default ISP domain is specified for the NAS.
Page 949: Troubleshooting Hwtacacs
Operation Manual – AAA RADIUS HWTACACS Chapter 1 AAA/RADIUS/HWTACACS H3C S5500-EI Series Ethernet Switches Configuration provide all the services of authentication/authorization and accounting, but in fact the services are provided by different servers. Solution: Check that: The accounting port number is correctly set.
Page 950 Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 ARP Configuration....................... 1-1 1.1 ARP Overview........................1-1 1.1.1 ARP Function ......................1-1 1.1.2 ARP Message Format..................... 1-1 1.1.3 ARP Address Resolution Process................1-2 1.1.4 ARP Mapping Table ....................
Page 951: Chapter 1 Arp Configuration
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration Chapter 1 ARP Configuration When configuring ARP, go to these sections for information you are interested in: ARP Overview Configuring ARP Configuring Gratuitous ARP Displaying and Maintaining ARP 1.1 ARP Overview...
Page 952: Arp Address Resolution Process
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration The following explains the fields in Figure 1-1. Hardware type: This field specifies the hardware address type. The value “1” represents Ethernet. Protocol type: This field specifies the type of the protocol address to be mapped.
Page 953: Arp Mapping Table
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration Figure 1-2 ARP address resolution process When Host A and Host B are not on the same subnet, Host A first sends an ARP request to the gateway. The destination IP address in the ARP request is the IP address of the gateway.
Page 954: Configuring Arp
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration receiving the ARP reply into the static ARP entry. Now the entry can be used for forwarding IP packets. Note: Usually ARP dynamically implements and automatically seeks mappings from IP addresses to MAC addresses, without manual intervention.
Page 955: Setting Aging Time For Dynamic Arp Entries
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration To do… Use the command… Remarks — Enter system view system-view interface Vlan-interface — Enter VLAN interface view vlan-id Set the maximum number of Optional arp max-learning-num...
Page 956: Arp Configuration Example
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration 1.2.5 ARP Configuration Example I. Network requirements Enable the ARP entry check. Set the aging time for dynamic ARP entries to 10 minutes. Set the maximum number of dynamic ARP entries that VLAN-interface 10 can learn to 1000.
Page 957: Displaying And Maintaining Arp
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 1 ARP Configuration To do… Use the command… Remarks — Enter system view system-view Required Enable the device to send By default, a device gratuitous ARP packets cannot send gratuitous...
Page 958: Chapter 2 Proxy Arp Configuration
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 2 Proxy ARP Configuration Chapter 2 Proxy ARP Configuration When configuring proxy ARP, go to these sections for information you are interested in: Proxy ARP Overview Enabling Proxy ARP Displaying and Maintaining Proxy ARP 2.1 Proxy ARP Overview...
Page 959: Displaying And Maintaining Proxy Arp
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 2 Proxy ARP Configuration 2.3 Displaying and Maintaining Proxy ARP To do… Use the command… Remarks Display whether proxy display proxy-arp [ interface Available in any ARP is enabled Vlan-interface vlan-id ]...
Page 960: Local Proxy Arp Configuration Example In Case Of Port Isolation
Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 2 Proxy ARP Configuration [Switch] vlan 2 [Switch-vlan2] quit [Switch] interface vlan-interface 1 [Switch-Vlan-interface1] ip address 192.168.10.99 255.255.255.0 [Switch-Vlan-interface1] proxy-arp enable [Switch-Vlan-interface1] quit [Switch] interface vlan-interface 2 [Switch-Vlan-interface2] ip address 192.168.20.99 255.255.255.0...
Page 961 Operation Manual – ARP H3C S5500-EI Series Ethernet Switches Chapter 2 Proxy ARP Configuration [SwitchB-vlan2] port gigabitethernet 1/0/1 [SwitchB-vlan2] port gigabitethernet 1/0/2 [SwitchB-vlan2] port gigabitethernet 1/0/3 [SwitchB-vlan2] quit [SwitchB] interface gigabitethernet 1/0/2 [SwitchB-GigabitEthernet1/0/2] port-isolate enable [SwitchB-GigabitEthernet1/0/2] quit [SwitchB] interface gigabitethernet 1/0/3...
Page 962 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Table of Contents Table of Contents Chapter 1 DHCP Overview......................1-1 1.1 Introduction to DHCP......................1-1 1.2 DHCP Address Allocation....................1-2 1.2.1 Allocation Mechanisms ................... 1-2 1.2.2 Dynamic IP Address Allocation Process..............1-2 1.2.3 IP Address Lease Extension ...................
Page 963 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Table of Contents 2.8 Displaying and Maintaining the DHCP Server..............2-16 2.9 DHCP Server Configuration Examples................2-17 2.10 Troubleshooting DHCP Server Configuration..............2-19 Chapter 3 DHCP Relay Agent Configuration ................3-1 3.1 Introduction to DHCP Relay Agent ..................
Page 964 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Table of Contents 6.3 Displaying and Maintaining BOOTP Client Configuration ..........6-3 6.4 BOOTP Client Configuration Example ................6-3...
Page 965: Chapter 1 Dhcp Overview
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview Chapter 1 DHCP Overview When configuring ARP, go to these sections for information you are interested in: Introduction to DHCP DHCP Address Allocation DHCP Message Format DHCP Options Protocols and Standards 1.1 Introduction to DHCP...
Page 966: Dhcp Address Allocation
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview Note: When residing in a different subnet from the DHCP server, the DHCP client can get the IP address and other configuration parameters from the server via a DHCP relay agent.
Page 967: Ip Address Lease Extension
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview If several DHCP servers send offers to the client, the client accepts the first received offer, and broadcasts it in a DHCP-REQUEST message to formally request the IP address.
Page 968 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview Figure 1-3 DHCP message format op: Message type defined in option field. 1 = REQUEST, 2 = REPLY htype,hlen: Hardware address type and length of a DHCP client.
Page 969: Dhcp Options
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview 1.4 DHCP Options 1.4.1 DHCP Options Overview The DHCP message adopts the same format as the Bootstrap Protocol (BOOTP) message for compatibility, but differs from it in the option field, which identifies new features for DHCP.
Page 970 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview I. Relay agent option (Option 82) Option 82 is the relay agent option in the option field of the DHCP message. It records the location information of the DHCP client. When a DHCP relay agent receives a client’s request, it adds Option 82 to the request message and sends it to the server.
Page 971 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview Figure 1-7 Sub-option 1 in verbose padding format Note: In the above figure, except that the VLAN ID field has a fixed length of 2 bytes, all the other padding contents of sub-option 1 are length variable.
Page 972 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 1 DHCP Overview 1.5 Protocols and Standards RFC2131: Dynamic Host Configuration Protocol RFC2132: DHCP Options and BOOTP Vendor Extensions RFC1542: Clarifications and Extensions for the Bootstrap Protocol RFC 3046: DHCP Relay Agent Information Option...
Page 973: Chapter 2 Dhcp Server Configuration
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Chapter 2 DHCP Server Configuration When configuring the DHCP server, go to these sections for information you are interested in: Introduction to DHCP Server DHCP Server Configuration Task List...
Page 974: Dhcp Address Pool
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.1.2 DHCP Address Pool I. Address pool structure In response to a client’s request, the DHCP server selects an idle IP address from an address pool and sends it together with other parameters such as lease and DNS server address to the client.
Page 975: Ip Address Allocation Sequence
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration For example, two address pools are configured on the DHCP server. The ranges of IP addresses that can be dynamically assigned are 1.1.1.0/24 and 1.1.1.0/25 respectively.
Page 976: Enabling The Dhcp Server On An Interface
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Follow these steps to enable DHCP: To do… Use the command… Remarks Enter system view system-view — Required Enable DHCP dhcp enable Disabled by default. 2.4 Enabling the DHCP Server on an Interface With the DHCP server enabled on an interface, upon receiving a client’s request, the...
Page 977: Configuring An Address Pool For The Dhcp Server
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5 Configuring an Address Pool for the DHCP Server 2.5.1 Configuration Task List Complete the following tasks to configure an address pool: Task Remarks Creating a DHCP Address Pool...
Page 978: Configuring An Address Allocation Mode
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5.3 Configuring an Address Allocation Mode Caution: You can configure either the static binding or dynamic address allocation for an address pool as needed. It is required to specify an address range for the dynamic address allocation. A static binding is a special address pool containing only one IP address.
Page 979 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Note: Use the static-bind ip-address command together with static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration. In a DHCP address pool, if you execute the static-bind mac-address command before the static-bind client-identifier command, the latter will overwrite the former and vice versa.
Page 980: Configuring A Domain Name Suffix For The Client
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks Optional dhcp server Except IP addresses of Exclude IP addresses forbidden-ip the DHCP server from automatic allocation low-ip-address interfaces, all addresses...
Page 981: Configuring Wins Servers And Netbios Node Type For The Client
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Follow these steps to configure DNS servers in the DHCP address pool: To do… Use the command… Remarks Enter system view system-view — Enter DHCP address pool dhcp server ip-pool —...
Page 982: Configuring The Bims Server Information For The Client
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks netbios-type { b-node | Required Specify the NetBIOS node h-node | m-node | type Not specified by default. p-node } Note: If b-node is specified for the client, you need to specify no WINS server address.
Page 983: Configuring Option 184 Parameters For The Client With Voice Service
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks Required gateway-list Specify gateways No gateway is specified ip-address&<1-8> by default. 2.5.9 Configuring Option 184 Parameters for the Client with Voice Service To assign voice calling parameters along with an IP address to DHCP clients with voice service, you need to configure Option 184 on the DHCP server.
Page 984: Configuring The Tftp Server And Bootfile Name For The Client
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.5.10 Configuring the TFTP Server and Bootfile Name for the Client This task is to specify the IP address and name of a TFTP server and the bootfile name in the DHCP address pool.
