H3C MSR 20-30-50 User Guide
H3C MSR 20-30-50 User Guide
H3C MSR 20-30-50 User Guide
00)
MSR 20-20 MSR 20-21 MSR 20-40 MSR 30-11 MSR 30-16 MSR 30-20 MSR 30-40 MSR 30-60 MSR 50-40 MSR 50-60
Copyright 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation. 3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time. If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you. UNITED STATES GOVERNMENT LEGEND If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following: All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as Commercial Computer Software as defined in DFARS 252.227-7014 (June 1995) or as a commercial item as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Coms standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide. Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries. 3Com and the 3Com logo are registered trademarks of 3Com Corporation. H3C, , Aolynk, , H3Care, , TOP G, , IRF, NetPilot, Neocean, NeoVTL, SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V2G, VnG, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd., a 3Com company. All other trademarks that may be mentioned in this manual are the property of their respective owners. ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to: Establishing environmental performance standards that comply with national legislation and regulations. Conserving energy, materials and natural resources in all operations. Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental standards. Maximizing the recyclable and reusable content of all products. Ensuring that all products can be recycled, reused and disposed of safely. Ensuring that all products are labelled according to recognized environmental standards. Improving our environmental record on a continual basis. End of Life Statement 3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components. Regulated Materials Statement 3Com products do not contain any hazardous or ozone-depleting material. Environmental Statement about the Documentation The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.
CONTENTS
INTRODUCTION
Volume Introduction 7
FEATURE DESCRIPTION
Overview 9 Functional Modules Index of Basic 9 Functional Modules Index of Standard Feature Description 11
10
4 5
50
You can get a brief idea of the contents of this manual by reading the following:
Feature Description on page 9: Introduces the main features of each module presented in this manual. Logging onto MSR Series Routers on page 29: Helps you know about the user interfaces supported on the MSR series routers and how to log on or telnet through the Console port or the Ethernet interface. Registering the Software on page 35: Introduces the registration methods of the MSR series routers. Software Maintenance on page 37: Introduces software upgrade and maintenance method of the router and how to deal with password loss, helping you familiar with software upgrade and configuration file maintenance in all modes. Slot Position of H3C MSR Series Routers on page 59: Helps you finding the slot position with a diagram when you are maintaining the router.
n
Conventions
Always download the release notes for your product from the 3Com World Wide Web site and check for the latest updates to software and product documentation: http://www.3Com.com
Table 1 lists icon conventions that are used throughout this guide.
Table 1 Notice Icons
Icon Notice Type Description Information that describes important features or instructions. Information that alerts you to potential loss of data or potential damage to an application, system, or device. Information that alerts you to potential personal injury.
n c w
Information note
Caution
Warning
Table 2 lists text conventions that are used throughout this guide.
Table 2 Text Conventions
Convention Screen displays Description This typeface represents information as it appears on the screen.
Words in italics
Related Documentation
The following manuals offer additional information necessary for managing your MSR 20/30/50 Series routers:
H3C MSR 20/30/50 Series Routers Installation Manuals Covers setting up and initializing your router. H3C MSR 20/30/50 Series Routers Configuration Guide Describes how to operate the router. It includes sections about getting started, system management, interface, link layer protocol, network protocol, routing protocol, multicast protocol, security, VPN, reliability, QoS, dial-up and VoIP, as well as acronyms used in the manual. H3C MSR 20/30/50 Series Routers Command Reference Guide Provides a detailed description of the operating commands. It includes sections about getting started, system management, interface, link layer protocol, network protocol, routing protocol, multicast protocol, security, VPN, reliability, QoS, dial-up and VoIP, as well as a command index. H3C MSR 20/30/50 Series Routers Interface Card and Interface Module Manual Covers the pinouts, function, interface attributes, panels, and LEDs of all interface cards and modules available with the router. LMR Series Routers Cable Manual Describes the pinouts of the cables available for LMR series routers. Release Notes Contains the latest information about your product. If information in this guide differs from information in the release notes, use the information in the Release Notes. For configuration examples of H3C MSR 20/30/50 Series Routers, visit website of H3C. Log onto http://www.h3c.com to get the latest version of the product manuals.
1
Volume Introduction
INTRODUCTION
Softwares on MSR series routers fall into two versions: basic and standard. You can find lists of features supported on the two versions and the corresponding volumes of protocols or features you are interested in through feature indexes for these two versions respectively.
Access Volume on page 11: Configuration of interfaces and link layer protocols supported on the router IP Services Volume on page 14: Configuration of IP-related features such as IP address, ARP, DNS, DHCP, IP performance, IP Unicast Routing, ACL, IPv6 Basics, NAT-PT and IPv6 over IPv4 Tunnel IP Routing Volume on page 16: Configuration of routing protocols such as static route, RIP, RIPng, OSPF, OSPFv3, IS-IS, BGP, BGP4+ and routing policy IP Multicast Volume on page 17: Configuration of IP multicast protocols such as IGMP, PIM, MSDP, multicast policy and MLD MPLS&VPN Volume on page 19: Configuration of MPLS and VPN related protocols such as MPLS, MPLS TE, GRE, BGP/MPLS IP VPN, MPLS L2VPN and VPLS QoS Volume on page 20: Configuration of QoS related protocols and features supported on the router, such as traffic classification, policing, and shaping, QoS policy, congestion management, priority mapping, congestion avoidance, MPLS QoS, DAR and Frame Relay QoS Security Volume on page 21: Configuration of security protocols such as AAA, user management, firewall, NAT, IPSec, IKE, RADIUS, HWTACACS and PORTAL System Volume on page 23: Configuration of system-related protocols and features such as basic system configuration, user login, file system management, system maintenance, NTP, SNMP, RMON, backup center, VRRP, NQA and MAC address table management IPX Volume on page 26: Configuration of IPX protocol supported on the router Voice Volume on page 26: Configuration of VoIP-related protocols and features such as H.323, SIP, FoIP, and dial policy
CHAPTER 1: INTRODUCTION
2
Overview
FEATURE DESCRIPTION
H3C MSR Series Routers can be divided into three series: MSR 20, MSR 30 and MSR 50, which are positioned in ascending order. MSR 20 and MSR 30 series can be used as the edge access equipment of large networks or carrier networks, and the core of branches or small businesses; MSR 50 series can be used as the core of large and medium-sized enterprise networks as well as the edge/aggregation access equipment of large networks or carrier networks.
Fast Forwarding IPv6 Basics IP Routing Volume on page 16 IP Multicast Volume on page 17 IP Routing Overview Routing Policy Multicast Overview PIM BGP Static Routing Multicast Routing and Forwarding IPv6 Multicast Routing and Forwarding L2TP
GRE
10
Information Center
IPv6 Unicast Policy Terminal Access Routing IS-IS Static Routing IPv6 RIPng IGMP MLD OSPF IPv6 BGP IPv6 Static Routing MSDP IPv6 PIM
Multicast VPN MPLS&VPN Volume on page 19 MPLS Basics DVPN MPLS L2VPN L2TP MPLS L3VPN
Feature Description
11
QoS Volume QoS on page 20 Security Volume on page 21 802.1x NAT ACL System Volume on page 23 GR NQA SNMP AAA RADIUS HWTACACS PKI IPSec Backup Center Automatic Configuration File System Management User Interface Firewall PORTAL SSH2.0 VRRP NTP System Maintaining and Debugging MAC Address Table Management ACFP MAC Authentication Rsh SSL Device Management RMON Basic System Configuration NetStream
Information Center PoE Track IPX Volume on page 26 Voice Volume on page 26 IPX Voice Overview Fax over IP Voice RADIUS
OAP Module1
ACSEI
E1 and T1 VoFR
1 Note that in some regions, the OAP module is sold as the OSM module. Both modules are functionally the same.
Feature Description
n
Access Volume
In the PDF version of this manual, you can click the hyperlink in the Operation Manual and Command Manual to access the operation and command manual you are interested in. Press <Alt + > to return to [ Feature Description ].
12
Feature description Introduction to WAN interfaces such as Synchronous/asynchronous serial interface, AUX, AM, ISDN BRI, E1-F, T1-F, CE1/PRI, CT1/PRI, CE3 and CT3
ATM
Configuration of ATM, ATM subinterface and PVC and VP monitoring and management Introduction to IPoA, PPPoA, IPoEoA and PPPoEoA supported on an ATM interface
DCC
Dial control center, a routing technology through which routers can interconnect with each other through public switching network (PSTN and ISDN).
DCC basic configuration Configuration of DCC specific functions Configuring DLSw in Ethernet Configuring DLSw in SDLC FR DCE/DTE configuration FR compression configuration Multilink FR configuration PPPoFR configuration MPoFR configuration GVRP function configuration GARP timer configuration
DLSw configuration DLSw Commands Frame Relay Configuration Frame Relay Commands
GVRP Configuration GVRP Commands HDLC Configuration HDLC Commands LAPB and X.25 Configuration LAPB and X.25 Commands
HDLC configuration LAPB configuration X.25 configuration XOT configuration X2T configuration Link aggregation classification Load sharing mode in a link aggregation group Link aggregation configuration
Link Aggregation
MODEM
MODEM management configuration Local port mirroring configuration PPP configuration MP configuration PPP link efficiency mechanism configuration PPPoE configuration
Port Mirroring Port Mirroring Configuration Port Mirroring Commands PPP PPP Configuration PPP Commands
Feature Description
13
Feature description Isolation group configuration ISDN configuration Root bridge configuration Leaf node configuration Performing mCheck Digest snooping configuration No Agreement Check configuration Protection functions configuration Basic VLAN attributes configuration Configuration for VLAN interface basic attributes Port-based VLAN configuration Voice VLAN configuration
VLAN
Port Isolation
Isolation group configuration Dynamic Route Backup Configuration Dynamic Route Backup Configuration Example Dialer Interface Loopback Interface Null Interface Sub-interface Configuring MP-group Interfaces Configuring MFR Interface VT and VA Interface Configuring VE Configuring a CPOS Interface Configuring an E1 Channel Configuring a T1 Channel
Dynamic Dynamic Route Backup Route Backup Configuration Dynamic Route Backup Commands Logical Interface Logical Interface Configuration Logical Interface Commands
CPOS
14
IP Services Volume
ARP configuration Gratuitous ARP configuration ARP source suppression configuration Proxy ARP configuration
DHCP
Dynamic host configuration protocol, implements dynamic configuration for information such as IP address.
DHCP server configuration DHCP relay configuration DHCP client configuration DHCP Snooping configuration BOOTP client configuration
DNS
DNS is a distributed database that applies to TCP/IP application programs. It functions to resolve between hostnames and IP addresses.
IP Accounting
IP Addressing
Enabling receiving and forwarding directed broadcasts Configuration of TCP timer, buffersize, packet size and ICMP error packets
IP Unicast Policy-Routing
UDP Helper
UDP Helper functions to relay UDP broadcast packets to the specified server after converting them to unicast packets.
URPF
Unicast reverse path finding, used to prevent the network attack based on source address spoofing.
URPF configuration
Feature Description
15
Internet protocol version 6 (IPv6) was designed by the Internet Engineering Task Force (IETF) as the successor to Internet protocol version 4 (IPv4).
Configuring basic IPv6 functions IPv6 NDP configuration PMTU discovery configuration TCP6 configuration IPv6 FIB forwarding configuration IPv6 DNS configuration
NAT-PT
IPv4 networks and IPv6 networks will co-exist to communicate with each other for a long period of time. The network address translation protocol translation (NAT-PT) realizes translation between IPv4 and IPv6 addresses to meet the communication requirement.
NAT-PT configuration
Dual Stack
A network node that supports both IPv4 and IPv6 is called a dual stack node. A dual stack node configured with an IPv4 and an IPv6 addresses can have both IPv4 and IPv6 packets transmitted.
Tunneling
Tunneling is an encapsulation technology, which utilizes one network transport protocol to encapsulate packets of another network transport protocol and transfer them over the network.
Manual/automatic IPv4-compatible IPv6 Tunnel 6to4 tunnel configuration ISATAP tunnel configuration IPv4 over IPv4 tunnel configuration IPv6 over IPv6 tunnel configuration IPv4 over IPv4 tunnel configuration 6PE configuration
IPv6 Unicast Policy Routing IPv6 Unicast Policy Routing configuration Configuration IPv6 Unicast Policy Routing Commands
16
Introduction to Terminal Access TTY Terminal Access Configuration Telnet Terminal Access Configuration RTC Terminal Access Configuration
IP Routing Volume
IP routing overview IP routing and routing table Routing through a routing table Configuring BGP basic functions Configuring BGP routing attributes Configuring a large scale BGP network
BGP
ISIS
An interior gateway protocol (IGP) used within an Autonomous System. It adopts the Shortest Path First (SPF) algorithm for route calculation.
OSPF
Configuring OSPF Basic Functions Configuring OSPF Area Parameters Configuring OSPF Network Types Configuring OSPF Routing Information Management
RIP
Routing Policy
Routing policy, used to change the route that network traffic passes.
Feature Description
17
IPv6 BGP
BGP4+ puts IPv6 network layer information into the attributes of Network Layer Reachable Information (NLRI) and NEXT_HOP.
Configuring BGP4+ basic functions Controlling route distribution and reception Configuring BGP4+ route attributes
IPv6 ISIS
Supports multiple network protocols, including IPv6 and supports two Type-Length-Values (TLVs) and a new Network Layer Protocol Identifier (NLPID)
Configuring IPv6-IS-IS basic functions Configuring IPv6-IS-IS routing information control Configuring OSPFv3 basic functions Configuring OSPFv3 area parameters Configuring OSPFv3 routing information management Configuring RIPng basic functions Configuring RIPng advanced functions
IPv6 OSPFv3
IPv6 RIPng
Special routes that are manually configured by network administrators work well in simple networks.
IP Multicast Volume
18
IGMP
Internet group management protocol, a protocol in the TCP/IP suite responsible for management of IP multicast members.
MSDP
Multicast source protocol, an interdomain multicast solution based on interconnection between multiple PIM-SM domains.
Configuring basic functions of MSDP Configuring an MSDP peer connection Configuring SA messages
PIM
Protocol independent multicast, provides IP multicast forwarding by leveraging unicast routes generated by any unicast routing protocols.
Configuring PIM-DM Configuring PIM-SM Configuring PIM-SSM Configuring PIM Common Information
IPv6 Multicast IPv6 Multicast Routing and Routing and Forwarding Configuration Forwarding IPv6 Multicast Routing and Forwarding Commands MLD MLD Configuration MLD Commands
Used by an IPv6 router to discover the presence of multicast listeners on directly-attached subnets.
Configuring Basic Functions of MLD Adjusting MLD Performance Configuring IPv6 PIM-DM Configuring IPv6 PIM-SM Configuring IPv6 PIM-SSM Configuring IPv6 PIM Common Information Multicast VPN Overview How MD-VPN Works Configuring MD-VPN
IPv6 PIM
Multicast VPN
Feature Description
19
MPLS&VPN Volume
MPLS configuration basics LDP overview Configuring MPLS basic capability Configuring PHP Configuring a static LSP Configuring MPLS LDP Configuring LDP instances Configuring MPLS TTL processing MPLS TE overview Configuring MPLS TE basic capabilities Creating MPLS TE tunnel over static CR-LSP Configuring MPLS TE tunnel with dynamic signaling protocol Configuring RSVP-TE advanced features Tuning CR-LSP setup Tuning MPLS TE tunnel setup Configuring traffic forwarding Configuring traffic forwarding tuning parameters Configuring automatic bandwidth adjustment Configuring CR-LSP backup Configuring FRR
MPLS TE
Supports multiple link-layer protocols to provide L2VPN services based on different media on an MPLS network.
Configuring MPLS L2VPN Configuring CCC MPLS L2VPN Configuring SVC MPLS L2VPN Configuring Martini MPLS L2VPN Configuring Kompella MPLS L2VPN
Configuring VPN instances Configuring basic BGP/MPLS VPN Configuring Inter-Provider VPN Configuring Multi-Role Host Configuring HoVPN Configuring OSPF Sham Link Configuring multi-VPN-instance CE Configuring BGP AS number substitution
20
Configuring AAA Configuring the VAM Server Configuring the VAM Client Configuring an IPSec Profile Configuring the DVPN Tunnel Parameters Configuring a DVPN Route
GRE
A protocol designed for performing encapsulation of one network layer protocol over another network layer protocol.
GER overview Configuring a GRE over IPv4 tunnel Configuring a GRE over IPv6 tunnel
L2TP
Defines an encapsulation mechanism for transporting multiprotocol packets over Layer 2 (L2) point-to-point links
QoS Volume
Traffic classification, policing, and shaping QoS policy configuration Congestion management Priority mapping Congestion avoidance MPLS QoS configuration DAR configuration Frame Relay QoS configuration
Feature Description
21
Security Volume
AAA RADIUS AAA RADIUS HWTACACS HWTACACS Configuration AAA RADIUS HWTACACS Commands
Authentication, authorization and accounting (AAA) provide a uniform framework used for configuring these three security functions to implement the network security management.
Firewall can prevent unauthorized or unauthenticated users on the Internet from accessing a protected network while allowing the users on the internal network to access web sites on the Internet and transceive E-mails.
MAC MAC Authentication MAC address authentication controls user Authenticatio Configuration network access based on port and MAC n address. MAC Authentication Commands MAC authentication basic configuration
NAT
Network Address Translation (NAT) is to translate the IP address in IP data packet header into another IP address, which is mainly used to implement private network accessing external network in practice.
Configuring EASY IP Configuring static NAT Configuring Many-to-many NAT Configuring many-to-one NAPT Configuring Internal Server Configuring NAT Log Configuring Connection Limit
22
Generating an RSA pair for PKI Configuring PKI certificate registration Submitting a PKI certificate request Configuring PKI certificate validation Configuring access control policy of certificate attribute Portal authentication basic configuration Portal authentication advanced configuration
PORTAL
Portal authentication
Rsh
Users can use the Rsh command to execute commands on the host of the client end.
Rsh configuration
ACL
Access control list, to implement traffic identification function Traffic template is not supported.
Time-Based ACL Basic IPv4 ACL configuration Advanced IPv4 ACL configuration Ethernet frame header ACL configuration User-defined ACL configuration Basic IPv6 ACL configuration Advanced IPv6 ACL configuration
IPSec
Layer 3 tunnel encryption protocol defined by IETF, which provides security for IP data packets transmitted on the Internet.
Configuring an IPSec proposal Configuring an IPSec policy Configuring an IPSec policy template Applying an IPSec policy Configuring an encryption card IPSec policy Configuring encryption switch fabric Configuring fast forwarding for encryption card Configuring an IKE proposal Configuring an IKE peer Configuring IKE keepalive timer
Feature Description
23
Configuring the SSH server Configuring the SSH client Configuring the device as an SSH client Configuring SSL server policy Configuring SSL client policy
SSL
System Volume
Backup Center
Introduction to backup center settings Configuring Main/backup Mode Configuring Loading Sharing
VRRP
Virtual routing redundancy protocol, with which the system can still provide highly reliable default links without changing configurations when a device fails.
Device Management
Through the device management function, users can view the current working state of devices, configure operation parameters, and perform daily device maintenance and management. Validity check of BootROM is not supported.
NQA
Detects the availability and the response time of DHCP, FTP, HTTP, and SNMP services and provides test results
Configuring NQA Tests Configuring Optional Parameters for NQA Tests Enhanced Ping functions
24
Configuring NetStream Statistics Configuring NetStream Aggregation Statistics Configuring Attributes of NetStream UDP Packets Configuring NetStream Statistics Aging
NTP
Network time protocol, used for time synchronization between distributed time server and the client.
Configuring the operation modes of NTP Configuring the local clock as a reference source Configuring optional parameters of NTP Configuring access-control rights Configuring NTP authentication
RMON
Remote monitoring, making SNMP monitor remote network devices more effectively and proactively.
RMON configuration
SNMP
Simple network management protocol, a frame using TCP/IP protocol suite to manage devices on the Internet
File Management
System Maintenance and Debugging Configuration System Maintenance and Debugging Commands
For the protocols and features supported on the device, the system provides corresponding debugging functions to help users diagnose and locate errors
Configuring system debugging Configuring ping and tracert Basic system configuration
Basic System Basic System Configuration Configuration Operation Basic System Configuration Commands Information Center Information Center Configuration Information Center Commands
Acting as the system information hub, information center classifies and manages system information.
Feature Description
25
User Interface User Interface Configuration User interface view is a feature that allows you to manage asynchronous serial interfaces that User Interface Commands work in flow mode. By operating under user interface view, you can centralize the management of various configurations.
Configuring asynchronous interface attributes Configuring terminal attributes Configuring modem attributes Configuring the auto-execute command Configuring user privilege level Configuring access restriction to VTY user interfaces Configuring supported protocols on VTY user interfaces Configuring redirection function on the asynchronous serial interface Configuring authentication mode at login
MAC Address MAC Address Table Table Management Configuration Management MAC Address Table Management Commands
A device maintains a MAC address table for frame forwarding. Each entry in this table indicates the MAC address of a connected device, to which interface this device is connected and to which VLAN the interface belongs.
Automatic Automatic Configuration Configuration POE OAP Module1 POE Configuration POE Commands OAP Module Configuration OAP Module Commands ACFP ACSEI Track ACFP Configuration ACFP Commands ACSEI Configuration ACSEI Commands Track Configuration Track Commands
Introduction to Automatic Configuration Introduction to PoE OAP Module Overview Introduction to ACFP and configuration ACSEI server configuration and ACSEI client configuration Track overview and configuration
26
IPX Volume
Configuring IPX basic functions Configuring IPX routing Configuring IPX SAP Configuring the IPX Forwarding Feature
Voice Volume
Basic VoIP call flow Configuring VoIP features Voice subscriber line Voice entity Protocol Dial plan
VoIP
The application of VoIP on routers makes it possible for an IP network to carry voice services.
Dial Plan
A dial program can help voice gateways to manage numbers in a unified way and create a management policy for all numbers, making number management more convenient and reasonable.
E1 and T1
E1/T1 voice implements VoIP on E1/T1 line, allowing the router to provide more channels of voice communication, greatly improving router utilization and broadening service range.
Fax over IP
Feature Description
27
SIP
Session initiation protocol, an application layer protocol used for initiating, modifying and stopping a multimedia session
Introduction to SIP Introduction to SIP configuration tasks Basic SIP UA configuration Advanced SIP UA configuration
VoFR
Voice over frame relay enables a router to transmit voice and voice-band data over a frame relay network.
Configuring VoFR Entity Configuring VoFR Voice Bandwidth Configuring Dynamic Mode Configuring FRF.11 Trunk Mode
Voice RADIUS Configuration Voice RADIUS Commands Call Services Configuration Call Services Commands
Voice RADIUS configuration Configuring Call Waiting Configuring Call Hold Configuring Call Forwarding Configuring Call Transfer Configuring Hunt Group Configuring Incoming Call Barring Configuring Outgoing Call Barring Configuring FEATURE Service Configuring a Number Priority Peer
28
3
Logging onto an MSR Series Router
You can log onto the MSR 20/30/50 series routers in the following ways:
Local login through Console port Telneting to the router through an Ethernet interface Remote login through AUX port or TTY port using Modem dialup Login through NMS
Local login through Console port and telneting to the router through an Ethernet interface are the most frequently used login methods in application. In this manual we introduce these two login methods in details. Local Login Through the Console Port Setting up local configuration environment To set up the local configuration environment, RJ-45 connector of the console cable needs to be connected to the console port on the router, and DB-9 connector to the serial interface of a PC, as shown in the following figure.
Figure 1 Local login through the console port
Console
PC
Router
Setting the parameters for the console terminal Set terminal parameters, taking the hyper terminal on Windows as an example. In the Serial Attribute dialog box, set the baud rate to 9600, data bit to 8, no parity check, stop bit to 1, and flow control to none. As shown in the following figure:
30
31
After setting all parameters, click [Enter], and you can configure the router. Telneting to the Router Through the Ethernet Interface Setting up configuration environment Connect the router to a network through the Ethernet interface.
Figure 4 Telnet to the server
Server
Configuring the router
Client
Before you perform remote login onto the router, you must configure the router. You must perform local configuration through Console port when you first configure the router. Perform the following configuration on the router: # Enter system view.
Press ENTER to get started. <H3C>system-view
32
# Configure the IP address of the interface that connects to the Internet. You can change this IP address to what is in use.
[H3C]interface ethernet0/0 [H3C-ethernet0/0]ip address 192.168.0.1 24
Logging onto the router Ensure the reachability between the terminal and the router, and then you can log onto the router remotely.
************************************************************************** * All rights reserved (2004-2006) * * Without the owners prior written consent, * * no decompiling or reverse-switch fabricering shall be allowed. * **************************************************************************
Login authentication
Enter password 123456 when the system prompts entering the password. You can perform operations on the router after entering the correct password.
TTY interface
33
User interface of the system falls into four categories, and is arranged in certain order: They are Console (CON), Auxiliary port (AUX), virtual interface (VTY) and physical terminal interface (TTY).There is only one user interface for console and auxiliary port, while multiple user interfaces for VTY and TTY interface, each type of these multiple user interfaces being arranged in order. User interface is numbered in the following two ways: absolute number and relative number. 1 Absolute number The beginning number of absolute number is 0 (Namely, Console port), and the rest interfaces can be deduced by analogy. Console port and Aux port occupy one number respectively; For VTY interface and TTY interface, different products support different numbers of user interfaces. Use the display user-interface command to view them. Absolute number can uniquely specify one user interface or one group of user interfaces.
Console user interface is numbered 0. TTY user interface is numbered after Console user interface and before Aux user interface. Number of AUX user interface is the absolute number of TTY plus one. VTY user interface is numbered after AUX user interface. Absolute number of the first VTY is incremented by 1 than the AUX user interface number.
2 Relative number Relative number, represented by + number assigned to each type of user interface. It follows the rules below:
Console user interface is numbered CON 0. Number of TTY user interface: The first TTY user interface is designated as TTY0, the second one is designated as TTY1 and so on. AUX user interface is numbered AUX 0. Number of VTY user interface: The first VTY user interface is designated as VTY0, the second one is designated as VTY1 and so on.
34
Software register is provided on the device to protect the authorized users legal rights to use the software. Trial period is set on the software with this function and users are required to register the serial number of the software in the trial period. If the software has not been registered until the trial period expires, the system automatically restarts every 30 minutes. You can obtain a registration serial number through buying letter of authorization of the software. You can use the license register serial-number command or log onto the network management interface and then enter the serial number to finish software registration; and you can use the display license command or log onto the network management interface to view the soft registration information of the device. Follow these steps to register the software:
To do... Register the software Display the information Use the command... license register serial-number display license Remarks Required Available in user view any view
36
5
n
Introduction
Files
SOFTWARE MAINTENANCE
BootROM program file The file is used for booting application at boot. A complete BootROM file includes two segments: basic and extended. Application program file The router is available with Dual Image function. By default, the system defines and attempts to boot in order with three boot files: main, backup, and secure, provided they are available with CF card. If the router fails to boot with the secure boot file, it prompts the boot failure. For more information about the boot files, refer to Maintaining Application Program and Configuration File on page 55. The following table gives default names and types of boot files.
Table 14 Default names and types of the boot files
Boot file Main boot file Backup boot file Secure boot file File name main.bin backup.bin secure.bin File type M B S
The application programs for system boot can be type M, B and S, but not type N. You can store them in Flash memory, but only one for each. For example, if an M+B file exists, it is impossible to have another M or B file. If you change the file type of another file to B, the M+B file becomes a type M file. You can modify the file name of an application file in CF card using the command after it boots. You cannot modify the file type of a type S application image file, but you can modify the file type of type M/B and N application program files in the BootROM menu or using commands after the application program boots. Secure boot file is the last resort for system boot. You can download it in the BootROM menu and must name it secure.bin. However, you cannot modify this file or change the type of another file to S. If you change the name of the secure boot file with the rename command after the system boots, the file is removed from CF card. To use the secure boot file after that, you need to download it again.
38
Configuration file The file stores configuration information of the router. By default, the system defines and attempts to boot in order with three configuration files: main, backup, and default, provided they are available with CF card. If the router fails to boot with the secure boot file, it prompts the boot failure. For more information about the boot files, refer to Maintaining Application Program and Configuration File on page 55. The following table describes the three configuration files.
Table 15 Description on the three configuration files
Configuration file Main configuration file Backup configuration file Default configuration file File type M B M/B/N Description Used by the system for booting by default. Used by the system for booting when it fails to boot with the main configuration file. Used by the system for booting when it fails to boot with the backup configuration file. If the system fails to boot with the default configuration file, it boots with null configuration. The name of the default configuration file has something to do with the router brand. The main and backup configuration operations on the default configuration file is the same with common configuration files.
The configuration files for system boot can be type M, B and default configuration file of type N, but not non-default configuration file of type N (i.e. neither M nor B). You can modify the file name of a configuration file in CF card using the command after it boots. You cannot modify the type of the default configuration file, but you can modify the file type of type M/B and N configuration files in the BootROM menu or using commands after the application program boots.
You can store them in Flash memory, but only one for each. For example, if an M+B file exists, it is impossible to have another M or B file. If you change the file type of another file to B, the M+B file becomes a type M file.
CAUTION:
The file name cannot be longer than 64 characters (including drive letter and a string terminator. If the drive letter is CF:/, the file name can be at most [ 64-1-4 ] = 59 characters in length; or, errors will occur in file operation. Typically, the file name is recommended to be not more than 16 characters. The extension ASCII characters (ASCII>=128) and invisible characters (ASCII<33) cannot be included in the file name. The following characters cannot be included in the file name: ", , ?, , space, *, |, <, /, :, >, ~. The character . can be included in the file name, but cannot be the first or last character of the file name. Two consecutive .s are not allowed.
BootROM Menu
39
Upgrading BootROM and application program using XMODEM protocol through an serial interface. Upgrading application program from TFTP/FTP server through an Ethernet interface in BootROM. Uploading/downloading application program and configuration file from TFTP/FTP server via command lines.
BootROM program is upgraded through binding with the Comware version. You do not need to upgrade it separately. The system automatically upgrades BootROM to be the latest version while upgrading Comware. Check the current version of BootROM and application program before upgrading. For the association between Comware version and BootROM program, see the corresponding Release Notes.
Comware version
Upgrade Comware ?
Y
TFTP upgrade
FTP upgrade
Upgrade
End
BootROM Menu
Main BootROM Menu When the router is powered on and reboots, the console terminal displays:
InitDDR
40
******************************************************* * * * H3C MSR50-40 BOOTROM, Version 2.11 * * * ******************************************************* Copyright(c) 2004-2007 Hangzhou H3C Technology Co., Ltd. Compiled date: Apr 09 2007, 08:52:28 CPU type : MPC8541 CPU L1 Cache : 32KB CPU L2 Cache : 256KB CPU Clock Speed : 833MHz Memory Type : DDR SDRAM Memory Size : 512MB Memory Speed : 333MHz BootRom Size : 4096KB CPLD Version is 1.00 HardWare Version is 3.00 CF Card is Inserted, now is mounting... cf:/ - Volume is OK Mount CF Card OK! CF Card Size:256MByte Press Ctrl+B to enter extended boot menu...
The extended BootROM menu is referred to as main BootROM menu in this manual except for special statement. Press <Ctrl+B> when it displays Press Ctrl+B to enter extended boot menu.... Then, the system prompts:
Please input Boot ROM password:
You have three chances to provide the correct BootROM password (the initial setting is void). If you fail to do that, you need to reboot the system. After you enter the correct password, the console screen displays.
===================<EXTEND-BOOTROM MENU>===================== | <1> Boot From CF Card | | <2> Enter Serial SubMenu | | <3> Enter Ethernet SubMenu | | <4> File Control | | <5> Modify Bootrom Password | | <6> Ignore System Configuration | | <7> Boot Rom Operation Menu | | <8> Clear Super Password | | <9> Device Operation | | <a> Reboot | ============================================================= Enter your choice(1-a):
BootROM Menu
41
BootROM Submenus
Enter serial submenu This submenu can be used for upgrading application program, changing serial baud rate, and other operations. Enter <2> under the main BootROM menu to enter the serial submenu:
======================<SERIAL SUB-MENU>====================== |Note:the operating device is CF Card | | <1> Download Application Program To SDRAM And Run | | <2> Update Main Application File | | <3> Update Backup Application File | | <4> Update Secure Application File | | <5> Modify Serial Interface Parameter | | <6> Exit To Main Menu | ============================================================= Enter your choice(1-6):
42
Enter Ethernet interface submenu Enter <3> in BootROM menu to enter the Ethernet interface submenu. The system displays:
====================<ETHERNET SUB-MENU>====================== |Note:the operating device is CF Card | | <1> Download Application Program To SDRAM And Run | | <2> Update Main Application File | | <3> Update Backup Application File | | <4> Update Secure Application File | | <5> Change Ethernet Parameter | | <6> Exit To Main Menu | | < Ensure The Parameter Be Modified Before Downloading! > | ============================================================= Enter your choice(1-6):
File control submenu Enter <4> under the main BootROM menu to enter the file control submenu. Through this submenu, the system can display application program file type in memory, modify file name and delete files. The prompt is shown below:
========================<File CONTROL>======================= |Note:the operating device is CF Card | | <1> Display All File | | <2> Set Application File type | | <3> Set Configuration File type | | <4> Delete File | | <5> Exit To Main Menu | =============================================================
43
BootROM operation submenu Enter <7> under the main BootROM menu to enter the BootROM operation menu:
=====================<BOOT ROM OPERATION>==================== |Note:the operating device is CF Card | | <1> Backup Full Boot ROM | | <2> Restore Full Boot ROM | | <3> Update Full Boot ROM With XModem | | <4> Update Extended Boot ROM With XModem | | <5> Update Basic Boot ROM With XModem | | <6> Exit To Main Menu | | Note:When Update Full/Extended/Basic BootRom,they are the | | same file | ============================================================= Enter your choice(1-6):
Sometimes, we need to change the serial baud rate to higher in order to save upgrading time, or to lower to guarantee transmission reliability. This section depicts how to adjust serial baud rate. Enter <2> under the main BootROM menu to enter the serial submenu. Then, enter <5>, and the system prompts to change serial baud rate.
========================<BAUDRATE SET>======================= |Note: Change The HyperTerminals Baudrate Accordingly, | | Press Enter to exit with things untouched. | |--------------------<Baudrate Avaliable>-------------------| | <1> 9600(Default) | | <2> 19200 |
44
| <3> 38400 | | <4> 57600 | | <5> 115200 | | <6> Exit | ============================================================= Enter Your Choice(1-6):
Select a baud rate, <5> for 115200 bps for example. The following prompt appears:
Change the baudrate on PC side first!
