00367766-MA5600T Configuration Guide-(V800R005C06_02)

SmartAX MA5600T Multi-service Access Module V800R005C06 Configuration Guide

Issue

02

Date

2008-04-25

Part Number

00367766

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any assistance, please contact our local office or company headquarters.

Huawei Technologies Co., Ltd. Address:

Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China

Website:

http://www.huawei.com

Email:

[email protected]

Copyright © Huawei Technologies Co., Ltd. 2008. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions and other Huawei trademarks are the property of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

SmartAX MA5600T Multi-service Access Module

Contents

Contents About This Document.....................................................................................................................1 1 Maintenance Terminal Configuration...................................................................................1-1 1.1 Overview.........................................................................................................................................................1-2 1.2 Configuring the Terminal Through the Local Serial Port...............................................................................1-3 1.3 Configuring the Terminal Through the Remote Serial Port............................................................................1-7 1.4 Configuring the Terminal Through the Outband Management Channel .....................................................1-12 1.5 Configuring the Terminal Through the Inband Management Channel.........................................................1-16 1.6 Configuring the Terminal Through SSH.......................................................................................................1-20

2 Getting Started With CLI..........................................................................................................2-1 2.1 Overview.........................................................................................................................................................2-2 2.2 CLI Characteristics..........................................................................................................................................2-2 2.2.1 Command Modes...................................................................................................................................2-3 2.2.2 Intelligent Matching...............................................................................................................................2-5 2.2.3 Edit Characteristics................................................................................................................................2-6 2.2.4 Interaction Function...............................................................................................................................2-7 2.2.5 Parameter Prompt...................................................................................................................................2-7 2.2.6 Display Characteristics...........................................................................................................................2-8 2.2.7 Saving and Querying History Commands..............................................................................................2-9 2.2.8 CLI Error Prompts................................................................................................................................2-10 2.3 Basic Operations Through CLI.....................................................................................................................2-10 2.3.1 Obtaining the Online Help Information...............................................................................................2-11 2.3.2 Enabling the Interactive Command Execution Mode..........................................................................2-13 2.3.3 Enabling the CLI Trap Reporting.........................................................................................................2-14 2.3.4 Searching for a Keyword......................................................................................................................2-15 2.3.5 Switching the Terminal Language.......................................................................................................2-15 2.3.6 Setting the System Time......................................................................................................................2-16 2.3.7 Setting the System Name.....................................................................................................................2-17 2.3.8 Setting the Terminal Type....................................................................................................................2-17 2.3.9 Setting the Timeout Exit Time.............................................................................................................2-18 2.3.10 Locking the Terminal.........................................................................................................................2-18 2.3.11 Clearing the Terminal Screen.............................................................................................................2-19 2.3.12 Querying the Version.........................................................................................................................2-19 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

i

Contents

SmartAX MA5600T Multi-service Access Module 2.3.13 Querying the CPU Usage...................................................................................................................2-20 2.3.14 Querying the Memory Usage.............................................................................................................2-21 2.3.15 Testing the Network State..................................................................................................................2-21

3 Network Management Configuration....................................................................................3-1 3.1 Overview.........................................................................................................................................................3-3 3.2 Basic Concepts................................................................................................................................................3-3 3.3 Configuration Example of an Outband NMS..................................................................................................3-4 3.4 Configuration Example of an Inband NMS....................................................................................................3-7 3.5 SNMP Agent Configuration..........................................................................................................................3-10 3.5.1 Setting the SNMP Version...................................................................................................................3-11 3.5.2 Adding a Community Name and Setting Its Read/Write Authorities..................................................3-12 3.5.3 Enabling the Trap Sending...................................................................................................................3-13 3.5.4 Setting the IP address of a Destination Host for Receiving Traps.......................................................3-13 3.5.5 Setting the Source Interface for Sending Traps....................................................................................3-14 3.5.6 Setting the System Contact Information..............................................................................................3-15 3.5.7 Setting the System Location Information.............................................................................................3-16 3.5.8 Configuring an SNMP V3 User...........................................................................................................3-16 3.5.9 Configuring an SNMP V3 Group.........................................................................................................3-17 3.5.10 Configuring an SNMP MIB View.....................................................................................................3-18 3.5.11 Configuring the Local SNMP Engine ID...........................................................................................3-19 3.5.12 Enabling the Timely Handshake Function between the MA5600T and the N2000..........................3-20 3.5.13 Setting the Handshake Interval..........................................................................................................3-21 3.6 Configuring the IP Address of the Outband NMS Interface.........................................................................3-22 3.7 Configuring an NMS Route..........................................................................................................................3-23 3.8 Configuring the IP Address of the Inband NMS Interface............................................................................3-24

4 Log Host Configuration............................................................................................................4-1 4.1 Overview.........................................................................................................................................................4-2 4.2 Configuration Example of a Log Host............................................................................................................4-2 4.3 Configuring a Log Host...................................................................................................................................4-4 4.4 Deleting a Log Host........................................................................................................................................4-5 4.5 Deactivating a Log Host..................................................................................................................................4-6 4.6 Querying Logs.................................................................................................................................................4-7

5 User Management...................................................................................................................... 5-1 5.1 Overview.........................................................................................................................................................5-2 5.2 Adding a User Profile......................................................................................................................................5-2 5.3 Adding a User..................................................................................................................................................5-5 5.4 Modifying the User Attributes........................................................................................................................5-7 5.4.1 Modifying the Profile Bound with a User..............................................................................................5-7 5.4.2 Modifying the User Login Mode...........................................................................................................5-8 5.4.3 Modifying a User Level.......................................................................................................................5-10 5.4.4 Changing a User Password...................................................................................................................5-11 ii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

5.4.5 Modifying the Permitted Number of Reenters.....................................................................................5-12 5.4.6 Modifying the Appended Information.................................................................................................5-13 5.5 Disconnecting an Online User.......................................................................................................................5-14 5.6 Deleting a User..............................................................................................................................................5-14

6 Device Management..................................................................................................................6-1 6.1 Overview.........................................................................................................................................................6-2 6.2 Setting the Description of a Shelf...................................................................................................................6-3 6.3 Resetting the Control Boards..........................................................................................................................6-3 6.4 Adding a Service Board Offline......................................................................................................................6-5 6.5 Confirming a Service Board............................................................................................................................6-6 6.6 Deleting a Service Board.................................................................................................................................6-6 6.7 Resetting a Service Board...............................................................................................................................6-7 6.8 Prohibiting a Service Board............................................................................................................................6-8

7 Remote User Authentication Configuration.........................................................................7-1 7.1 Overview.........................................................................................................................................................7-3 7.2 Related Concepts.............................................................................................................................................7-3 7.2.1 Introduction to AAA..............................................................................................................................7-3 7.2.2 Introduction to RADIUS........................................................................................................................7-4 7.2.3 Introduction to SSH................................................................................................................................7-4 7.2.4 Introduction to 802.1x............................................................................................................................7-5 7.3 Configuration Example of Remote User Authentication................................................................................7-6 7.4 Configuring the RADIUS..............................................................................................................................7-10 7.4.1 Overview..............................................................................................................................................7-11 7.4.2 Creating a RADIUS Server Template..................................................................................................7-11 7.4.3 Setting the IP Address and Port Number of a RADIUS Server...........................................................7-12 7.4.4 Setting the Shared Key of the RADIUS Server...................................................................................7-14 7.4.5 Setting the Response Timeout Interval of a RADIUS Server..............................................................7-14 7.4.6 Setting the Maximum Number of Transmissions for the RADIUS Request Packets..........................7-16 7.4.7 Setting the Format of the User Name Sent to a RADIUS Server........................................................7-17 7.5 Configuring 802.1x.......................................................................................................................................7-18 7.5.1 Configuring an 802.1x Template.........................................................................................................7-19 7.5.2 Enabling the 802.1x Authentication on a Port.....................................................................................7-21 7.5.3 Configuring the Control Mode of a Port..............................................................................................7-22 7.5.4 Enabling the 802.1x Authentication Globally......................................................................................7-23 7.5.5 Enabling the DHCP-Triggered Authentication....................................................................................7-24 7.6 Configuring AAA..........................................................................................................................................7-25 7.6.1 Configuring an Authentication Scheme...............................................................................................7-26 7.6.2 Configuring an Accounting Scheme....................................................................................................7-27 7.6.3 Configure an Accounting Mode...........................................................................................................7-28 7.6.4 Configuring the Interval for the Real-time Accounting.......................................................................7-29 7.6.5 Creating a Domain...............................................................................................................................7-31 7.6.6 Binding a RADIUS Server Template...................................................................................................7-32 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

iii

Contents

SmartAX MA5600T Multi-service Access Module 7.6.7 Specifying an Authentication Scheme.................................................................................................7-33 7.6.8 Specifying an Accounting Scheme......................................................................................................7-34 7.6.9 Referencing an 802.1x Template..........................................................................................................7-35

