VLAN assignment in different usage scenarios

On the S5306, LS-S5352C-EI  EI, S5310EI, S5300HI, and S6300, if both the subnet VLAN and the MAC VLAN with a mask are configured, the MAC VLAN with a mask is first matched regardless of whether the vlan precedence command is used.

Access

Accepts an untagged frame and adds a tag with the default VLAN ID to the frame.

Accepts the tagged frame if the frame's VLAN ID matches the default VLAN ID.

Discards the tagged frame if the frame's VLAN ID differs from the default VLAN ID.

After the PVID tag is stripped, the frame is transmitted.

An access port can belong to only one VLAN. The access interface is directly connected to a computer.

Trunk

Adds a tag with the default VLAN ID to the untagged frame and then transmits it if the default VLAN ID is permitted by the port

Adds a tag with the default VLAN ID to the untagged frame and then discards it if the default VLAN ID is denied by the port.

Accepts the tagged frame if the frame's VLAN ID is permitted by the port.

Discards the tagged frame if the frame's VLAN ID is denied by the port.

If the frame's VLAN ID matches the default VLAN ID and the VLAN ID is permitted by the port, the device removes the tag and transmits the frame.

If the frame's VLAN ID differs from the default VLAN ID, but the VLAN ID is still permitted by the port, the switch will directly transmit the frame.

A trunk port allows packets of multiple VLANs to pass through. It usually connects network devices.

Hybrid

If the frame's VLAN ID is permitted by the port, the frame is transmitted. The port can be configured whether to transmit frames with tags.

A hybrid port allows packets of multiple VLANs to pass through. It can be used to connect network devices or network devices and user devices.

QinQ

QinQ ports are enabled with the IEEE 802.1QinQ protocol. A QinQ port can add double VLAN tags to a data frame, that is, a QinQ port can add a tag to a single-tagged frame. Therefore, a QinQ port supports a maximum of 4094 x 4094 VLAN tags, which meets the requirement on the number of VLANs. For details, see QinQ Overview.

he S5328C-SI  and S5300LI do not support VLAN aggregation.

Configuring a Voice VLAN in Auto Mode on Huawei S2300

Create VLANs and configure the LS-S2309TP-SI-AC  interface on the Switch.

# Create VLAN 2 and VLAN 6.

<Quidway> system-view

[Quidway] vlan batch 2 6

# Configure the link type and default VLAN of the interface.

[Quidway] interface ethernet 0/0/1

[Quidway-Ethernet0/0/1] port hybrid pvid vlan 6

[Quidway-Ethernet0/0/1] port hybrid untagged vlan 6

[Quidway-Ethernet0/0/1] quit

Step 2 Configure the voice VLAN on the Switch.

# Configure the voice VLAN on the interface.

[Quidway] interface ethernet 0/0/1

[Quidway-Ethernet0/0/1] voice-vlan 2 enable

# Set the voice VLAN mode to auto so that the interface can be automatically added to or deleted

from the voice VLAN.

[Quidway-Ethernet0/0/1] voice-vlan mode auto

[Quidway-Ethernet0/0/1] quit

# Set the OUI of the voice VLAN.

[Quidway] voice-vlan mac-address 0011-2200-0000 mask ffff-ff00-0000

# Set the aging time of the voice VLAN.

[Quidway] voice-vlan aging-time 100

# Set the working mode of the voice VLAN.

[Quidway-Ethernet0/0/1] voice-vlan security enable

Step 3 Verify the configuration.

Run the display voice-vlan oui command to check the OUI of the voice VLAN.

<Quidway> display voice-vlan oui

---------------------------------------------------

OuiAddress Mask Description

---------------------------------------------------

0011-2200-0000 ffff-ff00-0000

Run the display voice-vlan 2 status command to check the voice VLAN mode, voice VLAN

security mode, and voice VLAN aging time.

<Quidway> display voice-vlan 2 status

Voice VLAN Configurations:

S2300 Series Ethernet Switches

Typical Configuration Examples 1 Configuration Guide - Ethernet

Issue 02 (2012-10-27) Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

22

---------------------------------------------------

Voice VLAN ID : 2

Voice VLAN status : Enable

Voice VLAN aging time : 100 (minutes)

Voice VLAN 8021p remark : 6

Voice VLAN dscp remark : 46

----------------------------------------------------------

Port Information:

-----------------------------------------------------------

Port Add-Mode Security-Mode Legacy

-----------------------------------------------------------

Ethernet0/0/1 Auto Security LS-S2318TP-EI-DC  Disable

Configuring an FTP Huawei S3300

Configure SwitchB LS-S3328TP-EI-24S-AC .

# Configure an IP address for SwitchB.

<Quidway> system-view

[Quidway] sysname SwitchB

[SwitchB] vlan 100

[SwitchB-vlan100] quit

[SwitchB] interface ethernet 0/0/1

[SwitchB-Ethernet0/0/1] port hybrid pvid vlan 100

[SwitchB-Ethernet0/0/1] port hybrid untagged vlan 100

[SwitchB-Ethernet0/0/1] quit

[SwitchB] interface Vlanif 100

[SwitchB-Vlanif100] ip address 10.1.1.2 24

[SwitchB-Vlanif100] quit

# Configure SwitchB as the FTP server.

[SwitchB] ftp server enable

[SwitchB] aaa

[SwitchB-aaa] local-user user1 password cipher hello123

[SwitchB-aaa] local-user user1 privilege level 15

[SwitchB-aaa] local-user user1 service-type ftp

[SwitchB-aaa] local-user user1 ftp-directory flash:/

[SwitchB-aaa] quit

Step 2 Configure SwitchA.

