Configuration Guide - Device Management (V200R001C01 - 01) PDF

Huawei AR2200-S Series Enterprise Routers
V200R001C01
Configuration Guide - Device

Management
Issue 01
Date 2012-01-06
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2012. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: [email protected]
Issue 01 (2012-01-06) Huawei Proprietary and Confidential i

Copyright © Huawei Technologies Co., Ltd.
Configuration Guide - Device Management About This Document
About This Document
Intended Audience
This document provides the basic concepts, configuration procedures, and configuration
examples in different application scenarios of the device management feature supported by the
AR2200-S.
This document describes how to configure the device management feature.
This document is intended for:
l Data configuration engineers

l Commissioning engineers
l Network monitoring engineers
l System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk, which if not

avoided, will result in death or serious injury.
DANGER
Indicates a hazard with a medium or low level of risk, which

if not avoided, could result in minor or moderate injury.
WARNING
Indicates a potentially hazardous situation, which if not

avoided, could result in equipment damage, data loss,
CAUTION
performance degradation, or unexpected results.
TIP Indicates a tip that may help you solve a problem or save
time.
NOTE Provides additional information to emphasize or supplement

important points of the main text.
Issue 01 (2012-01-06) Huawei Proprietary and Confidential ii

Configuration Guide - Device Management About This Document
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention Description
Boldface The keywords of a command line are in boldface.
Italic Command arguments are in italics.
[] Items (keywords or arguments) in brackets [ ] are optional.
{ x | y | ... } Optional items are grouped in braces and separated by

vertical bars. One item is selected.
[ x | y | ... ] Optional items are grouped in brackets and separated by

vertical bars. One item is selected or no item is selected.
{ x | y | ... }* Optional items are grouped in braces and separated by

vertical bars. A minimum of one item or a maximum of all
items can be selected.
[ x | y | ... ]* Optional items are grouped in brackets and separated by

vertical bars. Several items or no item can be selected.
&<1-n> The parameter before the & sign can be repeated 1 to n times.
# A line starting with the # sign is comments.
Interface Numbering Conventions

Interface numbers used in this manual are examples. In device configuration, use the existing
interface numbers on devices.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Changes in Issue 01 (2012-01-06)

Initial commercial release.
Issue 01 (2012-01-06) Huawei Proprietary and Confidential iii

Configuration Guide - Device Management Contents
Contents
About This Document.....................................................................................................................ii

1 Displaying the Device Status......................................................................................................1
1.1 Display Commands.............................................................................................................................................2
1.2 Displaying the AR2200-S Status........................................................................................................................2
1.2.1 Displaying AR2200-S Information...........................................................................................................2
1.2.2 Displaying Versions..................................................................................................................................3
1.2.3 Displaying Power Information..................................................................................................................3
1.2.4 Displaying Temperature............................................................................................................................3
1.2.5 Viewing Fan Status....................................................................................................................................4
1.2.6 Displaying CPU Usage..............................................................................................................................4
1.2.7 Displaying Memory Usage........................................................................................................................4
1.2.8 Displaying Interface Status........................................................................................................................5
1.2.9 Displaying Electronic Labels.....................................................................................................................5
1.2.10 Displaying Diagnostic Information.........................................................................................................6
1.2.11 Displaying Health Status.........................................................................................................................6
1.2.12 Checking Interface Card Work Mode......................................................................................................6
2 Information Center Configuration.............................................................................................8

2.1 Introduction to the Information Center...............................................................................................................9
2.2 Information Center Supported by the AR2200-S...............................................................................................9
2.3 Enabling Log Output........................................................................................................................................14
2.3.1 Establishing the Configuration Task.......................................................................................................14
2.3.2 Enabling the Information Center.............................................................................................................15
2.3.3 (Optional) Naming an Information Channel...........................................................................................16
2.3.4 (Optional) Configuring the Function of Filtering Logs by IDs...............................................................16
2.3.5 (Optional) Configuring the Function of Generating a Data Dictionary..................................................16
2.3.6 Outputting Logs to the Log Buffer..........................................................................................................17
2.3.7 Outputting Logs to a Log File.................................................................................................................18
2.3.8 Outputting Logs to the Console...............................................................................................................18
2.3.9 Outputting Logs to the Terminal.............................................................................................................19
2.3.10 Outputting Logs to the Log Host...........................................................................................................20
2.3.11 Checking the Configuration...................................................................................................................21
2.4 Enabling Alarm Output....................................................................................................................................23
Issue 01 (2012-01-06) Huawei Proprietary and Confidential iv


2.4.4 Outputting Alarms to the Alarm Buffer..................................................................................................24
2.4.5 Outputting Alarms to the Log File..........................................................................................................25
2.4.6 Outputting Alarms to the Console...........................................................................................................26
2.4.7 Outputting Alarms to the Terminal.........................................................................................................27
2.4.8 Outputting Alarms to the SNMP Agent..................................................................................................28
2.4.9 Checking the Configuration.....................................................................................................................29
2.5 Enabling the Output of Debugging Information...............................................................................................30
2.5.4 Outputting Debugging Information to the Log File................................................................................32
2.5.5 Outputting Debugging Information to the Console.................................................................................33
2.5.6 Outputting Debugging Information to the Terminal...............................................................................34
2.5.7 Outputting Debugging Information to the Log Host...............................................................................35
2.6 Maintaining Information Center.......................................................................................................................36
2.7 Information Center Configuration Examples...................................................................................................37
2.7.1 Example for Outputting Logs to the Log File.........................................................................................37
2.7.2 Example for Outputting Logs to Log Hosts............................................................................................39
2.7.3 Example for Configuring Binary Logs to be Sent to the Log Host.........................................................43
2.7.4 Example for Outputting Alarms to the SNMP Agent..............................................................................45
2.7.5 Example for Outputting the Debugging Information to the Console......................................................47
3 Mirroring Configuration............................................................................................................49
3.1 Introduction to Mirroring..................................................................................................................................50
3.2 Mirroring Features Supported by the AR2200-S.............................................................................................50
3.3 Configuring Local Port Mirroring....................................................................................................................52
3.3.2 Configuring a Local Observing Interface................................................................................................53
3.3.3 Configuring a Local Mirrored Interface..................................................................................................53
3.4 Configuring Local Flow Mirroring...................................................................................................................55
3.4.2 Configuring a Local Observing Interface................................................................................................55
3.4.3 Configuring Complex Traffic Classification...........................................................................................56
3.4.4 Creating a Local Traffic Behavior...........................................................................................................56
3.4.5 Configuring a Traffic Policy....................................................................................................................57
3.5 Configuring Packet Capture Using Mirroring..................................................................................................58
3.6 Configuration Examples...................................................................................................................................61
Issue 01 (2012-01-06) Huawei Proprietary and Confidential v

3.6.1 Example for Configuring Local Port Mirroring......................................................................................61

3.6.2 Example for Configuring Local Flow Mirroring.....................................................................................64
4 Hardware Management..............................................................................................................68
4.1 Introduction to Hardware Management............................................................................................................69
4.2 Hardware Management Supported by the AR2200-S......................................................................................69
4.3 Powering On and Off the Board.......................................................................................................................69
4.3.2 Powering Off a Board..............................................................................................................................70
4.3.3 Powering On a Board..............................................................................................................................70
4.4 Backing Up Electronic Labels..........................................................................................................................71
4.4.2 Backing Up Electronic Labels.................................................................................................................71
4.5 Setting Fan Speed.............................................................................................................................................72
4.5.2 Setting Fan Speed....................................................................................................................................73
4.6 Resetting the LPU.............................................................................................................................................73
4.6.2 Resetting the LPU....................................................................................................................................74
5 Auto-Config..................................................................................................................................76
5.1 Auto-Config Overview.....................................................................................................................................77
5.2 Auto-Config Features Supported by the AR2200-S.........................................................................................77
5.3 Deploying Unconfigured Routers ....................................................................................................................82
5.3.2 Configuring the DHCP Server.................................................................................................................84
5.3.3 Configuring the FTP/TFTP Server..........................................................................................................86
5.4 Configuration Examples...................................................................................................................................88
5.4.1 Example for Configuring the Auto-Config Function..............................................................................88
Issue 01 (2012-01-06) Huawei Proprietary and Confidential vi

Configuration Guide - Device Management 1 Displaying the Device Status
1 Displaying the Device Status
About This Chapter
This chapter describes the functions and applications of the display commands and how to use
them to view the running status of the device.
1.1 Display Commands

This section describes the functions of display commands and lists the display commands in
common use.
1.2 Displaying the AR2200-S Status
This section describes how to use the display commands to show the AR2200-S version, CPU
usage, and memory usage.
Issue 01 (2012-01-06) Huawei Proprietary and Confidential 1

1.1 Display Commands

This section describes the functions of display commands and lists the display commands in
common use.
The display commands can be used to collect current information about the version, device, and
diagnosis of the AR2200-S in order to maintain and troubleshooting networks.
Table 1-1 lists the display commands in common use. For details, see the Huawei AR2200-S
Series Enterprise Routers - Command Reference.
CAUTION
The display diagnostic-information command cannot be simultaneously run on multiple
terminals connected to the AR2200-S. If this occurs, the AR2200-S CPU usage rises and the
network performs less efficiently.
Table 1-1 Common display commands

Command Description
display current-configuration Displays the parameters that take effect currently on the
AR2200-S.
display device Displays information about the AR2200-S.
display version Displays the version and boards information of the

AR2200-S.
display this Displays valid configurations in the current view.
display diagnostic-information Collects information about the AR2200-S when a fault

cannot be located or fixed. Send information to Huawei
technical personnel for fault analysis.
NOTE
This command is not recommended for routine troubleshooting.
display this interface Displays the current status of the interface.
1.2 Displaying the AR2200-S Status

This section describes how to use the display commands to show the AR2200-S version, CPU
usage, and memory usage.
1.2.1 Displaying AR2200-S Information

Use the display device command to view information about AR2200-S components, including
the slot number, component type, online status, power status, register status, alarm status, and
master/backup status.

Procedure
l Run:
display device [ slot slot-id ]
Component information is displayed.

This command can be used in any view.
----End
1.2.2 Displaying Versions

Use the display version command to view the information about the software version, hardware
type, main control board and LPU of the AR2200-S.
Procedure
l Run:
display version [ slot slot-id ]
Version information is displayed.

----End
1.2.3 Displaying Power Information

Use the display power command to view information about the power status and power of the
AR2200-S.
Procedure
Step 1 Run:
display power
The power status is displayed.

Step 2 Run:
display power system
Power information is displayed.

Displayed information includes the power status, power used by the system (watts), and power
used by boards (watts). These commands can be used in any view.
----End
1.2.4 Displaying Temperature

Use the display temperature command to view board temperature, including the current
temperature, temperature upper threshold, and temperature lower threshold.
Procedure
l Run:
display temperature { all | slot slot-id }

Board temperature is displayed.

----End
1.2.5 Viewing Fan Status

Use the following display commands to view the fan status, including the running status,
registration status, fan module temperature, fan speed, and working mode.
Procedure
l Run:
display fan
Fan status is displayed.

l Run:
display temperature slot fan
Fan module temperature is displayed.

----End
1.2.6 Displaying CPU Usage

View the CPU usage statistics and threshold configurations.
Procedure
Step 1 Run:
display cpu-usage [ slot slot-id ]
CPU usage statistics are displayed.

Step 2 Run:
display cpu-usage configuration [ slot slot-id ]
CPU usage configurations are displayed.

l If slot slot-id is specified, the CPU usage of the LPU in this slot is displayed.
l If slot slot-id is not specified, the CPU usage of the active main control board is displayed.
----End
1.2.7 Displaying Memory Usage

Use the display memory-usage command to view memory usage statistics and threshold.
Procedure
l Run:
display memory-usage [ slot slot-id ]
Memory usage statistics are displayed.

– If slot slot-id is specified, the memory usage of the LPU in this slot is displayed.
– If slot slot-id is not specified, the memory usage of the active main control board is
displayed.
----End
1.2.8 Displaying Interface Status

Use the display interface command to view the running status, basic configurations, and packet
forwarding statistics on an interface.
Context
There are two ways to display interface status:
1. Run the display interface command in any view.

2. Run the display this interface command in an interface view.
Procedure
l Run the following command in any view:
display interface interface-type interface-number
The status of the specified interface is displayed.

l View interface status in a specified interface view:
1. Run the system-view command to enter the system view.
2. Run the interface interface-type interface-number command to enter the interface
view.
3. Run the display this interface command to display interface status.
Using the display this interface command in the interface view is equivalent to using
the display interface interface-type interface-numbercommand in any view.
4. Run the display this command to display interface configurations.
----End
1.2.9 Displaying Electronic Labels

Use the display elabel command to view information about electronic labels, including the board
type, BOM code, description, manufacture date, vendor name, issuing number, Common
Language Equipment Identification (CLEI) code, and sales BOM code.
Procedure
Step 1 Run:
display elabel [ slot-id ] [ brief ]
Electronic labels are displayed.
This command can be used in any view. The slot-id parameter can be specified to view label
information about the board in a specified slot.

If the brief parameter is specified, the electronic label of an optical module is not displayed.
Step 2 Run:
display elabel backplane
Electronic labels of the backplane are displayed.
----End
1.2.10 Displaying Diagnostic Information

Use the display diagnostic-information command to collect running information of all
modules, including clocks, versions, current configuration file, saved configuration files,
physical and protocol information about an interface, statistics on the transmitted and received
packets, memory usage, and system logs. Use this command for locating faults instead of running
multiple display commands.
Procedure
l Run:
display diagnostic-information
Diagnostic information is displayed.
CAUTION
When this command is being executed, system performance will be degraded, for example,
the CPU usage increases. Therefore, do not use this command when the system is operating
normally.
----End
1.2.11 Displaying Health Status

Use the display health command to view health status information, including CPU usage,
memory usage, power supply status, fan status, and temperature.
Procedure
l Run:
display health
Health status is displayed.
----End
1.2.12 Checking Interface Card Work Mode

The interface card work mode can be displayed using the display workmode command.
Context
Only the work mode of the interface cards with configurable work modes can be displayed.