7.7 Configuring SSH...........................................................................................................................................7-36 7.7.1 Creating the Local RSA Key Pair........................................................................................................7-36 7.7.2 Configuring the SSH User Public Key.................................................................................................7-37 7.7.3 Configuring an SSH User.....................................................................................................................7-39

8 VLAN Configuration.................................................................................................................8-1 8.1 Overview.........................................................................................................................................................8-3 8.2 Configuration Example of a VLAN................................................................................................................8-5 8.3 Configuration Example of a MUX VLAN......................................................................................................8-7 8.4 Creating a VLAN..........................................................................................................................................8-10 8.5 Configuring the VLAN Attribute..................................................................................................................8-12 8.6 Setting the Inner and Outer Ethernet Protocols Type of a VLAN Stacking.................................................8-13 8.7 Setting the Inner VLAN Priority of the Service Port in a Stacking VLAN..................................................8-14 8.8 Adding an Upstream Port to a VLAN...........................................................................................................8-14 8.9 Adding a Service Port to a VLANAdding Service Port(s) to a VLAN.........................................................8-15 8.10 Adding Service Ports in Batches.................................................................................................................8-17 8.11 Configuring the Description of a Service Port............................................................................................8-18

9 DHCP Relay Configuration.....................................................................................................9-1 9.1 Overview.........................................................................................................................................................9-4 9.2 Configuration Example of DHCP Standard Mode..........................................................................................9-5 9.3 Configuration Example of DHCP Option60 Mode.........................................................................................9-8 9.4 Configuration Example of DHCP MAC Address Segment Mode................................................................9-11 9.5 Enabling the DHCP Proxy Function.............................................................................................................9-14 9.6 Creating a DHCP Server Group....................................................................................................................9-15 9.7 Setting the Working Mode of a DHCP Server..............................................................................................9-16 9.8 Setting the DHCP Relay Mode.....................................................................................................................9-17 9.9 Binding a DHCP Server Group with a VLAN Interface...............................................................................9-18 9.10 Creating an Option60 Domain....................................................................................................................9-19 9.11 Binding a DHCP Server Group with a DHCP Option60 Domain..............................................................9-20 9.12 Configuring the Gateway of a DHCP Option60 Domain...........................................................................9-21 9.13 Creating a DHCP MAC Address Segment.................................................................................................9-22 9.14 Setting the Range of a DHCP MAC Address Segment..............................................................................9-23 9.15 Binding a DHCP Server Group with a DHCP MAC Address Segment.....................................................9-24 9.16 Configuring the Gateway of a DHCP MAC Address Segment..................................................................9-25 9.17 Setting the DHCP Proxy Lease-Time.........................................................................................................9-26 9.18 Kicking Off a DHCP User..........................................................................................................................9-27

10 ARP & ARP Proxy Configuration.......................................................................................10-1 10.1 Overview.....................................................................................................................................................10-2 10.2 ARP Proxy Configuration Example............................................................................................................10-2 iv

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

10.3 Adding a Static ARP Entry.........................................................................................................................10-5 10.4 Enabling the ARP Proxy.............................................................................................................................10-6

11 RIP Routing Protocol Configuration..................................................................................11-1 11.1 Overview.....................................................................................................................................................11-3 11.2 Configuration Example of the Static Route................................................................................................11-3 11.3 Configuration Example of RIP....................................................................................................................11-6 11.4 Configuration Example of a Routing Policy...............................................................................................11-9 11.5 Adding a Static Route...............................................................................................................................11-12 11.6 Configuring RIP........................................................................................................................................11-14 11.6.1 Enabling the RIP Process.................................................................................................................11-14 11.6.2 Setting the RIP Version....................................................................................................................11-15 11.6.3 Enabling an Interface to Receive/Transmit RIP Packets..................................................................11-16 11.7 Controlling the RIP Routing Information.................................................................................................11-17 11.7.1 Setting the Cost of the Default Route...............................................................................................11-18 11.7.2 Specifying the Default Routing Metric............................................................................................11-19 11.7.3 Setting the Additional Metric of a Route.........................................................................................11-20 11.7.4 Enabling the Route Summarization..................................................................................................11-20 11.7.5 Configuring a Summary Route IP Address......................................................................................11-21 11.7.6 Disabling Receiving Host Routes....................................................................................................11-22 11.7.7 Configuring the RIP Preference.......................................................................................................11-23 11.7.8 Importing the Routes of Other Protocols.........................................................................................11-24 11.7.9 Configuring the Route Filtering Policy............................................................................................11-25 11.7.10 Verifying the Source IP Address of a RIP Route Update..............................................................11-26 11.8 Adjusting and Optimizing RIP..................................................................................................................11-27 11.8.1 Configuring the RIP Timer..............................................................................................................11-27 11.8.2 Configuring the Zero Field Check for RIP-I Packets.......................................................................11-28 11.8.3 Configuring the RIP-2 Authentication Mode...................................................................................11-30 11.8.4 Enabling the Split Horizon Function................................................................................................11-30 11.8.5 Enabling the Poison Reverse Function.............................................................................................11-31 11.9 Configuring a Routing Policy...................................................................................................................11-32 11.9.1 Defining a Routing Policy................................................................................................................11-32 11.9.2 Defining the If-match Clause of a Route Policy..............................................................................11-34 11.9.3 Defining the Apply Clause of a Route Policy..................................................................................11-34 11.10 Enabling the Transparent Transmission function of the RIP Packet Based on the VLAN.....................11-36

12 OSPF Routing Protocol Configuration..............................................................................12-1 12.1 Overview.....................................................................................................................................................12-2 12.2 Configuration Example of OSPF................................................................................................................12-2 12.3 Configuring OSPF.......................................................................................................................................12-6 12.3.1 Enabling the OSPF Process................................................................................................................12-7 12.3.2 Configuring the DR Priority...............................................................................................................12-8 12.3.3 Setting an OSPF Router ID................................................................................................................12-8 12.3.4 Disabling the OSPF Packet Transmission on an Interface.................................................................12-9 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

v

Contents

SmartAX MA5600T Multi-service Access Module 12.3.5 Entering OSPF Area Config Mode..................................................................................................12-10 12.3.6 Configuring the Subnets for an Area................................................................................................12-11 12.3.7 Configuring the OSPF Stub Area.....................................................................................................12-11 12.3.8 Configuring an NBMA Adjacent Router.........................................................................................12-12 12.3.9 Enabling the OSPF Logging Function.............................................................................................12-13 12.3.10 Configuring the Network Type on an OSPF Interface...................................................................12-13 12.3.11 Configuring the MTU of the DD Packet........................................................................................12-15

12.4 Controlling the OSPF Routing Information..............................................................................................12-15 12.4.1 Setting the OSPF Preference............................................................................................................12-16 12.4.2 Configuring the Maximum OSPF Route Count...............................................................................12-17 12.4.3 Configuring the OSPF Packet Authentication.................................................................................12-18 12.4.4 Configuring the OSPF Cost..............................................................................................................12-18 12.4.5 Configuring the Route Summarization Between Areas...................................................................12-19 12.4.6 Configuring the Aggregation of Routes Imported by OSPF............................................................12-20 12.4.7 Importing Routes from Other Protocols into OSPF.........................................................................12-21 12.4.8 Setting the Default Parameters of OSPF Imported Routes..............................................................12-21 12.5 Adjusting and Optimizing OSPF...............................................................................................................12-22 12.5.1 Setting the Interval for Sending the Hello Packets..........................................................................12-23 12.5.2 Setting the Dead Time Between Adjacent Routers..........................................................................12-24 12.5.3 Setting the Hello Packet Poll Interval..............................................................................................12-24 12.5.4 Setting the LSA Transmit Delay......................................................................................................12-25 12.5.5 Setting the LSA Retransmit Interval between Adjacent Routers.....................................................12-26 12.5.6 Setting the SPF Calculation Interval for OSPF................................................................................12-27

13 IS-IS Routing Protocol Configuration...............................................................................13-1 13.1 Overview.....................................................................................................................................................13-2 13.2 Configuration Example of IS-IS.................................................................................................................13-3 13.3 Configuring IS-IS........................................................................................................................................13-6 13.3.1 Enabling the IS-IS Process.................................................................................................................13-6 13.3.2 Configuring the Network Entity Title................................................................................................13-7 13.3.3 Configuring the Router Level............................................................................................................13-9 13.3.4 Enabling the IS-IS Function on an Interface....................................................................................13-10 13.4 Controlling the IS-IS Routing Information...............................................................................................13-11 13.4.1 Configuring the IS-IS Priority..........................................................................................................13-12 13.4.2 Configuring the Cost of an IS-IS Interface......................................................................................13-13 13.4.3 Configuring IS-IS Route Aggregation.............................................................................................13-16 13.4.4 Generating IS-IS Default Routes......................................................................................................13-16 13.4.5 Configuring IS-IS to Filter the Received or Advertised Routing Information.................................13-17 13.4.6 Setting the State of IS-IS Interface to Suppressed...........................................................................13-18 13.4.7 Configuring IS-IS to Import External Routes..................................................................................13-19 13.4.8 Configuring the IS-IS Route Leaking..............................................................................................13-20 13.5 Adjusting and Optimizing IS-IS................................................................................................................13-21 13.5.1 Configuring Network Type of an IS-IS Interface............................................................................13-22 vi