# Configure an IP address for SwitchA.

<Quidway> system-view

[Quidway] sysname SwitchA

[SwitchA] vlan 100

[SwitchA] interface ethernet 0/0/1

[SwitchA-Ethernet0/0/1] port hybrid pvid vlan 100

[SwitchA-Ethernet0/0/1] port hybrid untagged vlan 100

[SwitchA-Ethernet0/0/1] quit

[SwitchA] interface Vlanif 100

[SwitchA-Vlanif100] ip address 10.1.1.1 24

[SwitchA-Vlanif100] quit

# Create an NQA FTP test on SwitchA and create a file of 10 KB for uploading.

[SwitchA] nqa test-instance admin ftp

[SwitchA-nqa-admin-ftp] test-type ftp

[SwitchA-nqa-admin-ftp] destination-address ipv4 10.1.1.2

[SwitchA-nqa-admin-ftp] source-address ipv4 10.1.1.1

[SwitchA-nqa-admin-ftp] ftp-operation put

[SwitchA-nqa-admin-ftp] ftp-username user1

[SwitchA-nqa-admin-ftp] ftp-password hello123

[SwitchA-nqa-admin-ftp] ftp-filesize 10

Step 3 Start the test instance.

[SwitchA-nqa-admin-ftp] start now

Check the configuration.

# Check NQA test results on SwitchA.

[SwitchA-nqa-admin-ftp] display nqa results test-instance admin ftp

NQA entry(admin, ftp) :testflag is inactive ,testtype is ftp

1 . Test 1 result The test is finished

SendProbe:1 ResponseProbe:1

Completion :success RTD OverThresholds number: 0

MessageBodyOctetsSum: 10240 Stats errors number: 0

Operation timeout number: 0 System busy operation number:0

Drop operation number:0 Disconnect operation number: 0

CtrlConnTime Min/Max/Average: 657/657/657

DataConnTime Min/Max/Average: 500/500/500

SumTime Min/Max/Average: 1157/1157/1157

Average RTT:656

Lost packet ratio:0 %

# On SwitchB, you can view that a file named nqa-ftp-test.txt is added. Part of the file on the

SwitchB is displayed.

<SwitchB  LS-S3352P-EI-AC > dir

Directory of flash:/

0 -rw- 331 Jul 06 2007 18:34:34 private-data.txt

1 -rw- 10,240 Jul 06 2007 18:37:06 nqa-ftp-test.txt

2,540 KB total (1,536 KB free)

configuration S5300 file, and patch files

ftp> binary

200 Type set to I.

ftp> get S5328C-SI  -V200R002C00SPC100.cc

200 Port command okay.                                                   

150 Opening BINARY mode data connection for file transfer.                     

226 Transfer complete.

ftp: 12472284 bytes received in 80.33Seconds 1350.65Kbytes/sec.

The preceding output indicates the configuration file has been transferred and you can find it in D:\>.

ftp> get vrpcfg.zip

200 Port command okay.                                                   

150 Opening BINARY mode data connection for file transfer.                     

226 Transfer complete.

ftp: 589 bytes received in 0.01Seconds 60Kbytes/sec.

The preceding output indicates the configuration file has been transferred and you can find it in D:\>.

ftp> get S5324TP-SI   sph001.pat

200 Port command okay.                                                   

150 Opening BINARY mode data connection for file transfer.                     

226 Transfer complete.

ftp: 333436 bytes received in 0.33Seconds 1350.65Kbytes/sec.

The preceding output indicates the configuration file has been transferred and you can find it in D:\>.

Use the S5300 as the TFTP Client

Directory of flash:/

  Idx  Attr     Size(Byte)  Date        Time(LMT)      FileName

    0  -rw-     12,472,284  Nov 04 2010 19:43:18   S5352C-EI-V200R002C00SPC100.cc

30,008 KB total (16,544 KB free)

<Quidway> dir *.zip

Directory of flash:/

  Idx  Attr     Size(Byte)  Date        Time(LMT)      FileName

    0  -rw-            589  Nov 04 2010 20:55:54    vrpcfg.zip

30,008 KB total (16,544 KB free)

<Quidway> dir *.pat

Directory of flash:/

  Idx  Attr     Size(Byte)  Date        Time(LMT)       FileName

    0  -rw-        333,436  Jan 29 2010 16:54:40    s5300sph001.pat

30,008 KB total (16,544 KB free)

Run the following commands on the S5300 to back up the data. The backup system software is S5300-V200R002C00SPC100-bak.cc, the backup configuration file is vrpcfg-bak.zip, and the patch file is s5300sph001-bak.pat.

<Quidway> tftp 10.164.30.29 put S5300-V200R002C00SPC100.cc  S5300-V200R002C00SPC100-bak.cc

Info: Transfer file in binary mode.                                            

Uploading the file to the remote TFTP server. Please wait...|                  

TFTP: Uploading the file successfully.                                         

12472284 bytes send in 160 seconds.

