Sign In
Upload
Manuals
Brands
Huawei Manuals
Switch
S9700 Series
Huawei S9700 Series Manuals
Manuals and User Guides for Huawei S9700 Series. We have
2
Huawei S9700 Series manuals available for free PDF download: Configuration Manual, Quick Maintenance Manual
Huawei S9700 Series Configuration Manual (335 pages)
Terabit Routing Switches SPU
Brand:
Huawei
| Category:
Switch
| Size: 3.11 MB
Table of Contents
About this Document
3
Intended Audience
3
Symbol Conventions
3
Command Conventions
4
Table of Contents
6
1 SPU Pre-Configuration
12
Overview of SPU Pre-Configuration
13
Configuring a Service Type
14
Establishing the Configuration Task
14
Checking the Configuration
15
Configuring Layer 2 Flow Import
15
Establishing the Configuration Task
15
Configuring Layer 2 Flow Import with Interfaces Aggregated
17
Configuring Layer 2 Flow Import Without Interface Aggregation
21
Configuring Layer 3 Flow Import
25
Establishing the Configuration Task
25
Configuring Layer 3 Flow Import with Interfaces Aggregated
27
Configuring Layer 3 Flow Import Without Interface Aggregation
32
2 Firewall Configuration
37
Firewall Overview
39
Firewall Features Supported by the SPU
39
Port Mapping
41
Land Attack
43
Smurf Attack
43
Syn Flood Attack
43
Ping of Death Attack
44
Teardrop Attack
44
Configuring Zones
45
Establishing the Configuration Task
45
Creating a Zone
46
Adding an Interface to the Zone
46
Creating an Interzone
47
Enabling Firewall in the Interzone
47
Checking the Configuration
48
Configuring the Packet Filtering Firewall
48
Establishing the Configuration Task
48
Configuring ACL-Based Packet Filtering in an Interzone
49
Checking the Configuration
49
Configuring the Blacklist
50
Establishing the Configuration Task
50
Enabling the Blacklist Function
51
Adding IP Addresses to the Blacklist Manually
51
Configuring Blacklist and Whitelist Using the Configuration File
52
Checking the Configuration
53
Configuring the Whitelist
53
Establishing the Configuration Task
53
Adding Entries to the Whitelist Manually
54
Configuring Blacklist and Whitelist Using the Configuration File
54
Checking the Configuration
56
Configuring ASPF
56
Establishing the Configuration Task
56
Configuring ASPF Detection
57
Checking the Configuration
57
Configuring Port Mapping
58
Establishing the Configuration Task
58
Configuring Port Mapping
59
Checking the Configuration
59
Configuring the Aging Time of the Firewall Session Table
60
Establishing the Configuration Task
60
Checking the Configuration
61
Configuring the Transparent Firewall
61
Establishing the Configuration Task
62
Configuring the Transparent Firewall
62
Checking the Configuration
64
Configuring the Attack Defense Function
64
Establishing the Configuration Task
65
Enabling the Attack Defense Function
65
Setting the Parameters for Flood Attack Defense
67
Configuring Large ICMP Packet Attack Defense
68
Setting Parameters for Scanning Attack Defense
69
Checking the Configuration
69
Configuring Traffic Statistics and Monitoring
70
Establishing the Configuration Task
70
Enabling Traffic Statistics and Monitoring
71
Setting the Session Thresholds
72
Checking the Configuration
74
Configuring the Log Function
74
Establishing the Configuration Task
74
Enabling the Log Function on the Firewall
75
Setting the Log Parameters
76
Checking the Configuration
77
Maintaining the Firewall
77
Displaying the Firewall Configuration
77
Clearing the Firewall Statistics
78
Configuration Examples
78
Example for Configuring the ACL-Based Packet Filtering Firewall
79
Example for Configuring ASPF and Port Mapping
82
Example for Configuring the Blacklist
86
Example for Configuring the Transparent Firewall
90