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

13.5.2 Configuring the Level of an IS-IS Interface.....................................................................................13-22 13.5.3 Configuring DIS Priority of an IS-IS Interface................................................................................13-23 13.5.4 Configuring IS-IS for Not Checking IP Addresses of Received Hello Packets...............................13-24 13.5.5 Configuring the IS-IS Packet Timer.................................................................................................13-25 13.5.6 Configuring LSP Parameters............................................................................................................13-27 13.5.7 Enabling LSP Fast Flooding............................................................................................................13-30 13.5.8 Configuring SPF Parameters............................................................................................................13-30 13.5.9 Configuring IS-IS Host Name Mapping..........................................................................................13-31 13.5.10 Configuring IS-IS Authentication..................................................................................................13-33 13.5.11 Configuring LSDB Overload Flag Bit...........................................................................................13-35 13.5.12 Enabling Output of the Adjacency State........................................................................................13-35

14 BGP Routing Protocol Configuration................................................................................14-1 14.1 Overview ....................................................................................................................................................14-2 14.2 Configuration Example of BGP..................................................................................................................14-2 14.3 Configuring Basic BGP Functions..............................................................................................................14-6 14.3.1 Configuring BGP Basic Description..................................................................................................14-6 14.3.2 Configuring BGP to Advertise the Local Routes...............................................................................14-7 14.3.3 Configuring the Local Interface Used for a BGP Connection...........................................................14-8 14.3.4 Configuring the Maximum Number of Hops in an EBGP Connection...........................................14-10 14.4 Configuring BGP Route Attributes...........................................................................................................14-11 14.4.1 Configuring the BGP Route Preference...........................................................................................14-11 14.4.2 Configuring the Default Local_Pref Attribute.................................................................................14-12 14.4.3 Configuring the MED Attribute.......................................................................................................14-12 14.4.4 Configuring the Next_Hop Attribute...............................................................................................14-13 14.4.5 Configuring the AS-Path Attribute..................................................................................................14-14 14.5 Controlling the BGP Routing Information................................................................................................14-15 14.5.1 Configuring BGP to Import Routes.................................................................................................14-16 14.5.2 Filtering the Routes Imported by BGP.............................................................................................14-17 14.5.3 Configuring BGP Route Aggregation..............................................................................................14-17 14.5.4 Configuring a Router to Advertise the Default Route to Its Peer....................................................14-18 14.5.5 Configuring BGP Access List..........................................................................................................14-19 14.5.6 Configuring a BGP Routing Policy..................................................................................................14-20 14.5.7 Configuring the Policy for Advertising the BGP Routing Information...........................................14-22 14.5.8 Configuring the Policy for Receiving the BGP Routing Information..............................................14-24 14.6 Adjusting and Optimizing BGP................................................................................................................14-26 14.6.1 Configuring the BGP Timers...........................................................................................................14-27 14.6.2 Configuring the Interval for Sending the Update Messages............................................................14-28 14.6.3 Configuring BGP Soft Reset............................................................................................................14-29 14.6.4 Enabling Quick Reset of an EBGP Connection...............................................................................14-30 14.6.5 Configuring MD5 Authentication....................................................................................................14-31 14.6.6 Configuring the Maximum Number of Equal-Cost Routes.............................................................14-32 14.6.7 Configuring EBGP Neighbor Split Horizon....................................................................................14-33 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

vii

Contents

SmartAX MA5600T Multi-service Access Module

15 MSTP Configuration.............................................................................................................15-1 15.1 Overview.....................................................................................................................................................15-3 15.2 Enabling the MSTP Function......................................................................................................................15-3 15.3 Setting the Working Mode of MSTP..........................................................................................................15-5 15.4 Setting the MST Region Parameters...........................................................................................................15-6 15.4.1 Setting the MD5-Key for the MD5 Encryption Algorithm Configured on the MST Region............15-7 15.4.2 Configuring the MST Region Name..................................................................................................15-8 15.4.3 Mapping the Specified VLAN to the Specified MSTP Instance........................................................15-9 15.4.4 Mapping All VLANs to the MSTP Instances by Modular Arithmetic............................................15-10 15.4.5 Setting the MSTP Revision Level....................................................................................................15-12 15.4.6 Restoring the Default Settings for All Parameters of the MST Region...........................................15-13 15.5 Activating the Configuration of the MST Region.....................................................................................15-13 15.6 Specifying the Device as a Root Bridge or a Backup Root Bridge...........................................................15-14 15.7 Setting the Priority of the Device in the Specified Spanning Tree Instance.............................................15-16 15.8 Setting the Maximum Number of Hops of the MST Region....................................................................15-17 15.9 Setting the Diameter of the Switching Fabric...........................................................................................15-18 15.10 Setting the Calculation Standard for the Path Cost.................................................................................15-19 15.11 Setting the Time Parameters of the Specified Network Bridge..............................................................15-20 15.11.1 Setting the Forward Delay of the Specified Network Bridge........................................................15-21 15.11.2 Setting the Hello Time of the Specified Network Bridge..............................................................15-22 15.11.3 Setting the Max Age of the Specified Network Bridge..................................................................15-23 15.11.4 Setting the Timeout Time Factor of the Specified Network Bridge..............................................15-25 15.12 Setting the Parameters of the Specified Port...........................................................................................15-26 15.12.1 Setting the Maximum Transmission Rate of the Specified Port....................................................15-26 15.12.2 Setting the Specified Port as an Edge Port.....................................................................................15-28 15.12.3 Setting the Path Cost of a Specified Port.......................................................................................15-29 15.12.4 Setting the Priority of the Specified Port.......................................................................................15-30 15.12.5 Setting the Point-to-Point Link Connection of the Specified Port.................................................15-31 15.13 Setting the mCheck Variable...................................................................................................................15-32 15.14 Configuring the Device Protection Function..........................................................................................15-33 15.14.1 Enabling the BPDU Protection Function of the Device.................................................................15-33 15.14.2 Enabling the Loop Protection Function of the Device...................................................................15-34 15.14.3 Enabling the Root Protection Function of the Device....................................................................15-36 15.15 Clear the MSTP Protocol Statistics.........................................................................................................15-37

16 NTP Configuration................................................................................................................16-1 16.1 Overview.....................................................................................................................................................16-3 16.2 Configuration Example of NTP Broadcast Mode.......................................................................................16-3 16.3 Configuration Example of NTP Multicast Mode........................................................................................16-7 16.4 Configuration Example of NTP Server/Client Mode................................................................................16-10 16.5 Configuration Example of NTP Peer Mode..............................................................................................16-13 16.6 Configuring the NTP ID Authentication...................................................................................................16-17 16.7 Configuring the NTP Master Clock..........................................................................................................16-19 viii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

16.8 Configuring the NTP Broadcast Mode......................................................................................................16-20 16.8.1 Configuring the NTP Broadcast Server Mode.................................................................................16-20 16.8.2 Configuring the NTP Broadcast Client Mode..................................................................................16-21 16.9 Configuring the NTP Multicast Mode......................................................................................................16-22 16.10 Configuring the NTP Server/Client Mode..............................................................................................16-24 16.11 Configuring the NTP Peer Mode............................................................................................................16-25 16.12 Configuring the Authority of Access to an NTP Service of a Local Device..........................................16-26 16.13 Configuring an Interface for Transmitting/Receiving NTP Packets.......................................................16-27

17 System Clock Configuration................................................................................................17-1 17.1 Overview.....................................................................................................................................................17-2 17.2 Configuration Example of the System Clock..............................................................................................17-3 17.3 Configuring a Clock Source........................................................................................................................17-5 17.4 Setting the Priority of a Clock Source.........................................................................................................17-6

18 MAC Address Management.................................................................................................18-1 18.1 Overview.....................................................................................................................................................18-2 18.2 Adding a Static MAC Address....................................................................................................................18-2 18.3 Setting the Maximum MAC Address Number Learned by a Service Port.................................................18-3 18.4 Configuring the Aging Time of a Dynamic MAC Address........................................................................18-4 18.5 Binding the MAC Address..........................................................................................................................18-5 18.6 Configuring the MAC Address Filtering....................................................................................................18-6 18.7 Configuring the MAC Address Pool...........................................................................................................18-7

