Académique Documents
Professionnel Documents
Culture Documents
V100R006C00
Issue 02
Date 2011-10-01
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Website: http://www.huawei.com
Email: support@huawei.com
Intended Audience
This document describes procedures and provides examples for configuring the Device
Management features of the S6700.
This document guides you through the configuration and applicable environment of the Device
Management features of the S6700.
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention Description
&<1-n> The parameter before the & sign can be repeated 1 to n times.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all changes made in previous issues.
Contents
2 NAP Configuration.....................................................................................................................13
2.1 NAP Overview.................................................................................................................................................14
2.2 Configuring NAP-based Remote Deployment.................................................................................................14
2.2.1 Establishing the Configuration Task.......................................................................................................14
2.2.2 Configuring and Starting the NAP Master Interface...............................................................................15
2.2.3 Remote Login..........................................................................................................................................17
2.2.4 Disabling NAP on the Slave Device........................................................................................................18
2.2.5 Checking the Configuration.....................................................................................................................18
2.3 Configuration Examples...................................................................................................................................19
2.3.1 Example for Configuring NAP-based Remote Deployment in Static Mode...........................................20
2.3.2 Example for Configuring NAP-based Remote Deployment in Automatic Mode...................................21
3 Stacking.........................................................................................................................................24
3.1 Stacking Overview...........................................................................................................................................25
3.2 Principle of Stacking........................................................................................................................................25
3.3 Features of Stacking Supported by the S6700..................................................................................................31
3.4 Typical Topology of a Stack............................................................................................................................32
3.5 Configuring the Stacking Function on the S6700............................................................................................33
5 Hardware Management..............................................................................................................45
5.1 Hardware Management Overview....................................................................................................................46
5.2 Hardware Management Features Supported by the S6700...............................................................................46
5.3 Backing Up the Electronic Label......................................................................................................................46
5.3.1 Establishing the Configuration Task.......................................................................................................46
5.3.2 Backing Up the Electronic Label.............................................................................................................47
5.4 Configuring Electrical Port Sleep.....................................................................................................................47
5.4.1 Establishing the Configuration Task.......................................................................................................47
5.4.2 Enabling Electrical Port Sleep.................................................................................................................48
5.4.3 Checking the Configuration.....................................................................................................................48
7 Mirroring.......................................................................................................................................65
7.1 Introduction......................................................................................................................................................67
7.1.1 Mirroring Functions.................................................................................................................................67
7.2 Configuring Local Port Mirroring....................................................................................................................70
7.2.1 Establishing the Configuration Task.......................................................................................................70
7.2.2 Configuring Local Port Mirroring...........................................................................................................71
7.2.3 Checking the Configuration.....................................................................................................................71
7.3 Configuring Remote Port Mirroring.................................................................................................................72
7.3.1 Establishing the Configuration Task.......................................................................................................72
7.3.2 Configuring Remote Port Mirroring........................................................................................................72
7.3.3 Checking the Configuration.....................................................................................................................75
7.4 Canceling Port Mirroring..................................................................................................................................75
7.4.1 Establishing the Configuration Task.......................................................................................................75
7.4.2 Canceling Port Mirroring.........................................................................................................................76
7.4.3 Checking the Configuration.....................................................................................................................76
7.5 Configuring Local VLAN Mirroring................................................................................................................76
7.5.1 Establishing the Configuration Task.......................................................................................................77
7.5.2 Configuring Local VLAN Mirroring.......................................................................................................77
7.5.3 Checking the Configuration.....................................................................................................................78
7.6 Configuring Remote VLAN Mirroring............................................................................................................78
7.6.1 Establishing the Configuration Task.......................................................................................................78
7.6.2 Configuring Remote VLAN Mirroring...................................................................................................79
7.6.3 Checking the Configuration.....................................................................................................................80
7.7 Canceling VLAN Mirroring.............................................................................................................................80
7.7.1 Establishing the Configuration Task.......................................................................................................80
7.7.2 Canceling VLAN Mirroring....................................................................................................................80
7.7.3 Checking the Configuration.....................................................................................................................81
7.8 Configuring MAC Address-based Local Mirroring.........................................................................................81
7.8.1 Establishing the Configuration Task.......................................................................................................81
8 ALS Configuration....................................................................................................................112
8.1 ALS Overview................................................................................................................................................113
8.2 ALS Features Supported by the S6700...........................................................................................................113
8.3 Configuring ALS............................................................................................................................................114
8.3.1 Establishing the Configuration Task.....................................................................................................114
8.3.2 Enabling ALS on an Interface...............................................................................................................115
8.3.3 (Optional) Setting the Restart Mode of the Laser..................................................................................116
8.3.4 (Optional) Starting the Laser Manually.................................................................................................116
8.3.5 (Optional) Setting the ALS Pulse Interval and Width of the Laser.......................................................117
8.3.6 Checking the Configuration...................................................................................................................118
8.4 Configuration Examples.................................................................................................................................118
8.4.1 Example for Configuring ALS..............................................................................................................118
1 Auto-Config
This chapter describes the concept, working mechanism, and deployment of Auto-Config.
1.1 Overview
This section describes the functions, application scenarios, and terms of Auto-Config.
1.2 Auto-Config Features Supported by the S6700
This section describes how Auto-Config runs on the S6700.
1.3 Deploying Unconfigured Switches (Same Network Segment)
This section describes how to deploy S6700s without configuration file.
1.4 Deploying Unconfigured Switches (Different Network Segments)
This section describes how to deploy unconfigured S6700s.
1.1 Overview
This section describes the functions, application scenarios, and terms of Auto-Config.
When a new switch or a switch without any configuration file is powered on, Auto-Config runs
automatically to obtain a configuration file. With the Auto-Config function, the network
administrator can manage new switches or switches without any configuration file remotely.
NOTE
The Auto-Config function is applicable to new switches or switches without any configuration file
(unconfigured switches).
Intermediate File
The intermediate file lswnet.cfg is used in the Auto-Config process. The intermediate file records
the mapping between MAC addresses of switches and names of configuration files. After an
unconfigured switch obtains the IP address of the FTP/TFTP server, it downloads the
lswnet.cfg file from the FTP/TFTP server to search for the name of the required configuration
file, and then downloads the configuration file from the FTP/TFTP server.
NOTE
Auto-Config uses Option 67 to obtain the configuration file first. If Option 67 is not configured, Auto-
Config obtains the intermediate file.
For example, if the MAC address of an S6700 is 0018-82C5-AA89 and the S6700 needs to
download the configuration file S6700.cfg, the contents of the intermediate file are as follows:
mac=0018-82C5-
AA89;vrpfile=V100R006C00.cc;vrpver=V100R006C00;cfgfile=S6700.cfg;patchfile=S6700-
pat.pat;
esn=0213778899;vrpfile=V100R006C00.cc;vrpver=V100R006C00;cfgfile=S6700.
cfg;patchfile=S6700-pat.pat;
NOTE
If the configuration file is located on the FTP or TFTP server, its extension must be .cfg.
A MAC address and a configuration file name are separated by a semicolon. The format of a MAC address
is xxxx-xxxx-xxxx-xxxx. The name of a configuration file contains up to 48 characters, including the
extension .cfg. The name is case insensitive and cannot contain special characters. It is recommended that
the name consists of English letters, numbers, and underscore (_).
If multiple unconfigured switches need to be configured, each row in the intermediate file records the MAC
address of a switch and the name of the configuration file that the switch requires.
Option 67
The Option 67 field is configured on the DHCP server to specify the configuration file.
Option 150
The Option 150 field is configured on the DHCP server to specify the IP address of the TFTP
server.
Option 14x
The Option 14x field is configured on the DHCP server to specify the IP address, user name,
and password of the FTP server.
l Option 141: specifies the user name of the FTP user.
l Option 142: specifies the password of the FTP user.
l Option 143: specifies the IP address of the FTP server.
l Option 145: version file.
l Option 146: identity.
l Option 147: authentication.
Are No
DHCP Reply Packets
received?
Yes
Are No
DHCP Reply packets
valid?
Yes
Stop sending DHCP
Request packets
Allocate IP address
Configure non-
authentication for VTYs
Parse Option
parameters
Yes
Are there No Is the restart
No flag 1?
Version file name and Is there patch file
version info? information?
No
Start a new
AutoConfig process End
Applicable Environment
As shown in Figure 1-2, unconfigured switches are reachable from a DHCP server. A PC is
connected to the DHCP server and functions as an FTP or a TFTP server to store configuration
files. After the DHCP server and FTP/TFTP server are configured, every switch obtains a
configuration file through Auto-Config.
The DHCP server, FTP/TFTP server, and switches are deployed on the same network segment.
Figure 1-2 Auto-Config networking where the DHCP server, FTP/TFTP server, and
unconfigured switch are on the same network segment
Operator
SwitchA
SwitchB
DHCP Server FTP/TFTP Server
SwitchC
Pre-configuration Tasks
Before deploying unconfigured switches, complete the following tasks:
l Ensuring that there are routes from the DHCP server and FTP/TFTP server to the switches
l Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the
flash memory of each switch
l Ensuring that the switches are not added to any HGMP cluster
Data Preparation
To deploy unconfigured switches, you need the following data.
N Data
o.
1 Interconnection information about the upstream interfaces on each S6700 and the
downstream interfaces on the DHCP server
3 IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server
4 IP address, version file, patch file, and configuration file on the FTP/TFTP server
Context
The configuration procedure varies according to the device type of the DHCP server. Therefore,
the configuration procedure is not described and only the configuration contents are provided.
NOTE
The DHCP server must support either Option 150 or Option 14x.
Procedure
l Enable DHCP server.
l Configure an address pool, including the address range and Option 150 (or Option 14x).
It is required that the address pool be on the same network segment with unconfigured
switches and the FTP/TFTP server.
NOTE
Pay attention to the following points when configuring Option 150 or Option 14x:
l When new switches obtain configuration files through TFTP, the DHCP server must support
Option 150.
l When new switches obtain configuration files through FTP, the DHCP server must support
Option 141, Option 142, and Option 143.
l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes
precedence over Option 14x.
l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the
Auto-Config module cannot recognize the IP address, which results in an Auto-Config process
sends the DHCP messages incessantly.
l Add the downstream interface on the DHCP server to the management VLAN in access
mode and assign an IP address on the same network segment as the IP address of the DHCP
server to the management VLAN.
After Auto-Config is enabled, packets from an unconfigured switch do not carry tags.
Therefore, ensure that untagged packets can be transmitted between unconfigured switches
and the DHCP server.
----End
Procedure
l Set the IP address of the FTP/TFTP server.