3 NAT Configuration
95
NAT Overview
96
NAT Features Supported by the SPU
97
Configuring NAT
100
Establishing the Configuration Task
100
Configuring an Address Pool
101
Associating an ACL with an Address Pool
102
Configuring Easy IP
102
Configuring an Internal Server
103
Configuring Static NAT
103
Enabling NAT ALG
104
Configuring NAT Filtering
104
Configuring NAT Mapping
105
Configuring DNS Mapping
106
Configuring Twice NAT
106
Checking the Configuration
107
Configuration Examples
107
Example for Configuring the NAT Server
107
Example for Configuring Static NAT
111
Example for Configuring Outbound NAT
115
Example for Configuring Twice NAT
118
4 Ipsec Configuration
123
Ipsec Overview
124
Ipsec Features Supported by the SPU
125
Establishing an Ipsec Tunnel Manually
126
Establishing the Configuration Task
126
Defining Protected Data Flows
127
Configuring an Ipsec Proposal
127
Configuring an Ipsec Policy
128
Applying an Ipsec Policy to an Interface
130
Checking the Configuration
130
Establishing an Ipsec Tunnel through IKE Negotiation
131
Establishing the Configuration Task
131
Defining Protected Data Flows
132
Configuring an IKE Proposal
132
Configuring an IKE Peer
134
Configuring an Ipsec Proposal
135
Configuring an Ipsec Policy
136
Optional) Configuring an Ipsec Policy Template
137
Optional) Setting Optional Parameters
138
Applying an Ipsec Policy to an Interface
140
Checking the Configuration
140
Maintaining Ipsec
141
Displaying the Ipsec Configuration
141
Clearing Ipsec Information
141
Configuration Examples
142
Example for Manually Establishing an SA
142
Example for Establishing an SA through IKE Negotiation
148
5 Netstream Configuration
157
Overview of Netstream
158
Netstream Features Supported by the SPU
159
Collecting Ipv4 Traffic Statistics
160
Establishing the Configuration Task
160
Enabling Netstream on an Interface
161
Optional) Configuring the Version of Exported Packets
161
Setting the Destination Address of the Statistics
162
Optional) Aging the TCP Traffic by Its FIN or RST Flag
162
Optional) Configuring the Inactive Aging Time for the Original Traffic
163
Optional) Configuring the Active Aging Time for the Original Traffic
163
Checking the Configuration
163
Collecting Ipv6 Traffic Statistics
164
Establishing the Configuration Task
164
Enabling Netstream on an Interface
164
Setting the Destination Address of the Statistics
165
Optional) Aging the TCP Traffic by Its FIN or RST Flag
166
Optional) Configuring the Inactive Aging Time for the Original Traffic
166
Optional) Configuring the Active Aging Time for the Original Traffic
167
Checking the Configuration
167
Collecting MPLS Traffic Statistics
167
Establishing the Configuration Task
168
Enabling Netstream on an Interface
168
Optional) Configuring the Version of Exported Packets
169
Setting the Destination Address of the Statistics
169
Optional) Configuring the Inactive Aging Time for the Original Traffic
170
Optional) Configuring the Active Aging Time for the Original Traffic
170
Checking the Configuration
170
Configuring the Aggregation Statistics about Traffic
171
Establishing the Configuration Task
171
Enabling Netstream on an Interface
171
Configuring the Aggregation Function
172
Optional) Configuring the Version of Exported Packets
172
Optional) Configuring the Export of Statistics
173
Optional) Configuring the Inactive Aging Time for the Aggregation Traffic
174
Optional) Configuring the Active Aging Time for the Aggregation Traffic
174
Checking the Configuration
174
Configuring the Flexible Netstream Feature
175
Establishing the Configuration Task
175
Creating a Record and Entering the Record View
175
Configuring Aggregation Key Words of Records