19 TCP/IP Connection Configuration......................................................................................19-1 19.1 Overview.....................................................................................................................................................19-2 19.2 Basic Concepts............................................................................................................................................19-2 19.3 Configuring the Synwait Timer...................................................................................................................19-2 19.4 Configuring the Finwait Timer...................................................................................................................19-3 19.5 Configuring the Socket Buffer....................................................................................................................19-4 19.6 Enabling the TCP Debugging.....................................................................................................................19-4 19.7 Enabling the IP Packets Debugging............................................................................................................19-5

20 ACL Configuration................................................................................................................20-1 20.1 Overview.....................................................................................................................................................20-3 20.2 Configuring the Basic ACL.........................................................................................................................20-5 20.3 Configuring the Advanced ACL.................................................................................................................20-7 20.4 Configuring the L2 ACL.............................................................................................................................20-8 20.5 Configuration Example of the User-Defined ACL...................................................................................20-11 20.6 Creating an ACL.......................................................................................................................................20-12 20.7 Configuring a Time Range........................................................................................................................20-14 20.8 Setting the Step..........................................................................................................................................20-15 20.9 Creating a Basic ACL Rule.......................................................................................................................20-15 20.10 Creating an Advanced ACL Rule............................................................................................................20-16 20.11 Creating an L2 ACL Rule.......................................................................................................................20-17 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

ix

Contents

SmartAX MA5600T Multi-service Access Module

20.12 Creating a Customized ACL Rule...........................................................................................................20-18 20.13 Activating an ACL..................................................................................................................................20-20

21 QoS Configuration.................................................................................................................21-1 21.1 Overview.....................................................................................................................................................21-3 21.2 Configuration Example of Queue Scheduling............................................................................................21-3 21.3 Configuration Example of Traffic Management Based on service streams................................................21-6 21.4 Configuration Example of Traffic Management Based on ACL rules.......................................................21-9 21.5 Configuring the Traffic Management Based on service streams..............................................................21-11 21.5.1 Configure the IP Traffic Profile.......................................................................................................21-12 21.5.2 Configure the ATM Traffic Profile..................................................................................................21-14 21.6 Configuring the Traffic Management Based on Port + CoS.....................................................................21-17 21.7 Configuring Queue Scheduling ................................................................................................................21-18 21.7.1 Configuring the Queue Scheduling Mode........................................................................................21-19 21.7.2 Mapping the 802.1p Priority to Queues...........................................................................................21-21 21.7.3 Configuring the Queue Buffer of a Service Board...........................................................................21-22 21.8 Configuring Traffic Management Based on ACL rules............................................................................21-24 21.8.1 Enabling Traffic Limit.....................................................................................................................21-24 21.8.2 Adding a Priority Tag to Packets.....................................................................................................21-25 21.8.3 Enabling the Traffic Statistics..........................................................................................................21-26 21.8.4 Enabling the Traffic Mirroring.........................................................................................................21-27 21.8.5 Enabling the Traffic Redirection......................................................................................................21-28 21.9 Enabling the Line Rate Limit on an Upstream Port..................................................................................21-29

22 User Security Configuration................................................................................................22-1 22.1 Overview.....................................................................................................................................................22-3 22.2 Enabling PITP.............................................................................................................................................22-3 22.3 Setting the RAIO Working Mode...............................................................................................................22-4 22.4 Setting the Ethernet Encapsulation Type....................................................................................................22-5 22.5 Enabling the DHCP Option82 Function......................................................................................................22-6 22.6 Setting the Maximum Length of DHCP Packets........................................................................................22-7 22.7 Binding the IP Address...............................................................................................................................22-8 22.8 Binding the MAC Address..........................................................................................................................22-9 22.9 Enabling the Anti MAC Spoofing.............................................................................................................22-10 22.10 Enabling the Anti IP Spoofing................................................................................................................22-11

23 System Security Configuration...........................................................................................23-1 23.1 Overview.....................................................................................................................................................23-3 23.2 Enabling the Anti DoS Attack.....................................................................................................................23-3 23.3 Enabling the Anti IP Attack........................................................................................................................23-4 23.4 Enabling Anti ICMP Attack........................................................................................................................23-5 23.5 Enabling the Source Route Filtering...........................................................................................................23-5 23.6 Configuring the MAC Address Filtering....................................................................................................23-6 23.7 Setting the Time to Detect Exceptional Disconnection of the PPPoE Users..............................................23-7 x

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

23.8 Configuring the Black List..........................................................................................................................23-8 23.9 Configuring the Firewall Function..............................................................................................................23-9 23.10 Configuring an Accessible Address Segment.........................................................................................23-11 23.11 Configuring the Inaccessible Address Segment......................................................................................23-12

24 P2P Fiber Access Service Configuration............................................................................24-1 24.1 Overview.....................................................................................................................................................24-2 24.2 Configuration Example of Fiber Access Service-Single Port for Single Service.......................................24-2 24.3 Configuration Example of Fiber Access Service-Single Port for Multi-service.........................................24-4 24.4 Setting the Port Auto-negotiation Mode...................................................................................................24-10 24.5 Setting the Port Duplex Mode...................................................................................................................24-10 24.6 Setting the Port Rate..................................................................................................................................24-11

25 GPON Service Configuration..............................................................................................25-1 25.1 Overview.....................................................................................................................................................25-3 25.2 Configuration Example of the GPON Service............................................................................................25-3 25.3 Adding a DBA Profile.................................................................................................................................25-8 25.4 Binding a DBA Profile..............................................................................................................................25-10 25.5 Adding an Alarm Profile...........................................................................................................................25-11 25.6 Adding a GEM Port...................................................................................................................................25-13 25.7 Configuring a GPON Port.........................................................................................................................25-14 25.7.1 Enabling the FEC Function on a PON Port......................................................................................25-14 25.7.2 Disabling the Laser on a PON Port..................................................................................................25-15 25.8 Configuring a GPON ONT.......................................................................................................................25-16 25.8.1 Adding a GPON ONT......................................................................................................................25-16 25.8.2 Activating a GPON ONT.................................................................................................................25-17 25.8.3 Enabling the ONT Auto-find Function of a GPON Port..................................................................25-18 25.8.4 Setting the Aging Time of the ONT Auto-find Function.................................................................25-19 25.8.5 Confirming an Automatically Found ONT......................................................................................25-20 25.8.6 Setting the Minimum and Maximum Logical Reach.......................................................................25-22

26 Protection Configuration for Upstream Link...................................................................26-1 26.1 Overview.....................................................................................................................................................26-2 26.2 Configuration Example of the Upstream Link Protection...........................................................................26-2 26.3 Configuring a Protection Group..................................................................................................................26-5

27 Device Subtending Configuration......................................................................................27-1 27.1 Overview.....................................................................................................................................................27-3 27.2 Configuration Example of a Subtended Network Through the ETHA Board............................................27-4 27.3 Configuring the Physical Attributes of an Ethernet Port.............................................................................27-6 27.3.1 Setting the Auto-negotiation Mode of an Ethernet Port.....................................................................27-6 27.3.2 Setting the Duplex Mode of an Ethernet Port....................................................................................27-7 27.3.3 Setting the Rate of an Ethernet Port...................................................................................................27-8 27.3.4 Setting the Network Cable Type of an Ethernet Port.........................................................................27-8 27.4 Enabling the Flow Control on an Ethernet Port..........................................................................................27-9 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xi

Contents

SmartAX MA5600T Multi-service Access Module

27.5 Enabling the Traffic Suppression..............................................................................................................27-10 27.6 Enabling the Ethernet Port Aggregation...................................................................................................27-13 27.7 Mirroring an Ethernet Port........................................................................................................................27-14 27.8 Adding an Ethernet Port to a VLAN.........................................................................................................27-14 27.9 Setting the Native VLAN for an Ethernet Port.........................................................................................27-15

28 VLAN Stacking Wholesale Service Configuration......................................................... 28-1 28.1 Overview.....................................................................................................................................................28-2 28.2 Configuration Example of VLAN Stacking Multi-ISP Wholesale Access ................................................28-2

29 QinQ VLAN Private Line Service Configuration............................................................29-1 29.1 Overview.....................................................................................................................................................29-2 29.2 Configuration Example of the QinQ VLAN...............................................................................................29-2 29.3 Configuration Example of the QinQ VLAN Private Line Service.............................................................29-5 29.4 Enabling the Transparent Transmission of BPDUs....................................................................................29-8

30 Multicast Service Configuration.........................................................................................30-1 30.1 Overview.....................................................................................................................................................30-3 30.2 Configuration Example of the IGMP Proxy Multicast Service..................................................................30-3 30.3 Configuration Example of the IGMP Snooping Multicast Service.............................................................30-8 30.4 Configuration Example of the IGMP Snooping Multicast Service ..........................................................30-11 30.5 Configuration Example of the Multicast Service in Subtending Mode....................................................30-16 30.6 Configuring the Multicast Service in MSTP Networking.........................................................................30-21 30.7 Configuration Example of the Multicast Service Through the PIM-SSM Protocol.................................30-28 30.8 Setting the IGMP Mode............................................................................................................................30-33 30.9 Configuring the IGMP Upstream Port......................................................................................................30-33 30.10 Setting the Multicast Mode of an Upstream Port....................................................................................30-35 30.11 Enabling the Multicast Routing Function...............................................................................................30-36 30.12 Specifying a Subtending Port..................................................................................................................30-36 30.13 Configuring a Program for a Static Subtending Port..............................................................................30-37 30.14 Configuring IGMP Global Parameters....................................................................................................30-38 30.14.1 Enabling the IGMP Proxy Authorization.......................................................................................30-39 30.14.2 Setting the Robustness Variable.....................................................................................................30-40 30.14.3 Setting the General Query Interval.................................................................................................30-41 30.14.4 Setting the Maximum Response Time to the General Query.........................................................30-42 30.14.5 Setting the Number of Specific Queries.........................................................................................30-44 30.14.6 Setting the Group-Specific Query Interval.....................................................................................30-45 30.14.7 Setting the Maximum Response Time to the Group-Specific Query.............................................30-46 30.14.8 Setting the TTL for a V2 Router....................................................................................................30-47 30.14.9 Setting the Preview Recognition Time...........................................................................................30-48 30.14.10 Enabling the User Action Report Function..................................................................................30-49 30.14.11 Set the Permitted Encapsulation Mode of IGMP Packets............................................................30-51 30.14.12 Enabling the IGMP Echo Function..............................................................................................30-51 30.15 Configuring the IGMP VLAN Parameters..............................................................................................30-52 xii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

30.15.1 Setting the IGMP Mode.................................................................................................................30-53 30.15.2 Configuring the IGMP Version......................................................................................................30-54 30.15.3 Configuring the Multicast Program................................................................................................30-55 30.15.4 Setting the Unsolicited Report Interval .........................................................................................30-58 30.15.5 Enabling the Proxy of the IGMP Leave Packet.............................................................................30-59 30.15.6 Enabling the Proxy of the IGMP Report Packet............................................................................30-60 30.15.7 Enabling the Function of Sending the Global-leave Packet...........................................................30-61 30.15.8 Setting the Priority of the IGMP Packet.........................................................................................30-62 30.15.9 Configuring the Multicast VLAN Member....................................................................................30-63 30.15.10 Enabling the Logging Function ...................................................................................................30-64 30.15.11 Setting the IP Address Range of the Multicast VLAN to Generate the Program Group Dynamically .....................................................................................................................................................................30-65 30.15.12 Enabling the Program Matching Mode of the Multicast VLAN .................................................30-66 30.15.13 Configuring the Virtual Upstream Port........................................................................................30-67 30.16 Configuring the PIM-SSM Protocol Parameters.....................................................................................30-69 30.16.1 Enabling the PIM-SSM Function...................................................................................................30-69 30.16.2 Setting the DR Priority of a PIM Router........................................................................................30-70 30.16.3 Setting the Interval for a PIM Router to Send Hello Messages.....................................................30-73 30.16.4 Setting the Holdtime for Receiving the Hello Messages...............................................................30-75 30.16.5 Setting the Longest Delay for Triggering the Transmission of the Hello Message.......................30-77 30.16.6 Setting the Specifications of the Join/Prune Messages..................................................................30-79 30.16.7 Setting the Interval for Sending the Join/Prune Messages.............................................................30-80 30.16.8 Setting the Delay for a PIM Router to Perform Pruning................................................................30-82 30.16.9 Setting the Interval for a PIM Router to Override Pruning............................................................30-84 30.16.10 Setting the Holdtime for a PIM Router to Maintain the Join Status of a Downstream Interface .....................................................................................................................................................................30-87 30.16.11 Setting the Range of the PIM-SSM Multicast Addresses............................................................30-89 30.17 Managing Multicast Bandwidth..............................................................................................................30-90 30.17.1 Enabling the Bandwidth Management Function............................................................................30-91 30.17.2 Setting the Program Bandwidth.....................................................................................................30-92 30.18 Configuring an Authority Profile............................................................................................................30-92 30.18.1 Modifying an Authority Profile......................................................................................................30-92 30.18.2 Renaming an Authority Profile......................................................................................................30-93 30.19 Configuring Multicast Users...................................................................................................................30-94 30.19.1 Adding a BTV User........................................................................................................................30-94 30.19.2 Modifying the Attributes of a User................................................................................................30-96 30.19.3 Blocking a BTV User.....................................................................................................................30-97 30.19.4 Binding a User with an Authority Profile......................................................................................30-98 30.19.5 Enabling the Switch of Monitoring the BTV User........................................................................30-99 30.20 Configuring the Preview Function........................................................................................................30-100 30.20.1 Configuring the Preview Profile .................................................................................................30-100 30.20.2 Enabling the Preview Function....................................................................................................30-101 30.20.3 Setting the Preview Auto Reset Time..........................................................................................30-102 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xiii

Contents

SmartAX MA5600T Multi-service Access Module 30.20.4 Clearing the Preview Records Manually......................................................................................30-103

30.21 Configuring the Logging Function........................................................................................................30-104 30.21.1 Enabling the Logging Function on the Multicast VLAN.............................................................30-105 30.21.2 Setting the Logging Interval.........................................................................................................30-106 30.21.3 Configuring the Log Reporting....................................................................................................30-107 30.21.4 Collecting the Log Statistics........................................................................................................30-108 30.22 Setting the Automatic CDR Reporting..................................................................................................30-108

31 Triple Play Service Configuration......................................................................................31-1 31.1 Overview.....................................................................................................................................................31-3 31.2 Configuration Example of Triple Play - Multiple PVCs for Multiple Services..........................................31-4 31.3 Configuration Example of Triple Play - .....................................................................................................31-9 31.4 Configuration Example of Triple Play - Based on 802.1p........................................................................31-14 31.5 Configuration Example of Triple Play - Based on the Service Encapsulation Type................................31-19 31.6 Configuration Example of Triple Play......................................................................................................31-24

32 ONT Management.................................................................................................................32-1 32.1 Overview.....................................................................................................................................................32-3 32.2 Configuration Example of the GPON ONT................................................................................................32-3 32.3 Configuring an GPON ONT Capability Set Profile....................................................................................32-7 32.4 Configuring the Attributes of a GPON ONT Port.....................................................................................32-11 32.5 Binding an ONT T-CONT with GEM Ports.............................................................................................32-12 32.6 Configuring the Mapping Between ONT Services and GEM Ports.........................................................32-13 32.7 Configuring a VLAN for a GPON ONT Port...........................................................................................32-14 32.8 Managing the IP Address of a GPON ONT..............................................................................................32-15

33 Ethernet OAM Configuration..............................................................................................33-1 33.1 Overview.....................................................................................................................................................33-3 33.2 Configuration Example of Ethernet OAM..................................................................................................33-3 33.3 Creating an MD...........................................................................................................................................33-6 33.4 Creating an MA...........................................................................................................................................33-7 33.5 Creating an MEP.........................................................................................................................................33-8 33.6 Creating an RMEP...................................................................................................................................... 33-9 33.7 Enabling the CFM Globally......................................................................................................................33-10 33.8 Enabling the CFM Alarm Globally...........................................................................................................33-11 33.9 Enabling the Administration Function of an MEP....................................................................................33-12 33.10 Enabling the CC Transmission of an MEP.............................................................................................33-13 33.11 Enabling the Global Detection Function of an RMEP............................................................................33-14 33.12 Enabling the RMEP Detection Function.................................................................................................33-15 33.13 Configuring Priorities for Transmitting CCMs/LTMs ...........................................................................33-16 33.14 Configuring the Interval for an MA to Transmit a CC...........................................................................33-17 33.15 Configuring the Base Address of Multicast Destination MAC Addresses of CCMs/LTMs..................33-18 33.16 Configuring the Loop Detection Function..............................................................................................33-19 33.17 Configuring the Link Trace Function......................................................................................................33-20 xiv

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Contents

34 Environment Monitoring Configuration ..........................................................................34-1 34.1 Overview.....................................................................................................................................................34-3 34.2 Configuration Example of the H801ESC....................................................................................................34-6 34.3 Configuration Example of FAN..................................................................................................................34-9 34.4 Adding an EMU........................................................................................................................................34-11 34.5 Configuring a POWER4845 EMU............................................................................................................34-12 34.6 Configuring the H801ESC Analog Parameters.........................................................................................34-15 34.7 Configuring H801ESC Digital Parameters...............................................................................................34-17 34.8 Configuring the FAN Alarm Report ........................................................................................................34-19 34.9 Setting the FAN Speed Adjustment Mode................................................................................................34-20 34.10 Configuring the FAN Speed Level..........................................................................................................34-21

35 Acronyms and Abbreviations..............................................................................................35-1

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xv

SmartAX MA5600T Multi-service Access Module

Figures

Figures Figure 1-1 Example network for configuring the MA5600T through the local serial port..................................1-3 Figure 1-2 Flowchart for configuring the MA5600T through the local serial port..............................................1-4 Figure 1-3 Setting parameters of the terminal......................................................................................................1-5 Figure 1-4 Setting the terminal emulation type....................................................................................................1-6 Figure 1-5 Setting ASCII Code............................................................................................................................1-7 Figure 1-6 Example network for configuring the MA5600T through the remote serial port..............................1-8 Figure 1-7 Flowchart for configuring the MA5600T through the remote serial port..........................................1-9 Figure 1-8 Setting the parameters of the HyperTerminal...................................................................................1-11 Figure 1-9 Example network for configuring the outband management in a LAN by Telnet...........................1-13 Figure 1-10 Example network for configuring the outband management in a WAN by Telnet........................1-14 Figure 1-11 Flowchart for configuring the outband management in a WAN by Telnet....................................1-15 Figure 1-12 Running the telnet application........................................................................................................1-16 Figure 1-13 Example network for maintenance through the GE port in a LAN................................................1-17 Figure 1-14 Example network for maintenance through the GE port in a WAN...............................................1-17 Figure 1-15 Flowchart for configuring the MA5600T through the inband management channel.....................1-18 Figure 1-16 Running the telnet application........................................................................................................1-19 Figure 1-17 Setting up the SSH configuration environment in the LAN outband mode...................................1-20 Figure 1-18 Setting up the SSH configuration environment in the WAN outband mode..................................1-21 Figure 1-19 Setting up the SSH configuration environment in the LAN inband mode.....................................1-22 Figure 1-20 Setting up the SSH configuration environment in the WAN inband mode....................................1-23 Figure 1-21 Flowchart for configuring in the SSH mode..................................................................................1-24 Figure 1-22 Interface of the key generator.........................................................................................................1-26 Figure 1-23 Generating the client key................................................................................................................1-27 Figure 1-24 Interface of converting the client public key into the RSA public key..........................................1-28 Figure 1-25 Interface of the SSH client software...............................................................................................1-29 Figure 1-26 Interface for connecting to the system............................................................................................1-30 Figure 1-27 Interface for logging in to the SSH client.......................................................................................1-30 Figure 2-1 Switching between the command modes............................................................................................2-4 Figure 3-1 Example network for configuring the outband NMS.........................................................................3-5 Figure 3-2 Flowchart for configuring the outband NMS.....................................................................................3-6 Figure 3-3 Example network for configuring the inband NMS...........................................................................3-7 Figure 3-4 Flowchart for configuring the inband NMS.......................................................................................3-9 Figure 4-1 Example network for configuring a log host......................................................................................4-2 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xvii

Figures

SmartAX MA5600T Multi-service Access Module

Figure 4-2 Flowchart for configuring a log host..................................................................................................4-3 Figure 7-1 Example network for configuring the remote user authentication ....................................................7-7 Figure 7-2 Flowchart for configuring the remote user authentication.................................................................7-9 Figure 7-3 Flowchart for configuring the SSH user public key.........................................................................7-38 Figure 8-1 Example network for configuring a MUX VLAN.............................................................................8-6 Figure 8-2 Flowchart for configuring a MUX VLAN.........................................................................................8-7 Figure 8-3 Example network for configuring a MUX VLAN.............................................................................8-8 Figure 8-4 Flowchart for configuring a MUX VLAN.........................................................................................8-9 Figure 9-1 MA5600T DHCP relay.......................................................................................................................9-4 Figure 9-2 Example network for configuring DHCP standard mode...................................................................9-5 Figure 9-3 Flowchart for configuring DHCP standard mode...............................................................................9-7 Figure 9-4 Example network for configuring DHCP option60 mode..................................................................9-8 Figure 9-5 Flowchart for configuring DHCP option60 mode............................................................................9-10 Figure 9-6 Example network for configuring MAC address segment mode.....................................................9-12 Figure 9-7 Flowchart for configuring MAC address segment mode.................................................................9-13 Figure 10-1 Example network for configuring the ARP proxy..........................................................................10-3 Figure 10-2 Flowchart for configuring the ARP proxy......................................................................................10-4 Figure 11-1 Example network for configuring the static route..........................................................................11-3 Figure 11-2 Flowchart for configuring the static route......................................................................................11-5 Figure 11-3 Example network for configuring RIP...........................................................................................11-6 Figure 11-4 Flowchart for configuring RIP.......................................................................................................11-8 Figure 11-5 Example network for configuring the routing policy...................................................................11-10 Figure 11-6 Flowchart for configuring the routing policy...............................................................................11-11 Figure 12-1 Example network for configuring OSPF........................................................................................12-2 Figure 12-2 Flowchart for configuring OSPF....................................................................................................12-4 Figure 13-1 IS-IS network topology..................................................................................................................13-2 Figure 13-2 Example network for configuring IS-IS.........................................................................................13-3 Figure 13-3 Flowchart for configuring IS-IS.....................................................................................................13-5 Figure 13-4 IS-IS network topology..................................................................................................................13-7 Figure 14-1 Example network for configuring the BGP....................................................................................14-2 Figure 14-2 Flowchart for configuring the BGP................................................................................................14-4 Figure 16-1 Example network for configuring the NTP broadcast mode..........................................................16-4 Figure 16-2 Flowchart for configuring the NTP broadcast mode......................................................................16-5 Figure 16-3 Example network for configuring the NTP multicast mode...........................................................16-7 Figure 16-4 Flowchart for configuring the NTP multicast mode.......................................................................16-8 Figure 16-5 Example network for configuring NTP server/client mode ........................................................16-10 Figure 16-6 Flowchart for configuring the NTP server/client mode................................................................16-11 Figure 16-7 Example network for configuring the NTP peer mode................................................................16-13 Figure 16-8 Flowchart for configuring the NTP peer mode.............................................................................16-15 Figure 16-9 Flowchart for configuring the NTP server/client mode with ID authentication...........................16-17 Figure 17-1 Example network for configuring the system clock.......................................................................17-3 Figure 17-2 Flowchart for configuring the system clock...................................................................................17-4 xviii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Figures

Figure 20-1 Flowchart for configuring a basic ACL..........................................................................................20-6 Figure 20-2 Flowchart for configuring an advanced ACL.................................................................................20-8 Figure 20-3 Flowchart for configuring an L2 ACL.........................................................................................20-10 Figure 20-4 Flowchart for configuring a user-defined ACL............................................................................20-12 Figure 20-5 First 64 bytes of an IP frame........................................................................................................20-19 Figure 21-1 Example network for configuring queue scheduling......................................................................21-4 Figure 21-2 Flowchart for configuring queue scheduling..................................................................................21-5 Figure 21-3 Example network for configuring the traffic management based on service streams....................21-7 Figure 21-4 Flowchart for configuring the traffic management based on service streams................................21-8 Figure 21-5 Example network for configuring the traffic management based on ACL rules..........................21-10 Figure 21-6 Flowchart for configuring the traffic management based on ACL rules......................................21-11 Figure 23-1 Flowchart for configuring the firewall function...........................................................................23-10 Figure 24-1 Example network for the fiber access service-single port for single service................................. 24-3 Figure 24-2 Flowchart for configuring the fiber access service-single port for single service..........................24-4 Figure 24-3 Example network for the fiber access service-single port for multi-service..................................24-5 Figure 24-4 Flowchart for configuring the fiber access service-single port for multi-service...........................24-7 Figure 25-1 Example network for configuring the GPON service.....................................................................25-5 Figure 25-2 Flowchart for configuring the GPON service.................................................................................25-6 Figure 26-1 Example network for configuring the upstream link protection.....................................................26-3 Figure 26-2 Flowchart for configuring the upstream link protection.................................................................26-4 Figure 27-1 Example network for configuring a subtended network through the ETH board.......................... 27-4 Figure 27-2 Flowchart for configuring a subtended network through the ETH board...................................... 27-5 Figure 28-1 Example network for configuring the VLAN stacking multi-ISP wholesale access......................28-3 Figure 28-2 Flowchart for configuring the VLAN stacking multi-ISP wholesale access..................................28-5 Figure 29-1 Example network for configuring the private line service............................................................. 29-3 Figure 29-2 Flowchart for configuring the private line service......................................................................... 29-4 Figure 29-3 Example network of the QinQ VLAN private line service............................................................ 29-6 Figure 29-4 Flowchart for configuring the private line service......................................................................... 29-7 Figure 30-1 Example network for configuring the IGMP proxy multicast service........................................... 30-4 Figure 30-2 Flowchart for configuring the IGMP proxy multicast service........................................................30-6 Figure 30-3 Example network for configuring the IGMP snooping multicast service......................................30-9 Figure 30-4 Flowchart for configuring the IGMP snooping multicast service................................................30-10 Figure 30-5 Example network for configuring the IGMP snooping multicast service....................................30-12 Figure 30-6 Flowchart for configuring the IGMP snooping multicast service................................................30-14 Figure 30-7 Example network for configuring the subtended multicast service..............................................30-17 Figure 30-8 Flowchart for configuring the multicast service in subtending mode (MA5600T_A).................30-19 Figure 30-9 Flowchart for configuring the multicast service in subtending mode (MA5600T_B).................30-19 Figure 30-10 Example network of the multicast service in MSTP networking...............................................30-22 Figure 30-11 Flowchart for configuring the multicast service in MSTP networking on MA5600T_A, MA5600T_B and MA5600T_C........................................................................................................................30-24 Figure 30-12 Flowchart for configuring the multicast service in MSTP networking on MA5600T_D..........30-25 Figure 30-13 Example network for configuring the multicast service through the PIM-SSM protocol..........30-29 Figure 30-14 Flowchart for configuring the multicast service through the PIM-SSM protocol......................30-31 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xix