The work mode of these interface cards can be changed: 2E1/T1-M, 1E1/T1-M, 2E1/T1-F, 1E1/
T1-F, 4G.SHDSL, and 1CPOS-155M.
Procedure
Step 1 Run:
display workmode
The interface card work mode is displayed.
----End

Configuration Guide - Device Management 2 Information Center Configuration
2 Information Center Configuration
About This Chapter
This chapter describes how to configure the information center to control the output of logs,
alarms, and debugging messages.
2.1 Introduction to the Information Center

The information center works as the information hub of a router. It classifies and filters the output
of a system. The information center uses a debugging program to help network administrator
and developers monitor network operation and analyze network faults.
2.2 Information Center Supported by the AR2200-S
The information center outputs logs, alarms, and debugging messages at eight severity levels
through 10 information channels.
2.3 Enabling Log Output
This section describes how to output logs of a specific module to a log file, console, terminal,
or log host.
2.4 Enabling Alarm Output
This section describes how to configure a specific module to output alarm information to log
files, consoles, terminals, or SNMP agents.
2.5 Enabling the Output of Debugging Information
This section describes how to configure a specific module to output debugging information to
log files, consoles, terminals, or SNMP agents.
2.6 Maintaining Information Center
This section describes how to run the following commands to delete messages in the buffer of
the information center. Note that deleted messages cannot be restored.
2.7 Information Center Configuration Examples
This section provides information center configuration examples.

2.1 Introduction to the Information Center

The information center works as the information hub of a router. It classifies and filters the output
of a system. The information center uses a debugging program to help network administrator
and developers monitor network operation and analyze network faults.
2.2 Information Center Supported by the AR2200-S

The information center outputs logs, alarms, and debugging messages at eight severity levels
through 10 information channels.
Information Classification
The information center receives and processes information of the following types:
l Logs
l Debugging information
l Alarms
Severity Levels of Information

Information has eight severity levels as shown in Table 2-1. The lower the severity level, the
more severe the information.
Table 2-1 Description of the severity levels of information
Threshold Severity Level Description
0 Emergencies A fatal fault, such as a program exception or incorrect

memory usage, occurs on the device. The system must
restart.
1 Alert An important fault, such as the device memory

reaching the highest limit, occurs on the device. The
fault needs to be fixed immediately.
2 Critical A crucial fault, such as the memory or temperature

reaching the lowest limit, or the BFD device being
unreachable, occurs on the device. An internal fault
can also be generated by the device itself. The fault
needs to be analyzed and fixed.
3 Error A fault, such as a user running incorrect commands,

entering a wrong password, or receiving wrong
protocol packets from other devices, occurs on the
device. These faults can be caused by improper
operation or a wrong process.
They do not affect services but should be given
attention.

Threshold Severity Level Description
4 Warning An abnormal situation, such as the user disabling the

routing process, the BFD detecting packet loss, or the
wrong protocol packet being received occurs on the
device.
The fault may affect services and should be given
attention.
5 Notification Indicates the key operations used to ensure that the

device runs normally, such as the execution of the
shutdown command, the performance of neighbor
discovery, or the status change of the state machine.
6 Informational Indicates the common operations used to ensure that

the device runs normally, such as the execution of the
display command.
7 Debugging Indicates that the common device information does

not require attention.
When information filtering based on severity levels is enabled, only the information whose
severity level threshold is less than or equal to the configured value is output.
For example, if the severity level value is configured to 6, only information with a severity level
ranging from 0 to 6 is output.
Working Process of the Information Center

The working process of the information center is as follows:
l The information center receives logs, alarms, and debugging information from all modules.
l The information center outputs information with different severity levels to different
information channels according to the configuration.
l Information is transmitted in different directions based on the relationship between the
information channel and the output direction.
Generally, the information center distributes three types of information classified into eight
levels to 10 information channels. Information is then output to different directions.
As shown in Figure 2-1, logs, alarms, and debugging information have default output channels.
They can be customized to be output from other channels. For example, logs can be configured
to be output to the log cache through Channel 6 rather than the default Channel 4.

Figure 2-1 Functions of the information channel
Information Output
channel direction
0
Console Console
1
Logs Monitor Remote terminal
Loghost Loghost
Traps 2
Trapbuffer Trap buffer
3
Logbuffer Log buffer
4
Debugs
5 SNMP agent SNMP agent
6 channel6
Direction of logs 7 channel7

Direction of alarms
Direction of debugging 8 channel8
information
channel9 Logfile
9
Information Channels and Output Directions

The system supports 10 channels. The first six channels (Channel 0 to Channel 5) have default
channel names and are associated with six default output directions. For devices equipped with
storage media, log information is output to log files through Channel 9 by default. That is, seven
total default output directions are supported.
For details of the association relationship between default channels and output directions, see
Table 2-2.
Table 2-2 Association relationship between default channels and output directions
Channel Default Output Description

Number Channel Name Direction
0 Console Console Outputs logs, alarms, and debugging

information to the local console.
1 Monitor Monitor Outputs logs, alarms, and debugging

information to the VTY terminals for
remote maintenance.
2 Loghost Log host Outputs logs, alarms, and debugging

information to the log host. Information is
saved to the log host in the file format for
easy reference.

Channel Default Output Description

Number Channel Name Direction
3 Trapbuffer Trap buffer Outputs alarms to the alarm buffer. The

router assigns a specific area to be the alarm
buffer for recording alarms.
4 Logbuffer Log buffer Outputs logs to the log buffer. The router
assigns a specified area to be the log buffer
for recording logs.
5 Snmpagent SNMP agent Outputs alarms to the SNMP agent.
6 Unspecified Unspecified Reserved, this channel can be configured to

output to different directions.


9 Channel9 Log file Outputs information to log files that can

receive logs, traps, and debugging
information. Information is saved to the SD
card or the USB disk in the file format.
In the case of multiple log hosts, logs can be output through one channel or several channels.
For example, some logs can be output to a log host through Channel 2 (loghost) and some logs
can be output to another log host through Channel 6. For easy management, the name of Channel
6 can be changed.
Format of Logs
Syslog is a sub-function of the information center. It outputs information to a log host through
port 514.
Figure 2-2 shows the format of logs.
Figure 2-2 Format of the output logs

TIMESTAMP HOSTNAME %%ddAAA/B/CCC(l)[DDD]: YYYY
Table 2-3 describes each field in a log message.

Table 2-3 Description of each field in a log message
Field Indication Description
TIMESTAMP Time to send out the Available formats for the timestamp are as follows:
information l boot: The timestamp in this format indicates a
relative time.
l date: The timestamp in this format indicates the
system time. Timestamps in logs, alarms and
debugging information are in this format by
default.
l short-date: Unlike the date format, timestamps
in the short-date format do not indicate the year.
l format-date: The timestamp in this format is
another format of the system time.
l none: indicates that the information does not
contain any timestamp.
There is a space between the timestamp and the
host name.
HOSTNAME Host name By default, the name is Huawei.
%% Huawei logo Indicates that log information is output by a

Huawei device.
dd Version number Identifies the version of the log format.
AAA Module name Indicates the name of the module that outputs
information to the information center.
B Log level Indicates the severity level of a log.
CCC Brief description Describes the information type.
(l) Information type Indicates the user log identifier.
DDD Log ID A maximum of 1024 logs can be stored in the log

buffer. In the log file buffer, the value of this
parameter depends on the log buffer size.
YYYY Descriptor Indicates detailed information output from each

module to the information center.
Before outputting logs, each module fills in this
field to describe log content.
Format of Alarms
Figure 2-3 shows the format of the output alarms.
Figure 2-3 Format of the output alarms

TimeStamp HostName ModuleName/Severity/Brief:Description

Table 2-4 describes each field in an alarm message.
Table 2-4 Description of each field of in an alarm message

Field Indication Description
TimeStamp Time to send out the Available formats for the timestamp are as follows:
information l boot: The timestamp in this format indicates a
relative time.
l date: The timestamp in this format indicates the
system time. Timestamps in logs, alarms and
debugging information are in this format by
default.
l short-date: Unlike the date format, timestamps
in the short-date format do not indicate the year.
l format-date: The timestamp in this format is
another format of the system time.
l none: indicates that the information does not
contain a timestamp.
There is a space between the timestamp and the
host name.
HostName Host name By default, the name is Huawei.There is a space

between the sysname and module name.
ModuleName Module name Indicates the name of the module that generates an
alarm.
Severity Severity level Severity of traps.
Brief Brief information Provides brief information of the alarms.
Description Description Provides detailed description of the alarms.
2.3 Enabling Log Output

This section describes how to output logs of a specific module to a log file, console, terminal,
or log host.
2.3.1 Establishing the Configuration Task

Before configuring the log output, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the required data. This can help you complete
the configuration task quickly and accurately.

Applicable Environment
The system logs the operation information about devices in real time. It then outputs logs to the
log buffer, log file, console, terminal, and log host for storage and future reference. In this
manner, when faults occur on devices, users can locate the faults based on the logs.
Pre-configuration Tasks
Before configuring the log output, complete the following tasks:
l Connecting the router to the PC properly
l Ensuring that the route between the router and the log host is reachable
l Configuring an VPN instance
Data Preparation
To configure the log output, you need the following data.
No. Data
1 l Channel number
l Channel name
2 Module name
3 Address of the log host
4 Severity level of the log
5 (Optional) Size of the log buffer
6 (Optional) VPN instance name
2.3.2 Enabling the Information Center

If the information center function is disabled, you can enable it. By default, this function is
enabled.
Context
The information center classifies and outputs information. When it is heavily loaded with
information processing, system performance degrades.
Procedure
Step 1 Run:
system-view
The system view is displayed.

Step 2 Run:
info-center enable
The information center is enabled.

By default, the information center is enabled.
----End
2.3.3 (Optional) Naming an Information Channel

Naming an information channel helps clarify what is output by each channel.
Procedure
Step 1 Run:
system-view

Step 2 Run:
info-center channel channel-number name channel-name
A channel is named.
----End
2.3.4 (Optional) Configuring the Function of Filtering Logs by IDs

The binary log function can filter specific logs.
Context
Binary logs provide the function of filtering specified logs by their IDs. To filter certain logs,
the user can obtain IDs of these logs through log resolution tools and add these IDs to the log
filtering list.
After that, the information center does not send these logs in each output direction.
Procedure
Step 1 Run:
system-view

Step 2 Run:
info-center filter-id { id } * &<1-50>
One or more IDs are added and a space is used to separate these IDs.
NOTE
Currently, only 50 IDs can be shielded. The aggregation of these shielded IDs is called a log ID filtering
list. The log ID filtering list is arranged by ID values.
----End
2.3.5 (Optional) Configuring the Function of Generating a Data

Dictionary
To resolve log files on the log server, transform binary logs into text logs through the data
dictionary.

Context
A data dictionary is used to transform binary logs into text logs. A data dictionary is the
aggregation of log IDs and fixed information required in the log, such as the level, mnemonic
symbol, and format string. The generated data dictionary is downloaded by the external
resolution tool.
Procedure
Step 1 Run:
system-view
Step 2 Run:
info-center create-logbook { file-name | ftp ftp-address user-name user-name
password password [ file-name file-name | port-id port-number ] * }
The data dictionary is generated.
----End
2.3.6 Outputting Logs to the Log Buffer

The log buffer stores the latest logs generated by the system. You can set the log buffer size or
channels in this task.
Procedure
l Configure the channel through which logs are output.
1. Run the following command on the router enabled with the information center:
system-view

2. Run:
info-center source { module-name | default } channel { channel-number |
channel-name } [ log { state { off | on } | level severity } * ]
Logs are sent to the information channel.
Logs can be output only after the information center is enabled.

l Configure the channel through which logs are output.
1. Run the following command on the router enabled with the information center:
system-view

2. Run:
info-center logbuffer [ channel { channel-number | channel-name } ]
The channel through which logs are output to the log buffer is configured.
3. (Optional) Run:
info-center logbuffer [ channel { channel-number | channel-name } | size
buffersize ] *
The size of the log buffer is configured.

After the information center is enabled, logs are output to the log buffer through
Channel 4 by default and the log buffer can cache a maximum of 512 logs.
----End
2.3.7 Outputting Logs to a Log File

When a fault occurs on the device, you locate the fault based on information saved in the log
file.
Context
NOTE
The system selects a storage medium in descending order of priority: sd0, sd1, usb0, and usb1. The default
log storage medium is sd0. If sd0 is unavailable, the default log storage medium is sd1. If none of sd0, sd1,
usb0, and usb1 is unavailable, the log files cannot be saved. The log storage path is in the format of storage
medium name:/logfile, for example, usb0:/logfile.
Procedure
Step 1 Send logs to a channel.
1. Run:
system-view

2. Run:
info-center source { module-name | default }channel { channel-number | channel-
name } [ log { state { off | on } | level severity } * ]
Logs are sent the information channel.
Step 2 Configure the channel through which logs are output to the log file.
1. Run:
info-center logfile channel { channel-number | channel-name }
The channel through which logs are output to the log file is configured.
Step 3 (Optional) Configure the size of the log file output by the information center.
1. Run:
info-center logfile size size
The size of the configuration file is set.
By default, the size of log files is 8 MB.
----End
2.3.8 Outputting Logs to the Console

By outputting logs to the console, you can view the operating status of the device on the console.

Procedure
Step 1 Configure the logs to be output through the channel.
1. Do as follows on the router configured with the information center, run:
system-view

2. Run:
Logs are added to the information channel.

Step 2 Configure the channel through which logs are output to the console.
1. Run:
info-center console channel { channel-number | channel-name }
The channel through which logs are output to the Console is configured.
2. Run:
quit
Return to the user view.

Step 3 Enable terminal display.
terminal monitor
Terminal display is enabled.

2. Run:
terminal logging
Displaying logs on the terminal is enabled.
----End
2.3.9 Outputting Logs to the Terminal

By outputting logs to the terminal, you can view the operating status of the device on the terminal.
Procedure
1. Run:
system-view

2. Run:
info-center source { module-name | default } channel { channel-number | channel-
name } [ log { state { off | on } | level severity } * ]


Step 2 Configure the information channel through which logs are output to the terminal.
1. Run:
info-center monitor channel { channel-number | channel-name }
The information channel through which logs are output to the terminal is configured.
2. Run:
quit

1. Run:
system-view

terminal monitor

2. Run:
terminal logging
The log display is enabled on the terminal.
----End
2.3.10 Outputting Logs to the Log Host

By outputting logs to the log host, you can view the operating status of the device on the log
host.
Procedure
system-view

2. Run:

Step 2 Configure the channel through which logs are output to the log host.
l (On an IPv4 network) Run:
info-center loghost ip-address [ channel { channel-number | channel-name } |
facility local-number |
{ language language-name | binary [ port ] } | { vpn-instance vpn-instance-name
| public-net } ] *
The channel through which logs are output to the log host is configured.
By default, logs are not output to the log host after the information center is enabled.
The system supports the configuration of a maximum of eight log hosts to realize backup
among log hosts.
----End

2.3.11 Checking the Configuration

Checking the Configuration of Information Center
Prerequisite
The configurations of the information center function are complete.
Procedure
l Run the display channel [ channel-number | channel-name ] command to check the
configuration of a channel.
l Run the display info-center [ statistics ] command to check the information recorded by
an information center.
l Run the display logbuffer command to view the information recorded by a log buffer.
l Run the display info-center filter-id { id } command to check whether the ID of a single
log is added into the filtering list.
l Run the display info-center filter-id command to check whether IDs of all logs are added
into the filtering list.
----End
Example
Run the display channel [ channel-number | channel-name ] command to check the contents of
information channels.
<Huawei> display channel
channel number: 0, channel name: console
MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y warning Y debugging Y debugging
channel number: 1, channel name: monitor

channel number: 2, channel name: loghost

ffff0000 default Y informational Y debugging N debugging
channel number: 3, channel name: trapbuffer

ffff0000 default N informational Y debugging N debugging
channel number: 4, channel name: logbuffer

ffff0000 default Y warning N debugging N debugging
channel number: 5, channel name: snmpagent

ffff0000 default N debugging Y debugging N debugging
channel number: 6, channel name: channel6

ffff0000 default Y debugging Y debugging N debugging




Run the display info-center command to check the contents of information center.
Information Center: enabled
Log host:
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
max buffer size: 1024, current buffer size: 512
current messages: 6, channel number: 4, channel name: logbuffer
dropped messages: 0, overwritten messages: 0
Trap buffer:
enabled
current messages: 0, channel number: 3, channel name: trapbuffer
Logfile:
channel number: 9, channel name: channel9, language: English
Information timestamp setting:
log - date, trap - date, debug - date
Sent messages = 25, Received messages = 25
Run the display logbuffer command to view the logs in the log buffer.
<Huawei> display logbuffer
Logging buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 512
Channel number: 4, Channel name: logcy
Dropped messages: 0
Overwritten messages: 0
Current messages: 1
Aug 21 2007 18:33:31+00:00 AR200-V2R2C00-161 %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Som

e packets are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-Count=
474)
Run the display info-center filter-id [ id ] command to check whether the log with the ID being
1098649600 is added into the filtering list.
<Huawei> display info-center filter-id 1098649600
ID : 1098649600
Content : LSPM return error to TE when processing tunnel commit event!
(TunnelName=[STRING], ErrorCode=[ULONG])
Filtered Number : 0
Run the display info-center filter-id command to check whether IDs of all logs are added into
the filtering list.
<Huawei> display info-center filter-id
ID: 3221442627
Content: The message was discarded because module batch doesn't begin. (
SourceModuleId=[ULONG], SourceModuleSubId=[ULONG], DestinationModuleId=[ULONG],
DestinationModuleSubId=[ULONG])
Filtered Number: 0
ID: 3491254537

Content: Add the route [STRING] that have other flags besides deleted fl
ag [USHORT]
Filtered Number: 0
2.4 Enabling Alarm Output

This section describes how to configure a specific module to output alarm information to log
files, consoles, terminals, or SNMP agents.

Before configuring the alarm output, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the required data. This can help you complete
The device can generate alarms in specific situations to draw attention of the administrators.
Alarms can be output to the alarm buffer, log file, Console, terminal, and Network Management
System (NMS), through which the administrator can easily locate and rectify the fault.
Before enabling alarm output, complete the following tasks:
l Connecting the router and the NM station correctly

l Configuring routes between the router and the NM station
Data Preparation
To configure alarm output, you need the following data.
No. Data
1 l Channel number
l Channel name
2 Module name
3 Severity level of alarms
4 (Optional) Size of an alarm buffer
5 IP address of Network Management System

enabled.

Context
Classifying and outputting a large amount of information degrades system performance.
Procedure
Step 1 Run:
system-view

Step 2 Run:
info-center enable

----End

Naming information channels helps clarify what is output by each channel.
Context
Do as follows on the router configured with the information center.
Procedure
Step 1 Run:
system-view

Step 2 Run:
The information channel specified by the channel-number is named as channel-name.
----End
2.4.4 Outputting Alarms to the Alarm Buffer

By default, alarms are output to the alarm buffer through a default channel. You can configure
alarms to be output through a specific channel.
Context
Do as follows on the router configured with the information center:
Procedure
Step 1 Configure the alarms to be output through the channel.
1. Run:
system-view


2. Run:
name } [ trap { state { off | on } | level severity } * ]
Alarms are added to the information channel.

For the specific modules, the default configurations are as follows:
For the log information, the state is on and the allowed information level is warning.
For the alarm information, the state is on and the allowed information level is
debugging.
For the debugging information, the state is off.
Step 2 Configure the channel through which alarms are output to the alarm buffer.
1. Run:
info-center trapbuffer [ channel { channel-number | channel-name } ]
The alarm buffer is set to receive information.

2. Run:
(optional)info-center trapbuffer [ channel { channel-number | channel-name }
| size buffersize ] *
The channel through which alarms are output to the alarm buffer is configured.
After the information center is enabled, alarms default to be output through Channel 3 to
the alarm buffer and the alarm buffer can contain 256 pieces of information.
----End
2.4.5 Outputting Alarms to the Log File

When a fault occurs on the device, you can analyze the output alarms to provide references for
fault location.
Context
Procedure
Step 1 Send logs to the channel.
1. Run:
system-view

2. Run:


debugging.
Step 2 Configure the channel through which alarms are output to the log file.
1. Run:
The channel through which alarms are output to the log file is configured.
By default, alarms are output through Channel 9 to the log file after the information center
is enabled.
1. Run:
The size of the log buffer is set.

By default, the size of log files is 8 MB.
----End
2.4.6 Outputting Alarms to the Console

By outputting alarms to the console, you can view the operating status of the device on the
console.
Context
Procedure
1. Run:
system-view

2. Run:

debugging.
Step 2 Configure the channel through which alarms are output to the console.
1. Run:

The channel through which alarms are output to the Console is configured.
By default, alarms are output to the Console through Channel 0.
2. Run:
quit

1. Run the following command on the router configured with the information center:
terminal monitor

2. Run:
terminal trapping
Displaying alarms on the terminal is enabled.
----End
2.4.7 Outputting Alarms to the Terminal

By outputting alarms to the terminal, you can view the operating status of the device on the
terminal.
Context
Procedure
1. Run:
system-view

2. Run:

debugging.
Step 2 Configure the channel through which alarms are output to the VTY terminal.
1. Run:
The channel through which alarms are output to the VTY terminal is configured.

By default, alarms are output to the VTY terminal through Channel 1.

2. Run:
quit

1. Run:
terminal monitor

2. Run:
terminal trapping
Displaying alarms on the terminal is enabled.
----End
2.4.8 Outputting Alarms to the SNMP Agent

By outputting alarms to the SNMP agent, you can view the operating status of the device on the
NMS.
Context
Procedure
1. Run:
system-view

2. Run:

debugging.
Step 2 Configure the channel through which alarms are output to the SNMP agent.
1. Run:
info-center snmp channel { channel-number | channel-name }
The channel through which alarms are output to the SNMP agent is configured.
By default, alarms are output to the SNMP agent through Channel 5.

2. Run:
snmp-agent
SNMP agent is enabled.
----End

After configuring the alarm output, you can use related commands to confirm the configuration.
Prerequisite
The configurations of the alarm output function are complete.
Procedure
the information center.
l Run the display trapbuffer [ size value ] command to check the information recorded by
the alarm buffer.
----End
Example
Run the display channel command to show channels.
<Huawei> display channel

channel number: 2, channel name: loghost

ffff0000 default Y informational Y debugging N debugging
channel number: 3, channel name: trapbuffer

ffff0000 default N informational Y debugging N debugging
channel number: 4, channel name: logbuffer

ffff0000 default Y warning N debugging N debugging

ffff0000 default N debugging Y debugging N debugging





Run the display info-center command to show the data recorded by info-center.
<Huawei> display info-center
Log host:
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
Run the display trapbuffer command. If alarms in the alarm buffer are displayed, it means that
the configuration is successful.
<Huawei> display trapbuffer
Trapping buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 256
Channel number: 3, Channel name: trapbuffer
Dropped messages: 0
Overwritten messages: 713
Current messages: 1
#Aug 23 2007 18:47:19+00:00 AR200-V2R2C00-161 SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OI

D=1.3.6.1.4.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.
216.1 exceed the speed-limit value configed 5.
2.5 Enabling the Output of Debugging Information

This section describes how to configure a specific module to output debugging information to
log files, consoles, terminals, or SNMP agents.

Context
CAUTION
Debugging degrades system performance. Therefore, after debugging, run the undo debugging
all command to disable debugging immediately. When the CPU usage is close to 100%,
debugging ARP may cause boards to reset. So, confirm the action before you use the command.

Before configuring the debugging message output, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This can help
you complete the configuration task quickly and accurately.
When faults occur on a device, you can enable the information center to output debugging
information for easy faults location and analysis.
Before enabling the output of debugging information, complete the following tasks:
l Connecting the router and the PC correctly
l Configuring routes between the router and the log host
Data Preparation
To enable the output of debugging information, you need the following data.
No. Data
1 l Channel number
l Channel name
2 Module name
3 Severity level of debugging information
4 IP address of a log host

enabled.
Context
Classifying and outputting a large amount of information degrades system performance.

Procedure
Step 1 Run:
system-view

Step 2 Run:
info-center enable

----End

Naming information channels helps clarify what is output by each channel.
Context
Do as follows on the router configured with the information center.
Procedure
Step 1 Run:
system-view

Step 2 Run:
The name of the specified channel is set.
----End
2.5.4 Outputting Debugging Information to the Log File

When a fault occurs on the device, you can analyze the output debugging messages to provide
references for fault location.
Context
Procedure
Step 1 Configure debugging information to be output through the channel.
1. Run:
system-view

2. Run:
name } [ debug { state { off | on } | level severity } * ]

Debugging information is added to the information channel.

debugging.
Step 2 Configure the channel through which debugging information is output to the log file.
1. Run:
The channel through which debugging information is output to the log file is configured.
1. Run:
By default, the debugging information is not saved in the log file. If you want the debugging
information to be saved in the log file, run the info-center source default channel 9
debug state on level severity command to add records to the information channel.
----End
2.5.5 Outputting Debugging Information to the Console

When logging in to the device through a console, output debugging messages to the console for
a query in real time.
Context
Procedure
1. Run:
system-view

2. Run:

debugging.

Step 2 Configure the channel through which debugging information is output to the console.
1. Run:
The channel through which debugging information is output to the console is configured.
2. Run:
quit

1. Run:
terminal monitor

2. Run:
terminal debugging
Displaying debugging information on the terminal is enabled.
----End
2.5.6 Outputting Debugging Information to the Terminal

When logging in to the device through a terminal, output debugging messages to the terminal
for query in real time.
Context
Procedure
1. Run:
system-view

2. Run:

debugging.
Step 2 Configure the channel through which debugging information is output to the terminal.
1. Run:

The channel through which debugging information is output to the terminal is configured.
2. Run:
quit

1. Run:
terminal monitor

2. Run:
terminal debugging
Displaying debugging information on the terminal is enabled.
----End
2.5.7 Outputting Debugging Information to the Log Host

By outputting debugging messages to the log host, you can view debugging messages more
conveniently.
Procedure
1. Run:
system-view

2. Run:

Step 2 Configure the channel through which debugging information is output to the log host.
l (On an IPv4 network) Run:
info-center loghost ip-address [ channel { channel-number | channel-name } |
facility local-number |
{ language language-name | binary [ port ] } | { vpn-instance vpn-instance-
name| public-net } ] *
The channel through which debugging information is output to the log host is configured.
By default, debugging information is not output to the log host after the information center
is enabled.
The system supports the configuration of a maximum of eight log hosts to realize backup
among log hosts.
----End

After configuring the debugging message output, you can view the configuration of the
information center.

Prerequisite
The configurations of the debugging information function are complete.
Procedure
an information center.
----End
Example
Run the display channel command. For example:
<Huawei> display channel 0
416e0000 ARP Y warning Y debugging Y debugging
Run the display info-center command. For example:

Log host:
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
2.6 Maintaining Information Center

This section describes how to run the following commands to delete messages in the buffer of
the information center. Note that deleted messages cannot be restored.

Context
CAUTION
Statistics about the information center cannot be restored after being cleared. So, confirm the
action before you use the command.
Procedure
l To clear statistics about the information center, run the reset info-center statistics
command in the user view.
l To clear statistics about the log buffer, run the reset logbuffer command in the user view.
l To clear statistics about the alarm buffer, run the reset trapbuffer command in the user
view.
----End
2.7 Information Center Configuration Examples

This section provides information center configuration examples.
2.7.1 Example for Outputting Logs to the Log File

This section describes how to output logs of a specific module or specific severity level to the
log file. This enables maintenance engineers to monitor the operating status of the device and
locate a fault by checking the output logs.
Networking Requirements
As shown in Figure 2-4, Router A is required to transport logs to a File Transfer Protocol (FTP)
server. Maintenance engineers can easily obtain the operating status of Router A and locate any
faults occurring on it.
NOTE
The system selects a storage medium in descending order of priority: sd0, sd1, usb0, and usb1. The default
log storage medium is sd0. If sd0 is unavailable, the default log storage medium is sd1. If none of sd0, sd1,
usb0, and usb1 is unavailable, the log files cannot be saved. The log storage path is in the format of storage
medium name:/logfile, for example, usb0:/logfile.
Figure 2-4 Networking diagram of log output to the log file
10.2.1.1/16
GE1/0/0 IP network
RouterA FTP Server

10.1.1.1/16

Configuration Roadmap
The configuration roadmap is as follows:
1. Enable the information center.
2. Configure the contents of the logs to be output.
3. Configure the channel through which logs are output.
4. Configure logs to be output to the FTP server.
Data Preparation
To complete the configuration, you need the following data:
l IP address of each interface
l Information channel number
l Module enabled to output logs
l Severity levels of logs
l Language in which logs are output
l IP address of the FTP server
l User name and password of the FTP server
Procedure
Step 1 Configure the routing protocol to make the router and the FTP server reachable. (The detailed
procedure is not mentioned here.)
Step 2 Configure the user name and password that are used on the FTP server. (The configuration details
are not provided here.)
Step 3 Enable the information center:
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] info-center enable

# Configure the module enabled to output the logs and the severity levels of the logs that are
allowed to be output.
[RouterA] info-center source ip channel channel9 log level warnings
Step 5 Configure the channel through which logs are output.

# Configure the channel through which logs are output to the log file.
[RouterA] info-center logfile channel channel9
[RouterA] quit
Step 6 Configure logs to be output to the FTP server.

# Log in to the FTP server.
<RouterA> ftp 10.1.1.1
# Configure logs to be output to the FTP server.

[RouterA-ftp] put log.log
[RouterA-ftp] quit

<RouterA>
Step 7 Verify the configuration.
# View the logs that are output through the channel.

<RouterA> display info-center
Log host:
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
# View the received logs on the FTP server. (The display is omitted here.)
----End
Configuration Files
#
sysname RouterA
#
info-center source IP channel 9 log level warning
#
interface GigabitEthernet1/0/0
ip address 10.2.1.1 255.255.0.0
#
ip route-static 10.1.0.0 255.255.0.0 10.2.1.2
#
return
2.7.2 Example for Outputting Logs to Log Hosts

This section describes how to output logs of different modules or severity levels to different log
hosts, and how to configure backup log hosts.
As shown in Figure 2-5, logs of multiple types and severity levels must be output to different
log hosts through information channels.
Router sends the logs (with a severity level as notification) generated on the Forwarding
Information Base (FIB) module and the IP module to the log host Server 1. Server 3 functions
as a backup router of Server 1.

Router sends the logs (with a severity level as warning) generated on the Point-to-Point Protocol
(PPP) module and the AAA module to the log host Server 1. Server 4 functions as a backup
router of Server 2.
Both the Router s and the log hosts need to be configured.
Figure 2-5 Networking diagram of outputting logs to the log host

10.1.1.2/24 10.1.1.1/24
Server 3 Server1
GE1/0/0
172.16.0.1/24
Router
Server 4 Server 2
10.2.1.2/24 10.2.1.1/24
2. Name the tunnel.
3. Specify the module enabled to output logs.
4. Configure the channel for outputting logs.
5. Configure the source interface that sends logs.
6. Configure the log host.
Data Preparation
l IP address of the log host
l Name of the channel through which logs are output
l Module enabled to output logs
l Information severity level
l Language in which the log is output
Procedure
Step 1 Configure routing protocols to make the router and log server routable. (The detailed procedure
is not mentioned here.)
Step 2 Configure the channel for outputting logs.
# Enable the information center.

[Huawei] info-center enable
Step 3 Name the channel.
# Name the channel through which logs are output.

[Huawei] info-center channel 6 name loghost1
Step 4 Configure the channel through which logs are output.
# Configure the module enabled to output logs and the severity levels of logs allowed to be
output.
[Huawei] info-center source fib channel loghost log level notifications
[Huawei] info-center source ip channel loghost log level notifications
[Huawei] info-center source ppp channel loghost1 log level warnings
[Huawei] info-center source aaa channel loghost1 log level warnings
Step 5 Configure the source interface that sends logs.
# Configure the source interface that sends logs.

[Huawei] info-center loghost source gigabitethernet 1/0/0
Step 6 Configure the logs to be output to a specified log host.
# Specify Server 1 as the log server and Server 3 as the backup log server to receive the logs
from the FIB module and the IP module. The logs are output in English, by Local2.
[Huawei] info-center loghost 10.1.1.1 channel loghost facility local2 language
english
[Huawei] info-center loghost 10.1.1.2 channel loghost facility local2 language
english
# Specify Server 2 as the log server and Server 4 as the backup log server to receive the logs
from the PPP module and the AAA module. The logs are output by Local4.
[Huawei] info-center loghost 10.2.1.1 channel loghost1 facility local4 language
english
[Huawei] info-center loghost 10.2.1.2 channel loghost1 facility local4 language
english
Step 7 Configure the log server.
A log server is used to collect logs of the device when the storage memory of the router is not
large enough to record them.
Log servers can be installed with a Unix or Linux operating system or with the log software of
a third party.
If installed with a Unix or Linux operating system, logs enabled with Syslog can be collected
by the host.
If the host has a Linux operating system, choose from the following options:
l To create log files:

Run the touch loghost.info command in the directory /var/log to create a file loghost.info
to record logs of the router.
l To edit configuration files:
Edit etc/syslog.conf to loghost.info /var/log/router.log, which specifies the log host name.
The logs with the severity level listed are then output to /var/log/loghost.log.
l To configure the file etc/sysconfig/syslog:

Modify syslogd_options="-m o" to syslogd_option="-1 -m o", enabling the system to record

the logs of remote devices.
l To enable Syslog:
Run the service syslog restart command.
If the host has a third party's log software installed, this software can be configured to implement
host's log collection function. For example, the HUAWEI iManager 2000 supports various log
management settings and can therefore receive, filter, save, and forward the Syslog messages
sent by the device.
For the procedure for configuring log services on the HUAWEI iManager N200, refer to the
HUAWEI iManager N2000 DM - Compound Package User Manual Volume I.
# Display the configuration of the log host.

Log host:
the interface name of the source address:GigabitEthernet1/0/0
10.1.1.1, channel number: 2, channel name: loghost
language: english, host facility: local2
10.2.1.1, channel number: 6, channel name: loghost1
10.2.1.2, channel number: 6, channel name: loghost1
Console:
channel number : 0, channel name : console
Monitor:
channel number : 1, channel name : monitor
SNMP Agent:
channel number : 5, channel name : snmpagent
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
log - date, trap - date, debug - boot
----End
Configuration Files
#
info-center channel 6 name loghost1
info-center source FIB channel 2 log level notification
info-center source IP channel 2 log level notification
info-center source PPP channel 6 log level warning
info-center source AAA channel 6 log level warning
info-center loghost source GigabitEthernet1/0/0
info-center loghost 10.1.1.1 facility local2

info-center loghost 10.1.1.2 facility local2

info-center loghost 10.2.1.1 channel 6 facility local4
info-center loghost 10.2.1.2 channel 6 facility local4
#
ip address 172.16.0.1 255.255.255.0
#
ip route-static 10.1.1.0 255.255.255.0 172.16.0.2
ip route-static 10.2.1.0 255.255.255.0 172.16.0.2
#
return
2.7.3 Example for Configuring Binary Logs to be Sent to the Log

Host
This section describes how to output logs to the log host in binary mode. Outputting logs in
binary mode can effectively lighten the network load.
As shown in Figure 2-6, binary logs generated on Router A are sent to the log host in real time.
Users or maintenance personnel can analyze the log through log analysis tools and locate the
fault.
Figure 2-6 Example for Configuring Binary Logs to be sent to the Log Host
GE1/0/0
10.1.1.1/24
RouterA Loghost
10.1.1.6/24
1. Enable the information center on the router.
2. Add the ID of the log to be filtered.
3. Configure binary logs to be sent to the log host.
Data Preparation
To complete the configuration, you need to perform the following data:
l ID of the log to be filtered
l IP address of the FTP server
l User name and password used for logging into the FTP server
l IP address of the log host
Procedure
Step 1 Configure routes between Router A and Loghost. (The detailed procedure is not mentioned here.)

Step 2 Enable the information center.

# Enable the information center.
Step 3 Add the ID of a log to be filtered.

# Configure the module and channel used to output alarm messages.
[Huawei] info-center filter-id 1077514264
Step 4 Configure binary logs to be sent to the log host.

[Huawei] info-center loghost 10.1.1.6 binary

# Check the added ID of the log to be filtered.
[Huawei] display info-center filter-id 1077514264
ID: 1077514264
Content: task: [string] ip: [string] user: [string] command: [string]
Filtered Number: 3
# Check the channel used by the SNMP agent to output alarms.

[Huawei] display info-center
Log host:
binary loghost, port number: 514
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
----End
Configuration Files
#
ip address 10.1.1.1 255.255.255.0
#
info-center filter-id 1077514264
info-center loghost 10.1.1.6 binary
#
return

2.7.4 Example for Outputting Alarms to the SNMP Agent

After alarms are output to the SNMP agent, the NM Station can receive the alarms sent from
the device.
As shown in Figure 2-7, alarms are required to be output first to the SNMP agent and then to
the NM Station through SNMP Agent.
Figure 2-7 Networking diagram of outputting alarms to the SNMP Agent
GE1/0/0
NM Station Agent
10.1.1.1/24 10.1.1.2/24
1. Enable the information center on the router.
2. Specify the module enabled to output logs and configure the channel through which the
alarm is output.
3. Enable the outputting alarm to the SNMP agent.
4. Enable transmitting alarms to the NM Station through SNMP.
Data Preparation
l Module enabled to output alarms
l Severities of alarms
Procedure
Step 2 Specify the module enabled to output alarms and configure the channel used to output alarms.
# Specify the module enabled to output alarms and configure the channel used to output alarms.
[Huawei] info-center source ip channel channel7 trap level informational state on
NOTE
By default, alarms are output through the SNMP agent and information about all modules is displayed.
Step 3 Enable outputting alarms to the SNMP agent.

# Enable outputting alarms to the SNMP agent.

[Huawei] info-center snmp channel channel7
Step 4 Enable transmitting alarms to the NM Station through SNMP agent.

# Start the SNMP agent and set the SNMP version to SNMPv2c.
[Huawei] snmp-agent sys-info version v2c
# Configure the alarm function.

[Huawei] snmp-agent trap enable
All switches of SNMP trap/notification will be open. Continue? [Y/N]:y
[Huawei] snmp-agent target-host trap-hostname nms address 10.1.1.1 trap-paramsname
trapnms
[Huawei] snmp-agent target-host trap-paramsname trapnms v2c securityname public

# View the channel used to output alarms to the SNMP agent.
Log host:
binary loghost, port number: 514
Console:
Monitor:
SNMP Agent:
Log buffer:
enabled
Trap buffer:
enabled
Logfile:
# View the alarms output through the channel selected by SNMP agent.
[Huawei] display channel 7
c16a0000 IP Y debugging Y informational N debugging
# View the alarms output to the NM Station through SNMP agent.

[Huawei] display snmp-agent target-host
Traphost list:
Target host name: nms
Traphost address: 10.1.1.1
Traphost portnumber: 162
Target host parameter: trapnms
Total number is 1

Parameter list trap target host:

Parameter name of the target host: trapnms
Message mode of the target host: SNMPV2C
Trap version of the target host: v2c
Security name of the target host: public
Total number is 1
----End
Configuration Files
#
info-center source IP channel 7 trap level informational
info-center snmp channel 7
#
ip address 10.1.1.2 255.255.255.0
#
snmp-agent
snmp-agent local-engineid 000007DB7F00000100003598
snmp-agent sys-info version v2c
snmp-agent target-host trap-hostname nms address 10.1.1.1 udp-port 162 trap-
paramsname trapnms
snmp-agent target-host trap-paramsname trapnms v2C securityname public
snmp-agent trap enable
#
return
2.7.5 Example for Outputting the Debugging Information to the

Console
After debugging messages are configured to be output to the console, log in to the device through
the console. When a fault occurs, run the debugging command to view debugging messages.
As shown in Figure 2-8, it is required to output the debugging information of the Address
Resolution Protocol (ARP) module to the console.
Figure 2-8 Networking diagram of outputting information to the console

Console
Router PC
2. Set the logs to be output to the console and the information module.
3. Configure the channel through which the debugging information is output.
4. Enable the terminal monitor function and display the debugging information.

Data Preparation
l Module enabled to output the logs
l Information severity level
Procedure
Info: Current terminal monitor is on.
Info: Current terminal debugging is on.
Step 2 Allow the debugging on the ARP module to be output to the Console with the severity level of
the information as debugging.
[Huawei] info-center source arp channel console debug level debugging
[Huawei] info-center console channel console
[Huawei] quit
Step 3 Enable the terminal monitor function to display the debugging information.
<Huawei> terminal monitor
<Huawei> terminal debugging
Step 4 Enable ARP module debugging.

<Huawei> debugging arp packet

# View the configuration of the channel.
<Huawei> display channel 0
c16e0000 ARP Y warning Y debugging Y debugging
----End
Configuration Files
#
info-center source ARP channel 0
#
return

Configuration Guide - Device Management 3 Mirroring Configuration
3 Mirroring Configuration
About This Chapter
This document describes the mirroring configuration procedures and provides configuration
examples.
3.1 Introduction to Mirroring

This section describes the principle and concepts of mirroring.
3.2 Mirroring Features Supported by the AR2200-S
The AR2200-S supports local mirroring.
3.3 Configuring Local Port Mirroring
To monitor and analyze all the packets passing through the mirrored interface that is located on
the same AR2200-S as the observing interface, configure local port mirroring on the AR2200-
S.
3.4 Configuring Local Flow Mirroring
To monitor and analyze the packets with same characteristics passing through the mirrored
interface that is located on the same AR2200-S as the observing interface, configure local port
mirroring on the AR2200-S.
3.5 Configuring Packet Capture Using Mirroring
This section describes how to configure packet capture using mirroring so that packets entering
the device interface can be displayed on the terminal or saved to the device.
3.6 Configuration Examples
This section describes the networking requirements, configuration roadmap, and data
preparation for mirroring and provides the configuration examples.

3.1 Introduction to Mirroring

This section describes the principle and concepts of mirroring.
Definition
Mirroring is a function that copies the packets on the mirrored interface (source interface) to the
observing interface (destination interface). When the observing interface is connected to a
monitoring device, you can use the monitoring device to analyze the packets copied to the
observing interface for network monitoring and fault troubleshooting.
Terms
Mirroring is classified into port mirroring and flow mirroring. Port mirroring and flow mirroring
involve the following interfaces:
l Observing interface
An observing interface is connected to a monitoring device and is used to export the traffic
copied from the mirrored interface.
l Mirrored interface
A mirrored interface is the interface to be observed. In port mirroring, all the packets passing
through the mirrored interface are copied to the observing interface. In flow mirroring, all
the packets matching the traffic classifier rules are copied to the observing interface.
3.2 Mirroring Features Supported by the AR2200-S

The AR2200-S supports local mirroring.
Local mirroring includes local port mirroring and local flow mirroring.
Local Port Mirroring

As shown in Figure 3-1, when the mirrored interface connected to monitored devices and the
observing interface are located on the same device, local port mirroring can be configured on
the Router to monitor and analyze the packets on the monitored devices. The Router copies the
packets passing through a mirrored interface and sends the packets to a specified observing
interface for analysis and monitoring. In port mirroring, all the packets passing through a
mirrored interface are copied to an observing interface.

Figure 3-1 Networking diagram of local port mirroring
Mirrored
interface
Router
Mirrored Observing
interface interface
Interface
Packet flows Monitoring
Copied packet flows device
Local Flow Mirroring

As shown in Figure 3-2, the Router copies specified data passing through a flow mirrored
interface to a specified observing interface for analysis and monitoring. A flow mirrored
interface refers to the interface to which a traffic policy containing the flow mirroring action is
applied. If the packets passing through the flow mirrored interface match a traffic classifier in
the traffic policy on this interface, the packets are copied and sent to an observing interface.
Figure 3-2 Networking diagram of local flow mirroring
Flow mirrored
interface
Router
Flow mirrored Observing

interface interface
Interface
Traffic classification match Monitoring device
Packet flows
Mirrored flows
Copied packet flows

Local Mirroring Specifications

On the AR2200-S configured with local mirroring, only one observing interface can be
configured. The observing interface can only be configured on LAN-side Ethernet interfaces.
The packets on multiple interfaces can be mirrored to one observing interface.
In local port mirroring, the AR2200-S supports inter-board mirroring. That is, the observing
interface and mirrored interface can be on different LPUs of a router.
In local flow mirroring, when a WAN-side interface is used as a mirrored interface, the AR2200-
S supports inter-board mirroring. When a LAN-side interface is used as a mirrored interface,
the AR2200-S does not support inter-board mirroring.
NOTE
Observing and mirrored interfaces are configured on the same device.

The packets on the mirrored interface are copied to the observing interface; therefore, the observing
interface is considered as the outbound interface of the packets. In this case, the discarded packets on the
mirrored interface are not counted.
When you configure the observing interface and mirrored interface, pay attention to the interface
bandwidth. For example, if a GE interface is used as the mirrored interface and an Ethernet interface is
used as the observing interface, the observing interface has no sufficient capability to receive packets and
mirroring packets may be lost.
Remote Mirroring Specifications

Only one observing server can be configured, and there must be a reachable route from the
mirrored interfaces to the observing server. The packets on multiple mirrored interfaces can be
mirrored to one observing server.
3.3 Configuring Local Port Mirroring

S.

Before configuring local port mirroring, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the required data. This will help you complete
An intranet has high requirements for information security and privacy protection. You can
configure mirroring on an interface to monitor incoming and outgoing data packets. The
management server that has the monitoring software installed can capture these packets for
analysis and fault location.
S.

Ensuring that the link layer protocol status of interfaces is Up
Data Preparation
To configure local port mirroring, you need the following data.
No. Data
1 Type and number of the observing interface.
2 Type and number of the mirrored interface.
3 Direction to which packets are mirrored.
3.3.2 Configuring a Local Observing Interface

The local observing interface is used to export the packets copied from the mirrored interface.
Context
After an interface is configured as the observing interface, other configurations are not
recommended on the interface. Otherwise, the following situations may occur:
l If other service traffic exists on the observing interface in addition to mirrored packets, the
packet source cannot be differentiated.
l If congestion occurs on the observing interface, mirrored packets may be discarded because
the priority of mirrored is low.
Procedure
Step 1 Run:
system-view

Step 2 Run:
observe-port [ observe-port-index ] interface interface-type interface-number
A local observing interface is configured.

observe-port-index specifies the observing interface index.
NOTE
On the AR2200-S, only one observing interface can be configured.

Other configurations are not recommended on the observing interface; otherwise, non-mirrored packets
may be forwarded through the observing interface.
----End
3.3.3 Configuring a Local Mirrored Interface

All the packets passing through the local mirrored interface are copied to the observing interface.

Context
If you want to configure an Eth-Trunk as a mirrored interface, run the interface eth-trunk trunk-
id command to create an Eth-Trunk first. Pay attention to the following points when you use an
Eth-Trunk as a mirrored interface:
l If an Eth-Trunk is configured as a mirrored interface, its member interfaces cannot be
configured as mirrored interfaces. To configure a member interface as a mirrored interface,
delete it from the Eth-Trunk first.
l If a member interface of an Eth-Trunk is configured as a mirrored interface, the Eth-Trunk
cannot be configured as a mirrored interface. To configure the Eth-Trunk as a mirrored
interface, delete the member interface from it first.
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
The interface view is displayed.
Step 3 Run:
port-mirroring to observe-port observe-port-index { both | inbound | outbound }
A local mirrored interface is configured.
observe-port-index specifies the observing interface index. The value of this parameter must be
the same as the value set in 3.3.2 Configuring a Local Observing Interface.
NOTE
If the downstream mirroring interface is configured with an ACL, the ACL does not take effect for mirroring
packets. After the mirrored interface is specified, all packets on the interface are mirrored regardless of
whether a traffic policy is configured.
----End

After port mirroring is configured, check the usage of the observing interface and mirrored
interface.
Prerequisite
The configurations of port mirroring are complete.
Procedure
l Run the display observe-port command to check the observing interface in port mirroring.
l Run the display port-mirroring command to check the mirrored interface in port
mirroring.
----End

3.4 Configuring Local Flow Mirroring

To monitor and analyze the packets with same characteristics passing through the mirrored

Before configuring local flow mirroring, familiarize yourself with the applicable environment,
An intranet has high requirements for information security and privacy protection. You can
configure mirroring on an interface to monitor incoming and outgoing data packets. The
management server that has the monitoring software installed can capture these packets for
analysis and fault location.
To monitor and analyze the packets with some characteristics passing through the mirrored
None.
Data Preparation
To configure local flow mirroring, you need the following data.
No. Data
1 Type and number of the observing interface
2 Type and number of the traffic mirrored interface
3 Names of the traffic classifier, traffic behavior, traffic policy, and traffic classification
rules
3.4.2 Configuring a Local Observing Interface

The local observing interface is used to export the packets copied from the mirrored interface.
Context
After an interface is configured as the observing interface, other configurations are not
recommended on the interface. Otherwise, the following situations may occur:

l If other service traffic exists on the observing interface in addition to mirrored packets, the
packet source cannot be differentiated.
l If congestion occurs on the observing interface, mirrored packets may be discarded because
the priority of mirrored is low.
Procedure
Step 1 Run:
system-view
Step 2 Run:
observe-port [ observe-port-index ] interface interface-type interface-number
A local observing interface is configured.
observe-port-index specifies the observing interface index.
NOTE
On the AR2200-S, only one observing interface can be configured.

Other configurations are not recommended on the observing interface; otherwise, non-mirrored packets
may be forwarded through the observing interface.
----End
3.4.3 Configuring Complex Traffic Classification

Select proper traffic classification rules and configure complex traffic classification as required.
For the configuration procedure, see Configuring Traffic Classification in the Huawei AR2200-
S Series Enterprise Routers Configuration Guide - QoS.
3.4.4 Creating a Local Traffic Behavior

Configure the local flow mirroring action to copy the packets matching traffic classification
rules to the observing interface.
Procedure
Step 1 Run:
system-view
Step 2 Run:
traffic behavior behavior-name
A traffic behavior is created and the traffic behavior view is displayed.
Step 3 Run:
mirroring to observe-port observe-port-index
The flows matching rules are mirrored to the specified observing interface.

observe-port-index specifies the observing interface index. The value of this parameter must be
the same as the value set in 3.4.2 Configuring a Local Observing Interface.
----End
3.4.5 Configuring a Traffic Policy

After the traffic classifier and the flow mirroring action are configured, bind the traffic classifier
and the traffic behavior to a traffic policy and apply the traffic policy to an interface.
Procedure
Step 1 Create a traffic policy.
1. Run:
system-view

2. Run:
traffic policy policy-name
A traffic policy is created and the traffic policy view is displayed.

3. Run:
classifier classifier-name behavior behavior-name
A traffic classifier is bound to a traffic behavior in the traffic policy.

classifier-name specifies the name of a traffic classifier and must be the same as the name
of a traffic classifier in 3.4.3 Configuring Complex Traffic Classification; behavior-
name specifies the name of a traffic behavior and must be the same as the name of a traffic
behavior in 3.4.4 Creating a Local Traffic Behavior.
4. Run:
quit
Quit the traffic policy view.

Step 2 Apply the traffic policy to an interface.
1. Run:
The mirrored interface view is displayed.

2. Run:
traffic-policy policy-name inbound
The traffic policy is applied to the flow mirrored interface.

NOTE
In flow mirroring, when a WAN-side interface is used as a mirrored interface, the AR2200-S supports
inter-board mirroring. When a LAN-side interface is used as a mirrored interface, the AR2200-S does not
support inter-board mirroring.
----End

After local flow mirroring is configured, check the observing interface and the configuration of
the traffic classifier, traffic behavior, and traffic policy.

Prerequisite
The configurations of local flow mirroring are complete.
Procedure
l Run the display observe-port command to check the observing interface in local port
mirroring.
l Run the display port-mirroring command to check the mirrored interface in local port
mirroring.
l Run the display traffic behavior user-defined [ behavior-name ] command to check the
configuration of the traffic behavior.
l Run the display traffic classifier user-defined [ classifier-name ] command to check the
configuration of the traffic classifier.
l Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ]
command to check the configuration of the traffic policy.
l Run the display traffic-policy policy-name applied-record command to check the
application of the traffic policy.
----End
3.5 Configuring Packet Capture Using Mirroring

This section describes how to configure packet capture using mirroring so that packets entering
the device interface can be displayed on the terminal or saved to the device.
Local port mirroring or local flow mirroring requires that an observing port needs to be directly
connected to a monitoring device. If the observing port is not directly connected to a mirroring
device, capture packets using mirroring to locate faults so that packets entering the device
interface can be displayed on the terminal or saved to the device.
If mirrored packets are saved to the device, log in to the device through FTP and download the
mirrored packets for analysis.
NOTE
l Currently, only incoming traffic can be captured using mirroring.

l Before using the capture-packet interface command again, wait until the last command execution is
complete.
l Packet capturing rate must be lower than 256 pps. If the traffic is heavy, some packets matching rules
may not be captured.
l Currently, the AR2200-S supports the following mirrored interfaces: Ethernet interface,
GigabitEthernet interface, ATM interface, Serial interface and Eth-trunk interface.
Ensuring that the interface link layer protocol status is Up and the storage memory is sufficient
for mirrored packets

Procedure
Step 1 Run:
system-view

Step 2 (Optional) Configure a numbered ACL. For details, see ACL Configuration in Configuration
Guide-Security.
NOTE
To capture mirrored packets matching an ACL, configure the ACL.
Step 3 Run:
capture-packet interface interface-type interface-number [ acl acl-number ]
destination { file file-name | terminal } * [ car cir cir-value | time-out time out
value | packet-num packet number | packet-len { packet length | total-packet ] *
Rules are defined to capture mirrored packets on the device and display the packet information
on the terminal.
----End
Example
After the configuration is complete, mirrored packets are displayed on the terminal or saved to
the device. If mirrored packets are saved to the device, download the mirrored packets for
analysis. The following shows information about mirrored packets displayed on the terminal:
Info: Captured packets will be showed on terminal.
[Huawei]
Packet: 1
-------------------------------------------------------
ff ff ff ff ff ff 00 e0 fc 01 00 08 08 06 00 01
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 2
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 3
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 4
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 5

-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 6
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 7
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 8
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 9
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 10
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 11
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 12
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0a 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00
-------------------------------------------------------
Packet: 13
-------------------------------------------------------
08 00 06 04 00 01 00 e0 fc 01 00 08 02 01 01 03
00 00 00 00 00 00 0b 01 01 01 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00

-------------------------------------------------------
------------------capture report-----------------------
file: NULL
interface: GigabitEthernet1/0/0
acl: 2000
car: 64pps timeout: 60s
packets: 100 (expected) 13 (actual)
length: 128 (expected)
-------------------------------------------------------

This section describes the networking requirements, configuration roadmap, and data
preparation for mirroring and provides the configuration examples.
3.6.1 Example for Configuring Local Port Mirroring

The local port mirroring function allows you to monitor the packets on a local device.
As shown in Figure 3-3, the R&D department and marketing department are connected to
Ethernet2/0/0 and Ethernet2/0/1 on the Router. The server (that is, the monitoring device) that
has the monitoring software installed is connected to Ethernet2/0/2 on the Router to analyze the
captured packets. To ensure information security, configure local port mirroring on the Router
to monitor all the packets sent by the R&D department and marketing department.
Figure 3-3 Networking diagram of local port mirroring
LSWA Eth2/0/0
R&D
department
Eth2/0/2
Router Server
Eth2/0/1
LSWB
Marketing
department
1. Configure Ethernet2/0/2 as a local observing interface.
2. Configure Ethernet2/0/0 and Ethernet2/0/1 as mirrored interfaces.