For an FTP server, the IP address must be the same as the value of Option 143 configured
on the DHCP server; for a TFTP server, the IP address must be the same as the value of
Option 150 configured on the DHCP server.
l Create and configure an intermediate file.
The intermediate file is configured according to the MAC addresses of unconfigured
switches and the names of configuration files. For the format of the intermediate file, see
1.1 Overview.
l Save the intermediate file and configuration files to the working directory on the FTP/TFTP
server.
----End
Context
You can check different items in different phases in the Auto-Config process to confirm that
Auto-Config runs properly.
Procedure
Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP
server to confirm that the switches are connected to the DHCP server.
NOTE
If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not
configure the switches.
Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/
TFTP server or log in to the switches to confirm that correct configuration files have been
downloaded.
NOTE
Do not save a configuration file to a switch to be configured immediately after the configuration file is
downloaded; otherwise, only a temporary configuration file is saved because the configurations have not
taken effect.
Step 3 If the user has specified the activation delay, the configuration file will take effect after the delay.
If the user has not specified the activation delay, the configuration file will take effect
NOTE
If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch
may not respond in real time.
After the configurations take effect, modify the configuration of the downstream interface on the DHCP
server as required.
----End
Applicable Environment
As shown in Figure 1-3, unconfigured switches are reachable from a DHCP relay and a DHCP
server. A PC is connected to the DHCP server and functions as an FTP or a TFTP server to store
configuration files. After the DHCP server and FTP/TFTP server are configured, every switch
obtains a configuration file through Auto-Config.
The DHCP server, FTP/TFTP server, and switches are deployed on different network segments.
Figure 1-3 Auto-Config networking where the DHCP server, FTP/TFTP server, and
unconfigured switches are on different network segments
Operator
SwitchA
Network
SwitchB
DHCP Relay DHCP Server FTP/TFTP Server
SwitchC
Pre-configuration Tasks
Before deploying unconfigured switches, complete the following tasks:
l Ensuring that there are routes from the DHCP server, DHCP relay, and FTP/TFTP server
to the switches
l Ensuring that there is no *.cfg or *.zip file except the *web.zip and web.zip files in the
flash memory of each switch
l Ensuring that the switches are not added to any HGMP cluster and USB upgrade
Data Preparation
To deploy unconfigured switches, you need the following data.
N Data
o.
1 Interconnection information about the upstream interfaces on each S6700 and the
downstream interfaces on the DHCP relay
4 IP address, mask, address pool, and Option 150 or Option 14x of the DHCP server
6 IP address, default configuration file, and configuration files on the FTP/TFTP server
Context
The configuration procedure varies according to the device type of the DHCP server. Therefore,
the configuration procedure is not described and only the configuration contents are provided.
NOTE
The DHCP server must support either Option 150 or Option 14x.
Procedure
l Enable DHCP server.
l Configure an address pool, including the address range, gateway, and Option 150 (or Option
14x).
NOTE
Pay attention to the following points when configuring Option 150 or Option 14x:
l When new switches obtain configuration files through TFTP, the DHCP server must support
Option 150.
l When new switches obtain configuration files through FTP, the DHCP server must support
Option 141, Option 142, and Option 143.
l If both Option 150 and Option 14x are configured on the DHCP server, Option 150 takes
precedence over Option 14x.
l If you use ordinary characters to configure Option 150 or Option 143 on the DHCP server, the
Auto-Config module cannot recognize the IP address.
----End
Context
The configuration procedure varies according to the device type of the DHCP relay. Therefore,
the configuration procedure is not described and only the configuration contents are provided.
Procedure
l Enable DHCP relay.
l Configure the upstream and downstream interfaces.
You need to configure the IP address and mask for the upstream interface and configure
the IP address, mask, and DHCP relay address for the downstream interface.
NOTE
You can temporarily set the IP address of the downstream interface on the same network segment
with the IP addresses of unconfigured switches, and then add the downstream interface to the
management VLAN in access mode.
----End
Context
The configuration procedure varies according to the device type of the FTP/TFTP server.
Therefore, the configuration procedure is not described and only the configuration contents are
provided.
Procedure
l Set the IP address of the FTP/TFTP server.
For an FTP server, the IP address must be the same as the value of Option 143 configured
on the DHCP server; for a TFTP server, the IP address must be the same as the value of
Option 150 configured on the DHCP server.
l Create and configure an intermediate file.
----End
Prerequisite
The configurations of the DHCP server, DHCP relay, and FTP/TFTP server are complete.
Context
You can check different items in different phases in the Auto-Config process to confirm that
Auto-Config runs properly.
Procedure
Step 1 Five minutes after unconfigured switches are powered on, check address allocation on the DHCP
server to confirm that the switches are connected to the DHCP server.
NOTE
If the switches are connected to the DHCP server, you can log in to the switches through Telnet but do not
configure the switches.
Step 2 Five minutes after the switches obtain IP addresses, check the file downloading log on the FTP/
TFTP server or log in to the switches to confirm that correct configuration files have been
downloaded.
NOTE
Do not save a configuration file to a switch to be configured immediately after the configuration file is
downloaded; otherwise, only a temporary configuration file is saved because the configurations have not
taken effect.
Step 3 If the user has specified the activation delay, the configuration file will take effect after the delay.
If the user has not specified the activation delay, the configuration file will take effect
immediately by default. Then run the display current-configuration command to check
whether the configurations take effect.
NOTE
If you access the switch when it is busy delivering configurations in the Auto-Config process, the switch
may not respond in real time.
After the configurations take effect, modify the configuration of the downstream interface on the DHCP
relay as required.
----End
2 NAP Configuration
This chapter describes how to configure the Neighbor Access Protocol (NAP) on the S6700.
Usually, a device is installed with only necessary software before delivery and no configuration
is made. Therefore, engineers must configure and commission new devices on site but cannot
log in to the devices remotely. This makes the deployment inconvenient and increases the costs
of project operation and delivery.
The Huawei Group Management Protocol (HGMP) implements remote configuration on Layer
2 networks and is applicable to Ethernet networks. NAP implements remote configuration on
Layer 3 networks. It establishes a temporary neighbor relationship between a configured device
and an unconfigured device that are directly connected through physical links. Then you can log
in to the unconfigured device from the configured device and configure the unconfigured device
remotely. NAP greatly reduces the costs of network operation, maintenance, and delivery.
Context
CAUTION
After the device with an empty configuration is powered on and started, you must make sure
that its interfaces connected to the devices on the current network are Up and support NAP;
otherwise, the function of NAP-based remote deployment cannot take effect.
Applicable Environment
To deploy devices having empty configurations, you can use NAP to perform remote login to
the devices from a device in the current network. In this manner, you can implement remote
deployment of devices.
Pre-configuration Tasks
Before configuring NAP-based remote deployment, complete the following tasks:
l Connecting the device having an empty configuration to a device in the current network
via a single hop by using network cables
l Ensuring that the interfaces connecting the device with an empty configuration and the
device in the current network are both in the Up state, and support NAP.
Data Preparation
NOTE
l If the IP addresses used for establishing NAP connections are to be manually configured, you need to
prepare the following data before configuring NAP.
l Conversely, if the IP addresses for establishing NAP connections are to be automatically configured,
you can skip this.
No. Data
1 Two primary IP addresses. The two IP addresses are primary IP addresses for the
master interface and the slave interface respectively, and should be on the same
network segment.
2 Two secondary IP addresses. The two IP addresses are secondary IP addresses for
the master interface and the slave interface respectively, and should be on the same
network segment.
Context
CAUTION
If commands affecting the IP address configuration or IP packet forwarding (such as
configurations and commands related to the VPN, Eth-Trunk, or Layer 2 interface) exist on
device of the master interface, NAP enabled on the master interface becomes unavailable. You
are recommended to delete these commands and re-enable NAP.
Do as follows on the switch to configure and start the NAP master interface.
Procedure
l Automatic allocation of IP addresses
1. Run:
system-view
NOTE
After NAP is started on the master device, the IP address pool cannot be changed.
3. Run:
interface interface-type interface-number
When configuring IP addresses, ensure that the primary IP addresses of both the master
and the slave interfaces are on the same network segment, and that the secondary IP
addresses of both the master and the slave interfaces are on the same network segment.
----End
Context
Using the display nap interface command, you can view the NAP status of an interface to
ensure that the interface is assigned a correct IP address.
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
Step 3 Run:
nap login neighbor
The login to the slave device from the master device is performed.
l If the slave device has an empty configuration, you can log in to the slave device from the
master device without a user name and a password.
l If, however, the slave device is configured with user name(s) and password(s), you must
enter the correct user name and password to perform a NAP-based remote login to the slave
device.
NOTE
To ensure security for NAP, the slave device having an empty configuration checks the source address of
the Telnet login. If the Telnet source address is the NAP address of the master device that is telnetting to
the slave device, the slave device allows the master device to directly log in without being authenticated.
This is because by default, the user level of the remote login based on the NAP address is the same as the
login through the console interface, which enjoys the highest user level. If the Telnet source address is not
the NAP address of the master device, the remote login fails.
If ip source check user-bind enable command is executed on an interface, the interface cannot connect
to the NAP neighbor.
----End
Context
The master device has logged in to the slave device through Telnet. The NAP function is no
longer required, and to ensure security of the network, NAP should be globally disabled on the
slave interface of the slave device.
Do as follows on the switch that is configured as the NAP slave device.
Procedure
Step 1 Run:
system-view
----End
Prerequisite
NAP-based remote deployment has been completed.
Procedure
Step 1 Using the display nap status command, you can view the current NAP status.
Step 2 Using the display nap interface [ interface-type interface-number ] command, you can view
the NAP status of the specified interface.
----End
Example
Run the display nap status command to view the current NAP status.
<Quidway> display nap status
Slave port status : Enable
Nap ip-pool/Mask : 12.12.12.0/24
Run the display nap interface interface-type interface-number command to view the NAP status
of the specified interface.
<Quidway> display nap interface xgigabitethernet0/0/1
Networking Requirements
As shown in Figure 2-1, the user needs to perform a remote login to Switch B from Switch A.
Switch B is the master device, and temporary neighbor relationship is to be set up between
Switch B and Switch C having an empty configuration. Switch B and Switch C need to be directly
connected via a single hop. Both the interfaces connecting Switch B and Switch C should be in
the Up state, and should support NAP.
Network
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a NAP master interface on Switch B.