Figures

SmartAX MA5600T Multi-service Access Module

Figure 31-1 Example network for configuring the triple play service - multiple PVCs for multiple services .............................................................................................................................................................................31-5 Figure 31-2 Flowchart for configuring the triple play service-multiple PVCs for multiple services................31-7 Figure 31-3 Example network for configuring the triple play service - single PVC for multiple services (based on the user-side VLAN).........................................................................................................................................31-10 Figure 31-4 Flowchart for configuring the triple play service - single PVC for multiple services (based on the userside VLAN).......................................................................................................................................................31-12 Figure 31-5 Example network for configuring the triple play service - single PVC for multiple services (based on 802.1p)...............................................................................................................................................................31-15 Figure 31-6 Flowchart for configuring the triple play service - single PVC for multiple services (based on 802.1p) ...........................................................................................................................................................................31-17 Figure 31-7 Example network for configuring the triple play service - single PVC for multiple services (based on service encapsulation type) ..............................................................................................................................31-20 Figure 31-8 Flowchart for configuring the triple play service - single PVC for multiple services (based on service encapsulation type) ...........................................................................................................................................31-22 Figure 31-9 Example network for configuring the triple play service.............................................................31-25 Figure 31-10 Flowchart for configuring the triple play service.......................................................................31-28 Figure 32-1 ONT management architecture.......................................................................................................32-3 Figure 32-2 Example network for configuring an ONT.....................................................................................32-4 Figure 32-3 Flowchart for configuring an ONT.................................................................................................32-5 Figure 33-1 Example network for configuring Ethernet OAM..........................................................................33-4 Figure 33-2 Flowchart for configuring Ethernet OAM......................................................................................33-5 Figure 34-1 Connection between the H801ESC and the shelf...........................................................................34-4 Figure 34-2 Connection between the POWER4845 and the shelf.....................................................................34-6 Figure 34-3 Flowchart for configuring the H801ESC........................................................................................34-8 Figure 34-4 Flowchart for configuring a FAN.................................................................................................34-10

xx

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Tables Table 1-1 Features of the maintenance modes.....................................................................................................1-2 Table 1-2 Data plan for configuring the outband management in a LAN by Telnet..........................................1-13 Table 1-3 Data plan for configuring the outband management in a WAN by Telnet........................................1-14 Table 1-4 Data plan for the network...................................................................................................................1-17 Table 1-5 Data plan for the network...................................................................................................................1-18 Table 1-6 Data plan for the network...................................................................................................................1-21 Table 1-7 Data plan for the network...................................................................................................................1-21 Table 1-8 Data plan for the network...................................................................................................................1-22 Table 1-9 Data plan for the network ..................................................................................................................1-23 Table 2-1 Features of the interface config modes................................................................................................2-4 Table 2-2 Edit functions.......................................................................................................................................2-6 Table 2-3 Meaning of the CLI characters supported by the MA5600T...............................................................2-8 Table 2-4 Options for viewing the information displayed on multiple screens...................................................2-9 Table 2-5 Common CLI error prompts...............................................................................................................2-10 Table 2-6 Related operation for obtaining the online help information.............................................................2-13 Table 2-7 Related operation for enabling or disabling the interactive command execution mode....................2-14 Table 2-8 Related operation for enabling or disabling the CLI trap reporting...................................................2-15 Table 2-9 Related operation for switching the terminal language......................................................................2-16 Table 2-10 Related operation for setting the timeout exit time..........................................................................2-18 Table 2-11 Related operation for locking the terminal.......................................................................................2-19 Table 3-1 Data plan for configuring the outband NMS........................................................................................3-5 Table 3-2 Data plan for configuring the inband NMS..........................................................................................3-8 Table 3-3 Related operation for setting the SNMP version................................................................................3-12 Table 3-4 Related operation for adding a community and setting its read/write authorities..............................3-12 Table 3-5 Related operation for enabling the traps sending...............................................................................3-13 Table 3-6 Related operation for setting the IP address of a destination host for receiving traps.......................3-14 Table 3-7 Related operation for setting the source interface for sending traps..................................................3-15 Table 3-8 Related operation for setting the system contact information............................................................3-15 Table 3-9 Related operation for setting the system location information.......................................................... 3-16 Table 3-10 Related operation for configuring an SNMP V3 user......................................................................3-17 Table 3-11 Related operation for configuring an SNMP V3 group...................................................................3-18 Table 3-12 Related operation for configuring an SNMP MIB view..................................................................3-19 Table 3-13 Related operations for configuring the local SNMP engine ID.......................................................3-20 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxi

Tables

SmartAX MA5600T Multi-service Access Module Table 3-14 Related operations for enabling the timely handshake function between the MA5600T and the N2000 .............................................................................................................................................................................3-21 Table 3-15 Related operation for setting the handshake interval.......................................................................3-22 Table 3-16 Related operation for configuring the IP address of the outband NMS interface............................3-23 Table 3-17 Related operation for configuring an NMS route.............................................................................3-24 Table 3-18 Related operation for configuring the IP address of the inband NMS interface..............................3-25 Table 4-1 Data plan for configuring a log host....................................................................................................4-3 Table 4-2 Related operations for configuring a log host......................................................................................4-5 Table 4-3 Related operations for deleting a log host............................................................................................4-6 Table 4-4 Related operations for deactivating a log host.....................................................................................4-6 Table 5-1 User authorities....................................................................................................................................5-2 Table 5-2 Parameters of a user profile..................................................................................................................5-3 Table 5-3 Related operations for adding a user profile........................................................................................5-5 Table 5-4 User attributes......................................................................................................................................5-5 Table 5-5 Related operations for adding a user....................................................................................................5-7 Table 5-6 Related operations for modifying the profile bound with a user..........................................................5-8 Table 5-7 Related operations for modifying the user login mode........................................................................5-9 Table 5-8 Related operations for modifying a user level...................................................................................5-10 Table 5-9 Related operations for changing a user password..............................................................................5-11 Table 5-10 Related operations for modifying the permitted number of reenters...............................................5-12 Table 5-11 Related operations for modifying the appended information...........................................................5-13 Table 5-12 Related operation for disconnection an online user.........................................................................5-14 Table 5-13 Related operations for deleting a user..............................................................................................5-15 Table 6-1 Service board status..............................................................................................................................6-2 Table 6-2 Related operation for setting the description of a shelf........................................................................6-3 Table 6-3 Related operations for resetting the control boards..............................................................................6-4 Table 6-4 Related operation for adding a service board offline...........................................................................6-6 Table 6-5 Related operation for confirming a service board................................................................................6-6 Table 6-6 Related operation for deleting a service board.....................................................................................6-7 Table 6-7 Related operation for prohibiting a service board................................................................................6-8 Table 7-1 Data plan for configuring the remote user authentication ...................................................................7-7 Table 7-2 Related operation for creating a RADIUS server template................................................................7-12 Table 7-3 Related operation for setting the IP address and port number of a RADIUS server..........................7-14 Table 7-4 Related operation for setting the response timeout interval of a RADIUS server.............................7-15 Table 7-5 Related operation for setting the maximum number of transmissions for the RADIUS request packets .............................................................................................................................................................................7-17 Table 7-6 Related operations for configuring an 802.1x template ....................................................................7-20 Table 7-7 Related operations for enabling the 802.1x authentication on a port. ...............................................7-22 Table 7-8 Related operations for configuring the control mode of a port..........................................................7-23 Table 7-9 Related operations for enabling the 802.1x authentication globally .................................................7-24 Table 7-10 Related operations for enabling the DHCP-triggered 802.1x authentication...................................7-25 Table 7-11 Related operations for configuring an authentication scheme.........................................................7-27 Table 7-12 Related operations for configuring an accounting scheme..............................................................7-28