Data Preparation
l Type and number of the observing interface
l Type and number of the mirrored interface
l Index number of the observing interface, that is, 1
Procedure
Step 1 Configure an observing interface.
# Configure Ethernet2/0/2 on the Router as an observing interface.
[Huawei] observe-port 1 interface Ethernet 2/0/2
Step 2 Configure mirrored interfaces.

# Configure Ethernet2/0/0 on the Router as the local mirrored interface to monitor the packets
sent by the R&D department.
[Huawei] interface Ethernet 2/0/0
[Huawei-Ethernet2/0/0] port-mirroring to observe-port 1 inbound
[Huawei-Ethernet2/0/0] quit
# Configure Ethernet2/0/1 on the Router as the local mirrored interface to monitor the packets
sent by the marketing department.
[Huawei] interface Ethernet 2/0/1
[Huawei-Ethernet2/0/1] port-mirroring to observe-port 1 inbound
[Huawei] quit

# Check the configuration of the observing interface.
<Huawei> display observe-port
---------------------------------------------------------------------------
Index : 1
Interface: Ethernet2/0/2
Used : 2
---------------------------------------------------------------------------
# Check the configuration of mirrored interfaces.

<Huawei> display port-mirroring
----------------------------------------------------------------------
Mirror-port Direction Observe-port
----------------------------------------------------------------------
1 Ethernet2/0/0 Inbound Ethernet2/0/2
2 Ethernet2/0/1 Inbound Ethernet2/0/2
----------------------------------------------------------------------
# View the packet statistics on Ethernet2/0/0, Ethernet2/0/1, and Ethernet2/0/2. The number of
packets on Ethernet2/0/2 equals the sum of the numbers of packets on Ethernet2/0/0 and
Ethernet2/0/1. Alternatively, view all the packets received by Ethernet2/0/0 and Ethernet2/0/1
by using the server. Packets on Ethernet2/0/0 and Ethernet2/0/1 are mirrored by the Router.
<Huawei> display interface Ethernet 2/0/0
Ethernet2/0/0 current state : UP
Description:HUAWEI, AR Series, Ethernet2/0/0 Interface
Switch Port,The Maximum Frame Length is 1628

IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 10e0-1220-8001

Last physical up time : 2010-10-07 22:24:31 UTC-05:00
Last physical down time : 2010-10-05 22:22:22 UTC-05:00
Current system time: 2010-10-22 15:48:52-05:13
Port Mode: COMMON FIBER
Speed : 100, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : NORMAL
Last 300 seconds input rate 728 bits/sec, 0 packets/sec
Last 300 seconds output rate 32 bits/sec, 0 packets/sec
Input peak rate 13608 bits/sec,Record time: 2008-03-07 22:24:32
Output peak rate 528 bits/sec,Record time: 2008-03-07 22:24:34
Input: 62754 packets, 8937914 bytes

Unicast: 0, Multicast: 62754
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, DropEvents: 0
Alignments: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 6816 packets, 477120 bytes
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Buffers Purged: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0.01%
Output bandwidth utilization : 0.00%
Mdi : NORMAL

CRC: 0, Giants: 0

Buffers Purged: 0
Mdi : NORMAL

CRC: 0, Giants: 0
Buffers Purged: 0
----End
Configuration Files
l Configuration file of the Router
#
observe-port 1 interface Ethernet2/0/2
#
interface Ethernet2/0/0
port-mirroring to observe-port 1 inbound
#
port-mirroring to observe-port 1 inbound
#
return
3.6.2 Example for Configuring Local Flow Mirroring

With the local flow mirroring function, the AR2200-S can monitor the packets with the same
characteristics.

As shown in Figure 3-4, an enterprise's R&D department connects to the Router through
Ethernet2/0/0. A server with the monitoring software installed is connected to Ethernet2/0/1 on
the Router to analyze the captured packets. The enterprise needs to monitor all the IPv4 packets
sent from host 192.168.1.10/24 in the R&D department.
Figure 3-4 Local flow mirroring network
R&D Eth2/0/0 Eth2/0/1

department
Router Server
HostA
192.168.1.10/24
1. Configure Ethernet2/0/2 as the observing interface.
2. Create a traffic classifier to match the IPv4 packets with the source IP address
192.168.1.10/24.
3. Create a traffic behavior and bind it to the local flow mirroring action.
4. Create a traffic policy and bind it to the traffic classifier and traffic behavior.
5. Apply the traffic policy to Ethernet2/0/0.
Data Preparation
l Type and number of the observing interface
l Type and number of the mirrored interface
l Observing interface index, 1
l Traffic classifier, c1
l Traffic behavior, b1
l Traffic policy, p1
Procedure
Step 1 Configure the local observing interface.
# Configure Ethernet2/0/1 on the Router as the observing interface.
[Huawei] observe-port 1 interface Ethernet 2/0/1
Step 2 Configure the traffic classifier c1.

# Create IPv4 ACL 2000 on the Router to match the IPv4 packets with destination address
192.168.1.10.
[Huawei] acl number 2000
[Huawei-acl-basic-2000] rule permit source 192.168.1.10 0
[Huawei-acl-basic-2000] quit
# Create a traffic classifier named c1 and bind it to ACL 2000.

[Huawei] traffic classifier c1
[Huawei-classifier-c1] if-match acl 2000
[Huawei-classifier-c1] quit
Step 3 Create a traffic behavior named b1 and configure the local flow mirroring action in the traffic
behavior.
[Huawei] traffic behavior b1
[Huawei-behavior-b1] mirroring to observe-port 1
[Huawei-behavior-b1] quit
Step 4 Configure a traffic policy.

# Create a traffic policy named p1 on the Router, bind the traffic behavior and traffic classifier
to the traffic policy, and apply the traffic policy to the inbound direction of Ethernet2/0/0.
[Huawei] traffic policy p1
[Huawei-trafficpolicy-p1] classifier c1 behavior b1
[Huawei-trafficpolicy-p1] quit
[Huawei] interface Ethernet2/0/0
[Huawei-Ethernet2/0/0] traffic-policy p1 inbound

# View the traffic classifier configuration.
<Huawei> display traffic classifier user-defined c1
User Defined Classifier Information:
Classifier: c1
Operator: OR
Rule(s) : if-match acl 2000
# View the traffic policy configuration.

<Huawei> display traffic policy user-defined p1
User Defined Traffic Policy Information:
Policy: p1
Classifier: c1
Operator: OR
Behavior: b1
Mirroring to cpu
----End
Configuration Files
l Configuration file of the Router
#
observe-port 1 interface Ethernet
2/0/1
#
acl number 2000
rule 5 permit source 192.168.1.10
0
#
traffic classifier c1 operator
or

if-match acl
2000
#
traffic behavior
b1
mirroring to observe-port
1
#
traffic policy
p1
classifier c1 behavior
b1
#
traffic-policy p1
inbound
#
return

Configuration Guide - Device Management 4 Hardware Management
4 Hardware Management
About This Chapter
This chapter describes hardware management on the AR2200-S, including power on and power
off of boards, electronic label backup, and board reset.
4.1 Introduction to Hardware Management

Hardware management indicates the operations performed on hardware resources after the
hardware is installed. Hardware configurations include reset, backup, power on, and power off.
4.2 Hardware Management Supported by the AR2200-S
This section describes the hardware management operations supported by the AR2200-S.
4.3 Powering On and Off the Board
This section describes how to power on and off the board.
4.4 Backing Up Electronic Labels
This section describes how to back up electronic labels.
4.5 Setting Fan Speed
This section describes how to set fan speed.
4.6 Resetting the LPU
This section describes how to reset the LPU.

4.1 Introduction to Hardware Management

Hardware management indicates the operations performed on hardware resources after the
hardware is installed. Hardware configurations include reset, backup, power on, and power off.
Hardware configurations reduce the frequency at which hardware resources are plugged in and
pulled out or installed and uninstalled, which improves the reliability of hardware resources.
4.2 Hardware Management Supported by the AR2200-S

This section describes the hardware management operations supported by the AR2200-S.
The AR2200-S supports the following hardware operations:
l Powering on and powering off the board

l Backing up the electronic label
l Setting the rotating speed of a fan
l Resetting the LPU
4.3 Powering On and Off the Board

This section describes how to power on and off the board.

Before powering on or powering off a board, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This will help
you complete the configuration task quickly and accurately.
Application Environment
Powering on and off boards remotely reduces energy consumption and facilitates board
operations.
NOTE
The AR200-S boards are hot swappable. Therefore, you do not need to remotely power off boards before
hot swapping them.
Powering on the router
Data Preparation
To configure the commands for powering on or powering off the board, you need the following
data.

No. Data
1 Slot number of the board to be powered off
2 Slot number of the board to be powered on
4.3.2 Powering Off a Board

You can run a command to remotely power off a board.
Procedure
l Run the following command in any view:
power off slot slot-id
The board is powered off.
----End
4.3.3 Powering On a Board

You can run a command to remotely power on a board.
Procedure
Step 1 Run the following command in any view:
power on slot slot-id
The board is powered on.
----End

After a board is powered on or powered off, run the following commands to check the
configurations.
Context
Configuring power-on and power-off of the board is complete.
Procedure
Step 1 Run the display device [ slot slot-id ] command in any view to check the board status.
----End
Result
After boards are powered off, the power status is displayed as PowerOff. After boards are
powered on, the power status is displayed as PowerOn.

4.4 Backing Up Electronic Labels

This section describes how to back up electronic labels.

Before backing up electronic labels, familiarize yourself with the applicable environment,
Electronic labels play an important role in handling network faults and replacing hardware in
batches. Therefore, backing up electronic labels is a must.
l When a fault occurs on the network, you can obtain information on related hardware
conveniently and accurately and improve the efficiency of maintenance tasks by using
electronic labels. For example, you can run queries on the maintenance cases of the
knowledge base, the preparation of spare boards, and the tests of related indexes. In
addition, you can efficiently analyze and trace defects in the hardware by analyzing and
collecting statistics on the electronic labels of the faulty hardware.
l When you need to replace hardware in batches, you can accurately view the distribution of
hardware in the entire network through the electronic labels recorded in the archive systems
of clients' devices. In this manner, you can pre-estimate the impact of hardware replacement
and formulate corresponding policies to make batch hardware replacement more efficient.
Before backing up electronic labels, ensure that the AR2200-S and the FTP server are routable.
Data Preparation
To back up electronic labels, you need the following data.
No. Data
1 Name of the electronic label to be backed up
2 (Optional) Slot number of the electronic label
3 (Optional, applicable to backing up the electronic label to the FTP server) Address
of the FTP server, and user name and password
4 (Optional, applicable to backing up the electronic label to the TFTP server) Address
of the TFTP server
4.4.2 Backing Up Electronic Labels

The AR2200-S can back up electronic labels to the FTP server, TFTP server, flash memory, SD
card, or USB disk.

Procedure
l Back up electronic labels to the flash memory, SD card, or USB disk
1. Run:
backup elabel filename [ slot-id ]
Electronic labels are backed up to the flash memory, SD card, or USB disk.
This command can be run in any view.

l Back up electronic labels to an FTP server.
1. Run:
backup elabel ftp ftp-server-address filename username password [ slot-
id ]
Electronic labels are backed up to an FTP server.

l Back up electronic labels to a TFTP server.
1. Run:
backup elabel tftp tftp-server-address filename [ slot-id ]
Electronic labels are backed up to a TFTP server.
----End
4.5 Setting Fan Speed

This section describes how to set fan speed.