<Quidway> tftp 10.164.30.29 put vrpcfg.zip vrpcfg-bak.zip

Info: Transfer file in binary mode.

  Uploading the file to the remote TFTP server. Please wait.../

  TFTP: Uploading the file successfully. 

  589 bytes send in 0.01 second.

<Quidway> tftp 10.164.30.29 put s5300sph001.pat s5300sph001-bak.pat                                                            

Info: Transfer file in binary mode.                                            

Uploading the file to the remote TFTP server. Please wait...\                  

TFTP: Uploading the file successfully.                                          

  333436 bytes send in 1 second.

3.    Obtain the system software of the target version from the server.

<Quidway> tftp 10.164.30.29 get S5300EI-V200R003C00SPC300.cc

Info: Transfer file in binary mode.

  Downloading the file from the remote TFTP server. Please wait.../

TFTP: Downloading the file successfully.

14,066,348 bytes received in 109 seconds

If the message "Downloading the file successfully" is displayed, the system software has been downloaded.

4.    (Optional) Obtain the new configuration file from the server.

If the configuration file does not need to be changed after the upgrade, this step is not required.

<Quidway> tftp 10.164.30.29 get vrpcfgnew.zip                        

Info: Transfer file in binary mode.                                             

Downloading the file from the remote TFTP server. Please wait.../              

TFTP: Downloading the file successfully.                                       

    2757 bytes received in 1 second.

5.    Specify the system software in service, which is loaded when the S5300 is started.

<Quidway> startup system-software S5300EI-V200R003C00SPC300.cc

If the following information is displayed after you run the startup system-software file command, enter Y to update the BootROM. If the BootROM is upgraded successfully, go to step 7; otherwise, go to step 6. When you upgrade a stack of V100R003, you must manually upgrade the BootROM according to step 6.

Warning: Basic BOOTROM will be upgraded. Continue?(Y/N)[N]: y

BOOTROM begin to be upgraded ! please wait for a moment...,

Info: BOOTROM upgrade is ok.

Succeeded in setting the software for booting system.

6.    (Optional) Upgrade the BootROM in service, which is loaded when the S5300 is started.

<Quidway> system-view

[Quidway] upgrade basic-bootrom S5300EI-V200R003C00SPC300.cc

Warning: Basic BOOTROM will be upgraded. Continue?(Y/N)[N]: y

Upgrading BOOTROM,please wait for a moment...,

[Slot 0]:

Info: BOOTROM upgrade is ok.

Succeeded in setting the software for booting system.

In V100R003 or a later version, the BootROM is upgraded automatically. To upgrade the software to other versions, you must upgrade the BootROM manually. For details about automatic BootROM upgrade, see Step 5. In the case of a version rollback, you are advised to manually upgrade the BootROM to prevent a rollback failure.

7.    Restart the S5300.

After the software is upgraded to V200R003C00SPC300, you must specify the system software for next startup. If the system software is not specified or the invalid software is specified, the device will fail to restart. For details about specifying the system software for next startup, see Step 5.

When the system asks you whether to save the configuration, enter y or n. After the setting is complete, enter y to restart the system.

<Quidway> reboot

Info: The system is now comparing the configuration, please wait.              

Warning: The configuration has been modified, and it will be saved to the next s

tartup saved-configuration file flash:/103_xu.cfg. Continue? [Y/N]:y            

Now saving the current configuration to the slot 0..                           

Save the configuration successfully.                                           

Info: If want to reboot with saving diagnostic information, input 'N' and then e

xecute 'reboot save diagnostic-information'.                                   

System will reboot! Continue?[Y/N]:y                                           

Info: System is rebooting, please wait...

Quidway S5328C-EI series switches which are new generation Ethernet gigabit switches that meet the requirements for high-bandwidth access and Ethernet multi-service convergence, providing powerful Ethernet functions for operators and enterprise customers.

LS-S2318TP-EI-DC VS LS-S2318TP-SI-AC, The Difference

What are the difference of LS-S2318TP-EI-DC and LS-S2318TP-SI-AC?

Huawei LS-S2318TP-EI-DC: Huawei Quidway Switch S2300, S2318TP-EI Mainframe(16 10/100 BASE-T ports and 2 Combo GE(10/100/1000 BASE-T+100/1000 Base-X) ports and DC -48V)

Huawei LS-S2318TP-SI-AC: Huawei Quidway Switch S2300, S2318TP-SI Mainframe(16 10/100 BASE-T ports and 2 Combo GE(10/100/1000 BASE-T+100/1000 Base-X) ports and AC 110/220V)

The Quidway S2300 series switches are new generation Ethernet intelligent access switches. The S2300 is mainly deployed on the IP MAN and intranets, meeting requirements of carrying various Ethernet services and accessing the Ethernet. Based on the new generation high-performance hardware and Huawei Versatile Routing Platform (VRP), the S2300 supports rich and flexible service features and thus improves the operability, manageability, and service expansibility. In addition, the S2300 supports powerful lightning protection, security features, ACLs, QinQ, 1:1 VLAN switching, and N:1 VLAN switching to flexibly deploy VLANs.

The difference on the price:

According to our research, www.huanetwork.com is a great wholesell supplier for huawei switch, and the best price form.

LS-S2318TP-EI-DC price : $239.00

LS-S2318TP-SI-AC price : $195.00

Request a quote for them by emailing us at sales@huanetwork.com or pick up the phone and speak to one of our friendly and helpful sales reps at +852-30501940 (Hong Kong).

GPON standard change

Trouble Ticket No./CR No.Huawei GPON Original requirement

Change If the OLT is connected to a Huawei ONT whose OMCI version is 0xa0 or later and the ONT reports the proprietary entity 0xff93 to the OLT, multicast configuration is issued to the ONT using the standard protocol.

Reason for Change Before the standard change, the ONT whose OMCI version is 0xa0 or later supports the multicast proprietary protocol; after the standard change, such ONTs support the standard protocol.

Impact Upgrades and services are not affected.

Original requirement If the OLT is connected to a Huawei ONT whose OMCI version is 0xa0 or later, the ID of the MAC bridge service profile instance created in single-bridge mode is changed from 0 to 1. The interoperability specification defines that in the scenario with variable-length OMCI messages, the ID of the MAC bridge service profile instance created in single-bridge mode is 1. Services are not affected.

Original requirement When the board that does not support variable-length OMCI messages is replaced with the board that supports variable-length OMCI messages, and the interconnected ONT is of OMCI version 0xB0 or later, the board issues variable-length OMCI messages to the ONT. The G.988 variable-length OMCI messages are supported.ONT configuration, upgrades, or services are not affected.

Terminals that are not listed in the attachment above may not match the specific OLT version. If such a terminal is used, confirm with Huawei technical support personnel first

For more Huawei HG8240 information please click here

How to Setting Up an Environment for the Upgrade on huawei S3300 switch

In the BootROM S3352P menu or the command line view, you can use the Trivial File Transfer Protocol (TFTP) or File Transfer Protocol (FTP) to download the system software, and set it as the next startup system software. Then restart the device to complete the upgrade.

The general requirements for setting up an environment for upgrading the system using TFTP or FTP are as follows:

    You can log in to the switch from a PC through the serial interface or Telnet.

    The server and the switch can communicate with each other.

    Files for the upgrade are stored in the server.

You can upgrade the basic and advanced BootROM software using Xmodem in the basic BootROM menu; you can upgrade the system software using Xmodem in the BootROM menu.

The general requirements for setting up an environment for upgrading the system using Xmodem are as follows:

    The RS-232 serial interface on the PC and the console interface on the switch are connected through a console cable.

    Files for the upgrade are stored on the PC.

For more Huawei  information please click here

http://www.huanetwork.com/huawei-ls-s5324tp-si-ac-price_p510.html

How to configure the MTU of an Ethernet Interface on Huawei NE40E Router?

Huawei NE40E Quidway NetEngine40E is based on a 400G platform, which is designed to save energy. Each slot has a forwarding capacity of 400Gbps, and the bandwidth of each slot can be smoothly expanded from 40Gbps to 400Gbps, satisfying the bandwidth demands of the next three to five years. The NE40E is compact in design and the interface density can reach 160 x 10G for a single NE40E and 240 x 10G for a single cabinet, which greatly saves space. Huanetwork.com ships Huawei NE40E router to worldwide.

Step 1:
system-view
The system view is displayed.
Step 2:
interface { ethernet | gigabitethernet } interface-number
The Ethernet interface view is displayed.
Step 3:
mtu mtu
TheIPv4 MTU of the Ethernet interface is configured.
Step 4:
system-view
The system view is displayed.
Step 5:
interface { ethernet | gigabitethernet } interface-number
The Ethernet interface view is displayed.
Step 6:
ipv6 enable
The IPv6 is enabled in this interface.
Step 7:
ipv6 mtu mtu
The IPv6 MTU of the Ethernet interface is configured.


For more Huawei information please click here

http://www.huanetwork.com/gpon-epon-terminal-price_c42

How to configure a DNS Test Instance on Huawei LS-S5348TP-SI-AC switch?

Huawei Quidway Switch S5300, LS-S5348TP-SI-AC Mainframe(44 10/100/1000Base-T ports and 4 gigabit Combo ports,AC 110/220V)

Step 1:
system-view
The system view is displayed.
Step 2:
dns resolve
Dynamic DNS resolution is enabled.
Step 3:
nqa test-instance admin-name test-name
An NQA test instance is created, and the NQA view is displayed.
Step 4:
test-type dns
The test type is set to DNS.
Step 5:
destination-address url urlstring
The name of the destination host is configured.
Step 6:
description string
A description is configured for the test instance.
Step 7:
frequency interval
The test period is set for the NQA test instance.
Step 8:
timeout time
The timeout period of a probe is set for the NQA test instance.
Step 9:
records history number
The maximum number of historical records is set for the NQA test instance.
Step 10:
records result number
The maximum number of result records is set for the NQA test instance.
Step 11:
agetime hh:mm:ss
The aging time is set for the NQA test instance.
Step 12:
dns-server ipv4 ip-address
The DNS server address is configured.


For more Huawei ME60-X3 information please click here

How to configure a Recording Scheme on Huawei LS-S3328TP-EI-24S-DC switch?

LS-S3328TP-EI-24S-DC,Huawei Quidway Switch S3300, S3328TP-EI Mainframe(24 100 BASE-X ports and 2 Combo GE(10/100/1000 BASE-T+100/1000 BASE-X) ports and 2 SFP GE (1000 BASE-X) ports (SFP Req.) and DC -48V)

Step 1:
system-view
The system view is displayed.
Step 2:
hwtacacs-server template template-name
The HWTACACS server template is created.
Step 3:
aaa
The AAA view is displayed.
Step 4:
recording-scheme recording-scheme-name
A recording scheme is created and the recording scheme view is displayed.
Step 5:
recording-mode hwtacacs template-name
An HWTACACS server template that is associated with the recording scheme is configured.
Step 6:
quit
Return to the AAA view.
Step 7:
cmd recording-scheme recording-scheme-name
The commands that are used on the S3700 are recorded.
Step 8:
outbound recording-scheme recording-scheme-name
The information about connections is recorded.
Step 9:
system recording-scheme recording-scheme-name
System events are recorded.


For more Huawei MA5600 information please click here

How to configure Remote Port Mirroring on Huawei S3328TP-SI Switch?

Huawei Quidway Switch S3300, S3328TP-SI Mainframe(24 10/100 BASE-T ports and 2 Combo GE(10/100/1000 BASE-T+100/1000 Base-X) ports and 2 SFP GE (1000 BASE-X) ports (SFP Req.) and AC 110/220V)

Step 1:
system-view
The system view is displayed.
Step 2:
vlan vlan-id
An RSPAN VLAN is created and the RSPAN VLAN view is displayed.
Step 3:
mac-address learning disable
The MAC address learning is disabled.
Step 4:
quit
Return to the system view.
Step 5:
observe-port index interface interface-type interface-number [ vlan vlan-id ]
An observing port is configured, and the RSPAN VLAN is specified.
Step 6:
vlan vlan-id
The RSPAN VLAN view is displayed.
Step 7:
mirroring to observe-port index inbound
Remote VLAN mirroring is configured.


For more Huawei S5328C-SI information please click here

How to configure the Peer Mode on Huawei S2309TP Switch?

Huawei Quidway Switch S2300, S2309TP-EI Mainframe(8 10/100 BASE-T ports and 1 Combo GE(10/100/1000 BASE-T+100/1000 Base-X) ports and DC -48V

The Quidway S2300 series switches are new generation Ethernet intelligent access switches. The S2300 is mainly deployed on the IP MAN and intranets, meeting requirements of carrying various Ethernet services and accessing the Ethernet. Based on the new generation high-performance hardware and Huawei Versatile Routing Platform (VRP), the S2300 supports rich and flexible service features and thus improves the operability, manageability, and service expansibility. In addition, the S2300 supports powerful lightning protection, security features, ACLs, QinQ, 1:1 VLAN switching, and N:1 VLAN switching to flexibly deploy VLANs

Step 1:
system-view
The system view is displayed.
Step 2:
ifindex constant
The constant interface index feature is enabled.
Step 3:
set constant-ifindex max-number number
The maximum number of interfaces indexed by fixed numbers is set.
Step 4:
set constant-ifindex subinterface { dense-mode | sparse-mode }
The memory distribution mode for the sub-interface index is set.


For more Huawei ls-s2309tp-ei-ac information please click here

Huawei NE40E Router Configuration

Huawei NE40E is based on a 400G platform, which is designed to save energy. Each slot has a forwarding capacity of 400Gbps, and the bandwidth of each slot can be smoothly expanded from 40Gbps to 400Gbps, satisfying the bandwidth demands of the next three to five years. The NE40E is compact in design and the interface density can reach 160 x 10G for a single NE40E and 240 x 10G for a single cabinet, which greatly saves space.

ip netstream sampler fix-packets 1000 inbound

 ip netstream sampler fix-packets 1000 outbound

 ip netstream export source 1.1.1.1

 ip netstream export host 1.1.1.2 9996

ip netstream aggregation protocol-port

 enable

 export version 9

slot 1

 ip netstream sampler to slot self

and on interfaces from which I want to get data

ip netstream in

Performing the configuration, to my surprise the command which is used to configure ACL in other Huawei routers didn’t work in our newly bought NE40E Router. It was because since the router was bought recently, it had updated Version-V300R002_11(OS for Huawei router).

I figured out new way to do it ….so thought it would be useful for people if I share it on my blog.

For more OSN 550 information please click here

How to configure IP Address on Huawei S2300 switch and Cisco 3560 switch?

Huawei Quidway Switch S2300, S2326TP-EI Mainframe(24 10/100 BASE-T ports and 2 Combo GE(10/100/1000 BASE-T+100/1000 Base-X) ports and DC -48V

hq-sanjose(config)# interface loopback 0

Create loopback interface 0

hq-sanjose(config-if)# ip address 10.1.2.1 255.255.255.0

Assign an IP subnet and address to loopback 0. This subnet is used for the creation of your IP address pool1 .

hq-sanjose(config-if)# exit

Exit back to global configuration mode.

hq-sanjose(config)# ip local pool dialin_pool 10.1.2.2 10.1.2.97

Create a pool of IP addresses for assigning to the remote nodes2 .

hq-sanjose(config)# async-bootp dns-server 10.2.2.3 10.2.3.1

Specify the domain name servers on the network, which can be used for clients dialing in with PPP.

The system view is displayed.

ip route-static ip-address { mask | mask-length } { nexthop-address | interface-type interface-number [ nexthop-address ] } [ preference preference | tag tag ] * track bfd-session cfg-name [ description text ]

A public network static IPv4 route is bound to a BFD session.

NOTE:

Before binding a static route to a BFD session, ensure that the BFD session and the static route reside on the same link.

Only the S6700, S5710HI, S5700EI, S5710EI, and S5700HI support BFD for static routes.

Administrators commonly create a loopback interface and new subnet if their existing Ethernet subnet has all its IP addresses already consumed. Loopback interfaces are very stable and do not go up and down as LAN interfaces may.

For more Huawei S2326TP-EI-AC information please click here

How to configure Packet Filtering on Huawei S2300 switch?

The LS-S2309TP-EI-DC is mainly deployed on the IP MAN and intranets, meeting requirements of carrying various Ethernet services and accessing the Ethernet. Based on the new generation high-performance hardware and Huawei Versatile Routing Platform (VRP)

Step 1 Run:

system-view

The system view is displayed.

Step 2 Run:

traffic behavior behavior-name

A traffic behavior is created and the traffic behavior view is displayed.

Step 3 Run:

permit

Packets matching traffic classification rules are forwarded based on the original policy.

Step 4 Run:

deny

Packets matching traffic classification rules are not forwarded.

NOTE:

In a traffic behavior, the action permit and other traffic actions take effect by sequence; when the action deny is configured, other actions except traffic statistics and flow mirroring can be configured but do not take effect.

When you specify a packet filtering action for packets matching an ACL, if the ACL rule defines permit, the device processes packets according to the action (deny or permit) in the traffic behavior. If the ACL rule defines deny, the device discards packets regardless of whether deny or permit is configured in the traffic behavior.

For more S2309TP-SI information please click here

How to configure file of the Switch on Huawei S3328TP-PWR-EI switch?

ow to configure file of the Switch on Huawei S3328TP-PWR-EI switch?

Huanetwork.com offers Huawei Quidway S3300 series switches, which are new generation Ethernet intelligent access switches. Based on the new generation high-performance hardware and Huawei Versatile Routing Platform (VRP), the S3300 Quidway switch supports rich and flexible service features and thus improves the operability, manageability, and service expansibility, fully meeting the requirement of flexible networking.

#
sysname Switch
#
vlan batch 100 110 120
#
qos car car1 cir 9000 cbs 1692000      
#
traffic classifier c1 operator and
 if-match vlan-id 120
traffic classifier c2 operator and
 if-match vlan-id 110
traffic classifier c3 operator and
 if-match vlan-id 100
#
traffic behavior b1
 car cir 2000 pir 10000 cbs 250000 pbs 1250000 green pass yellow pass red discard
 car car1 share
 remark dscp ef
 statistic enable
traffic behavior b2
 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard
 car car1 share
 remark dscp af33
 statistic enable
traffic behavior b3
 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard
 car car1 share
 remark dscp af13
 statistic enable
#
traffic policy p1
 classifier c1 behavior b1
 classifier c2 behavior b2
 classifier c3 behavior b3
#
interface  GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 110 120
 traffic-policy p1 inbound
#
interface  GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 100 110 120
#
return

For more Huawei S3352P-PWR-EI information please visit: www.huawei.com

How to Configure the User Authentication Mode on the Console User Interface on Huawei?

Questions:
How to configure the User Authentication Mode on the Console User Interface on Huawei ME60?

Answer:
Run:system-view,The system view is displayed.
Run:user-interface console interface-number,The console user interface view is displayed.
Run:authentication-mode aaa,The user authentication mode is set to AAA.
Run:quit,Exit from the console user interface view.
Run:aaa,The AAA view is displayed.
Run:local-user user-name password { cipher | irreversible-cipher } password,The local user name and password are configured.
Run:local-user user-name service-type terminal,The service type of the local user is set to terminal.
Run:quit,The user quit the AAA view.
Run:system-view,The system view is displayed.
Run:user-interface console interface-number,The console user interface view is displayed.
Run:authentication-mode password,The user authentication mode is set to password.
Run:set authentication password [ cipher password ],The authentication password is configured. You can enter a password in plain text or cipher text.
Run:system-view,The system view is displayed.
Run:user-interface console interface-number,The console user interface view is displayed.
Run:authentication-mode none,The authentication mode is set to non-authentication.

NOTE:
The password can be in plain text or cipher text. When the cipher password parameter is not specified, enter the plain text password in interactive mode. When the cipher password parameter is specified, enter either plain or cipher password. No matter which type of password you enter, the password is saved in the configuration file in cipher text.

For more Huawei news about Price ans Specification, you can click here.

Huawei: Access, Hybrid and Trunk three modes of understanding

Tag, untag and various GICF  port mode switch is personnel network engineering debugging switch contact most concepts, however, I found the technology in practical work are often not fully understand these concepts, the author according to their own understanding and then with a case study, trying to clarify these concepts

Untag is the normal Ethernet message, the PC card can identify this message communication;

Changes in the tag message structure is in the source MAC address and a destination MAC address, plus the 4bytes VLAN information, namely VLAN tag head; in general message PC this card is not recognized

The figure below illustrates the 802.1Q package tag message frame structure

With the 802.1Q frame in a standard Ethernet frame into 4 byte identifier. Contains:

Protocol 2 identifier bytes (TPID), fixed value of the current 0x8100 set, show that the frame with the 802.1Q tag information.

Tag control information 2 bytes (TCI), contains three domains.

The Priority domain, 3bits, said the message priority, a value of 0 to 7, 7 is the highest priority, 0 is the lowest priority. The domain is adopted by 802.1p.

Canonical format indicator (CFI) domain, accounting for 1bit, 0 said that the specification format, used in Ethernet; 1 said that the non canonical format, used in Token Ring.

VLAN ID domain, 12bit, is used to mark the ownership of VLAN.

There are three kinds of link type Ethernet port: Access, Hybrid and Trunk.

Access type of port can only belong to 1 VLAN, typically used to connect the computer port;

Type Trunk port allows multiple VLAN, can message receiving and transmitting multiple VLAN, generally used for connecting ports between switches;

Type Hybrid port allows multiple VLAN, can message receiving and transmitting multiple VLAN connections, can be used to switch between, can also be used to connect the user's computer.

The Hybrid port and the Trunk port when receiving data, processing method is the same, the only difference is that the data is sent: send Hybrid port allows multiple VLAN message without a label, and the Trunk port is only allowed to send the default VLAN message without a label.

The concept of the default VLAN here to show port

The Access port belongs to only 1 of VLAN, so the default VLAN it is the VLAN, not set;

The Hybrid port and Trunk port belong to more than one VLAN, you need to set the default VLAN ID. By default, the default VLAN Hybrid port and Trunk port for VLAN 1

If you set the default VLAN port of ID, when the port receives the message without VLAN Tag, the message to belong to the default VLAN port; when the message send port with VLAN Tag, if the message VLAN ID and port the default VLAN ID, the system will go out the message of the VLAN Tag, and then send the message.

Note: for Huawei switch the default VLAN is called "Pvid Vlan", Cisco switches for the default VLAN is called "Native Vlan"

Switch interface and data processing procedure is as follows:

Acess port message:

Receive a message, to judge whether there is VLAN information: if not, a PVID port forwarding, and exchange, if there is discarded directly (default)

The Acess port to send message:

The VLAN information release message, sent directly.

Trunk port message:

Receive a message, to judge whether there is VLAN information: if not a port of the PVID, and exchange forwarding, if the trunk port whether to allow the VLAN data into: if the forwarding, or discarded

The trunk port to send message:

Comparison of PVID port and will be sending message VLAN information, if it is equal, stripping VLAN information, send, if not equal to directly transmit

Hybrid port message:

Receive a message, to judge whether there is VLAN information: if not a port of the PVID, and exchange forward, if it is determined that the hybrid port is to allow the VLAN data into: if the forwarding, or discarded (at ports on the untag configuration is not considered, only the untag configuration effect of packet transmission)

The hybrid port to send message:

1, whether the VLAN properties in the port (disp interface can see the port is untag, on which VLAN is what VLAN tag)

2, if untag is the stripping VLAN information, send, if tag is directly send

The hybrid port mode the following cases can help you understand the Huawei switch

[Switch-Ethernet0/1]int e0/1

[Switch-Ethernet0/1]port link-type hybrid

[Switch-Ethernet0/1]port hybrid PVID VLAN 10

[Switch-Ethernet0/1]port hybrid VLAN 1020 untagged

[Switch-Ethernet0/1] int e0/2

[Switch-Ethernet0/2]port link-type hybrid

[Switch-Ethernet0/2]port hybrid PVID VLAN 20

[Switch-Ethernet0/2]port hybrid VLAN 1020 untagged

The inter e0/1 and inter e0/2 of the PC is to communicate with each other, but the communication data go round VLAN is different.

The following inter e0/1 under the PC1 to access the inter e0/2 under the PC2 as an example

PC1 issued by the data, marked by PVID vlan10 package vlan10 inter0/1's post into the switch, switch inter e0/2 allows VLAN 10 through the data, so the data is forwarded to the inter e0/2, because inter e0/2 VLAN 10 is untagged, marked by the removal of vlan10 packet and switch at this time, to ordinary the package to PC2, then pc1->p2 is vlan10

Analysis of PC2 PC1 to back to pack again too

6. That Huawei router access-list rule configuration command parameters

That Huawei router access-list rule configuration command parameters

Huawei router configuration command access rules, access-list is used to create an access rule. The following article is a part of Huawei router configuration commands, to understand the other configuration command friends please pay attention to the following article.

Huawei router configuration command [default]

The system default does not allocate any access rules.

[Huawei router configuration command command mode]

◆ global configuration mode

Huawei router configuration command [guide]

◆ the same number of rules can be regarded as a kind of rules; rules defined not only can be used to filter the messages on the interface such as DDR, can also be used to determine whether a message is the message, interested at this time, permit and deny are interested or not interested.

◆ use protocol domain to represent all of the IP protocol for the IP extended access list.

Between the same number are arranged according to certain rules and principles, this sequence can be seen through the show access-list command.

◆ create standard access list access-list [normal special] listnumber1 permit | | {deny} source-addr [source-mask]

◆ create extended access list access-list [normal listnumber2 special] | {permit deny} protocol source-addr source-mask | [operator port1] dest-addr [port2] dest-mask [operator port1 [port2] | icmp-type [icmp-code]] [log]

◆ delete access list no access-list {normal special} {all | | listnumber [subitem]}

[note] Huawei router configuration command parameters

The normal specifies the rules into the common time.