Since the router serial baud rate is modified to 115200 bps, whereas the terminal baud rate remains to be 9600 bps, they can not communicate with each other. Change the baud rate of your terminal to the same as that for software download. Perform the following operation:
Figure 6 Disconnect terminal
Click [File/Properties], and press <Configure...> to change baud rate to 115200 bps:
45
Then, press <Enter> to prompt current configuration baud rate and return to the previous menu. The system prompts:
The current baudrate is 115200
n
Upgrading BootROM
Restore the baud rate in the HyperTerminal to 9600 bps (the default) after upgrading the BootROM. This is to ensure that information can be displayed on the console screen after system boot or reboot. First, enter <7> under the main BootROM menu (refer to Main BootROM Menu on page 39) to enter the BootROM operation submenu, under which all BootROM
46
operations are completed. Refer to BootROM operation submenu on page 43 for detailed descriptions. For example, when you upgrade full BootROM: First, change serial baud rate to speed up upgrading (refer to Modifying Serial Interface Parameters on page 43 for details), and then enter <3> under BootROM operation menu. The system prompts:
Select program file please. Waiting...CC
Select [Transfer/Send file...] in the [HyperTerminal] window. The following window pops up:
Figure 9 Send File dialog box
In the displayed [Send File] dialog box, click <Browse...> to select the application program file to be downloaded, and select XMODEM for the [Protocol] field. Then click <Send>. The following interface appears:
Figure 10 Sending File interface
47
After completing download, the following information appears on term inal interface to indicate download and upgrade success: Download successfully! 434432 bytes downloaded! Updating Extend BTM Updating Extended BootRom.
n
Upgrading Application Program Through Serial Interface
The file name, size and path vary in different situations. Check the current version of BootROM and application program in order to use correct file. This method only upgrades a part of BootROM. You can re-upgrade when error occurs.
Upgrading of application program through serial interface is implemented under serial submenu. Enter <2> under the main BootROM menu to enter the serial submenu. Refer to Enter serial submenu on page 41 for detailed descriptions. For example, when you upgrade application program: First, change serial baud rate to speed up upgrading (refer to Modifying Serial Interface Parameters on page 43 for details), and then enter <2> under serial submenu. The system prompts:
Select program file please. Waiting...CC
Select application program file and send it. Upgrading application program with serial port takes the similar steps with upgrading BootROM. Refer to Upgrading BootROM on page 45 for details.
n
Upgrading Application Program Through Ethernet Interface
Configuring Ethernet Parameters
Application program often takes over 10M.Even if the baud rate is changed to 115200 bps, the upgrading takes about 30 minutes. Therefore, it is recommended you upgrade through Ethernet interface.
Enter <3> under the main BootROM menu to enter the Ethernet interface submenu. Refer to Enter Ethernet interface submenu on page 42 for details.
Before upgrading application program through Ethernet interface, we need to configure the Ethernet interface of the router, as follows: Enter <3> under the main BootROM menu to enter the Ethernet Interface submenu. Then, enter <5> to enter the Configure Ethernet interface menu:
Note: Two protocols for download, tftp & ftp. You can modify the flags following the menu except the boot device. tftp--0x80, ftp--0x0. . = clear field; - = go to previous field; Ctrl+D = quit boot device : mottsec0 Boot device name. Cannot be changed. processor number : 0 Processor number. Keep unchanged. host name : host Host name. Keep unchanged. file name : main.bin The download file name shall be cons istent with the real file name, and you are asked to designate download path. Or you can designate download path in FTP and TFTP settings. inet on ethernet (e) : 192.168.80.10 Set to be in the same network with
48
TFTP/FTP server. It has nothing to do with port IP address of the router. inet on backplane (b): No need to set. host inet (h) : 192.168.80.200 IP address of FTP/TFTP server. gateway inet (g) : Gateway IP address. No need to set. user (u) : guest User name FTP downloaded is used in this setting. No need to consider in TFTP download. ftp password (pw) (blank = use rsh): 123456 FTP downloads password. No need to consider in TFTP download. flags (f) : 0x80 Download flag. The flag is 0x0 with FTP download, and 0x80 with TFTP download. target name (tn) : No need to set. If set, it means th e target file name saved in Flash memory. Alternatively, you may choose not to en ter any name and use the file name used for the last upgrade instead. startup script (s) : No need to set. other (o) : No need to set.
When configuring parameters, enter new parameters directly; or press <ENTER> to accept the default parameter coming after the colon, . for clear field, - for go to previous filed, and Ctrl+D for quit. Upon failure, the system prompts:
Loading failed Please reboot the router to validate the reset IP address.
Do not modify the device name of the router; otherwise, the system prompts Boot device should not be modified and skips to the next configuration item. Only FE0 port can be used in MSR 20 routers, and GE0 port in MSR 30 and MSR 50 routers.
TFTP (Trivial File Transfer Protocol) is a protocol of the TCP/IP suite that is used to transfer trivial files between clients and the server. It provides not-so-complex and low-cost file transfer services. Carried over UDP, TFTP provides unreliable data transfer services and does not provide access authorization and authentication mechanism. It employs timeout retransmission to guarantee the successful transferring of data. TFTP takes much smaller size than FTP. As an application layer protocol in the TCP/IP suite, FTP (File Transfer Protocol) mainly transfers files among remote hosts. Carried over TCP, it provides reliable and connection-oriented data transfer service but does not provide access authorization and authentication mechanism. Step 1: Set up an upgrade environment.
Figure 11 Set up FTP/TFTP upgrade environment
Ethernet
ROUTER (TFTP/FTP
PC (TFTP/FTP
Connect Ethernet port 0/0 to a PC by using a crossover cable. Start TFTP/FTP program on the PC as the server, and set the path of TFTP/FTP server to point to
49
the address of application program. You need to set user name and password if FTP server is used.
CAUTION: No TFTP/FTP Server is available with the H3C MSR 50 series. You must install one yourself. Step 2: Modify Ethernet parameters. Refer to Configuring Ethernet Parameters on page 47 for details. Step 3: Enter <3> to enter Ethernet submenu. For example, when upgrading main application program, enter <2> to upgrade:
Loading... Done! 14323376 bytes downloaded. Input the File Name:
After the download is done, input the file name and begin to update:
Updating File main.bin........ Update Success!
Step 4: Enter <6> to exit to the main BootROM menu. Enter <1> to boot from the CF card. Step 5: Set the updated application program to be the main boot file, i.e. the default boot file of the system.
Application program does not exist. Now starting to download application program. ===================<EXTEND-BOOTROM MENU>===================== | <1> Boot From CF Card | | <2> Enter Serial SubMenu | | <3> Enter Ethernet SubMenu | | <4> File Control | | <5> Modify Bootrom Password | | <6> Ignore System Configuration | | <7> Boot Rom Operation Menu | | <8> Clear Super Password | | <9> Device Operation | | <a> Reboot | ============================================================= Enter your choice(1-a):4
The system reboots. Enter <4> when it prompts the above information.