176
Optional) Configuring the Exported Traffic Statistics
176
Enabling Flexible Netstream on Interfaces
177
Enabling Netstream and Setting the Packet Sampling Ratio on an Interface
177
Checking the Configuration
178
Example for Configuring Netstream
178
Example for Configuring Netstream of Ipv4 Original Traffic
178
Example for Configuring Netstream of Ipv4 Aggregation Traffic
181
Example for Configuring Flexible Netstream Traffic Statistics
187
6 Load Balancing Configuration
191
Load Balancing Overview
192
Basic Concepts
193
Load Balancing Features Supported by the SPU
195
Server Load Balancing
196
Firewall Load Balancing
199
Configuring Egress Link Load Balancing
202
Establishing the Configuration Task
202
Optional) Configuring an NAT Address Pool
203
Optional) Configuring Link Health Detection
204
Configuring a Link
206
Configuring a Link Group
207
Configuring a Layer 7 Classifier
209
Configuring a Load Balancing Action
210
Configuring an ACL
211
Optional) Configuring a Connection Parameter Profile
212
Configuring a Layer 3 Classifier
213
Configuring a Load Balancing Policy
214
Applying the Load Balancing Policy
215
Checking the Configuration
215
Configuring Server Load Balancing
216
Establishing the Configuration Task
216
Optional) Configuring an NAT Address Pool
217
Optional) Configuring Server Health Detection
218
Configuring a Server
222
Configuring a Server Group
224
Optional) Configuring Session Stickiness
227
Configuring a Layer 7 Classifier
229
Configuring a Load Balancing Action
230
Configuring an ACL
231
Optional) Configuring a Connection Parameter Profile
232
Optional) Configuring an HTTP Parameter Profile
233
Configuring a Layer 3 Classifier
233
Configuring a Load Balancing Policy
235
Applying the Load Balancing Policy
236
Checking the Configuration
236
Configuring Firewall Load Balancing
237
Configuration Instructions
239
Configuration Examples
241
Example for Configuring Egress Link Load Balancing
241
Example for Configuring Layer 3 Server Load Balancing in DMAC Mode
249
Example for Configuring Layer 3 Server Load Balancing in DNAT Mode
259
Example for Configuring Layer 7 Server Load Balancing in DNAT Mode
270
Example for Configuring Session Stickiness
282
Example for Configuring Standard Firewall Load Balancing
294
7 Dual-System HSB Configuration
309
Dual-System HSB Overview
310
Dual-System HSB Features Supported by the SPU
310
Configuring Dual-System HSB
311
Establishing the Configuration Task
311
Enabling Dual-System HSB
312
Creating the Channel through Which Dual-System HSB Data Is Synchronized
313
Setting the Heartbeat Interval and Retransmission Times
313
Checking the Configuration
314
Maintaining Dual-System HSB
314
Checking Channel Connectivity between the Active and Standby Firewalls
314
Configuration Examples of Dual-System HSB
315
Example for Configuring Dual-System HSB on the S9700
315
Example for Configuring Dual-System HSB between S9700S
325
Advertisement
Huawei S9700 Series Quick Maintenance Manual (15 pages)
Smart & Core Routing Switches
Brand:
Huawei
| Category:
Switch
| Size: 0.59 MB
Table of Contents
Table of Contents
3
Before You Start
4
How to Quickly Maintain the
5
S7700&S9700
5
Fault Information Collection
11
And Feedback
11
Solution to Device Login Failure
13
Risky Operations
15
Advertisement
Related Products
HUAWEI S9300E
Huawei S5701-28X-LI-AC
Huawei Quidway S5348TP-PWR-SI
Huawei S1700-16G
Huawei S1724G
Huawei S1730SS24T4S-MA
Huawei S1720-28GWR-4X-E
Huawei S5736-S
Huawei S7700 Series
Huawei S1730SS24P4S-MA
Huawei Categories
Cell Phone
Network Router
Wireless Router
Modem
Network Hardware
More Huawei Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL