Huawei V100R006C00 Configuration Manual

Download

Quidway S5700 Series Ethernet Switches

V100R006C00

Configuration Guide - Device Management

Issue 01

Date 2011-07-15

HUAWEI TECHNOLOGIES CO., LTD.

No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice

The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base

Bantian, Longgang Shenzhen 518129 People's Republic of China

Website: http://www.huawei.com

Email: support@huawei.com

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

DANGER

WARNING

CAUTION

TIP

NOTE

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management About This Document

About This Document

Intended Audience

This document describes procedures and provides examples for configuring the Device Management features of the S5700.

This document guides you through the configuration and applicable environment of the Device Management features of the S5700.

This document is intended for:

l Data configuration engineers

l Commissioning engineers

l Network monitoring engineers

l System maintenance engineers

Symbol Conventions

The symbols that may be found in this document are defined as follows.

Symbol

Description

Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury.

Indicates a hazard with a medium or low level of risk, which if not avoided, could result in minor or moderate injury.

Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results.

Indicates a tip that may help you solve a problem or save time.

Provides additional information to emphasize or supplement important points of the main text.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management About This Document

Command Conventions

The command conventions that may be found in this document are defined as follows.

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[ ] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by

vertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and separated by

vertical bars. One item is selected or no item is selected.

{ x | y | ... }

[ x | y | ... ]

&<1-n> The parameter before the & sign can be repeated 1 to n times.

# A line starting with the # sign is comments.

Change History

Updates between document issues are cumulative. Therefore, the latest document issue contains all changes made in previous issues.

Changes in Issue 01 (2011-07-15)

Initial commercial release.

Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected.

Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

iii

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management Contents

About This Document.....................................................................................................................ii

1 Auto-Config....................................................................................................................................1

1.1 Overview............................................................................................................................................................2

1.2 Auto-Config Features Supported by the S5700..................................................................................................3

1.3 Deploying Unconfigured Switches (Same Network Segment)..........................................................................6

1.3.1 Establishing the Configuration Task.........................................................................................................6

1.3.2 Configuring the DHCP Server...................................................................................................................7

1.3.3 Configuring the FTP/TFTP Server............................................................................................................8

1.3.4 Checking the Configuration.......................................................................................................................8

1.4 Deploying Unconfigured Switches (Different Network Segments)...................................................................9

1.4.1 Establishing the Configuration Task.........................................................................................................9

1.4.2 Configuring the DHCP Server.................................................................................................................10

1.4.3 Configuring DHCP Relay........................................................................................................................11

1.4.4 Configuring the FTP/TFTP Server..........................................................................................................11

1.4.5 Checking the Configuration.....................................................................................................................11

2 NAP Configuration.....................................................................................................................13

2.1 NAP Overview.................................................................................................................................................14

2.2 Configuring NAP-based Remote Deployment.................................................................................................14

2.2.1 Establishing the Configuration Task.......................................................................................................14

2.2.2 Configuring and Starting the NAP Master Interface...............................................................................15

2.2.3 Remote Login..........................................................................................................................................17

2.2.4 Disabling NAP on the Slave Device........................................................................................................18

2.2.5 Checking the Configuration.....................................................................................................................18

2.3 Configuration Examples...................................................................................................................................19

2.3.1 Example for Configuring NAP-based Remote Deployment in Static Mode...........................................20

2.3.2 Example for Configuring NAP-based Remote Deployment in Automatic Mode...................................21

3 Stacking.........................................................................................................................................24

3.1 Stacking Overview...........................................................................................................................................25

3.2 Principle of Stacking........................................................................................................................................25

3.3 Features of Stacking Supported by the S5700..................................................................................................31

3.4 Typical Topology of a Stack............................................................................................................................32

3.5 Configuring the Stacking Function on the S5700............................................................................................33

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management Contents

3.5.1 Establishing the Configuration Task.......................................................................................................33

3.5.2 (Optional) Configuring the Reserved VLAN of the Stack......................................................................33

3.5.3 (Optional) Enabling the Stacking Function.............................................................................................34

3.5.4 (Optional) Configuring a Stack ID for the S5700...................................................................................34

3.5.5 (Optional) Configuring a Stack Priority for a Device.............................................................................35

3.5.6 (Optional) Configuring the MAC Address Switchover Time.................................................................35

3.5.7 Checking the Configuration.....................................................................................................................36

3.6 Configuration Examples...................................................................................................................................37

3.6.1 Example for Configuring a Stack in a Ring Topology............................................................................37

4 Using display commands to check the status of the device................................................39

4.1 Introduction......................................................................................................................................................40

4.2 Checking the Status of the S5700.....................................................................................................................40

4.2.1 Checking Information About the S5700..................................................................................................40

4.2.2 Checking the Version of the S5700.........................................................................................................40

4.2.3 Checking the Electronic Labels...............................................................................................................40

4.2.4 Checking Temperature............................................................................................................................41

4.2.5 Checking the Fan Status..........................................................................................................................41

4.2.6 Checking the Power Supply Status..........................................................................................................41

4.2.7 Checking the CPU Usage........................................................................................................................42

4.2.8 Checking the Memory Usage..................................................................................................................42

4.2.9 Checking Alarms.....................................................................................................................................42

4.2.10 Checking the Status of an Interface.......................................................................................................42

5 Hardware Management..............................................................................................................44

5.1 Hardware Management Overview....................................................................................................................45

5.2 Hardware Management Features Supported by the S5700...............................................................................45

5.3 Backing Up the Electronic Label......................................................................................................................45

5.3.1 Establishing the Configuration Task.......................................................................................................45

5.3.2 Backing Up the Electronic Label.............................................................................................................46

5.4 Configuring Electrical Port Sleep.....................................................................................................................46

5.4.1 Establishing the Configuration Task.......................................................................................................46

5.4.2 Enabling Electrical Port Sleep.................................................................................................................47

5.4.3 Checking the Configuration.....................................................................................................................47

6 Monitoring the Device Through the Information Center...................................................48

6.1 Information Center Overview...........................................................................................................................49

6.1.1 Introduction to the Information Center....................................................................................................49

6.1.2 Information Center Supported by the S5700...........................................................................................49

6.2 Configuring the Information Center.................................................................................................................54

6.2.1 Establishing the Configuration Task.......................................................................................................55

6.2.2 Enabling the Information Center.............................................................................................................55

6.2.3 (Optional) Naming the Information Channel..........................................................................................56

6.2.4 Defining the Information Channel...........................................................................................................56

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management Contents

6.2.5 (Optional) Configuring the Timestamp for the Output Information.......................................................56

6.2.6 Checking the Configuration.....................................................................................................................57

6.3 Sending Information to the Information Center...............................................................................................57

6.3.1 Sending Information to the Console........................................................................................................57

6.3.2 Sending Information to the Telnet Terminal...........................................................................................58

6.3.3 Sending Information to the SNMP Agent...............................................................................................59

6.3.4 Sending Information to the Log Buffer...................................................................................................59

6.3.5 Sending Information to the Trap Buffer..................................................................................................59

6.3.6 Sending Information to the Log Host......................................................................................................60

6.3.7 Checking the Configuration.....................................................................................................................60

6.4 Maintaining the Information Center.................................................................................................................60

6.5 Configuration Examples...................................................................................................................................61

6.5.1 Example for Configuring the Information Center...................................................................................61

7 Mirroring.......................................................................................................................................64

7.1 Introduction......................................................................................................................................................66

7.1.1 Mirroring Functions.................................................................................................................................66

7.2 Configuring Local Port Mirroring....................................................................................................................69

7.2.1 Establishing the Configuration Task.......................................................................................................69

7.2.2 Configuring Local Port Mirroring...........................................................................................................70

7.2.3 Checking the Configuration.....................................................................................................................70

7.3 Configuring Remote Port Mirroring.................................................................................................................71

7.3.1 Establishing the Configuration Task.......................................................................................................71

7.3.2 Configuring Remote Port Mirroring........................................................................................................71

7.3.3 Checking the Configuration.....................................................................................................................74

7.4 Canceling Port Mirroring..................................................................................................................................74

7.4.1 Establishing the Configuration Task.......................................................................................................74

7.4.2 Canceling Port Mirroring.........................................................................................................................75

7.4.3 Checking the Configuration.....................................................................................................................75

7.5 Configuring Local VLAN Mirroring................................................................................................................75

7.5.1 Establishing the Configuration Task.......................................................................................................76

7.5.2 Configuring Local VLAN Mirroring.......................................................................................................76

7.5.3 Checking the Configuration.....................................................................................................................77

7.6 Configuring Remote VLAN Mirroring............................................................................................................77

7.6.1 Establishing the Configuration Task.......................................................................................................77

7.6.2 Configuring Remote VLAN Mirroring...................................................................................................78

7.6.3 Checking the Configuration.....................................................................................................................79

7.7 Canceling VLAN Mirroring.............................................................................................................................79

7.7.1 Establishing the Configuration Task.......................................................................................................79

7.7.2 Canceling VLAN Mirroring....................................................................................................................79

7.7.3 Checking the Configuration.....................................................................................................................80

7.8 Configuring MAC Address-based Local Mirroring.........................................................................................80

7.8.1 Establishing the Configuration Task.......................................................................................................80

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management Contents

7.8.2 Configuring Local SPAN Based on MAC Addresses.............................................................................81

7.8.3 Checking the Configuration.....................................................................................................................81

7.9 Configuring RSPAN Based on MAC Addresses.............................................................................................82

7.9.1 Establishing the Configuration Task.......................................................................................................82

7.9.2 Configuring Remote MAC Address Mirroring.......................................................................................82

7.9.3 Checking the Configuration.....................................................................................................................83

7.10 Canceling Mirroring Based on MAC Addresses............................................................................................84

7.10.1 Establishing the Configuration Task.....................................................................................................84

7.10.2 Canceling Mirroring Based on MAC Addresses...................................................................................84

7.10.3 Checking the Configuration...................................................................................................................85

7.11 Configuring Local Flow Mirroring.................................................................................................................85

7.11.1 Establishing the Configuration Task.....................................................................................................85

7.11.2 Configuring Traffic Classification Rules..............................................................................................85

7.11.3 Configuring Flow Mirroring..................................................................................................................86

7.11.4 Creating and Applying a Traffic Policy................................................................................................86

7.11.5 Checking the Configuration...................................................................................................................87

7.12 Configuring Remote Flow Mirroring.............................................................................................................87

7.12.1 Establishing the Configuration Task.....................................................................................................88

7.12.2 Setting Traffic Classification Rules.......................................................................................................88

7.12.3 Configuring Remote Flow Mirroring....................................................................................................88

7.12.4 Creating and Applying a Traffic Policy................................................................................................89

7.12.5 Checking the Configuration...................................................................................................................89

7.13 Canceling Flow Mirroring..............................................................................................................................90

7.13.1 Establishing the Configuration Task.....................................................................................................90

7.13.2 Canceling Flow Mirroring.....................................................................................................................91

7.13.3 Checking the Configuration...................................................................................................................91

7.14 Changing or Deleting an Observing Port.......................................................................................................92

7.14.1 Establishing the Configuration Task.....................................................................................................92

7.14.2 (Optional) Deleting an Observing Port..................................................................................................92

7.14.3 (Optional) Changing an Observing Port................................................................................................93

7.14.4 Checking the Configuration...................................................................................................................93

7.15 Configuring CPU Mirroring...........................................................................................................................94

7.15.1 Establishing the Configuration Task.....................................................................................................94

7.15.2 (Optional) Configuring an ACL Rule....................................................................................................94

7.15.3 Configuring an Observing Port..............................................................................................................95

7.15.4 Configuring CPU Mirroring..................................................................................................................95

7.15.5 Checking the Configuration...................................................................................................................95

7.16 Cancelling CPU Mirroring.............................................................................................................................96

7.16.1 Establishing the Configuration Task.....................................................................................................96

7.16.2 Cancelling CPU Mirroring....................................................................................................................96

7.16.3 Checking the Configuration...................................................................................................................96

7.17 Configuration Examples.................................................................................................................................97

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

vii

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management Contents

7.17.1 Example for Configuring Local Port Mirroring....................................................................................97

7.17.2 Example for Configuring Local VLAN Mirroring................................................................................98

7.17.3 Example for Configuring MAC Address-based Local Mirroring.......................................................100

7.17.4 Example for Configuring Local Flow Mirroring.................................................................................102

7.17.5 Example for Configuring Remote Port Mirroring...............................................................................105

7.17.6 Example for Changing an Observing Port...........................................................................................108

8 PoE Configuration.....................................................................................................................111

8.1 PoE Overview.................................................................................................................................................112

8.2 PoE Features Supported by the S5700...........................................................................................................112

8.3 Configuring PoE Functions............................................................................................................................113

8.3.1 Establishing the Configuration Task.....................................................................................................113

8.3.2 Configuring the PoE Function Globally................................................................................................113

8.3.3 Configuring the PoE Function on an Interface......................................................................................115

8.3.4 Checking the Configuration...................................................................................................................117

8.4 Configuration Examples.................................................................................................................................117

8.4.1 Example for Configuring PoE on the Switch........................................................................................118

9 ALS Configuration....................................................................................................................120

9.1 ALS Overview................................................................................................................................................121

9.2 ALS Features Supported by the S5700...........................................................................................................121

9.3 Configuring ALS............................................................................................................................................122

9.3.1 Establishing the Configuration Task.....................................................................................................122

9.3.2 Enabling ALS on an Interface...............................................................................................................123

9.3.3 (Optional) Setting the Restart Mode of the Laser..................................................................................124

9.3.4 (Optional) Starting the Laser Manually.................................................................................................124

9.3.5 (Optional) Setting the ALS Pulse Interval and Width of the Laser.......................................................125

9.3.6 Checking the Configuration...................................................................................................................126

9.4 Configuration Examples.................................................................................................................................126

9.4.1 Example for Configuring ALS..............................................................................................................126

10 Restarting and Resetting........................................................................................................129

10.1 Introduction..................................................................................................................................................130

10.1.1 Process of Starting the S5700..............................................................................................................130

10.1.2 Process of Starting the BootROM.......................................................................................................130

10.2 Restarting the S5700 Immediately...............................................................................................................131

10.2.1 Restarting the S5700 Immediately Through Command Lines............................................................132

10.2.2 Restarting the S5700 by Pressing the Power Button on the S5700.....................................................132

10.3 Restarting the S5700 at a Fixed Time..........................................................................................................132

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

viii

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

1 Auto-Config

About This Chapter

This chapter describes the concept, working mechanism, and deployment of Auto-Config.

1.1 Overview

This section describes the functions, application scenarios, and terms of Auto-Config.

1.2 Auto-Config Features Supported by the S5700

This section describes how Auto-Config runs on the S5700.

1.3 Deploying Unconfigured Switches (Same Network Segment)

This section describes how to deploy S5700s without configuration file.

1.4 Deploying Unconfigured Switches (Different Network Segments)

This section describes how to deploy unconfigured S5700s.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

1.1 Overview

This section describes the functions, application scenarios, and terms of Auto-Config.

When a new switch or a switch without any configuration file is powered on, Auto-Config runs automatically to obtain a configuration file. With the Auto-Config function, the network administrator can manage new switches or switches without any configuration file remotely.

NOTE

The Auto-Config function is applicable to new switches or switches without any configuration file (unconfigured switches).

The Auto-Config function has the following advantages:

l The maintenance personnel do not need to manually configure each switch. With this

function, a few maintenance personnel can maintenance widely deployed devices.

l Auto-Config simplifies the network configurations and implements unified management

and remote debugging on switches.

l With Auto-Config allows switches to automatically download corresponding configuration

files, reducing the workload of network administrators.

Intermediate File

The intermediate file lswnet.cfg is used in the Auto-Config process. The intermediate file records the mapping between MAC addresses of switches and names of configuration files. After an unconfigured switch obtains the IP address of the FTP/TFTP server, it downloads the lswnet.cfg file from the FTP/TFTP server to search for the name of the required configuration file, and then downloads the configuration file from the FTP/TFTP server.

For example, if the MAC address of an S5700 is 0018-82C5-AA89 and the S5700 needs to download the configuration file S5700.cfg, the contents of the intermediate file are as follows:

mac=0018-82C5AA89;vrpfile=V100R006C00.cc;vrpver=V100R006C00;cfgfile=S5700.cfg;patchfile=S5700pat.pat; esn=0213778899;vrpfile=V100R006C00.cc;vrpver=V100R006C00;cfgfile=S5700. cfg;patchfile=S5700-pat.pat;

NOTE

Auto-Config uses Option 67 to obtain the configuration file first. If Option 67 is not configured, AutoConfig obtains the intermediate file.

NOTE

If the configuration file is located on the FTP or TFTP server, its extension must be .cfg.

A MAC address and a configuration file name are separated by a semicolon. The format of a MAC address is xxxx-xxxx-xxxx-xxxx. The name of a configuration file contains up to 48 characters, including the extension .cfg. The name is case insensitive and cannot contain special characters. It is recommended that the name consists of English letters, numbers, and underscore (_).

If multiple unconfigured switches need to be configured, each row in the intermediate file records the MAC address of a switch and the name of the configuration file that the switch requires.

Option 67

The Option 67 field is configured on the DHCP server to specify the configuration file.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

Option 150

The Option 150 field is configured on the DHCP server to specify the IP address of the TFTP server.

Option 14x

The Option 14x field is configured on the DHCP server to specify the IP address, user name, and password of the FTP server.

l Option 141: specifies the user name of the FTP user.

l Option 142: specifies the password of the FTP user.

l Option 143: specifies the IP address of the FTP server.

l Option 145: version file.

l Option 146: identity.

l Option 147: authentication.

1.2 Auto-Config Features Supported by the S5700

This section describes how Auto-Config runs on the S5700.

Figure 1-1 shows the basic process of Auto-Config.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Obtain a configuration

file

Timer expires, delete

temporary

configuration and

make configuration

file effective

End

Does the

device need to be

upgraded?

Start a timer to set the delay in device restart

Can a

patch file be

downloaded to

device?

Obtain a version file Obtain the patch file

Is the

version file

obtained?

Is the patch

file obtained?

Yes

Is there patch file

information?

Yes

Is the version file

valid?

Restart device

Is the patch file

valid?

Obtain the Web file

Is the

configuration file

obtained? Yes

Is there Web

file information?

Yes

Set the restart flag

Yes

Specify it as next

startup file

Specify it as next

startup file

Start a new

AutoConfig process

Is the restart

flag 1?

Yes

Send DHCP Request

packets periodically

Auto-Config starts

Stop sending DHCP

Request packets

Yes

Configure non-

authentication for VTYs

Allocate IP address

Parse Option

parameters

Are

DHCP Reply Packets

received?

Are

DHCP Reply packets

valid?

Are there

Version file name and

version info?

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

Figure 1-1 Basic process of Auto-Config

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

The Auto-Config process can be divided into three phases:

l Startup

After being powered on, an unconfigured switch checks whether there is *.cfg or *.zip file except the *web.zip and web.zip files in the flash memory, and then takes actions according to the checking result:

– If the switch detects a configuration file, it loads the configuration file to complete the

startup.

– If the switch does not detect any configuration file, it checks whether Auto-Config is

enabled. If Auto-Config is enabled, the switch starts a 5-minute timer for obtaining a configuration file and then load the default configuration to complete the startup. If Auto-Config is disabled, the switch loads the default configuration to complete the startup.

l Obtaining a configuration file when the timer expires

When the timer set for obtaining a configuration file expires, the switch checks whether a configuration file is saved in the flash memory. If the flash memory does not contain any configuration file, the switch checks whether it is added to a Huawei Group Management Protocol (HGMP) cluster. If the switch is not in any HGMP cluster, the switch begins to obtain a configuration file as follows:

1. Obtaining the IP address and information about the FTP/TFTP server

A switch that does not load any configuration file automatically enables the DHCP client function on the VLANIF1 interface in Up state. VLANIF1 then broadcasts DHCP Request packets (presuming that the DHCP server has been configured with the address pool, Option 150 or Option 14x, and gateway information). Then, the DHCP server sends the related configurations to the switch, including the IP address allocated to the switch, IP address of the FTP/TFTP server, FTP user name and password, and default gateway.

If the switch fails to obtain the IP address of the FTP/TFTP server, it sends DHCP requests repeatedly until it obtains the IP address.

2. Downloading a configuration file

After the switch that does not load any configuration file obtains the IP address of the FTP/TFTP server, it accesses the FTP/TFTP server to obtain a configuration file through Layer 2 or Layer 3 forwarding.

(1) The switch downloads the intermediate file lswnet.cfg from the FTP/TFTP

server.

(2) The switch searches for the name of the required configuration file, and then

downloads the configuration file from the FTP/TFTP server.

(3) If downloading the configuration file fails, the AutoConfig process will be

suspend.

l Loading a configuration file

After the configuration file is downloaded successfully, the router is restarted according to the setting of Option 146. If no Option 146 is configured, the router is restarted immediately after the configuration file is downloaded.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

SwitchA

SwitchC

SwitchB

DHCP Server FTP/TFTP Server

Operator

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

1.3 Deploying Unconfigured Switches (Same Network Segment)

This section describes how to deploy S5700s without configuration file.

1.3.1 Establishing the Configuration Task

Applicable Environment

As shown in Figure 1-2, unconfigured switches are reachable from a DHCP server. A PC is connected to the DHCP server and functions as an FTP or a TFTP server to store configuration files. After the DHCP server and FTP/TFTP server are configured, every switch obtains a configuration file through Auto-Config.

The DHCP server, FTP/TFTP server, and switches are deployed on the same network segment.

Figure 1-2 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switch are on the same network segment

Pre-configuration Tasks

Before deploying unconfigured switches, complete the following tasks:

l Ensuring that there are routes from the DHCP server and FTP/TFTP server to the switches

l Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the

flash memory of each switch

l Ensuring that the switches are not added to any HGMP cluster

Data Preparation

To deploy unconfigured switches, you need the following data.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

No.Data

1 Interconnection information about the upstream interfaces on each S5700 and the

downstream interfaces on the DHCP server

2 MAC address of each unconfigured switch

3 IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server

4 IP address, version file, patch file, and configuration file on the FTP/TFTP server

1.3.2 Configuring the DHCP Server

Context

The configuration procedure varies according to the device type of the DHCP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.

Procedure

NOTE

The DHCP server must support either Option 150 or Option 14x.

l Enable DHCP server.

l Configure an address pool, including the address range and Option 150 (or Option 14x).

It is required that the address pool be on the same network segment with unconfigured switches and the FTP/TFTP server.

NOTE

Pay attention to the following points when configuring Option 150 or Option 14x:

l When new switches obtain configuration files through TFTP, the DHCP server must support

Option 150.

l When new switches obtain configuration files through FTP, the DHCP server must support

Option 141, Option 142, and Option 143.

l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes

precedence over Option 14x.

l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the

Auto-Config module cannot recognize the IP address, which results in an Auto-Config process sends the DHCP messages incessantly.

l Add the downstream interface on the DHCP server to the management VLAN in access

mode and assign an IP address on the same network segment as the IP address of the DHCP server to the management VLAN.

After Auto-Config is enabled, packets from an unconfigured switch do not carry tags. Therefore, ensure that untagged packets can be transmitted between unconfigured switches and the DHCP server.

----End

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

1.3.3 Configuring the FTP/TFTP Server

Context

The configuration procedure varies according to the device type of the FTP/TFTP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.

Procedure

l Set the IP address of the FTP/TFTP server.

For an FTP server, the IP address must be the same as the value of Option 143 configured on the DHCP server; for a TFTP server, the IP address must be the same as the value of Option 150 configured on the DHCP server.

l Create and configure an intermediate file.

The intermediate file is configured according to the MAC addresses of unconfigured switches and the names of configuration files. For the format of the intermediate file, see

1.1 Overview.

l Save the intermediate file and configuration files to the working directory on the FTP/TFTP

server.

----End

1.3.4 Checking the Configuration

Prerequisite

The configurations of the DHCP server and FTP/TFTP server are complete.

Context

You can check different items in different phases in the Auto-Config process to confirm that Auto-Config runs properly.

Procedure

Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP

server to confirm that the switches are connected to the DHCP server.

NOTE

If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not configure the switches.

Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/

TFTP server or log in to the switches to confirm that correct configuration files have been downloaded.

NOTE

Do not save a configuration file to a switch to be configured immediately after the configuration file is downloaded; otherwise, only a temporary configuration file is saved because the configurations have not taken effect.

Step 3 If the user has specified the activation delay, the configuration file will take effect after the delay.

If the user has not specified the activation delay, the configuration file will take effect

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

SwitchA

SwitchC

SwitchB

DHCP Server

FTP/TFTP Server

Operator

Network

DHCP Relay

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

immediately by default. Then run the display current-configuration command to check whether the configurations take effect.

NOTE

If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch may not respond in real time.

After the configurations take effect, modify the configuration of the downstream interface on the DHCP server as required.

----End

1.4 Deploying Unconfigured Switches (Different Network Segments)

This section describes how to deploy unconfigured S5700s.

1.4.1 Establishing the Configuration Task

Applicable Environment

As shown in Figure 1-3, unconfigured switches are reachable from a DHCP relay and a DHCP server. A PC is connected to the DHCP server and functions as an FTP or a TFTP server to store configuration files. After the DHCP server and FTP/TFTP server are configured, every switch obtains a configuration file through Auto-Config.

The DHCP server, FTP/TFTP server, and switches are deployed on different network segments.

Figure 1-3 Auto-Config networking where the DHCP server, FTP/TFTP server, and unconfigured switches are on different network segments

Pre-configuration Tasks

Before deploying unconfigured switches, complete the following tasks:

l Ensuring that there are routes from the DHCP server, DHCP relay, and FTP/TFTP server

to the switches

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

l Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the

flash memory of each switch

l Ensuring that the switches are not added to any HGMP cluster and USB upgrade

Data Preparation

To deploy unconfigured switches, you need the following data.

No.Data

1 Interconnection information about the upstream interfaces on each S5700 and the

downstream interfaces on the DHCP relay

2 Interconnection information about the DHCP relay and DHCP server

3 MAC address of each unconfigured switch

4 IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server

5 IP address, mask, and relay address of the DHCP relay

6 IP address, default configuration file, and configuration files on the FTP/TFTP server

1.4.2 Configuring the DHCP Server

Context

The configuration procedure varies according to the device type of the DHCP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.

NOTE

The DHCP server must support either Option 150 or Option 14x.

Procedure

l Enable DHCP server.

l Configure an address pool, including the address range, gateway, and Option 150 (or Option

14x).

NOTE

Pay attention to the following points when configuring Option 150 or Option 14x:

l When new switches obtain configuration files through TFTP, the DHCP server must support

Option 150.

l When new switches obtain configuration files through FTP, the DHCP server must support

Option 141, Option 142, and Option 143.

l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes

precedence over Option 14x.

l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the

Auto-Config module cannot recognize the IP address.

----End

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

1.4.3 Configuring DHCP Relay

Context

The configuration procedure varies according to the device type of the DHCP relay. Therefore, the configuration procedure is not described and only the configuration contents are provided.

Procedure

l Enable DHCP relay.

l Configure the upstream and downstream interfaces.

You need to configure the IP address and mask for the upstream interface and configure the IP address, mask, and DHCP relay address for the downstream interface.

NOTE

You can temporarily set the IP address of the downstream interface on the same network segment with the IP addresses of unconfigured switches, and then add the downstream interface to the management VLAN in access mode.

----End

1.4.4 Configuring the FTP/TFTP Server

Context

The configuration procedure varies according to the device type of the FTP/TFTP server. Therefore, the configuration procedure is not described and only the configuration contents are provided.

Procedure

l Set the IP address of the FTP/TFTP server.

l Create and configure an intermediate file.

The intermediate file is configured according to the MAC addresses of unconfigured switches and the names of configuration files. For the format of the intermediate file, see

1.1 Overview.

l Save the intermediate file and configuration files to the working directory on the FTP/TFTP

server.

----End

1.4.5 Checking the Configuration

Prerequisite

The configurations of the DHCP server, DHCP relay, and FTP/TFTP server are complete.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 1 Auto-Config

Context

You can check different items in different phases in the Auto-Config process to confirm that Auto-Config runs properly.

Procedure

Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP

server to confirm that the switches are connected to the DHCP server.

NOTE

If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not configure the switches.

Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/

TFTP server or log in to the switches to confirm that correct configuration files have been downloaded.

NOTE

Step 3 If the user has specified the activation delay, the configuration file will take effect after the delay.

If the user has not specified the activation delay, the configuration file will take effect immediately by default. Then run the display current-configuration command to check whether the configurations take effect.

NOTE

If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch may not respond in real time.

After the configurations take effect, modify the configuration of the downstream interface on the DHCP relay as required.

----End

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

2 NAP Configuration

About This Chapter

This chapter describes how to configure the Neighbor Access Protocol (NAP) on the S5700.

2.1 NAP Overview

NAP is a Huawei proprietary protocol that implements remote configuration and deployment of unconfigured devices. You can log in to an unconfigured device from a directly connected device and configure the unconfigured device remotely through NAP.

2.2 Configuring NAP-based Remote Deployment

Using NAP, you can remotely log in to devices with empty configurations to implement remote deployment.

2.3 Configuration Examples

This section provides upgrade and maintenance examples together with the configuration flowchart. The configuration examples explain networking requirements, configuration notes, and configuration roadmap.

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

2.1 NAP Overview

Usually, a device is installed with only necessary software before delivery and no configuration is made. Therefore, engineers must configure and commission new devices on site but cannot log in to the devices remotely. This makes the deployment inconvenient and increases the costs of project operation and delivery.

The Huawei Group Management Protocol (HGMP) implements remote configuration on Layer 2 networks and is applicable to Ethernet networks. NAP implements remote configuration on Layer 3 networks. It establishes a temporary neighbor relationship between a configured device and an unconfigured device that are directly connected through physical links. Then you can log in to the unconfigured device from the configured device and configure the unconfigured device remotely. NAP greatly reduces the costs of network operation, maintenance, and delivery.

2.2 Configuring NAP-based Remote Deployment

Using NAP, you can remotely log in to devices with empty configurations to implement remote deployment.

Context

CAUTION

After the device with an empty configuration is powered on and started, you must make sure that its interfaces connected to the devices on the current network are Up and support NAP; otherwise, the function of NAP-based remote deployment cannot take effect.

2.2.1 Establishing the Configuration Task

Before configuring NAP-based remote deployment, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This can help you complete the configuration task quickly and accurately.

Applicable Environment

To deploy devices having empty configurations, you can use NAP to perform remote login to the devices from a device in the current network. In this manner, you can implement remote deployment of devices.

Pre-configuration Tasks

Before configuring NAP-based remote deployment, complete the following tasks:

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

l Connecting the device having an empty configuration to a device in the current network

via a single hop by using network cables

l Ensuring that the interfaces connecting the device with an empty configuration and the

device in the current network are both in the Up state, and support NAP.

Data Preparation

NOTE

l If the IP addresses used for establishing NAP connections are to be manually configured, you need to

prepare the following data before configuring NAP.

l Conversely, if the IP addresses for establishing NAP connections are to be automatically configured,

you can skip this.

To configure NAP-based remote deployment, you need the following data.

No. Data

1 Two primary IP addresses. The two IP addresses are primary IP addresses for the

master interface and the slave interface respectively, and should be on the same network segment.

2 Two secondary IP addresses. The two IP addresses are secondary IP addresses for

the master interface and the slave interface respectively, and should be on the same network segment.

2.2.2 Configuring and Starting the NAP Master Interface

You can assign an IP address to the NAP master interface or use the IP address that is automatically allocated by the system to start the NAP master interface.

Context

CAUTION

If commands affecting the IP address configuration or IP packet forwarding (such as configurations and commands related to the VPN, Eth-Trunk, or Layer 2 interface) exist on device of the master interface, NAP enabled on the master interface becomes unavailable. You are recommended to delete these commands and re-enable NAP.

Do as follows on the switch to configure and start the NAP master interface.

In NAP, IP addresses can be allocated either automatically or manually.

Procedure

l Automatic allocation of IP addresses

1. Run:

system-view

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

The system view is displayed.

2. Run:

interface interface-type interface-number

The interface view is displayed.

3. Run:

nap port master

The NAP Master interface is configured and started.

l Manual IP address allocation

Two methods are available for manually allocating IP addresses. You can choose the method according to actual needs.

You can specify the NAP IP address pool. Then, IP addresses are automatically allocated to the IP address pool. To use this method, do as follows.

1. Run:

system-view

The system view is displayed.

2. Run:

nap ip-pool ip-address mask-length

An IP address pool is configured for NAP.

The default IP address pool for establishing NAP connections is 10.167.253.0/24. You can run the nap ip-pool ip-address mask-length command to change the IP address pool.

NOTE

After NAP is started on the master device, the IP address pool cannot be changed.

3. Run:

interface interface-type interface-number

The interface view is displayed.

4. Run:

nap port master

The NAP Master interface is configured and started.

You can also specify the NAP IP addresses. To use this method, do as follows.

1. Run:

system-view

The system view is displayed.

2. Run:

interface interface-type interface-number

The interface view is displayed.

3. Run:

nap port master

The NAP master interface is configured and started.

4. Run:

nap local-ip mast-inter-mast-ip sub-ip mast-inter-sub-ip peer-ip subinter-mast-ip sub-ip sub-inter-sub-ip mask-length

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

IP addresses are configured for establishing NAP connections.

The default IP address pool for establishing NAP connections is 10.167.253.0/24.

When configuring IP addresses, ensure that the primary IP addresses of both the master and the slave interfaces are on the same network segment, and that the secondary IP addresses of both the master and the slave interfaces are on the same network segment.

----End

2.2.3 Remote Login

After the neighbor relationship is set up, you can log in to the NAP slave device from the NAP master device.

Context

Using the display nap interface command, you can view the NAP status of an interface to ensure that the interface is assigned a correct IP address.

Do as follows on the switch where the NAP master interface is configured.

Procedure

Step 1 Run:

Step 2 Run:

Step 3 Run:

system-view

The system view is displayed.

interface interface-type interface-number

The interface view is displayed.

nap login neighbor

The login to the slave device from the master device is performed.

l If the slave device has an empty configuration, you can log in to the slave device from the

master device without a user name and a password.

l If, however, the slave device is configured with user name(s) and password(s), you must

enter the correct user name and password to perform a NAP-based remote login to the slave device.

NOTE

To ensure security for NAP, the slave device having an empty configuration checks the source address of the Telnet login. If the Telnet source address is the NAP address of the master device that is telnetting to the slave device, the slave device allows the master device to directly log in without being authenticated. This is because by default, the user level of the remote login based on the NAP address is the same as the login through the console interface, which enjoys the highest user level. If the Telnet source address is not the NAP address of the master device, the remote login fails.

If ip source check user-bind enable command is executed on an interface, the interface cannot connect to the NAP neighbor.

----End

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

2.2.4 Disabling NAP on the Slave Device

If the NAP function is no longer required, you need to disable NAP on the slave interface of the slave device.

Context

The master device has logged in to the slave device through Telnet. The NAP function is no longer required, and to ensure security of the network, NAP should be globally disabled on the slave interface of the slave device.

Do as follows on the switch that is configured as the NAP slave device.

Procedure

Step 1 Run:

system-view

The system view is displayed.

Step 2 Run:

undo nap slave enable

NAP is disabled on the slave device.

----End

2.2.5 Checking the Configuration

After configuring NAP-based remote deployment, you can view the NAP status globally or on a specified interface.

Prerequisite

NAP-based remote deployment has been completed.

Procedure

Step 1 Using the display nap status command, you can view the current NAP status.

Step 2 Using the display nap interface [ interface-type interface-number ] command, you can view

the NAP status of the specified interface.

----End

Example

Run the display nap status command to view the current NAP status.

<Quidway> display nap status Slave port status : Enable Nap ip-pool/Mask : 12.12.12.0/24

Run the display nap interface interface-type interface-number command to view the NAP status of the specified interface.

<Quidway> display nap interface gigabitethernet0/0/1

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

l If the interface is not assigned an IP address, the following information is displayed.

----------------------------------------------------- NAP master port list: Port count : 2

----------------------------------------------------- Port property : Master Current status : DETECTING Local port : GigabitEthernet0/0/1 Peer port : GigabitEthernet0/0/1 Local primary ip : NULL Peer primary ip : NULL Local secondary ip : NULL Peer secondary ip : NULL Hello time : 3s Linked time : 00:00:00

----------------------------------------------------- Port property : Master Current status : DETECTING Local port : GigabitEthernet0/0/2 Peer port : GigabitEthernet0/0/2 Local primary ip : NULL Peer primary ip : NULL Local secondary ip : NULL Peer secondary ip : NULL Hello time : 3s Linked time : 00:00:00

------------------------------------------------------

l If the interface is assigned an IP address, the following information is displayed.

----------------------------------------------------- NAP master port list : Port count : 2

----------------------------------------------------- Port property : Master Current status : IP-ASSIGNED Local port : GigabitEthernet0/0/1 Peer port : GigabitEthernet0/0/1 Local primary ip : 12.12.12.5 Peer primary ip : 12.12.12.6 Local secondary ip : 12.12.12.9 Peer secondary ip : 12.12.12.10 Hello time : 3s Linked time : 00:09:12

----------------------------------------------------- Port property : Master Current status : IP-ASSIGNED Local port : GigabitEthernet0/0/2 Peer port : GigabitEthernet0/0/2 Local primary ip : 10.10.10.5 Peer primary ip : 10.10.10.6 Local secondary ip : 10.10.10.9 Peer secondary ip : 10.10.10.10 Hello time : 3s Linked time : 00:03:41

------------------------------------------------------

2.3 Configuration Examples

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Network

SwitchAPC SwitchB SwitchC

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

2.3.1 Example for Configuring NAP-based Remote Deployment in Static Mode

In this example, the temporary neighbor relationship is set up between the switch and the device with the empty configuration and IP addresses are assigned to the switch and the device to implement remote deployment in manual mode.

Networking Requirements

As shown in Figure 2-1, the user needs to perform a remote login to Switch B from Switch A. Switch B is the master device, and temporary neighbor relationship is to be set up between Switch B and Switch C having an empty configuration. Switch B and Switch C need to be directly connected via a single hop. Both the interfaces connecting Switch B and Switch C should be in the Up state, and should support NAP.

Figure 2-1 Networking diagram of NAP-based remote deployment

Configuration Roadmap

The configuration roadmap is as follows:

1. Configure a NAP master interface on Switch B.

2. Configure an IP address for establishing a NAP connection on Switch B.

3. Use NAP to log in to Switch C from Switch B by means of Telnet.

Data Preparation

To complete the configuration, you need the following data:

l Two primary IP addresses. The two IP addresses are primary IP addresses for the master

interface and the slave interface respectively, and should be on the same network segment.

l Two secondary IP addresses. The two IP addresses are secondary IP addresses for the

master interface and the slave interface respectively, and should be on the same network segment.

Procedure

Step 1 Configure a NAP master interface on Switch B

<Quidway> system-view [Quidway] sysname SwitchB [SwitchB] interface gigabitethernet0/0/1 [SwitchB-GigabitEthernet0/0/1] nap port master

Step 2 Configure an IP address for establishing a NAP connection on Switch B

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

Quidway S5700 Series Ethernet Switches Configuration Guide - Device Management 2 NAP Configuration

[SwitchB-GigabitEthernet0/0/1] nap local-ip 12.12.12.5 sub-ip 12.12.12.9 peer-ip

12.12.12.6 sub-ip 12.12.12.10 30 Are you sure to continue?[Y/N] y

# After the preceding configuration is complete, run the display nap status command on Switch B. You can view that NAP has been enabled on Switch B. Then, run the display nap interface command. You can view that the primary and secondary IP addresses have been assigned to the master and slave interfaces. For example:

[SwitchB-GigabitEthernet0/0/1] display nap status Slave port status : Enable Nap ip-pool/Mask : 10.167.253.0/24 [SwitchB-GigabitEthernet0/0/1] display nap interface

----------------------------------------------------- NAP master port list Port count : 1

------------------------------------------------------

Step 3 Log in to the slave device from the master device.

# Configure Switch B.

[SwitchB-GigabitEthernet0/0/1] nap login neighbor Trying 12.12.12.10 ... Press CTRL+K to abort Connected to 12.12.12.10 ...

Info: The max number of VTY users is 10, and the number of current VTY users on line is 1.

Step 4 Disable NAP on the slave device.

# Configure Switch C.

<Quidway> system-view [Quidway] sysname SwitchC [SwitchC] undo nap slave enable

----End

Configuration Files

None

2.3.2 Example for Configuring NAP-based Remote Deployment in Automatic Mode

In this example, the temporary neighbor relationship is set up between a switch and another switch that has the empty configuration to implement remote deployment in automatic mode.

Networking Requirements

As shown in Figure 2-2, the user needs to perform a remote login to Switch B from Switch A. Switch B is the master device, and temporary neighbor relationship is to be set up between

Issue 01 (2011-07-15) Huawei Proprietary and Confidential

+ 112 hidden pages

Huawei V100R006C00 Configuration Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

About This Document

Contents

1 Auto-Config

1.1 Overview

1.2 Auto-Config Features Supported by the S5700

1.3 Deploying Unconfigured Switches (Same Network Segment)

1.3.1 Establishing the Configuration Task

1.3.2 Configuring the DHCP Server

1.3.3 Configuring the FTP/TFTP Server

1.3.4 Checking the Configuration

1.4 Deploying Unconfigured Switches (Different Network Segments)

1.4.1 Establishing the Configuration Task

1.4.2 Configuring the DHCP Server

1.4.3 Configuring DHCP Relay

1.4.4 Configuring the FTP/TFTP Server

1.4.5 Checking the Configuration

2 NAP Configuration

2.1 NAP Overview

2.2 Configuring NAP-based Remote Deployment

2.2.1 Establishing the Configuration Task

2.2.2 Configuring and Starting the NAP Master Interface

2.2.3 Remote Login

2.2.4 Disabling NAP on the Slave Device

2.2.5 Checking the Configuration

2.3 Configuration Examples

2.3.1 Example for Configuring NAP-based Remote Deployment in Static Mode

2.3.2 Example for Configuring NAP-based Remote Deployment in Automatic Mode