========================<File CONTROL>======================= |Note:the operating device is CF Card | | <1> Display All File | | <2> Set Application File type | | <3> Set Configuration File type | | <4> Delete File | | <5> Exit To Main Menu | ============================================================= Enter your choice(1-5):2
Enter the file control submenu and enter <2> to set the application file type.
50
Select the application program as the main boot file, and enter its complete path and file name.
Modify this file Attribute: 1. +Main 2. -Main 3. +Backup 4. -Backup 5. Exit Enter your choice(1-5):1
Enter 1 to set the selected application program to be the main boot file, i.e. the default boot file of the system. Step 6: Enter <5> to exit to the main BootROM menu. Enter <1> to boot from the CF card.
CAUTION:
The file in the CF card will be overwritten if the file name being input is the same as the original file name in the CF card. Make sure the space on memory is sufficient. Or, the system prompts insufficient space:
Updating File main.bin Insufficient CF Card space or failed device writing operation
The file updated will directly replace the original file of this type to become the only application program. The main.bin file downloaded here will replace the original M file directly to become the main boot program. Refer to Files on page 37 for detailed descriptions of file types.
After booting the router normally, you can upgrade and backup application program and backup and recover configurations under command line mode.
The TFTP service provided by the router is TFTP Client - the router serves as TFTP Client, and the file server serves as TFTP Server. You can input commands to upload the configuration file and application program of the router to the file server, or download configuration file or application program to the router from the file server.
51
Configuring environment Step 1: Set up hardware environment (refer to Upgrading Application Program Through Ethernet Interface on page 48 for details), and point the server path to the folder where the file is put.
Figure 12 Networking diagram for maintenance under command line mode
Ethernet
ROUTER (TFTP/FTP
PC (TFTP/FTP
Configure the IP addresses of the two sides to be in the same network. In this section, the TFTP server is set to 192.168.0.1, and the Ethernet interface connected to it (Ethernet interface 0/0 in this example; so, any interface is OK) is set to 192.168.0.2. Both can use the ping command to check if the connection is successful. Backing up and recovering application program and configure file After finishing environment building, perform the following operations: View the files included in current file system with the dir command:
<H3C>dir Directory of cf:/ 0 1 2 3 4 -rwdrw-rw-rw-rw14323376 909 1045 14323376 Apr Mar Apr Apr Mar 03 20 04 04 31 2006 2006 2006 2006 2006 15:36:48 09:55:28 10:54:38 11:31:36 17:50:22 main.bin logfile configbak.cfg config.cfg backup.bin
63340 KB total (20928 KB free) File system type of cf: FAT32 <H3C>
Use the command as follows to backup the config.cfg file on the router to TFTP server and save as config.bak:
<H3C>tftp 192.168.0.1 put config.cfg config.bak File will be transferred in binary mode Sending file to remote tftp server. Please wait... TFTP: 1045 bytes sent in 0 second(s). File uploaded successfully.
Use this command to download the config.cfg file on the server to the router:
52
<H3C>tftp 192.168.0.1 get config.cfg config.cfg The file config.cfg exists. Overwrite it?[Y/N]:y Verifying server file... Deleting the old file, please wait... File will be transferred in binary mode Downloading file from remote tftp server, please wait...<HardReturn TFTP: 1045 bytes received in 0 second(s) File downloaded successfully.
If a config.cfg file already exists in the router, select <Y/y> to overwrite it.
CAUTION:
If a config.cfg file already exists on the server, it will be overwritten. The above operations are performed under user view. The backup configuration file can be modified by text editor. The configuration file modified during download process can modify the configuration, and the modification takes effect after rebooting. Similarly, you can also download application program to the router to overwrite the old main program to upgrade the application program.
Maintaining the router when it serves as the server FTP (File Transfer Protocol) is an application layer protocol in the TCP/IP suite. It mainly transfers files among remote hosts. Carried over TCP, it provides reliable and connection-oriented data transfer service but does not provide access authorization and authentication mechanism. The FTP service provided by the router is FTP Server, that is to say, the router serves as the FTP Server. You can run FTP Client to log onto the router and access files on the router. Install FTP Client before using FTP. No FTP Server is available with the H3C MSR 50 series. You must install one yourself. Take the FTP Client with Windows XP for example. Step 1: Build hardware maintenance environment as follows:
Figure 13 Router maintenance when it serves as the server
Ethernet
ROUTER (TFTP/FTP
PC (TFTP/FTP
Configure the IP addresses of the two sides to be in the same network. In this section, the PC server is set to 192.168.0.1, and the router Ethernet interface connected to it (Ethernet interface 0/0 in this example; so, any interface is OK) is
53
set to 192.168.0.2. Both can use the ping command to check if the connection is successful. Step 2: Boot FTP service. You can boot FTP service after configuring FTP server authentication and authorization. FTP server supports multiuser access. The remote FTP user sends request to the FTP server, which then executes accordingly and returns the result of the execution to user. Use the following command to boot the FTP service:
[H3C]ftp server enable % Start FTP server
Step 3: Maintain the router. After booting FTP service of the router and configuring user name and password, you can boot FTP Client on your PC. Take the FTP Client with Windows XP for example: Enter <ftp> in the [DOS] window, and the system prompts:
C:Documents and SettingsAdministrator>ftp ftp> The system prompts ftp> ftp> open 192.168.0.2 Connected to the router IP Connected to 192.168.0.2. 220 FTP service ready. User (192.168.0.2:(none)): guest Enter the user name configured on the router 331 Password required for guest Password: Enter the password 123456 230 User logged in. Successfully connected to the server
Now, we can use the following command to perform maintenance of the router. In this example, the main.bin file on the router is backed up to the PC.
ftp> binary Change the transfer mode to binary 200 Type set to I. ftp> lcd c:emp Change local path Local directory now C:emp. ftp> get main.bin main.bin Backup files to PC from the router 200 Port command okay. 150 Opening BINARY mode data connection for main.bin. 226 Transfer complete. ftp: 14323376 bytes received in 16.81Seconds 851.87Kbytes/sec.
54
Maintaining the router when it serves as the client You can also maintain the router file system by building FTP server and making the router serve as the client. Step 1: Build maintenance environment as follows:
Figure 14 Router maintenance when it serves as the client
Ethernet
ROUTER (TFTP/FTP
PC (TFTP/FTP
When the router serves as the client, you can run FTP server program on your PC as the FTP server, and set the server path. Then, add user name and password for the router. Configure the IP addresses of the two sides to be in the same network. In this section, the FTP server is set to 192.168.0.1, and the Ethernet interface connected to it (Ethernet interface 0/0 in this example; so, any interface is OK) is set to 192.168.0.2. Both can use the ping command to check if the connection is successful. Step 2: Maintain the router through the terminal connected to the console port as follow:
<H3C>ftp 192.168.0.1 Trying 192.168.0.1 ... Press CTRL+K to abort Connected to 192.168.0.1. 220 3Com 3CDaemon FTP Server Version 2.0 User(192.168.0.1:(none)):guest Enter the user name configured on the router 331 User name ok, need password Password: Enter the corresponding password 230 User logged in Connect successfully [ftp]
Use the command as follows to maintain the router. Here, get and put commands are used to backup and recover files.