Before adjusting fan speed, familiarize yourself with the applicable environment, complete the
pre-configuration tasks, and obtain the required data. This will help you complete the
configuration task quickly and accurately.
When fan speed does not adapt to the current application environment of the device, you can
adjust the fan speed.
Data Preparation
To set fan speed, you need the following data.
No. Data
1 Slot number of the fan module and expected fan speed

4.5.2 Setting Fan Speed

You can adjust the fan speed.
Context
Check the upper and lower thresholds of board temperature and current temperature of boards
using the display temperature { all | slot slot-id } command. If the temperature of a board
exceeds the upper threshold, adjust the fan speed on the AR2200-S.
Procedure
Step 1 Run:
system-view
Step 2 Run:
set fan-speed fan slot-id percent percent
Fan speed is set.
By default, fans run in automatic mode. In this mode, the system changes the fan speed when
detecting that the board temperature increases or decreases. The automatic mode reduces noises
and saves energy without affecting normal system running.
You can manually change the fan speed. By default, only users of level 2 and level 3 can run
the set fan-speed command to set the fan speed.
NOTE
If several fans are installed on a fan tray, all fans run at the configured speed after you run the set fan-
speed command.
----End

After fan speed is set, you can check the configurations.
Context
Adjusting fan speed is complete.
Procedure
l Run the display fan command to check the status, running mode, and speed of the fan.
----End
4.6 Resetting the LPU

This section describes how to reset the LPU.


Before resetting an LPU, familiarize yourself with the applicable environment, complete the
pre-configuration tasks, and obtain the required data. This will help you complete the
configuration task quickly and accurately.
When the LPU fails to be upgraded or fails to work normally, you need to reset the LPU.
Data Preparation
To reset the LPU, you need the following data.
No. Data
1 Slot number of the LPU to be reset
4.6.2 Resetting the LPU

When an LPU fails to be upgraded or fails to work normally, you need to reset the LPU.
Context
CAUTION
When the LPU works abnormally, try to find and remove the fault rather than resetting the LPU
directly to avoid service interruption.
Procedure
Step 1 Run:
reset slot slot-id
The LPU in the specified slot is reset.
----End

After an LPU is reset, you can check the LPU status and resetting cause.
Context
Resetting the LPU is complete.

Procedure
l Run the display device command to check the LPU status.
l Run the display reset-reason [ slot slot-id ] command to check the reason for resetting the
LPU.
----End

Configuration Guide - Device Management 5 Auto-Config
5 Auto-Config
About This Chapter
This chapter describes the concept, working mechanism, and deployment of Auto-Config.
5.1 Auto-Config Overview

This section describes the functions and advantages of Auto-Config.
5.2 Auto-Config Features Supported by the AR2200-S
This section describes the intermediate file, Option parameters, and process of Auto-Config
supported by the AR2200-S.
5.3 Deploying Unconfigured Routers
This section describes how to deploy unconfigured Routers.
This section provides examples for configuring Auto-Config, including networking
requirements, configuration notes, and configuration roadmap.

5.1 Auto-Config Overview

This section describes the functions and advantages of Auto-Config.
Auto-Config Functions
When a new or unconfigured router is powered on, a version file, patch file, and configuration
file must be loaded to the router. If routers are located dispersedly, the maintenance personnel
have to manually configure each router, which requires a heavy workload. The Auto-Config
function implements remote device configuration and reduces maintenance costs. The routers
running Auto-Config automatically downloads version file, patch file, and configuration file.
Auto-Config Advantages
Maintenance personnel do not need to manually configure each device. Auto-Config simplifies
network configurations and implements unified management and remote debugging on routers.
5.2 Auto-Config Features Supported by the AR2200-S

This section describes the intermediate file, Option parameters, and process of Auto-Config
supported by the AR2200-S.
NOTE
Auto-Config deployment and USB deployment are mutually exclusive.
Intermediate File
The intermediate file arnet.ini is used in the Auto-Config process. The intermediate file records
the mappings between the router's MAC address (or ESN) and system software name, version
number, patch file name, and configuration file name. If the version file, patch file, and
configuration file are stored on the FTP or TFTP server, its system software name extension
must be .cc, the patch file name extension must be .pat, and the configuration file name extension
must be .zip or .cfg. After the router obtains the IP address of the FTP or TFTP server, it
downloads the file arnet.ini from the FTP or TFTP server to search for the names of the required
system software, version number, patch file, and configuration file, and then downloads files
from the FTP or TFTP server.
NOTE
Auto-Config uses Option 67 to obtain the configuration file first. If Option 67 is not configured, Auto-
Config obtains the intermediate file.
Each row in the intermediate file describes a device. The intermediate file contains information about a
maximum of 1000 devices.
For example, if the MAC address of an AR2200-S is 0018-82C5-AA89, the ESN is

9300070123456789, the system software name is auto_V200R001C00.cc, the version is
V200R001C00, the patch file is auto_V200R001C00.pat, and the configuration file is
auto_V200R001C00.cfg, the contents of the intermediate file arnet.ini are as follows:
MAC=0018-82C5-
AA89;ESN=9300070123456789;vrpfile=auto_V200R001C00.cc;vrpver=V200R001C00;patchfile
=auto_V200R001C00.pat;cfgfile=auto_V200R001C00.cfg;

NOTE
l When configuring the intermediate file, enter the MAC address and ESN, or either of them. The
configuration file is mandatory, and the version file and patch file are optional. The three files can be
configured in any sequence.
l A MAC address (or an ESN), a system software name, patch file name, and configuration file name
are separated by semicolons. A MAC address is in xxxx-xxxx-xxxx-xxxx or xx-xx-xx-xx format. The
file name is case insensitive and contains only letters, digits, and underscores.
l The system software name and version information must be available in the intermediate file, and
version information in the system software name must be the same as that in the intermediate file.
Version information must be contained in the system software.
Auto-Config Process
Figure 5-1 shows the Auto-Config process.

Figure 5-1 Auto-Config process

Auto-Config starts
DHCP Request
packets are sent
periodically
Are No
DHCP Reply
Packets
received?
Yes
Are
DHCP Reply No
packets
valid?
Yes
Parse Option
parameters
Is there
Yes Configure the ACS
ACS Option
information?
No
Is there
Obtain and parse the No Option
information about End
intermediate file the configuration
file?
Yes
Are there
the version file No No Obtain a configuration
name and Is there patch file
version information? file
information?
Yes Is the No
Yes configuration file
Can a obtained?
Does the No patch file be No
device need to be downloaded to Yes
upgraded? the device? Set it as the
configuration file for
Yes Yes next startup
Obtain a version file Obtain a patch file
Start a timer to set the
delay in restarting the
Is the device
version file No Is the patch No
obtained? file obtained?
The timer expires, and
Yes Yes the device is restarted
Set it as the version Set it as the patch file
file for next startup for next startup End

The Auto-Config process involves three phases:

l Parsing Options
1. Obtain the IP address and configuration of the FTP or TFTP server.
A router automatically enables the DHCP client function on the uplink Ethernet
interface in Up state, and broadcasts DHCP Request packets (assuming that an IP
address pool, Option parameters, and gateway information have been configured on
the DHCP server). Then the DHCP server sends the related configurations to the
router, including the IP address assigned to the router, IP address of the FTP or TFTP
server, FTP user name and password, and default gateway address.
If no DHCP Reply packet is received or the received DHCP Reply packet is invalid,
a DHCP Request packet is sent every 5 minutes. After 24 hours, a DHCP Request
packet is sent every hour.
2. Parse Option parameters.
a. If the received DHCP Reply packet contains Option 43, ACS information needs
to be configured. After the basic ACS configuration is complete, the Auto-Config
process ends, and Auto-Config is suspended to wait for ACS deployment.
b. If the received DHCP Reply packet does not contain Option 67, the intermediate
file needs to be obtained. Then the router downloads the intermediate file
arnet.ini from the FTP or TFTP server and obtains information about the files
to be downloaded from the intermediate file. Subsequently, the process of
obtaining files is started.
c. If the received DHCP Reply packet contains Option 67, the process of obtaining
files is started.
l Obtaining files
1. (Optional) Download a system software.
If the space is insufficient, delete version files from the file system according to the
setting of Option 146.
After a system software is downloaded successfully, it is automatically set as the
system software for the next startup.
If the system software fails to be obtained, it is downloaded once every 30 minutes.
If it cannot be obtained after 3 days, it is downloaded once every 2 hours. If it cannot
be obtained after 30 days, the process of downloading the system software stops and
waits to be handled manually.
2. (Optional) Download a patch file.
After the patch file is downloaded successfully, it is automatically set as the patch file
for the next startup.
If the patch file fails to be obtained, it is downloaded once every 30 minutes. If it
cannot be obtained after 3 days, it is downloaded once every 2 hours. If it cannot be
obtained after 30 days, the process of downloading the patch file stops and waits to
be handled manually.
3. Download a configuration file.
After the configuration file is downloaded successfully, it is automatically set as the
configuration file for the next startup.
If the configuration file fails to be obtained, it is downloaded once every 30 minutes.
If it cannot be obtained after 3 days, it is downloaded once every 2 hours. If it cannot

be obtained after 30 days, the process of downloading the configuration file stops and
waits to be handled manually.
l Restarting the router
After the configuration file is downloaded successfully, the router is restarted according to
the setting of Option 146. If no Option 146 is configured, the router is restarted immediately
after the configuration file is downloaded.
Option Parameters
Table 5-1 Option parameters

Option Description
Option 6 IP address of a DNS server.
Option 15 DNS domain name.
Option 43 l sub-option 1: ACS URL in the following format:

URL=URL_INFO;
For example:
URL=http://192.168.1.40:80/acs;
l sub-option 2: ACS user name and password, in the following format:

username=USERNAME;password=PASSWORD;
Option 66 TFTP server name.
Option 67 Configuration file information.
Option 141 FTP user name.
Option 142 FTP password.
Option 143 IP address of an FTP server.
Option 145 Non-configuration file information, such as system software information,

version information and patch file information, in the following format:
vrpfile=VRPFILENAME;vrpver=VRPVERSION;patchfile=PATCHFILENAME;
For example:
vrpfile=auto_V200R001C00.cc;vrpver=V200R001C00;patchfile=auto_
V200R001C00.pat;
NOTE
Version information must be contained in the system software.

Option Description
Option 146 Operation information in the following format:

opervalue=OPERATEVALUE;delaytime=DELAYTIME;
l opervalue=0: indicates that no file will be deleted from the file system
when the space is insufficient. opervalue=1: indicates that version
files will be deleted from the file system when the space is insufficient.
By default, no file will be deleted from the file system when the space
is insufficient.
l delaytime: specifies the delay in restarting a device after a
configuration file is downloaded to the device, in seconds. By default,
the delay is 0 seconds.
NOTE
The maximum delay in restarting a device is 1 day. If the configured delay is longer
than 1 day, the actual delay is 1 day.
Option 147 Authentication information. Option 147 is optional. If Option 147 is

required, it must be configured as AutoConfig.
Option 150 IP address of a TFTP server.
NOTE
You can use the following methods to configure an FTP or TFTP server:
l To configure a TFTP server, configure Options 6, 15, and 66 and obtain a TFTP server address from
a DNS server.
l To configure a TFTP server, configure Option 150 and obtain the TFTP server address.
l To configure an FTP server, configure Options 141, 142, and 143 and obtain the TFTP user name,
FTP password, and FTP server address.
5.3 Deploying Unconfigured Routers

This section describes how to deploy unconfigured Routers.

Before deploying routers, familiarize yourself with the applicable environment, complete the
pre-configuration tasks, and obtain the data required for the configuration. This will help you
complete the configuration task quickly and accurately.
As shown in Figure 5-2, the physical link between the router and DHCP relay agent functions
properly, and there are reachable routes between the DHCP relay agent and servers. The
intermediate file, version file, and configuration file are stored on the FTP/TFTP server. After
the DHCP server and FTP/TFTP server are configured, routers can be configured by using Auto-
Config.

NOTE
Only Layer 3 Ethernet interfaces on the main control board support Auto-Config.
If the received DHCP Reply packet contains Option 43, the auto-configuration server (ACS) is used for
deployment.
Figure 5-2 Auto-Config application

DNS Server
FTP/TFTP Server
GE0/0/1
LAN IP network
CPE DHCP Relay DHCP Server
ACS Server
Before deploying routers, complete the following task:
l Ensuring that physical links between routers and the DHCP server and FTP/TFTP server
work properly
Data Preparation
To deploy routers, you need the following data.
N Data
o.
1 Information about the interface that connects an AR2200-S to the DHCP server
2 Address pool of the DHCP server
3 IP address range and mask of the DHCP server
4 Egress gateway of routers
5 Option parameters of the DHCP server

N Data
o.
6 Authentication information, authorization mode, and working directory of the FTP/

TFTP server (optional)
7 IP address of the FTP/TFTP server
8 MAC addresses or ESNs of routers, version files (optional), patch files (optional), and
configuration files
5.3.2 Configuring the DHCP Server

Routers obtain IP addresses and option parameters after the DHCP server is configured.
Context
After a new AR2200-S or an unconfigured AR2200-S is powered on, the Auto-Config process
starts automatically.
To stop the Auto-Config process, use either of the following methods:

l Run the undo autoconfig enable command in the system view. You can run the display
autoconfig-status command to check whether the Auto-Config process stops.
l Run the save command in the system view to save the temporary configuration file, restart
the AR2200-S, and then perform configurations.
When you connect to the console port of an AR2200-S that does not have a startup configuration
file, the system displays "Warning: Auto-Config is working. Do you want to stop Auto-Config?
[y/n]:"
l To continue Auto-Config, enter n and press Enter.
l To stop Auto-Config, choose y and press Enter.
CAUTION
If you choose n but still perform configurations through the console port, the DHCP,
routing, DNS, and VTY configurations will be lost.
Before powering on the Auto-Config-enabled routers, configure the DHCP server and file server;
otherwise, the routers cannot obtain configuration files.
NOTE
l The DHCP server must be configured with option parameters by referring to 5.2 Auto-Config Features
Supported by the AR2200-S.
l Here, an AR is used to describe how to configure the DHCP server based on a global address pool.
When the AR functions as a DHCP server, configure the DHCP server by referring to Configuring a
DHCP Server Based on a Global Addrss Poolor Configuring a DHCP Server Based on an Interface
Address Pool.
l If routers and the DHCP server are on different network segments, configure a DHCP relay agent by
referring to Configuring a DHCP Relay Agent.