The special specifies the rules to join the special time.

The listnumber1 is a value between 1 to 99, said the rules are standard access list rules.

The listnumber2 is a value between 100 to 199, said the rule is extended access list rules.

◆ permit that allow messages to meet the conditions of the.

◆ deny indicates that the message is prohibited to meet the conditions of the.

◆ protocol as the protocol type, support ICMP, TCP, UDP, other protocol support, no concept of port is at this time; IP has a special meaning, on behalf of all of the IP protocol.

◆ source-addr source address.

◆ source-mask as the source address through coordination, in the standard access list is optional, not input represents the ligand for 0.0.0.0.

◆ dest-addr as the destination address.

◆ dest-mask as the destination address through coordination.

◆ operator[optional] port operator, in agreement with type TCP or UDP port, support comparison operations are: equal to (EQ), (GT), less than (greater than LT), not equal to (NEQ) or between (range);

◆ if operators for the range, followed with two ports.

◆ port1 in protocol type is TCP or UDP, you can set the default keyword (such as telnet) to a value or 0~65535.

◆ port2 in protocol type is TCP or UDP and the operation type is range; can be preset values for keyword (such as telnet) to a value or 0~65535.

◆ icmp-type[optional] appear in the protocol for the ICMP, representing the ICMP message type; can be preset keyword set (such as echo-reply) or a value between 0~255.

The icmp-code protocol for ICMP and did not appear to preset values; on behalf of the ICMP code, is a numeric value between 0~255.

◆ log [optional] said that if the message is in line with the conditions, need to do log.

◆ listnumber for deletion rule number, is a numeric value between 1~199.

◆ subitem[optional] removes the specified number of rule listnumber access list number.

[for example] Huawei router configuration command

◆ allows access to the 10.10.1.0 network source address, destination address for the 10.1.2.0 network WWW, but does not allow the use of FTP.

The Quidway (config) #access-list 100 permit TCP 10.10.1.0 0.0.0.255 10.1.2.0 0.0.0.255 EQ www

The Quidway (config) #access-list 100 deny TCP 10.10.1.0 0.0.0.255 10.1.2.0 0.0.0.255 EQ FTP OPFA

How to Configure a DNS Test Instance on Huawei S9300?

Questions:
How to configure GPBC a DNS Test Instance on Huawei Quidway S9300?

Answer:

Run:system-view,The system view is displayed.
Run:dns resolve,Dynamic DNS resolution is enabled.,By default, dynamic DNS resolution is disabled.
Run:nqa test-instance admin-name test-name,An NQA test instance is created, and the NQA view is displayed.
Run:test-type dns,The test type is set to DNS.
Run:destination-address url urlstring,The name of the destination host is configured.
Run:description string,A description is configured for the test instance.
Run:frequency interval,The test period is set for the NQA test instance.
Run:timeout time,The timeout period of a probe is set for the NQA test instance.,By default, the timeout period of a DNS probe is 3 seconds.
Run:records history number,The maximum number of historical records is set for the NQA test instance.
Run:records result number,The maximum number of result records is set for the NQA test instance.
Run:agetime hh:mm:ss,The aging time is set for the NQA test instance.
Run:dns-server ipv4 ip-address,The DNS server address is configured.

NOTE:
The NQA client also functions as the DHCP client. Perform the following steps on the NQA client.

For more Huawei Switch news about MA5603T  Price ans Specification, you can click here.

How to Configure the Uplink and Downlink Interfaces in a Monitor Link Group on Huawei S5700?

Questions:

How to configure OPFA the Uplink and Downlink Interfaces in a Monitor Link Group on Huawei Quidway S5700?

Answer:

Run:system-view,The system view is displayed.
Run:monitor-link group group-id,The Monitor Link group view is displayed. The S5700 supports a maximum of 16 Monitor Link groups.
Run:port interface-type interface-number { downlink [ downlink-id ] | uplink },An interface is configured as the uplink interface or downlink interface of the Monitor Link group.
run:smart-link group group-id uplink,An interface cannot be added to a Monitor Link group in the following situations:
The interface is added to an Eth-Trunk.
The interface is added to a Smart Link group.
The interface is added to another Monitor Link group.
A Smart Link group is configured as the uplink interface of the Monitor Link group.

NOTE:
The status of the uplink interface determines the status of the Monitor Link group. Therefore, after the downlink interface is added to the Monitor Link group, the result of the shutdown or undo shutdown command can be retained before the status of the uplink interface changes. When the status of the uplink interface changes, the status of the downlink interfaces changes as follows:
When an uplink interface in Up state is added to the Monitor Link group or when an uplink interface in Down state becomes Up, all the downlink interfaces in the Monitor Link group become Up.
When an uplink interface is deleted from the Monitor Link group or when an uplink interface in Up state becomes Down, all the downlink interfaces in the Monitor Link group become Down.
To add a Smart Link group to a Monitor Link group, you need to delete the existing uplink interface of the Monitor Link group. The Smart Link group and common interfaces are incompatible when serving as the uplink interface for a Monitor Link group.


For more Huawei GICF Switch news about Price ans Specification, you can click here.