2. Configure an IP address for establishing a NAP connection on Switch B.
3. Use NAP to log in to Switch C from Switch B by means of Telnet.
Data Preparation
To complete the configuration, you need the following data:
l Two primary IP addresses. The two IP addresses are primary IP addresses for the master
interface and the slave interface respectively, and should be on the same network segment.
l Two secondary IP addresses. The two IP addresses are secondary IP addresses for the
master interface and the slave interface respectively, and should be on the same network
segment.
Procedure
Step 1 Configure a NAP master interface on Switch B
<Quidway> system-view
[Quidway] sysname SwitchB
[SwitchB] interface xgigabitethernet0/0/1
[SwitchB-XGigabitEthernet0/0/1] nap port master
# After the preceding configuration is complete, run the display nap status command on
Switch B. You can view that NAP has been enabled on Switch B. Then, run the display nap
interface command. You can view that the primary and secondary IP addresses have been
assigned to the master and slave interfaces. For example:
[SwitchB-XGigabitEthernet0/0/1] display nap status
Slave port status : Enable
Nap ip-pool/Mask : 10.167.253.0/24
[SwitchB-XGigabitEthernet0/0/1] display nap interface
------------------------------------------------------
NAP master port list
Port count : 1
------------------------------------------------------
Port property : Master
Current status : IP-ASSIGNED
Local port : XGigabitEthernet0/0/1
Peer port : XGigabitEthernet0/0/1
Local primary ip : 12.12.12.5
Peer primary ip : 12.12.12.6
Local secondary ip : 12.12.12.9
Peer secondary ip : 12.12.12.10
Hello time : 3s
Linked time : 00:02:33
------------------------------------------------------
Info: The max number of VTY users is 10, and the number
of current VTY users on line is 1.
----End
Configuration Files
None
Networking Requirements
As shown in Figure 2-2, the user needs to perform a remote login to Switch B from Switch A.
Switch B is the master device, and temporary neighbor relationship is to be set up between
Switch B and Switch C having an empty configuration. Switch B and Switch C need to be directly
connected via a single hop. Both the interfaces connecting Switch B and Switch C should be in
the Up state, and should support NAP.
Network
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a primary IP address and a secondary IP address on Switch B.
2. Configure a NAP master interface on Switch B.
3. Telnet to Switch C from Switch B by means of NAP.
Data Preparation
None
Procedure
Step 1 Configuring the NAP master interface
# Do as follows on Switch B.
<Quidway> system-view
[Quidway] sysname SwitchB
[SwitchB] interface xgigabitethernet0/0/1
[SwitchB-XGigabitEthernet0/0/1] nap port master
Info: The max number of VTY users is 10, and the number
of current VTY users on line is 1.
----End
Configuration Files
None
3 Stacking
This chapter describes the basic concepts and configuration methods of the stacking function.
3.1 Stacking Overview
This section describes the basic concepts of the stacking function.
3.2 Principle of Stacking
This section describes how a stack system is set up.
3.3 Features of Stacking Supported by the S6700
3.4 Typical Topology of a Stack
This section describes two typical topologies of a stack.
3.5 Configuring the Stacking Function on the S6700
This section describes how to configure the stacking function on the S6700.
3.6 Configuration Examples
This section provides an example for configuring a stack in a ring topology.
The stacking function indicates that multiple devices that support the stacking function are
connected together to logically function as one device. Up to nine stack devices are connected
through stack cables in a ring or link topology. All stack devices logically function as one device
to forward packets. Roles of devices in a stack are as follows:
l Master switch
A stack has only one master switch. The master switch manages the entire stack system by
assigning stack IDs to member switches, collecting information about the stack topology,
and notifying all the member switches of the information.
l Standby switch
A stack has only one standby switch. The standby switch backs up the master switch. When
the master switch is faulty, the standby switch functions as a master switch.
l Slave switch
The slave switch sends packets to inform the master switch of the topology change after
detecting that a neighbor is lost. Apart from the master switch and standby switch, all the
other switches in a stack are slave switches.
The master switch, standby switch, and all the slave switches are all member switches.
Interfaces connecting member switches are stack interfaces, and other interfaces are common
user interfaces. Member switches are connected through independent stack modules and stack
cables.
l When the products of the same series are stacked, the switch that is closest to the physical interface
of the new member switch added to the stack system synchronizes the system version of the new
member switch.
l If no switch in the stack system is of the same series as the new member switch or the system
version of the new member switch cannot be synchronized to the master switch version, the new
member cannot join the stack system.
l Use the devices of the same type (for example, EI devices or SI devices) as the member
switches of a stack system. The EI devices and SI devices cannot be used in the same stack
system.
l Connect all devices by using leased stack cables and stack modules.
The original service configurations on a switch are cleared after the switch is added to a stack.
Then, the switch uses global configurations of the master switch. If the configuration file already
exists on the master device and an interface already exists in the configuration file, the interface
can be configured through the configuration file. If an interface does not exist in the configuration
file, the configuration of the interface is null. If the configuration file does not exist on the master
device, the default configuration of the interface is used. If the stack ID of the added switch
conflicts with the stack ID of another member switch in the stack, the master switch reassigns
a stack ID to the added switch. Adding a member switch does not affect the original services in
the stack system.
A stack consists of up to nine switches. The number of the member switches cannot exceed the
limit after new member switches are added to the stack.
Replacing a member switch requires that the stack cables connecting the replaced switches to
other switches be removed.
l If the master switch is replaced, the standby switch becomes the master switch, and then
specifies another member switch as the standby switch and synchronizes data to the new
standby switch.
l If the standby switch is replaced, the master switch specifies another member switch as the
standby switch and synchronizes data to the new standby switch.
l After a stack system is created for the first time, the MAC address of the stack system is
the MAC address of the master switch. When the master switch is faulty or quits the stack
system, the MAC address of the stack system is immediately switched to be that of the
newly-elected master switch if the function of the delay in switching the MAC address of
the stack system is disabled. By default, the MAC address switchover is enabled and the
delay for switchover is 10 minutes.
l When a stack system is created, the MAC address of the stack system is switched to be that
of the newly-elected master switch, if the master switch is faulty or quits the stack system,
the stack system is configured with the MAC address switchover time, and the quitting
switch does not rejoin the stack within the switchover timeout interval. If the quitting switch
rejoins the stack before the switchover timer expires, the switch becomes a slave and the
MAC address of the stack system remains unchanged. In this case, the MAC address of the
stack system is the MAC address of a slave switch.
l When a slave switch quits a stack system, the MAC address of the stack system is switched
to be that of the master switch, if the MAC address of the stack system is the same as that
of the quitting slave switch and the quitting slave switch does not rejoin the stack after the
switchover timer times out.
CAUTION
Frequent switchovers may cause split of the stack.
CAUTION
l An instance loop will occur when a stack link is disconnected intermittently or a new switch
is added to the stack.
l An instance loop will occur when a stack is being set up.
Ethernet
SwitchA SwitchB
Stack-A
SwitchC SwitchD
stack link
common link
Ethernet
SwitchA SwitchB
Stack-B Stack-C
SwitchC SwitchD
stack link
common link
The action of dividing a stack system varies with different roles of the removed switches.
l After a stack system is divided, the original master and standby switches still belong to the
same stack system. In this case, the master switch recalculates the stack topology and
updates the topology information accordingly. After detecting that the stack protocol
packets time out, the removed slave switches are reset by themselves and reelect the master
switch. The newly-elected master switch obtains the configurations of the stack system
from the flash memory and then restores the configurations of other switches.
l After a stack system is divided, the original master and standby switches belong to different
stack systems. In this case, the original master switch specifies another switch as the standby
switch in its own stack system. The process of the stack system becoming stable is the same
as that when the standby switch quits the stack system. In the stack system where the original
standby switch currently belongs, the active/standby switchover is implemented, and the
process of the stack system becoming stable is the same as that when the master switch
quits the stack system.
The IP address and MAC address of a stack system is configured globally. That is, all the switches
in a stack system share the same IP address and MAC address. When a stack system is divided,
configuration collision may occur at Layer 3. For example, a Layer 3 VLANIF interface is
configured with an IP address 192.168.1.1. After the stack system is divided, two stack systems
with the IP address 192.168.1.1 exist on the network. In this case, IP address and MAC address
collision occurs. Therefore, collision detection must be implemented at Layer 2 and Layer 3
after a stack system is divided.
The dividing of a stack system mentioned here refers to the case that the original master and
standby switches belong to different stack systems after the original stack system is divided. In
this case, the active/standby switchover is implemented on the stack system where the standby
switch belongs. After the active/standby switchover, the new master switch specifies the MAC
address of its own as the MAC address of the stack system. In addition, the new master switch
sends gratuitous ARP packets to instruct other switches to update their MAC address and
implements IP collision detection. It is required that the two newly-created stack systems be able
to receive gratuitous ARP packets. After the original stack system is divided, the original master
switch detects IP address collision if receiving gratuitous packets whose source IP address is the
same as the IP address of the master switch. At the same time, the original master switch keeps
sending gratuitous ARP packets until no ARP packet with the conflicted IP address is received.
After a stack system is created, the entire stack system logically functions as one switch. The
features supported by stacking are configured the same whether in a stack system or in a non-
stack system. For more details, see the related configuration guide.
Ring Topology
The typical topology of a stack is a ring topology. As shown in Figure 3-3, stack interfaces on
the Switches are connected through leased stack cables.
NOTE
Do not directly connect stack ports on the same switch to form a loop.
SwitchA SwitchB
SwitchC SwitchD
stack link
common link
Link Topology
As shown in Figure 3-4, stack interfaces on the Switches are connected through leased stack
cables.
NOTE
Do not directly connect stack ports on the same switch to form a loop.
stack link
common link
Compared with the link topology, the ring topology enjoys higher reliability. When a stack link
in a ring topology breaks, the ring topology becomes a link topology. The entire stack system,
however, runs normally. You are recommended to adopt a ring topology when deploying
services.
Pre-configuration Tasks
Before creating a stack system, complete the following tasks:
l Enabling interfaces to function as stack interfaces and add member interfaces to the stack
interfaces
l Configuring the same software version for all the member switches
l Connecting all devices with stack cables or optical fibers
l Ensuring that all the stack devices can be started normally
Context
To use the stacking function, connect S6700s with tables, and configure their service interfaces
as stack interfaces.
NOTE
Stack interface 1 of a stack device on one end must connect to stack interface 2 of a stack device on the
other end.
Procedure
Step 1 Run:
system-view
NOTE
----End
Context
When the default reserved VLAN of the stack is used for other services, you need to configure
a new reserved VLAN before enabling the stacking function.
The reserved VLAN of the stack is configured on the master switch.
Procedure
Step 1 Run:
system-view
NOTE
----End
Context
Stack IDs can be configured before or after the stack system is created. By default, stack IDs of
member switches in a stack are all 0s. If stack IDs are not configured for member switches before
the stack system is created, the stack system assigns stack IDs to member switches after being
created. After the stack system is created successfully, all the configuration of the stack system
can be performed on the master switch only.
Procedure
Step 1 Run:
system-view
After the stack ID is configured, the configuration takes effect only after the device is restarted. The stack
slot-id command is valid only on the device where the stacking function is enabled.
----End
Context
The stack priority of a device can be configured before or after the stack system is created. If
the stack system is created, you can configure stack priorities on the master switch only; if the
stack system is not created, you can configure a stack priority on each device.
Procedure
Step 1 Run:
system-view
----End
Context
The MAC address switchover time can be configured before or after the stack system is created.
If the MAC address switchover time is configured for all the stack switches before the stack
system is created, the MAC address switchover time of the stack system is specified by the MAC
address switchover time of the master switch after the stack system is created, and the MAC
address switchover time of other member switches keeps the same as that of the master switch.
After the stack system is restarted, the MAC address of the stack is changed into the MAC
address of the new master switch. In this case, the MAC address of the stack system keeps
unchanged if the master switch is unchanged. If the stack system is created before the MAC
address switchover time of the system is configured, you can configure the MAC address
switchover time of the system on the master switch only. In this case, the MAC address
switchover time of other member switches keeps the same as that of the master switch. The
MAC address of the stack system keeps unchanged after the stack system is restarted. Do as
follows on the devices where the MAC address switchover time is to be configured.
Procedure
Step 1 Run:
system-view
The MAC address switchover time of the stack system is configured. By default, the delay of
the MAC address switchover is 10 minutes.
----End
Procedure
l Run the display stack command to check information about the member switches in a
stack.
l Run the display stack configuration command to check the default stack ID and stack
priority when the stack member starts this time and next time.
----End
Example
You can use the display stack command to check stack IDs and priorities of member switches
in a stack.
<Quidway> display stack
Stack topology type: Link
Stack system MAC: 0018-8210-1234
MAC switch delay time: 10 min
Stack reserved vlanid : 2
Slot# role Mac address Priority Device type
------ ---- -------------- ------ -------
0 Master 0018-8210-1234 100 S6700-EI
You can use the display stack configuration command to check the default stack ID and stack
priority when the stack member starts this time and next time.
Networking Requirements
As shown in Figure 3-5, Switch A, Switch B, Switch C, and Switch D form a stack in a ring
topology. The stack system is automatically created. Switch A functions as the master switch,
whereas Switch B functions as a standby switch. After the active/standby switchover, the MAC
address of the stack system is immediately switched. To avoid updating MAC addresses of the
stack system frequently and wasting system resources, set the MAC address switchover time of
the stack system to 1 minute after the active/standby switchover.
SwitchA SwitchB
SwitchC SwitchD
stack link
common link
Configuration Roadmap
The configuration roadmap is as follows:
l Configure the MAC address switchover time of the stack system on the master switch.
Data Preparation
To complete the configuration, you need the following data:
l Service interfaces that need to be configured as stack interfaces on the master switch
l Member interfaces to be added to the stack interfaces on the master switch
Configuration Procedure
1. Enable the stack interface function on XGE0/0/1 through XGE0/0/4 as stack interfaces on
SwitchA.
<SwitchA> system view
[SwitchA] stack port interface XGigabitEthernet 0/0/1 to 0/0/4 enable
3. # Configure the MAC address switchover time of the stack system on Switch A.
<SwitchA> system-view
[SwitchA] stack timer mac-address switch-delay 1
# Run the display stack command on Switch A to check basic information about a stack.
<SwitchA> display stack
Stack topology type: Ring
Stack system MAC: 0018-82b1-6eb8
MAC switch delay time: 1 min
Stack reserved vlanid : 4093
slot# role Mac address Priority Device type
------ ---- -------------- ------ -------
0 Slave 0018-82d2-2e85 100 S6700-48-EI
1 Slave 0018-82c6-1f44 100 S6700-48-EI
3 Standby 0018-82c6-1f4c 100 S6700-48-EI
4 Master 0018-82b1-6eb8 100 S6700-48-EI
Configuration Files
None.
This chapter describes the maintenance, usage of the display commands and the regular
expression.
4.1 Introduction
This section describes function of display commands.
4.2 Checking the Status of the S6700
This section describes how to check the status of the S6700 by using the display commands.
4.1 Introduction
This section describes function of display commands.
You can use display commands to view the status of a device and check whether the device runs
normally.
Context
You can run the following command in any view to check the type and status of a component
on the S6700.
Procedure
Step 1 Run:
display device [ slot slot-id ]
----End
Context
You can run the display version command in any view to check the version of the S6700.
The displayed information includes the type of a card, startup duration, version of the hardware,
and version of the software.
Procedure
Step 1 Run:
display version [ slot slot-id ]
----End
Context
You can run the display elabel command in any view to check the electronic labels.
You can run the display elabel command to check information about the hardware code. The
hardware code provides necessary basis for such services as network installation, network
upgrade, network expansion, device management and maintenance, and device replacement in
batches.
The displayed information includes: type of the card, bar code, Bill of Material (BOM) code,
English description, production date, supplier name, issuing number, Common Language
Equipment Identification (CLEI) code, and sales BOM code.
Procedure
Step 1 Run:
display elabel [ slot slot-id [ subcard-id ] ]
[Slot_0]
/$[Board Integration Version]
/$BoardIntegrationVersion=3.0
[Main_Board]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0
[Board Properties]
BoardType=LS6ZE24CM0
BarCode=210235276610B4000013
Item=02352766
Description=Quidway S6700-24-EI, LS6ZE24CM0, S6700-24-EI Mainframe (24 GE SFP/10 GE
SF
P+, Chassis, Dual Slots of power, Without Power Module)
Manufactured=2011-04-18
VendorName=Huawei
IssueNumber=
CLEICode=
BOM=
[Port_1]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0
[Board Properties]
BoardType=AFBR-703SDZ
BarCode=AA1044A8T1H
Item=
Description=10Gbps-850nm--0
Manufactured=10-11-07
/$VendorName=AVAGO
IssueNumber=
CLEICode=
BOM=
[Port_2]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0
[Board Properties]
BoardType=
BarCode=
Item=
Description=
Manufactured=
/$VendorName=
IssueNumber=
CLEICode=
BOM=
[Port_3]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0
[Board Properties]
BoardType=
BarCode=
Item=
Description=
Manufactured=
/$VendorName=
IssueNumber=
CLEICode=
BOM=
[Port_4]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0
[Board Properties]
BoardType=
BarCode=
Item=
Description=
Manufactured=
/$VendorName=
IssueNumber=
CLEICode=
BOM=
----End
Context
You can run the following command in any view to check the working temperature of the
S6700.
Procedure
Step 1 Run:
display environment [ slot slot-id ]
----End
Procedure
Step 1 Run:
display fan [ slot slot-id | verbose ]
----End
Procedure
Step 1 Run the following command in any view:
display power
----End
Procedure
Step 1 Run:
display cpu-usage [ configuration | slave | slot slot-id ]
----End
Context
You can run the following command in any view to check the memory usage of the S6700.
Procedure
Step 1 Run:
display memory-usage [ slave | slot slot-id ]
----End
Context
You can run the following command in any view to check alarms on the S6700.
Procedure
Step 1 Run:
display alarm urgent [ slot slot-id | time interval ]
----End
5 Hardware Management
Hardware management refers to operating the installed hardware of the S6700 by using
commands.
Applicable Environment
Electronic labels of network devices play an important role in troubleshooting. When faults
occur on a network, you can obtain hardware information quickly from electronic labels.
Therefore, you need to back up electronic labels.
Pre-configuration Tasks
Before backing up the electronic label of the S6700, complete the following task:
l Connecting the S6700 to an FTP server and ensuring that there is a reachable route between
them
Data Preparation
To back up the electronic label of the S6700, you need the following data.
No. Data
No. Data
3 FTP server address, FTP user name, and password (only applicable to saving the
electronic label to an FTP server)
Procedure
l Back up the electronic label to the CF card.
1. Run the following command in the user view:
backup elabel [ slot slot-id ]
----End
Applicable Environment
When a device is working normally, you can enable electrical port sleep to save energy.
Pre-configuration Tasks
None.
Data Preparation
To configure electrical port sleep, you need the following data.
No. Data
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface { interface-type interface-number }
Step 3 Run:
port-auto-sleep enable
----End
Procedure
l Run:
system-view
----End
This chapter describes the basics of the information center, introduces the procedure for
managing the information center and monitoring the device, and provides configuration
examples.
Information Classification
The information receives and processes the following types of information:
l Logs
l Debugging information
l Alarm information
When information filtering based on severity levels is enabled, only the information whose
severity level threshold is less than or equal to the configured value is output.
For example, if the severity level value is configured to 6, only the information with the severity
level value from 0 to 6 is output.
Loghost Loghost
Traps 2
Trapbuffer Trap buffer
3
Logbuffer Log buffer
4
Debugs
SNMP agent
5 SNMP agent
6 channel6
Direction of logs channel7
7
Direction of alarms
8 channel8
Direction of debugging
information
channel9
9
For details of association relationship between default channels and output directions, see Table
6-2.
Table 6-2 Association relationship between the information channels and output directions
2 Loghost Log host Outputs information to the log host that can
receive logs, alarms, and debugging
information. The information is saved to a
log host in the file format for easy reference.
When multiple log hosts are configured, you can configure logs to be output to different log
hosts through one channel or several channels. For example, configure parts of logs to be output
to a log host either through Channel 2 (loghost) or through Channel 6. You can also change the
name of Channel 6 for managing channel conveniently.
Format of Logs
Syslog is a sub-function of the information center. It outputs information to a log host through
port 514.
<Int_16> Leading character Before logs are output to log hosts, leading
characters are added.
Logs saved in the local device do not contain
leading characters.
AAA Module name Indicates the name of the module that outputs
information to an information center.
slot=XXX Location information Slot indicates the number of the slot that sends the
location information.
Format of Alarms
Figure 6-3 shows the format of the output alarms.
TimeStamp Time to send out the Five timestamp formats are available:
information l boot: indicates relative time. By default,
debugging information adopts this timestamp
format.
l date: indicates the timestamp in the format of
system time. By default, logs and traps adopt
this timestamp format.
l short-date: indicates system time. The short-
date format does not contain year information.
l format-date: indicates another format of system
time.
l none: indicates that no timestamp is contained
in traps.
The timestamp and the host name are separated by
a blank space.
ModuleName Module name Indicates the name of the module that generates an
alarm.
Applicable Environment
To collect debugging information, logs, and traps during the operation of the S6700, and to send
them to the terminal for display, or to the buffer or the host for storage, you need to configure
the information center.
Pre-configuration Tasks
None.
Data Preparation
To manage the information center, you need the following data.
No. Data
4 (Optional) Language used in the logs and the address of the log host
Context
Do as follows on the S6700.
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center enable
NOTE
The system sends the system information to the log host and the console only after the information center
is enabled.
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center channel channel-number name channel-name
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center source { module-name| default } channel { channel-number | channel-
name } [ { debug | log | trap } { state { off | on } | level severity } * ] *
A module (or modules) is specified to send debugging information, logs, or traps to the
information channels.
NOTE
Run the undo info-center source { module-name | default } channel { channel-number | channel-
name } command to disable the unnecessary modules and select one or more modules to send information
to the information channels.
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center timestamp debugging { boot | none | { short-date | format-date | date }
[ precision-time { tenth-second | second } ] }
Step 3 Run:
info-center timestamp { trap | log } { boot | none | { short-date | format-date |
date } [ precision-time { tenth-second | millisecond } ] }
The format of the timestamp is set for the output logs or traps information.
----End
Action Command
Check the information in the log display logbuffer [ level severity | module module-
buffer of the memory. name | size value | slot slot-id ]*
Check the summary of the display logbuffer summary [ level severity | slot slot-
information in the log buffer. id ]*
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center console channel { channel-number | channel-name }
Step 3 Run:
quit
Step 4 Run:
terminal monitor
NOTE
----End
Procedure
Step 1 Run:
system-view
NOTE
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center snmp channel { channel-number | channel-name }
Step 3 Run:
snmp-agent
For details on configuring the SNMP agent, refer to chapter "SNMP Configuration" in the
Configuration Guide - Network Management.
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center logbuffer [ channel { channel-number | channel-name } | size
buffersize ] *
----End
Context
Do as follows on the S6700.
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center trapbuffer [ channel { channel-number | channel-name } | size
buffersize ] *
----End
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center loghost ip-address [ channel { channel-number | channel-name } |
facility local-number | { language language-name | binary [ port ] } | { vpn-
instance vpn-instance-name | public-net } ] *
Step 3 Run:
info-center loghost ipv6 ipv6-address [ channel { channel-number | channel-name }
| facility local-number | { language language-name | binary [ port ] } ] *
Step 4 Run:
info-center loghost source interface-type interface-number
----End
Action Command
Run the preceding command. If the information center can send the statistics to the destination
terminal, it means that the configuration succeeds.
CAUTION
Statistics cannot be restored after being cleared. So, confirm the action before you run the
command.
Action Command
Networking Requirements
Network
VLANIF10
2.0.0.1/8 1.0.0.1/8
Configuration Roadmap
The configuration roadmap is as follows:
Data Preparation
To complete the configuration, you need the following data:
Configuration Procedure
NOTE
In the example, only the commands related to monitoring are listed. For details on configuring the log host,
see the help files on the log host.
# Set VLANIF 10 as the interface for sending information to the log host on the S6700.
[Quidway] vlan 10
[Quidway-vlan10] quit
[Quidway] interface xgigabitethernet0/0/1
[Quidway-XGigabitEthernet0/0/1] port link-type hybrid
[Quidway-XGigabitEthernet0/0/1] port hybrid untagged vlan 10
[Quidway-XGigabitEthernet0/0/1] quit
[Quidway] interface vlanif 10
[Quidway-vlanif10] ip address 2.0.0.1 255.0.0.0
[Quidway-vlanif10] quit
[Quidway] info-center loghost source vlanif 10
Configuration Files
#
info-center source default channel 2 log level debugging state on trap state off
debug state off
info-center loghost source vlanif 10
info-center loghost 1.0.0.1
#
#
vlan batch 10
#
interface vlanif10
ip address 2.0.0.1 255.0.0.0
#
interface XGigabitEthernet0/0/1
port hybrid untagged vlan 10
#
return
7 Mirroring
The mirroring function is used to monitor packets that meet certain requirements.
7.1 Introduction
This section describes the basics of mirroring.
7.2 Configuring Local Port Mirroring
This section describes how to configure local port mirroring.
7.3 Configuring Remote Port Mirroring
This section describes how to configure remote port mirroring.
7.4 Canceling Port Mirroring
This section describes how to cancel port mirroring.
7.5 Configuring Local VLAN Mirroring
This section describes how to configure local VLAN mirroring.
7.6 Configuring Remote VLAN Mirroring
This section describes how to configure remote VLAN mirroring.
7.7 Canceling VLAN Mirroring
This section describes how to cancel local VLAN mirroring and remote VLAN mirroring.
7.8 Configuring MAC Address-based Local Mirroring
This section describes how to configure local MAC address mirroring.
7.9 Configuring RSPAN Based on MAC Addresses
This section describes how to configure RSPAN based on MAC addresses.
7.10 Canceling Mirroring Based on MAC Addresses
This section describes how to cancel mirroring based on MAC addresses.
7.11 Configuring Local Flow Mirroring
This section describes how to configure local flow mirroring.
7.12 Configuring Remote Flow Mirroring
This section describes how to configure remote flow mirroring.
7.1 Introduction
This section describes the basics of mirroring.
Mirroring is to copy packets to an observing port to monitor packets without affecting packet
forwarding. You can use the mirroring function for network check and troubleshooting.
Mirroring functions are classified into port mirroring, flowing mirroring, VLAN mirroring,
MAC address mirroring, and CPU mirroring.
Concepts
l Observing port
An observing port on the S6700 is connected to a monitoring host. It is used to export the
traffic copied from a mirrored port or a flow mirroring port.
l Mirrored port
A mirrored port is the interface to be observed. Incoming traffic or outgoing traffic passing
through a mirrored port is copied to an observing port.
l Flow mirroring port
A flow mirroring port is a port to which traffic policies are applied. On such a port, the
incoming traffic that matches the traffic classifier in the traffic policy is copied to an
observing port.
l Mirrored flow
A mirrored flow is a packet flow that runs to a flow mirroring port and is observed. When
a flow becomes a mirrored flow, it is copied to an observing port.
l Mirrored VLAN
A mirrored VLAN is a VLAN to be observed. Incoming traffic or outgoing traffic passing
through a mirrored VLAN is copied to an observing port.
l Mirrored MAC address
A mirrored MAC address is the source or destination MAC address of the packets to be
mirrored. The S6700 copies the traffic matching this MAC address to an observing port.
l RSPAN VLAN
A Remote Switched Port Analyzer (RSPAN) VLAN is a VLAN used for remote mirroring.
When the mirrored port and the observing port are located on different switches, packets
from the mirrored port must be broadcast to the observing port through the RSPAN VLAN.
l Local mirroring
The observing port and mirrored port are on the same switch.
l Remote mirroring
The observing port and mirrored port are on different switches.
NOTE
The S6700 does not support the function of mirroring a flow to multiple observing ports.
Port Mirroring
In the process of port mirroring, the S6700 copies the packets passing through a mirrored port
and then sends the copy to a specified observing port. Figure 7-1 shows the diagram of interface
mirroring.
Mirror
port
Switch
Mirror Observe
port port
Port
Data flow
Sniffer host Copy of data flow
Flow Mirroring
In the process of flow mirroring, the S6700 copies the mirroring flow passing one or more
interfaces and sends the copy to an observing port. Figure 7-2 shows the diagram of flow
mirroring.
Mirror
port
Switch
Mirror Observe
port port
Port
Match traffic classification
Data flow
Sniffer host Copy of data flow
Flow mirroring is a type of action in traffic behaviors. When a traffic policy configured with
flow mirroring is applied to an interface, the S6700 copies the inbound data flow on this interface
that matches the traffic classifier and sends the copy to the observing port.
VLAN Mirroring
In the process of VLAN mirroring, the S6700 mirrors the packets passing through all active
interfaces in a specified VLAN to a specified observing port. Compared with interface mirroring,
VLAN mirroring mirrors packets in a wider range. You can monitor packets in one or more
VLANs.
CPU Mirroring
CPU mirroring is used to mirror all the packets received by the CPU. CPU mirroring is
implemented as follows:
l If an ACL rule is specified, the packets that match the ACL rule are mirrored to a specified
observing port.
l If no ACL rule is specified, all the packets received by the CPU are mirrored to a specified
observing port.
RSPAN
A switch can copy incoming or outgoing packets on a mirrored port to an observing port. When
the observing port and the mirrored port are on different switches, packets can be copied to the
observing port through the RSPAN function, which is also called remote mirroring.
Source Destination
Switch Switch
Sniffer host
Intermediate Switch
Port
Data flow
Copy of data flow
In Figure 7-3:
l The source switch is the Switch where the mirrored port is located.
l The destination switch is the Switch where the observing port is located.
l The intermediate switch is a device between the source switch and destination switch.
NOTE
The source switch and destination switch can also be directly connected to implement the RSPAN
function.
The RSPAN function broadcasts mirrored packets from the source switch to the destination
switch in the RSPAN VLAN. Interfaces between the source switch, intermediate switch, and
destination switch must be added to the RSPAN VLAN.
Mirrored packets are forwarded to the intermediate switch through the observing port on the
source switch. Then the intermediate switch broadcasts mirrored packets to the observing port
on the destination switch in the RSPAN VLAN.
Through the RSPAN function, packets on a specified interface or VLAN, with a specified source
or destination MAC address, or matching a classifier can be copied to an observing port on a
remote device.
Applicable Environment
When all incoming or outgoing packets passing through a specified interface of the S6700 need
to be monitored, you can configure local port mirroring if the mirrored port is located on the
same S6700 as the observing port.
Pre-configuration Tasks
None.
Data Preparation
To configure local port mirroring, you need the following data.
No. Data
Context
A mirrored port can be a physical interface or an Eth-Trunk interface.
To configure an Eth-Trunk as a mirrored port, you must run the interface eth-trunk trunk-id
command to create the Eth-Trunk first.
l If an Eth-Trunk is configured as a mirrored port, its member interfaces cannot be configured
as mirrored ports.
l If a member interface of an Eth-Trunk is configured as a mirrored port, the Eth-Trunk
cannot be configured as a mirrored port.
Procedure
Step 1 Run:
system-view
Step 2 Run:
observe-port index interface interface-type interface-number
Step 3 Run:
interface interface-type interface-number
Step 4 Run:
port-mirroring to observe-port index { both | inbound | outbound }
----End
Action Command
Pre-configuration Tasks
None.
Data Preparation
To configure remote port mirroring, you need the following data.
No. Data
Procedure
l Specify a mirrored port and an RSPAN VLAN on the source switch.
NOTE
1. Run:
system-view
NOTE
If MAC address learning is disabled in the VLAN, other services cannot be configured in the VLAN.
4. Run:
quit
The RSPAN VLAN is created and the RSPAN VLAN view is displayed.
3. Run:
quit
The view of the interface connected to the source switch or destination switch is
displayed.
5. Run:
port link-type trunk
The RSPAN VLAN is created and the RSPAN VLAN view is displayed.
3. Run:
quit
NOTE
If no intermediate switch exists, you enter the view of the interface connected to the source
switch.
5. Run:
port link-type trunk
The observing port is configured as a hybrid interface and it allows packets of the
RSPAN VLAN to pass.
9. Run:
quit
----End
Action Command
Applicable Environment
When port mirroring is enabled on an interface of the S6700, and the incoming or outgoing
packets passing through this interface do not need to be monitored, you can cancel port mirroring
on that interface. You must cancel port mirroring on the bound observing port before deleting
this observing port.
Pre-configuration Tasks
None.
Data Preparation
To cancel port mirroring, you need the following data.
No. Data
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
Step 3 Run:
undo port-mirroring { both | inbound | outbound }
----End
Action Command
Run the display port-mirroring command. If port mirroring is cancelled properly, the
configuration is successful.
Pre-configuration Tasks
Before configuring local VLAN mirroring, complete the following tasks:
l Creating a VLAN as the monitored VLAN
l Adding physical interfaces to the monitored VLAN
Data Preparation
To configure local VLAN mirroring, you need the following data.
No. Data
2 ID of a mirrored VLAN
Procedure
Step 1 Run:
system-view
----End
Action Command
Applicable Environment
When incoming packets passing through any active interfaces of the S6700 in a specified VLAN
or some VLANs need to be monitored, you can configure remote VLAN mirroring if the interface
added to the monitored VLAN is not located on the same S6700 as the observing port.
Pre-configuration Tasks
Before configuring remote VLAN mirroring, complete the following tasks:
l Creating a VLAN as the monitored VLAN
l Adding physical interfaces to the monitored VLAN
Data Preparation
To configure remote VLAN mirroring, you need the following data.
No. Data
Procedure
l Configure remote VLAN mirroring on the source switch.
NOTE
NOTE
If MAC address learning is disabled in the VLAN, other services cannot be configured in the VLAN.
4. Run:
quit
To observe incoming and outgoing packets of multiple VLANs, repeat Step 6 and
Step 7.
l Configure the RSPAN VLAN on the intermediate switch and add interfaces to the RSPAN
VLAN.
The configuration is the same as that for remote port mirroring. For details, see 7.3.2
Configuring Remote Port Mirroring.
l Configure the remote observing port on the destination switch.
The configuration is the same as that for remote port mirroring. For details, see 7.3.2
Configuring Remote Port Mirroring.
----End
Action Command
Pre-configuration Tasks
None.
Data Preparation
To cancel VLAN mirroring, you need the following data.
No. Data
Procedure
Step 1 Run:
system-view
Step 2 Run:
vlan vlan-id
Step 3 Run:
undo mirroring inbound
----End
Action Command
Applicable Environment
When incoming packets with the specified source or destination MAC address in a VLAN need
to be monitored on the S6700, you can configure local MAC address mirroring if the monitoring
interface receiving these incoming packets is located on the same S6700 as the observing port.
Pre-configuration Tasks
None.
Data Preparation
To configure local MAC address mirroring, you need the following data.
No. Data
No. Data
Procedure
Step 1 Run:
system-view
Step 2 Run:
observe-port index interface interface-type interface-number
Step 3 Run:
vlan vlan-id
Step 4 Run:
mac-mirroring mac-address to observe-port index inbound
You can repeatedly perform Step 3 and Step 4 to monitor the incoming packets with multiple
MAC addresses in multiple VLANs.
----End
Action Command
Pre-configuration Tasks
None.
Data Preparation
To configure RSPAN based on MAC addresses, you need the following data.
No. Data
3 ID of the VLAN that the packet with the MAC address to be mirrored belongs to
4 ID of an RSPAN VLAN
Procedure
l Configure remote MAC address mirroring on the source switch.
NOTE
NOTE
If MAC address learning is disabled in the VLAN, other services cannot be configured in the VLAN.
4. Run:
quit
The view of the VLAN that the observed MAC address belongs to is displayed.
7. Run:
mac-mirroring mac-address to observe-port index inbound
Remote MAC address mirroring is configured and the RSPAN VLAN is specified.
To observe incoming packets from or destined for multiple MAC addresses, repeat
Step 6 and Step 7.
l Configure the RSPAN VLAN on the intermediate switch and add interfaces to the RSPAN
VLAN.
The configuration is the same as that for remote port mirroring. For details, see 7.3.2
Configuring Remote Port Mirroring.
l Configure the remote observing port on the destination switch.
The configuration is the same as that for remote port mirroring. For details, see 7.3.2
Configuring Remote Port Mirroring.
----End
Action Command
Pre-configuration Tasks
None.
Data Preparation
To cancel mirroring based on MAC addresses, you need the following data.
No. Data
Procedure
Step 1 Run:
system-view
The view of the VLAN that monitored MAC address belongs to is displayed.
Step 3 Run:
undo mac-mirroring mac-address inbound
----End
Action Command
If MAC address mirroring on the VLANIF interface is cancelled, the configuration is successful.
Pre-configuration Tasks
None.
Data Preparation
To configure local flow mirroring, you need the following data.
No. Data
There is no specified order among the matching rules in a traffic classifier. You can combine these rules.
For details on configuring traffic classification rules, see Configuring Complex Traffic
Classification in the Quidway S6700 Series Ethernet Switches Configuration Guide - QoS.
Procedure
Step 1 Run:
system-view
Step 2 Run:
observe-port index interface interface-type interface-number
Step 3 Run:
traffic behavior behavior-name
Step 4 Run:
mirroring to observe-port index
----End
Follow-up Procedure
After configuring flow mirroring in a traffic behavior, you need to bind the behavior to a traffic
classifier in a traffic policy and then apply the policy to the interface. For detailed configuration
procedures, see 7.11.4 Creating and Applying a Traffic Policy.
Context
Do as follows on the S6700 that needs to be configured with flow mirroring.
Procedure
Step 1 Run:
system-view
Step 2 Run:
traffic policy policy-name
Step 3 Run:
classifier classifier-name behavior behavior-name
class-name in this step must be the same as the name of the traffic class created in 7.11.2
Configuring Traffic Classification Rules.
In this step, behavior-name must be the same as that specified in Step 3 when you configure the
traffic behavior.
Step 4 Run:
quit
Step 5 Run:
interface interface-type interface-number
Step 6 Run:
traffic-policy policy-name inbound
The traffic policy that contains flow mirroring is applied to the interface.
You can repeatedly perform Step 5 and Step 6 to monitor the incoming flows, with the same
attributes, passing through multiple interfaces.
----End
Action Command
Pre-configuration Tasks
None.
Data Preparation
To configure remote flow mirroring, you need the following data.
No. Data
Context
For how to configure traffic classification rules, see 7.11.2 Configuring Traffic Classification
Rules.
NOTE
If MAC address learning is disabled in the VLAN, other services cannot be configured in the VLAN.
4. Run:
quit
Context
For how to configure traffic classification rules on the source S6700, see 7.11.4 Creating and
Applying a Traffic Policy.
Action Command
Action Command
Applicable Environment
When flow mirroring is enabled and the flow, with the same attributes, passing through the
S6700 does not need to be monitored, you can cancel flow mirroring.
Pre-configuration Tasks
None.
Data Preparation
To cancel flow mirroring, you need the following data.
No. Data
1 Type and number of the interface where flow mirroring needs to be cancelled
Context
Do as follows on the S6700 that is configured with flow mirroring.
Procedure
Step 1 Run:
system-view
The traffic policy and flow mirroring action on the interface are canceled.
To cancel a traffic policy, you must cancel the traffic policy on all the interfaces where the traffic
policy is applied, and then run the undo traffic policy policy-name command to cancel the traffic
policy in the system view.
----End
Action Command
Applicable Environment
When you do not need to monitor the flow passing through the S6700, you can delete the current
observing port; when you need to specify another interface on the S6700 as an observing port,
you can change the current observing port.
Pre-configuration Tasks
Before changing or deleting an observing port, complete the following tasks:
l 7.4 Canceling Port Mirroring
l 7.7 Canceling VLAN Mirroring
l 7.10 Canceling Mirroring Based on MAC Addresses
l 7.13 Canceling Flow Mirroring
Data Preparation
To change or delete an observing port, you need the following data.
No. Data
Prerequisite
Before deleting an observing port, make sure that the observing port is not used in any mirroring
configuration.
Procedure
Step 1 Run:
system-view
----End
Procedure
Step 1 Run:
system-view
----End
Action Command
If the observing port is deleted or a new observing port is specified, the configuration is
successful.
Applicable Environment
When debugging the S6700, you can configure CPU mirroring, if you need to monitor the
packets received by the CPU.
Pre-configuration Tasks
None.
Data Preparation
To configure CPU mirroring, you need the following data.
No. Data
Context
Do as follows on the S6700 that needs to be configured with CPU mirroring.
Procedure
Step 1 Run:
system-view
Step 2 Run:
acl [ number ] acl-number
An Access Control List (ACL) is created and the ACL view is displayed.
For details on the acl command, see the Quidway S6700 Series Ethernet Switches - Command
Reference.
Step 3 Run:
rule
For details on the rule command, see the Quidway S6700 Series Ethernet Switches - Command
Reference.
----End
Procedure
Step 1 Run:
system-view
----End
Procedure
Step 1 Run:
system-view
----End
Action Command
If the number of the ACL that matches packets received by the CPU and the observing port are
displayed, the configuration is successful.
Pre-configuration Tasks
None.
Data Preparation
To cancel CPU mirroring, you need the following data.
No. Data
Procedure
Step 1 Run:
system-view
----End
Action Command
Networking Requirements
As shown in Figure 7-4, a Layer 2 (L2) switch is connected to XGigabitEthernet 0/0/1 on the
Switch, and the incoming traffic on XGigabitEthernet 0/0/1 needs to be monitored. In this case,
you can configure local port mirroring with XGigabitEthernet 0/0/1 as a mirrored port and
XGigabitEthernet 0/0/24 as an observing port.
XGE0/0/3
Switch
XGE0/0/1 XGE0/0/24
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure XGigabitEthernet 0/0/24 as an observing port.
2. Configure XGigabitEthernet 0/0/1 as a mirrored port.
Data Preparation
None.
Configuration Procedure
1. Create a VLAN on the Switch and add interfaces to the VLAN in trunk mode.
# Add XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/3 to a same VLAN in trunk mode.
The following takes the configuration of XGigabitEthernet 0/0/1 as an example. The
Configuration Files
Configuration file of the Switch
#
vlan batch 1
#
sysname Switch
#
observing-port 1 interface XGigabitEthernet0/0/24
#
interface XGigabitEthernet0/0/1
port trunk allow-pass vlan 1
port-mirroring to observe-port 1 inbound
#
interface XGigabitEthernet0/0/3
port trunk allow-pass vlan 1
#
return
Networking Requirements
As shown in Figure 7-5, XGigabitEthernet0/0/1 is connected to PC1; XGigabitEthernet0/0/2 is
connected to PC2. PC1 and PC2 belong to VLAN 10. Now, incoming traffic of all active
interfaces in VLAN 10 needs to be monitored. In this case, you can configure local VLAN
mirroring.
XGE0/0/3
PC3
XGE0/0/1
XGE0/0/2
PC1 PC2
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure XGigabitEthernet0/0/3 as an observing port.
2. Configure VLAN 10 as a mirrored VLAN.
Data Preparation
None.
Configuration Procedure
1. Add XGigabitEthernet0/0/1 and XGigabitEthernet0/0/2 to VLAN 10 as access interfaces.
# Add XGigabitEthernet0/0/1 to VLAN 10 as an access interface.
<Switch> system-view
[Switch] interface xgigabitethernet 0/0/1
[Switch-XGigabitEthernet0/0/1] port link-type access
[Switch-XGigabitEthernet0/0/1] port default vlan 10
[Switch-XGigabitEthernet0/0/1] quit
Configuration Files
Configuration file of the Switch
#
sysname Switch
#
vlan batch 10
#
observe-port 1 interface XGigabitEthernet0/0/3
#
vlan 10
mirroring to observe-port 1 inbound
#
interface XGigabitEthernet0/0/1
port link-type access
port default vlan 10
#
interface XGigabitEthernet0/0/2
port link-type access
port default vlan 10
#
#
return
Networking Requirements
As shown in Figure 7-6, XGigabitEthernet 0/0/1 is connected to PC1; XGigabitEthernet 0/0/2
is connected to PC2; XGigabitEthernet 0/0/4 is connected to a router. XGigabitEthernet 0/0/1,
XGigabitEthernet 0/0/2, and XGigabitEthernet 0/0/4 belong to VLAN 10. Now, incoming traffic
with the source or destination MAC as the MAC address of XGigabitEthernet 1/0/1 on the router
in VLAN 10 needs to be monitored. In this case, you can configure local MAC address mirroring
on the Switch.
XGigabitEthernet 0/0/3 serves as an observing port. The MAC address of XGigabitEthernet
1/0/1 is 0001-0001-0001.
XGE1/0/1
XGE0/0/4
XGE0/0/3
XGE0/0/1
XGE0/0/2
PC3
PC1 PC2
Configuration Roadmap
The configuration roadmap is as follows:
1. Set XGigabitEthernet 0/0/3 as an observing port.
2. Configure local MAC address mirroring in the view of VLAN 10.
Data Preparation
None.
Configuration Procedure
1. Configure VLAN 10 and then add XGigabitEthernet 0/0/1, XGigabitEthernet 0/0/2, and
XGigabitEthernet 0/0/4 to VLAN 10. The configuration procedure is not mentioned here.
2. # Set XGigabitEthernet 0/0/3 as an observing port.
<Switch> system-view
[Switch] observing-port 1 interface XGigabitEthernet 0/0/3
Configuration Files
Configuration file of the Switch
#
sysname Switch
#
vlan batch 10
#
observing-port 1 interface XGigabitEthernet0/0/3
#
vlan 10
mac-mirroring 0001-0001-0001 to observe-port 1 inbound
#
interface XGigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface XGigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10
#
interface XGigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10
#
interface XGigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10
#
#
return
Networking Requirements
As is shown in Figure 7-7, the Switch is connected to two L2 switches through
XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5. Packets with the same attributes received
by XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5 and transmitted from
XGigabitEthernet 0/0/3 need to be monitored. In this example, packets with the 802.1p priority
as 6 need to be monitored.
XGigabitEthernet 0/0/24 is configured as an observing port.
Switch XGE0/0/3
XGE0/0/5
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure XGigabitEthernet 0/0/24 as an observing port.
2. Create a traffic classifier and set the traffic classification rule that only the packets with the
802.1p priority as 6 can be matched.
3. Create a traffic behavior and configure flow mirroring in the traffic behavior.
4. Create a traffic policy and bind the traffic classifier to the traffic behavior.
5. Apply the traffic policy to XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5.
6. Create a VLAN on the Switch. Add XGigabitEthernet 0/0/1, XGigabitEthernet 0/0/3, and
XGigabitEthernet 0/0/5 to the same VLAN in trunk mode.
Data Preparation
To complete the configuration, you need the following data:
l Name of the traffic classifier: c1
l Name of the traffic behavior: b1
l Name of the traffic policy: p1
l ID of the VLAN created on the Switch: 1
Configuration Procedure
1. Create a VLAN on the Switch and add interfaces to the VLAN in trunk mode.
# Add XGigabitEthernet 0/0/1, XGigabitEthernet 0/0/3, and XGigabitEthernet 0/0/5 to the
same VLAN in trunk mode. The following takes the configuration of XGigabitEthernet
0/0/1 as an example. The configurations of XGigabitEthernet 0/0/3 and
XGigabitEthernet 0/0/5 are the same as the configuration of XGigabitEthernet 0/0/1 and
are not mentioned here.
<Switch> system-view
[Switch] vlan 10
[Switch-vlan10] quit
[Switch] interface xgigabitethernet 0/0/1
[Switch-XGigabitEthernet0/0/1] port link-type trunk
[Switch-XGigabitEthernet0/0/1] port trunk allow-pass vlan 10
[Switch-XGigabitEthernet0/0/1] quit
6. Apply the traffic policy and enable the interface to trust the 802.1p priority of packets.
# Apply traffic policy p1 to XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5, and enable
XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5 to trust the 802.1p priority of packets.
[Switch] interface xgigabitethernet 0/0/1
[Switch-XGigabitEthernet0/0/1] traffic-policy p1 inbound
[Switch-XGigabitEthernet0/0/1] trust 8021p inner
[Switch-XGigabitEthernet0/0/1] quit
[Switch]interface xgigabitethernet 0/0/5
[Switch-XGigabitEthernet0/0/5] traffic-policy p1 inbound
[Switch-XGigabitEthernet0/0/5] trust 8021p inner
[Switch-XGigabitEthernet0/0/5] quit
# Run the display traffic policy interface command. You can check the traffic policy
applied to XGigabitEthernet 0/0/1 and XGigabitEthernet 0/0/5.
[Switch] display traffic policy interface
Interface: XGigabitEthernet0/0/1
Direction: Inbound
Policy: p1
Classifier: c1
Rule(s) :
if-match 8021p 6
Behavior: b1
Mirroring to observe-port 1
Interface: XGigabitEthernet0/0/5
Direction: Inbound
Policy: p1
Classifier: c1
Rule(s) :
if-match 8021p 6
Behavior: b1
Mirroring to observe-port 1
Configuration Files
Configuration file of the Switch
#
sysname Switch
#
vlan batch 10
#
observe-port 1 interface XGigabitEthernet0/0/24
#
traffic classifier c1
if-match 8021p 6
#
traffic behavior b1
mirroring to observe-port 1
#
traffic policy p1
classifier c1 behavior b1
#
interface XGigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
traffic-policy p1 inbound
trust 8021p inner
#
interface XGigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10
#
interface XGigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 10
traffic-policy p1 inbound
trust 8021p inner
#
interface XGigabitEthernet0/0/24
#
return
Networking Requirements
As shown in Figure 7-8, Switch A is connected to PC1; Switch C is connected to PC2. Now,
incoming traffic of XGigabitEthernet0/0/2 on Switch A needs to be monitored on PC2. In this
case, you can configure remote port mirroring on Switch A.
PC1 PC2
Configuration Roadmap
The configuration roadmap is as follows:
Data Preparation
To complete the configuration, you need the following data:
l Index of the observing port on Switch A: 1
l ID of the RSPAN VLAN on Switch A, Switch B, and Switch C: 2
l Index of the observing port on Switch C: 1
Configuration Procedure
1. Configure Switch A.
# Configure the RSPAN VLAN.
<SwitchA> system-view
[SwitchA] vlan 2
[SwitchA-vlan2] quit
2. Configure Switch B.
# Create the RSPAN VLAN.
<SwitchB> system-view
[SwitchB] vlan 2
[SwitchB-vlan2] quit
3. Configure Switch C.
# Create the RSPAN VLAN.
<SwitchC> system-view
[SwitchC] vlan 2
[SwitchC-vlan2] quit
# Configure XGE 0/0/1 as a hybrid interface and configure it to allow packets of the RSPAN
VLAN to pass.
[SwitchC] interface xgigabitethernet 0/0/1
[SwitchC-XGigabitEthernet0/0/1] port hybrid untagged vlan 2
[SwitchC-XGigabitEthernet0/0/1] quit
Configuration Files
Configuration file of Switch A
#
sysname SwitchA
#
vlan 2
#
observe-port 1 interface XGigabitEthernet0/0/1 vlan 2
#
interface XGigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2
#
interface XGigabitEthernet0/0/2
port-mirroring to observe-port 1 inbound
#
#
return
sysname SwitchB
#
vlan 2
#
interface XGigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2
#
interface XGigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2
#
#
return
#
return
Networking Requirements
As shown in Figure 7-9,XGigabitEthernet 0/0/1 on the Switch is connected to an L2 switch;
XGigabitEthernet 0/0/24 is connected to host 1; XGigabitEthernet 0/0/5 is connected to host 2.
To monitor incoming traffic on XGigabitEthernet 0/0/1, port mirroring is configured on the
Switch. Configure XGigabitEthernet 0/0/1 as a mirrored port, and XGigabitEthernet 0/0/24
connected to host 1 as an observing port. Enable host 1 to receive incoming traffic from
XGigabitEthernet 0/0/1.
At present, host 2 needs to receive incoming traffic from XGigabitEthernet 0/0/1. Therefore, the
observing port needs to switch from XGigabitEthernet 0/0/24 to XGigabitEthernet 0/0/5.