[ftp]get main.bin main.bin Download files to the router from the server cf:/main.bin has been existing. Overwrite it?[Y/N]:y Overwrite it or not? 200 PORT command successful. 150 File status OK ; about to open data connection 226 Closing data connection; File transfer successful. FTP: 14323376 byte(s) received in 69.256 second(s) 206.00K byte(s)/sec. [ftp]put main.bin main.bin Backup the router files to the server
55
200 PORT command successful. 150 File status OK ; about to open data connection 226 Closing data connection; File transfer successful. FTP: 14323376 byte(s) sent in 15.974 second(s) 896.00Kbyte(s)/sec. [ftp]quit Quit the FTP 221 Service closing control connection
You can modify and display the file type under the file control submenu: Enter <4> under the main BootROM menu to enter the file control submenu. The system prompts:
========================<File CONTROL>======================= |Note:the operating device is CF Card | | <1> Display All File | | <2> Set Application File type | | <3> Set Configuration File type | | <4> Delete File | | <5> Exit To Main Menu | =============================================================
Enter your choice(1-5): Display all files Enter <1>, and the system prompts:
Display All File In cf: ************************************************************************** NO. Size(B) Time Name 0 14323376 Mar-23-2006 11:47 cf:/main.bin 1 14144592 Mar-17-2006 19:39 cf:/d13.bin 2 935 Mar-23-2006 15:39 cf:/config.cfg 3 160 Mar-20-2006 09:55 cf:/private-data.txt 4 14323456 Mar-25-2006 10:38 cf:/secure.bin 5 238664 Mar-27-2006 10:50 cf:/logfile/logfile.log **************************************************************************
Set application file type Enter <2> under the file control submenu to enter the set application file type menu:
Please set application file type in cf:
M=MAIN B=BACKUP S=SECURE N=NOTYPE ************************************************************************** NO. Size(B) Time Type Name 0 14323376 Mar-23-2006 11:47 M cf:/main.bin 1 14144592 Mar-17-2006 19:39 B cf:/d13.bin 2 14323456 Mar-25-2006 10:38 S cf:/secure.bin ************************************************************************** Enter File Name:
Enter the file name, including device type and extension name. Take cf:/main.bin for example. Enter the complete file name, press <ENTER>, and then the system prompts to modify the file type:
Enter File Name:cf:/main.bin Modify this file Attribute: 1. +Main
56
You can set the file type to +M, -M, +B and -B by entering 1 to 4. Refer to Introduction on page 37 for details. Set configuration file type Enter <3> under the file control submenu to enter the configuration file type menu.
Please set configuration file type in cf:
M=MAIN B=BACKUP N=NOTYPE ************************************************************************** NO. Size(B) Time Type Name 0 14323376 Mar-23-2006 11:47 M cf:/router.cfg 1 14144592 Mar-17-2006 19:39 B cf:/a.cfg 2 14323456 Mar-25-2006 10:38 N cf:/b.cfg ************************************************************************** Enter File Name:
Enter the file name, including device type and extension name. Take cf:/router.cfg for example. Enter the complete file name, press <ENTER>, and then the system prompts to modify the file type:
Enter File Name: cf:/router.cfg Modify this file Attribute: 1. +Main 2. -Main 3. +Backup 4. -Backup 5. Exit Enter your choice(1-5):
You can set the operation file to the types of M, Cancel M, B and Cancel B by entering 1-4. Refer to Files on page 37 for details. Delete files Enter <4> under the file control submenu to delete files:
Delete All File In cf: ************************************************************************** NO. Size(B) Time Name 0 14323376 Mar-23-2006 11:47 cf:/main.bin 1 14144592 Mar-17-2006 19:39 cf:/d13.bin 2 935 Mar-23-2006 15:39 cf:/config.cfg 3 160 Mar-20-2006 09:55 cf:/private-data.txt 4 14323456 Mar-25-2006 10:38 cf:/secure.bin 5 238664 Mar-27-2006 10:50 cf:/logfile/logfile.log ************************************************************************** Enter File Name: Enter the file name, press <ENTER>, and then the system prompts deleting suc cess: deleting... success!
57
CAUTION: Confirm the file to be deleted before deleting since the system does not prompt you to confirm when deleting files. Exit to the main menu Exit to the main BootROM menu.
Do as follows when your BootROM password, user password or Super Password is lost. You cannot enter the system if you lose your user password. You can boot the system by neglecting system configuration. Perform the following operations: Step 1: Enter the main BootROM menu, and select <6> to boot by ignoring system configuration: The system prompts:
........ Flag Set Successfully.
The system prompts set success. Step 2: When the main BootROM menu appears again, enter <a> to reboot the system.
........ system start booting......Version 2.11
Step 3: Set new password under the system view after rebooting.
[H3C]user-interface console 0 [H3C-ui-console0]authentication-mode password [H3C-ui-console0]set authentication password simple 123456
This indicates that the password authentication is adopted at the console port and the password is set to 123456 and stored in plain text.
After reboot, the system runs with the initial default configuration. The original configuration files are stored in memory. To restore the original configurations, you can use the display saved-configuration command to display them, and then copy and execute them. When storing the password in plain text, you can use the display current-configuration command to see the password in the current configuration. If you use the set authentication password cipher 123456 command when setting the password, the password is encrypted and stored.
Execute the save command after modifying the user password to save the new password.
58
Contact the agent or our technical support personnel in the event of BootROM password loss. They can help you set a new password. Modify the BootROM password under the main BootROM menu. Enter <5> to modify the password following the prompt. The console terminal displays:
Change password. Old password: New password: Verify: ........Password Set Successfully. Enter the old password Enter the new password Enter the new password again The new password is set successfully
n
Super Password Loss
The password modification fails when old password is not correct or new password is not correctly entered, and then the system exits this operation. The Super Password enables you to switch among the four Super levels. In the event of Super Password loss, you cannot perform the operations requiring higher right. Enter <8> under the main BootROM menu to clear the Super Password. Select this option, quit the menu and reboot the router. You can directly enter the system view. Only after the first rebooting will the setting take effect (the Super Password restores after the second rebooting).
Enter <7> under the main BootROM menu to enter the BootROM operation submenu. Refer to BootROM operation submenu on page 43 for details. Enter <1> under the menu, and the system starts to backup the entire BootROM. The system prompts:
Backing BootRom.... Updating the backup Basic BootRom....... Backing Basic BootRom Success! Updating Back Extended BootRom.......... Backing Extend BootRom Success!
Now, the entire BootROM is backed up to the memory. Enter <2> under the menu to restore the BootROM in the memory to the system:
Restore Basic BootRom Updating the Norm Basic BootRom.............. Restore Basic Bootrom Success! Restore Extend BootRom Updating Extended BootRom.............. Restore Extend Bootrom Success!
6
Slot Position of H3C MSR 20 Series Routers
60