Procedure
Step 1 Run:
system-view
Step 2 Run:
dhcp enable
DHCP is enabled.
Step 3 Run:
Step 4 Run:
ip address ip address { mask | mask-length }
The IP address is configured for the interface.
Step 5 Run:
dhcp select global
The interface is configured to use a global address pool. Users going online through this interface
can obtain IP addresses from the global address pool.
Step 6 Run:
quit
Return to the system view.
Step 7 Run:
ip pool ip-pool-name
The global address pool view is displayed.
By default, no global address pool exists on an AR2200-S.
Step 8 Run:
network ip-address [ mask { mask | mask-length } ]
The range of IP addresses that can be dynamically allocated is configured.
Step 9 Run:
gateway-list ip-address &<1-8>
The IP address of the egress gateway is configured for the DHCP client.
Step 10 Run:
option code { ascii ascii-string | hex hex-string | ip-address ip-address &<1-8> }
Option parameters of the DHCP server are configured.
If Option 67 is not configured, the process of obtaining the intermediate file is started.

NOTE
Pay attention to the following points when configuring option parameters:

l When the configuration file is obtained using TFTP, the DHCP server must support Option 150 or
support Option 6, Option 15, and Option 66.
l When the configuration file is obtained using FTP, the DHCP server must support Option 141, Option
142, and Option 143.
l When option parameters of TFTP and FTP are both set on the DHCP server, the FTP mode is preferred.
----End
5.3.3 Configuring the FTP/TFTP Server

Routers obtain configuration files after the FTP/TFTP server is configured.
Context
NOTE
l On an FTP server, the IP address must be the same as that contained in Option 143 configured on the
DHCP server. On a TFTP server, the IP address must be the same as that contained in Option 150 or
Option 6, 15, and 66 configured on the DHCP server.
Procedure
Step 1 Run:
system-view

Step 2 Run:
ftp server enable
The FTP server is enabled.
NOTE
After the DHCP client obtains configuration files from the FTP server, run the undo ftp server command
to disable the FTP server immediately to ensure FTP server security.
Step 3 (Optional) Configure the authentication information, authorization mode, and working directory
for FTP users.
1. For TACACS authentication users:
l Run:
set default ftp-directory directory
The default FTP working directory is configured.

2. For AAA authentication users:
l Run:
aaa
The AAA view is displayed.

l Run:
local-user user-name password { simple | cipher } password
The local user name and password are configured.

l Run:

local-user user-name service-type ftp
The service type is set to FTP.

l Run:
local-user user-name ftp-directory directory
The directory is configured for FTP users.
Step 4 Run:
Step 5 Run:
ip address ip address { mask | mask-length }
The IP address of the FTP server is configured.
NOTE
The IP address of the FTP server must be the same as that contained in Option 143 configured on the DHCP
server.
Step 6 (Optional) Create and configure an intermediate file.

NOTE
The configuration file is obtained using Option 67 in the Auto-Config process. If Option 67 is not
configured, the process of obtaining the intermediate file is started.
The intermediate file is configured based on the MAC addresses or ESNs of routers, version
files, patch files, and configuration files. For details about the format of the intermediate file,
see 5.2 Auto-Config Features Supported by the AR2200-S.
1. Create a .txt file and name it arnet.ini.

2. Configure the intermediate file. For example, if the MAC address of an AR3200 is
0018-82C5-AA89 and the ESN is 9300070123456789, the version file name is
auto_V200R001C01.cc, the version number is V200R001C01, the patch file name is
auto_V200R001C01.pat, the configuration file name is auto_V200R001C01.cfg,and the
contents of the intermediate file arnet.ini are as follows:
MAC=0018-82C5-
AA89;ESN=9300070123456789;vrpfile=auto_V200R001C01.cc;vrpver=V200R001C01
;patchfile=auto_V200R001C01.pat;cfgfile=auto_V200R001C01.cfg;
Step 7 Save the intermediate file, version file, patch file, and configuration file to the working directory
on the FTP server.
----End

You can view the configuration in different phases of the Auto-Config process to check whether
Auto-Config runs properly.
Prerequisite
The configurations of the DHCP server and FTP/TFTP server are complete.

Procedure
Step 1 Five minutes after routers are powered on, check address allocation on the DHCP server to check
whether the routers are connected to the DHCP server.
NOTE
If the routers are connected to the DHCP server, log in to the routers using Telnet but do not configure the
routers.
Step 2 Five minutes after the routers obtain IP addresses, check the log about file downloading from
the FTP/TFTP server, or log in to the routers to check whether correct version files, patch files,
and configuration files have been downloaded and check the running status of Auto-Config by
using the display autoconfig-status command.
NOTE
Do not save a configuration file to a router to be configured immediately after the configuration file is
downloaded; otherwise, only a temporary configuration file is saved because the configurations have not
taken effect.
Step 3 After correct files are downloaded to the routers, the routers are restarted according to the setting
of Option 146. You can run the display autoconfig activating-config { delay | remanent-
time } command to check whether the configuration takes effect.
----End

This section provides examples for configuring Auto-Config, including networking
requirements, configuration notes, and configuration roadmap.
5.4.1 Example for Configuring the Auto-Config Function

This section describes how to configure Auto-Config so that users can automatically load the
configuration file, version file, and patch file.
When a new router or a non-configured router accesses the network, the configuration file,
version file, and patch file are required to be configured. To reduce the maintenance cost, the
router uses the Auto-Config function to automatically load the configuration file, version file,
and patch file. The router then can be managed remotely.
As shown in Figure 5-3, the AR2200-S connects to the DHCP server through GE0/0/1 and
supports the Auto-Config function. The AR2200-S can automatically load the configuration file,
version file, and patch file stored on the FTP server after the FTP server and DHCP server are
configured.

Figure 5-3 Networking diagram for configuring the Auto-Config function
HostA
Eth1/0/0 Eth1/0/0
192.168.2.6/24 192.168.1.6/24
GE0/0/1
Router
HostB DHCP Server FTP Server
HostC
1. Configure the DHCP server so that a router can obtain IP addresses and option parameters.
2. Configure an intermediate file.
3. Configure the IP address of the FTP server.
4. Save the intermediate file, version file, patch file, and configuration file to the working
directory on the FTP server.
NOTE
This example describes how to configure the Auto-Config function on an AR2200-S. Option 67 is specified
to carry the configuration file when the DHCP server is configured.
Data Preparation
l GE0/0/1 used to connect the AR2200-S to the DHCP server
l DHCP server information:
– Downlink interface Eth1/0/0 connected to the router
– IP address: 192.168.2.6/24
– Address pool: 192.168.2.0/24
– Option 67 (configuration file): auto_V200R002C00B002.cfg
– Option 141 (FTP user name): user
– Option 142 (FTP password): huawei
– Option 143 (FTP server address): 192.168.1.6
– Option 145 (non-configuration file):
vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfile=auto_V2
00R002C00B002.pat;
l Egress gateway's IP address 192.168.2.6 and MAC address 0018-82C5-AA89
l FTP server's IP address: 192.168.1.6/24

Procedure
Step 1 Configure the DHCP server.
<DHCP Server> system-view
[DHCP Server] dhcp enable
[DHCP Server] interface ethernet 1/0/0
[DHCP Server-Ethernet1/0/0] ip address 192.168.2.6 255.255.255.0
[DHCP Server-Ethernet1/0/0] dhcp select global
[DHCP Server-Ethernet1/0/0] quit
[DHCP Server] ip pool auto-config
[DHCP Server] network 192.168.2.0 mask 255.255.255.0
[DHCP Server] gateway-list 192.168.2.6
[DHCP Server] option 67 ascii auto_V200R002C00B002.cfg
[DHCP Server] option 141 ascii user
[DHCP Server] option 142 ascii huawei
[DHCP Server] option 143 ip-address 192.168.1.6
[DHCP Server] option 145 ascii
vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfile=auto_V200R002C00B
002.pat;
Step 2 Configure the FTP server.
Set the IP address of the FTP server to 192.168.1.6, configure the authorization mode and
working directory for FTP users, and save the version file, patch file, and configuration file to
the working directory on the FTP server. For details, see the configuration file.
Five minutes after the router is powered on, run the display ip pool name auto-config command
on the DHCP server to check address allocation of the auto-config address pool.
<DHCP Server> display ip pool name auto-config
Pool-name : auto-config
Pool-No : 0
Lease : 1 Days 0 Hours 0 Minutes
Domain-name : -
Option-code : 67
Option-subcode : --
Option-type : ascii
Option-value : auto_V200R002C00B002.cfg
Option-code : 141
Option-subcode : --
Option-type : ascii
Option-value : user
Option-code : 142
Option-subcode : --
Option-type : ascii
Option-value : huawei
Option-code : 143
Option-subcode : --
Option-type : ip-
address
Option-value : 192.168.1.6
Option-code : 145
Option-subcode : --
Option-type : ascii
Option-value : vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchf
ile=auto_V200R002C00B002.pat;
DNS-server0 : -
NBNS-server0 : -
Netbios-type : -
Position : Local Status : Unlocked
Gateway-0 : 192.168.2.6
Mask : 255.255.255.0
VPN instance : --
-----------------------------------------------------------------------------
Start End Total Used Idle(Expired) Conflict Disable

-----------------------------------------------------------------------------
192.168.2.1 192.168.2.254 253 1 252 0 0 0
-----------------------------------------------------------------------------
Five minutes after the router obtains the IP address, run the display autoconfig-status command
to check whether correct version files, patch files, and configuration files have been downloaded
and check the running status of Auto-Config.
<AR2200-S> display autoconfig-status
Running: Yes
Can deploy configurations with a USB disk:

No
Stop : No
Reason : --
Suspend: Yes
Reason : The unknown reason cause getting
fil
The status of DHCP phase:

Operation result: Successful
Failed reason : --
The status of setting ACS phase:

URL : --
User name : --
Password : --
Operation result: --
Failed reason : --
The status of getting middle file phase:

File name : --
Failed reason : --
The status of getting system software phase:

File name : auto_V200R002C00B001.cc
Operation result: Suspend
Failed reason : The unknown reason cause getting file from file server failed
The status of getting patch file phase:

File name : auto_V200R002C00B002.pat
Failed reason : --
The status of getting configuration file phase:

File name : auto_V200R002C00B002.cfg
Failed reason : --
The status of activating configuration phase:

Remained time : --
Failed reason : --
----End
Configuration Files
Configuration file of the DHCP server
#
dhcp enable
#
ip pool auto-config
gateway-list 192.168.2.6

network 192.168.2.0 mask 255.255.255.0

option 67 ascii auto_V200R002C00B002.cfg
option 141 ascii user
option 142 ascii huawei
option 143 ip-address 192.168.1.6
option 145 ascii vrpfile=auto_V200R002C00B001.cc;vrpver=V200R002C00B001;patchfi
le=auto_V200R002C00B002.pat;
#
ip address 192.168.2.6 255.255.255.0
dhcp select global
Configuration file of the FTP server

#
ftp server enable
#
aaa
local-user user1 password simple huawei
local-user user1 ftp-directory flash:/
local-user user1 service-type ftp
#
ip address 192.168.1.6 255.255.255.0
#


Configuration Guide - Device Management (V200R001C01 - 01) PDF

Uploaded by

Copyright:

Available Formats

Configuration Guide - Device Management (V200R001C01 - 01) PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Configuration Guide - Device Management (V200R001C01 - 01) PDF

Uploaded by

Copyright:

Available Formats

Huawei AR2200-S Series Enterprise Routers

Configuration Guide - Device

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 01 (2012-01-06) Huawei Proprietary and Confidential i

About This Document

This document describes how to configure the device management feature.

This document is intended for:

l Data configuration engineers

Indicates a hazard with a high level of risk, which if not

Indicates a hazard with a medium or low level of risk, which

Indicates a potentially hazardous situation, which if not

NOTE Provides additional information to emphasize or supplement

Issue 01 (2012-01-06) Huawei Proprietary and Confidential ii

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by

[ x | y | ... ] Optional items are grouped in brackets and separated by

{ x | y | ... }* Optional items are grouped in braces and separated by

[ x | y | ... ]* Optional items are grouped in brackets and separated by

# A line starting with the # sign is comments.

Interface Numbering Conventions

Changes in Issue 01 (2012-01-06)

Issue 01 (2012-01-06) Huawei Proprietary and Confidential iii

About This Document.....................................................................................................................ii

2 Information Center Configuration.............................................................................................8

Issue 01 (2012-01-06) Huawei Proprietary and Confidential iv

2.4.1 Establishing the Configuration Task.......................................................................................................23

Issue 01 (2012-01-06) Huawei Proprietary and Confidential v

3.6.1 Example for Configuring Local Port Mirroring......................................................................................61

Issue 01 (2012-01-06) Huawei Proprietary and Confidential vi

1 Displaying the Device Status

About This Chapter

1.1 Display Commands

Issue 01 (2012-01-06) Huawei Proprietary and Confidential 1

1.1 Display Commands

Table 1-1 Common display commands

display device Displays information about the AR2200-S.

display version Displays the version and boards information of the

display this Displays valid configurations in the current view.

display diagnostic-information Collects information about the AR2200-S when a fault

display this interface Displays the current status of the interface.

1.2 Displaying the AR2200-S Status

1.2.1 Displaying AR2200-S Information

Issue 01 (2012-01-06) Huawei Proprietary and Confidential 2

Component information is displayed.

1.2.2 Displaying Versions

Version information is displayed.

1.2.3 Displaying Power Information

The power status is displayed.

Power information is displayed.

1.2.4 Displaying Temperature

Issue 01 (2012-01-06) Huawei Proprietary and Confidential 3

Board temperature is displayed.

1.2.5 Viewing Fan Status

Fan status is displayed.

Fan module temperature is displayed.