Page 985 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Define new DHCP options. New configuration options will come out with DHCP development. To support these new options, you can add them into the attribute list of the DHCP server.
Page 986: Configuring The Dhcp Server Security Functions
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Caution: Be cautious when configuring self-defined DHCP options because such configuration may affect the DHCP operation process. When you use self-defined option (Option 51) to configure the IP address lease duration, convert the lease duration into seconds in hexadecimal notation.
Page 987: Configuring Ip Address Conflict Detection
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration 2.6.3 Configuring IP Address Conflict Detection To avoid IP address conflicts, the DHCP server checks whether the address to be assigned is in use via sending ping packets.
Page 988: Displaying And Maintaining The Dhcp Server
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remarks — Enter system view system-view Optional Enable the server to dhcp server relay handle Option 82 information enable Enabled by default.
Page 989: Dhcp Server Configuration Examples
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration Note: Using the save command does not save DHCP server lease information. Therefore, when the system boots up or the reset dhcp server ip-in-use command is executed, no lease information will be available in the configuration file.
Page 990 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration II. Network diagram Figure 2-1 DHCP network diagram III. Configuration procedure Specify IP addresses for VLAN interfaces (omitted). Configure the DHCP server # Enable DHCP. <SwitchA> system-view [SwitchA] dhcp enable # Exclude IP addresses (addresses of the DNS server, WINS server and gateways).
Page 991: Troubleshooting Dhcp Server Configuration
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 2 DHCP Server Configuration [SwitchA-dhcp-pool-1] quit # Configure DHCP address pool 2 (address range, gateway, and lease duration). [SwitchA] dhcp server ip-pool 2 [SwitchA-dhcp-pool-2] network 10.1.1.128 mask 255.255.255.128 [SwitchA-dhcp-pool-2] expired day 5 [SwitchA-dhcp-pool-2] gateway-list 10.1.1.254...
Page 992: Chapter 3 Dhcp Relay Agent Configuration
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration Chapter 3 DHCP Relay Agent Configuration When configuring the DHCP relay agent, go to these sections for information you are interested in: Introduction to DHCP Relay Agent...
Page 993: Dhcp Relay Agent Support For Option
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration DHCP client DHCP client IP network DHCP relay agent DHCP client DHCP client DHCP server Figure 3-1 DHCP relay agent application No matter whether a relay agent exists or not, the DHCP server and client interact with...
Page 994: Configuring The Dhcp Relay Agent
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration If the DHCP relay agent supports Option 82, it will handle a client’s request according to the contents defined in Option 82, if any. The handling strategies are described in the table below.
Page 995: Enabling The Dhcp Relay Agent On An Interface
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration Follow these steps to enable DHCP: To do… Use the command… Remarks Enter system view system-view — Required Enable DHCP dhcp enable Disabled by default.
Page 996: Configuring The Dhcp Relay Agent To Send A Dhcp-Release Request
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration Follow these steps to correlate a DHCP server group with a relay agent interface: To do… Use the command… Remarks Enter system view system-view —...
Page 997: Configuring The Dhcp Relay Agent Security Functions
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration Follow these steps to configure the DHCP relay agent in system view to send a DHCP-RELEASE request: To do… Use the command… Remarks Enter system view —...
Page 998 Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration Note: The dhcp relay address-check enable command is independent of other commands of the DHCP relay agent. That is, the invalid address check takes effect when this command is executed, regardless of whether other commands are used.
Page 999: Configuring The Dhcp Relay Agent To Support Option
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration III. Enabling unauthorized DHCP servers detection There are unauthorized DHCP servers on networks, which reply DHCP clients with wrong IP addresses. With this feature enabled, upon receiving a DHCP request, the DHCP relay agent will record the IP address of the DHCP server which assigned an IP address to the DHCP client and the receiving interface.
Page 1000: Displaying And Maintaining Dhcp Relay Agent Configuration
Operation Manual – DHCP H3C S5500-EI Series Ethernet Switches Chapter 3 DHCP Relay Agent Configuration To do… Use the command… Remarks Configure the handling dhcp relay information Optional strategy for requesting strategy { drop | keep | messages containing replace by default.

H3C S5500-EI series Operation Manual

Table of Contents

Chapter 1 Obtaining the Documentation

Chapter 2 Documentation and Product Version

Chapter 3 Product Overview

Chapter 4 Networking Applications

Table of Contents

Chapter 6 Logging in through Nms

Chapter 8 Controlling Login Users

Table of Contents

IP Addressing Configuration/Ip Performance Configuration

Qinq Configuration/Bpdu Tunneling Configuration

Port Correlation Configuration/Port Isolation Configuration

Link Aggregation Overview/Link Aggregation Configuration

IP Source Guard Configuration

Dldp Configuration

Mstp Configuration

IP Routing Overview/Gr Overview

Static Routing Configuration/Rip Configuration

Chapter 5 Bgp Configuration

Quick Links

Chapters

Troubleshooting

Related Manuals for H3C S5500-EI series

Summary of Contents for H3C S5500-EI series