XGE0/0/3
Switch
XGE0/0/24
XGE0/0/1 XGE0/0/5
Mirroring host1
Configuration Roadmap
The configuration roadmap is as follows:
1. Delete the mirrored port XGigabitEthernet 0/0/1.
2. Set XGigabitEthernet 0/0/5 instead of XGigabitEthernet 0/0/24 as the observing port.
3. Reset XGigabitEthernet 0/0/1 as a mirrored port.
Data Preparation
To complete the configuration, you need the following data:
l Type and number of the new observing port, that is, XGigabitEthernet 0/0/5
Configuration Procedure
1. Check the configurations on the current observing port and mirrored port.
# Run the display port-mirroring command to check the configurations on the current
observing port and mirrored port.
<Switch> display port-mirroring
Port-
mirror:
----------------------------------------------------------
Mirror-port Direction Observe-port
----------------------------------------------------------
XGigabitEthernet0/0/1 Inbound
XGigabitEthernet0/0/24
Configuration Files
Configuration file of the Switch
#
sysname Switch
#
observe-port 1 interface XGigabitEthernet0/0/5
#
interface XGigabitEthernet0/0/1
port-mirroring to observe-port 1 inbound
#
return
8 ALS Configuration
This chapter describes the Automatic Laser Shutdown (ALS) configuration on the S6700.
When ALS is disabled, if the fiber link is faulty, the optical interface is not disabled and the laser
of an optical module is enabled though data communication is interrupted. If the laser of an
optical module still sends pulses after data communication is interrupted, energy is wasted and
eyes of operators may be hurt.
When ALS is enabled, if the fiber link is faulty, the software automatically disables the laser of
an optical module from sending pulses on the optical interface after detecting the LOS on the
optical interface. When the faulty fiber link is recovered, the software detects that the LOS of
the optical interface is cleared. Then the software enables the laser to send pulses. The ALS
mechanism protects operators against laser injury and saves energy.
RX TX
SwitchA SwitchB
l The switch and the optical network terminal (ONT) are connected through fibers.
In the application of fiber to the home (FTTH), if ONT users perform improper operations
on the fiber because of lack of knowledge about radiation or children touch the fiber, the
radiation of the laser harms eyes. To solve this problem, you can enable the ALS function
on the switch to protect safety of users. Figure 8-2 shows the connection.
Figure 8-2 Connecting the switch and ONT through the fiber
TX RX
RX TX
Switch ONT
After ALS is enabled on an interface, the communication recovery speed on the interface is
reduced. Packets are discarded if traffic is transmitted on the interface.
Applicable Environment
The S6700 detects LOSs on optical interfaces to control the laser of optical modules, ensuring
security and saving energy.
According to the actual networking requirements, after ALS is enabled, you can:
l Set the restart mode of the laser of an optical module through a command.
l Set the ALS pulse interval and width of the laser of an optical module through commands.
l View the ALS configuration on interfaces of different optical modules through commands.
Pre-configuration Tasks
Before configuring ALS, complete the following task:
Ensure that the S6700 has an optical module.
Data Preparation
To configure ALS, you need the following data.
No. Data
Context
The constraints on ALS are as follows:
l Only optical interfaces support ALS. Electrical interfaces do not support ALS.
When optical interfaces transmit services unidirectionally, they do not support ALS.
The hardware must provide support for the software to detect the LOS on an optical
interface and control the laser on an interface.
l The link aggregation group does not support ALS.
Procedure
Step 1 Run:
system-view
Step 3 Run:
als enable
----End
Prerequisite
ALS is enabled on the interface.
Context
If the laser of an optical module works in automatic restart mode, the laser starts automatically
at ALS pulse intervals. If the laser of an optical module is set to work in manual restart mode,
you must start the laser manually. Then the laser sends a pulse.
If the fiber link recovery is detected in time, you can use the manual restart mode so that the
laser can send pulses immediately. Therefore, data communication can be recovered rapidly.
By default, the laser works in automatic restart mode after ALS is enabled on all the interfaces.
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
Step 3 Run:
als restart mode manual
The ALS pulse width of the interface in manual restart mode is the same as that in automatic
restart mode.
----End
Prerequisite
The interface is enabled with ALS and works in manual restart mode.
Context
When an interface detects the LOS, the laser of the optical module stops sending pulses. If the
als restart command is not used, the laser will not be restarted. If the interface still detects the
LOS after the laser is started manually, the laser is stopped again. If the interface detects that
the LOS is cleared, the laser of an optical module sends pulses and data communication is
recovered.
Procedure
Step 1 Run:
system-view
The laser of an optical module is started manually. Then the laser sends a pulse.
----End
8.3.5 (Optional) Setting the ALS Pulse Interval and Width of the
Laser
You can set the proper laser pulse interval and width to ensure energy conservation and emission
deduction and timely detection of fiber link recovery.
Prerequisite
The interface is enabled with ALS and works in automatic restart mode.
Context
The ALS pulse width refers to the duration in which a laser sends pulses; the ALS pulse interval
refers to the period between rising edges of pulses. A smaller pulse width and a greater pulse
interval save more energy but reduce the speed of fiber link recovery.
Procedure
Step 1 Run:
system-view
----End
Prerequisite
The ALS configurations are complete on the S6700.
Procedure
l Run the display als configuration slot slot-id command to view the ALS configurations
of member switches.
l Run the display als configuration interface interface-type interface-number command to
check the ALS configuration on the specified interface.
----End
Networking Requirements
As shown in Figure 8-3, the LPUs that support ALS are installed in slot 1 of Switch A and
Switch B, XGE 0/0/1 of Switch A and Switch B are connected through a fiber.
When data transmission is interrupted by faults occurred on the fiber link, if the laser of the
optical module sends pulses continuously, the energy is wasted and potential risks are caused.
After ALS is enabled on both interfaces of the fiber link, the laser stops sending pulses if a fault
occurs on the fiber link. If the faulty link is recovered, the laser starts to send pulses.
SwitchA SwitchB
Configuration Roadmap
The configuration roadmap is as follows:
1. Enable ALS on XGE 0/0/1 on Switch A and Switch B.
2. Configure the lasers of XGE 0/0/1 on Switch A and Switch B to work in automatic restart
mode.
3. Set the ALS pulse intervals and widths of the lasers of XGE 0/0/1 on Switch A and Switch
B.
Data Preparation
To complete the configuration, you need the following data:
l ALS pulse interval and width of the laser of the optical module on XGE 0/0/1 of Switch
A
l ALS pulse interval and width of the laser of the optical module on XGE 0/0/1 of Switch
B
Procedure
Step 1 Enable ALS on XGE 0/0/1 of Switch A, configure the laser of the interface to work in automatic
restart mode, and set the ALS pulse interval and width to 200s and 3s.
# Enable ALS.
<SwitchA> system-view
[SwitchA] interface xgigabitethernet 0/0/1
[SwitchA-XGigabitEthernet0/0/1] als enable
Step 2 Enable ALS on XGE 0/0/1 of Switch B, configure the laser of the interface to work in automatic
restart mode, and set the ALS pulse interval and width to 200s and 3s.
# Enable ALS.
<SwitchB> system-view
[SwitchB] interface xgigabitethernet 0/0/1
[SwitchB-XGigabitEthernet0/0/1] als enable
-------------------------------------------------------------------------------
Interface ALS Laser Restart Interval(s) Width(s)
Status Status Mode
-------------------------------------------------------------------------------
XGigabitEthernet0/0/1 Enable Off Auto 200 3
-------------------------------------------------------------------------------
<SwitchB> display als configuration interface xgigabitethernet0/0/1
-------------------------------------------------------------------------------
Interface ALS Laser Restart Interval(s) Width(s)
Status Status Mode
-------------------------------------------------------------------------------
XGigabitEthernet0/0/1 Enable Off Auto 200 3
-------------------------------------------------------------------------------
----End
Configuration Files
l Configuration file of Switch A
#
sysname SwitchA
#
interface XGigabitEthernet0/0/1
als enable
als restart pulse-interval 200
als restart pulse-width 3
#
return
This chapter introduces the basics of the BootROM software and the Versatile Routing Platform
(VRP) system software, and describes how to restart the S6700.
9.1 Introduction
This section introduces the required knowledge in restarting and resetting the S6700.
9.2 Restarting the S6700 Immediately
This section describes how to restart the S6700 immediately.
9.3 Restarting the S6700 at a Fixed Time
This section describes how to restart the S6700 at a fixed time.
9.1 Introduction
This section introduces the required knowledge in restarting and resetting the S6700.
Start
BootROM starts
Enter the
command line
interface
End
The BootROM compares the current configuration with the configuration file. If they are the
same, the BootROM asks you whether to reboot the system. The message is as follows:
Info: The system is now comparing the configuration, please wait.
System will reboot! Continue?[Y/N]:y
Press Ctrl+B within two seconds. The system prompts you to enter the password of the advanced
BootROM menu as follows:
In the advanced BootROM menu, you can choose to upgrade the VRP or specify the VRP version
to be loaded when the S6700 is started.
The BootROM initializes the serial interface and the console interface, decompresses the logical
files on the logical chip and the VRP, and then starts the VRP. The terminal displays information
as follows:
Decompressing Image file ... done
VRP_Root begin...
VRP_InitializeTask begin...
Init the Device Link.............OK
CFG_PlaneInit begin..............OK
CFM_Init begin...................OK
CLI_CmdInit begin................OK
VRP_RegestAllLINKCmd begin.......OK
create task begin................
task init begin...
Recover configuration...OK!done
When the terminal displays the preceding information, the VRP has started. Press Enter to enter
the command line interface (CLI).
Context
CAUTION
The reboot command can paralyze the network for a while. Therefore, run the reboot command
with caution.
Before restarting the S6700, check whether to save the configuration file and whether the file
contents are correct. For details on saving the configuration file, refer to the Quidway S6700
Series Ethernet Switches Configuration Guide - Basic Configuration.
Procedure
Step 1 Run:
reboot
----End
Context
CAUTION
The action can paralyze the network for a while. Therefore, perform this action with caution.
Before restarting the S6700, check whether to save the configuration file and whether the file
contents are correct. For details on saving the configuration file, see the Quidway S6700
Series Ethernet Switches Configuration Guide - Basic Configuration.
Procedure
Step 1 Press the power button on the S6700 to power off the running S6700.
Step 2 Press the power button on the S6700 again to restart the S6700.
----End
Procedure
Step 1 Run:
schedule reboot { at time | delay interval [ force ] }
----End