xxii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Table 7-13 Related operations for configuring an accounting mode.................................................................7-29 Table 7-14 Related operations for configuring the interval for the real-time accounting. ................................7-30 Table 7-15 Related operations for creating a domain.........................................................................................7-31 Table 7-16 Related operation for binding the RADIUS server template...........................................................7-33 Table 7-17 Related operations for specifying the authentication scheme..........................................................7-34 Table 7-18 Related operations for specifying an accounting scheme................................................................7-35 Table 7-19 Related operation for referencing an 802.1x template.....................................................................7-36 Table 7-20 Related operation for creating a local RSA key pair........................................................................7-37 Table 7-21 Related operations for configuring an SSH user..............................................................................7-40 Table 8-1 VLAN types and applications..............................................................................................................8-3 Table 8-2 VLAN attributes...................................................................................................................................8-5 Table 8-3 Data plan for configuring a MUX VLAN............................................................................................8-6 Table 8-4 Data plan for configuring a MUX VLAN............................................................................................8-8 Table 8-5 Related operations for creating a VLAN............................................................................................8-12 Table 8-6 Related operation for configuring the VLAN attribute......................................................................8-13 Table 8-7 Related operation for adding an upstream port to a VLAN...............................................................8-15 Table 8-8 Related operations for adding a service port to a VLAN...................................................................8-17 Table 8-9 Related operations for adding service ports in batches......................................................................8-18 Table 8-10 Related operation for configuring the description of a service port.................................................8-19 Table 9-1 Data plan for configuring DHCP standard mode.................................................................................9-5 Table 9-2 Data plan for configuring DHCP option60 mode................................................................................9-9 Table 9-3 Data plan for configuring MAC address segment mode....................................................................9-12 Table 9-4 Related operation for enabling the DHCP proxy function.................................................................9-15 Table 9-5 Related operation for creating a DHCP server group........................................................................9-16 Table 9-6 Related operations for setting the working mode of a DHCP server.................................................9-17 Table 9-7 Related operations for binding a DHCP server group with a VLAN interface..................................9-19 Table 9-8 Related operation for creating a DHCP option60 domain.................................................................9-20 Table 9-9 Related operations for binding a DHCP server group with a DHCP option60 domain.....................9-21 Table 9-10 Related operation for configuring the gateway of a DHCP option60 domain.................................9-22 Table 9-11 Related operation for creating a DHCP MAC address segment......................................................9-23 Table 9-12 Related operation for setting the range of a DHCP MAC address segment....................................9-24 Table 9-13 Related operation for binding a DHCP server group with a DHCP MAC address segment...........9-25 Table 9-14 Related operations for configuring the gateway of a DHCP MAC address segment......................9-26 Table 9-15 Related operation for setting the DHCP proxy lease-time...............................................................9-27 Table 10-1 Data plan for configuring the ARP proxy........................................................................................10-3 Table 10-2 Related operations for adding a static ARP entry............................................................................10-6 Table 10-3 Data plan of the ARP proxy.............................................................................................................10-7 Table 10-4 Related operation for enabling the ARP proxy................................................................................10-8 Table 11-1 Data plan for configuring the static route on the user side...............................................................11-4 Table 11-2 Data plan for configuring RIP..........................................................................................................11-7 Table 11-3 Data plan for configuring the routing policy..................................................................................11-10 Table 11-4 Related operation for adding a static route.....................................................................................11-13 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxiii

Tables

SmartAX MA5600T Multi-service Access Module Table 11-5 Related operation for enabling the RIP process.............................................................................11-15 Table 11-6 Related operation for setting the RIP version................................................................................11-16 Table 11-7 Related operations for enabling an interface to receive and transmit RIP packets........................11-17 Table 11-8 Related operation for setting the cost of the default route............................................................. 11-18 Table 11-9 Related operation for specifying the default routing metric.......................................................... 11-19 Table 11-10 Related operations for setting the additional metric of a route....................................................11-20 Table 11-11 Related operation for enabling the route summarization.............................................................11-21 Table 11-12 Related operation for configuring a summary route IP address...................................................11-22 Table 11-13 Related operation for disabling receiving host routes..................................................................11-23 Table 11-14 Related operation for configuring the RIP preference.................................................................11-24 Table 11-15 Related operation for importing the routes of other protocols.....................................................11-25 Table 11-16 Related operation for configuring the route filtering policy........................................................11-26 Table 11-17 Related operation for verifying the source IP address of a RIP route update..............................11-27 Table 11-18 Related operation for configuring the RIP timer..........................................................................11-28 Table 11-19 Related operation for configuring the zero field check for RIP-1 packets...................................11-29 Table 11-20 Related operation for configuring the RIP-2 authentication mode..............................................11-30 Table 11-21 Related operation for enabling the split horizon function............................................................11-31 Table 11-22 Related operation for enabling the poison reverse function.........................................................11-32 Table 11-23 Parameters for defining a routing policy......................................................................................11-33 Table 11-24 Related operation for configuring a routing policy......................................................................11-33 Table 11-25 Related operation for defining the route policy matching rule.................................................... 11-34 Table 11-26 Related operation for modifying the attributes of the filtered route............................................ 11-35 Table 12-1 Data plan for configuring OSPF......................................................................................................12-3 Table 12-2 Related operation for enabling the OSPF process............................................................................12-7 Table 12-3 Related operation for setting an OSPF router ID.............................................................................12-9 Table 12-4 Related operation for prohibiting an interface from transmitting OSPF packets...........................12-10 Table 12-5 Related operation for entering OSPF area config mode................................................................ 12-11 Table 12-6 Related operation for configuring the subnets for an area.............................................................12-11 Table 12-7 Related operations for configuring a Stub area..............................................................................12-12 Table 12-8 Related operation for configuring an NBMA adjacent router........................................................12-13 Table 12-9 Related operation for enabling the OSPF logging function...........................................................12-13 Table 12-10 Description of the network types................................................................................................. 12-14 Table 12-11 Related operation for configuring the network type on an OSPF interface.................................12-14 Table 12-12 Related operation for configuring the MTU of the DD packet....................................................12-15 Table 12-13 Related operation for setting the OSPF preference......................................................................12-17 Table 12-14 Related operation for configuring the maximum OSPF route count........................................... 12-17 Table 12-15 Related operation for configuring the OSPF packet authentication.............................................12-18 Table 12-16 Related operation for configuring the OSPF cost........................................................................12-19 Table 12-17 Related operation for configuring the route summarization between areas.................................12-20 Table 12-18 Related operation for configuring the aggregation of routes imported by OSPF........................ 12-20 Table 12-19 Related operation for importing routes from other protocols into OSPF.....................................12-21 Table 12-20 Related operations for setting parameters for OSPF to import external routes........................... 12-22

xxiv

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Table 12-21 Related operation for setting the interval for sending Hello packets...........................................12-24 Table 12-22 Related operation for setting the dead time between adjacent routers.........................................12-24 Table 12-23 Related operation for setting the Hello packet poll interval.........................................................12-25 Table 12-24 Related operation for setting the LSA transmit delay..................................................................12-26 Table 12-25 Related operation for setting LSA retransmit interval between adjacent routers........................12-27 Table 12-26 Related operation for setting the SPF calculation interval for OSPF...........................................12-27 Table 13-1 Data plan for configuring IS-IS........................................................................................................13-3 Table 13-2 Related operation for enabling the IS-IS process.............................................................................13-7 Table 13-3 Related operation for configuring an NET.......................................................................................13-9 Table 13-4 Related operation for configuring the router level.........................................................................13-10 Table 13-5 Related operations for enabling the IS-IS function on an interface...............................................13-11 Table 13-6 Related operations for configuring the IS-IS priority....................................................................13-13 Table 13-7 Relationship between the interface cost and the bandwidth..........................................................13-14 Table 13-8 Related operations for configuring the IS-IS interface cost...........................................................13-15 Table 13-9 Related operations for configuring the IS-IS route aggregation....................................................13-16 Table 13-10 Related operations for configuring the IS-IS to generate default routes......................................13-17 Table 13-11 Related operations for filtering the received or advertised routing information..........................13-18 Table 13-12 Related operations for configuring the suppression function.......................................................13-19 Table 13-13 Related operations for configuring the IS-IS to import external routes.......................................13-20 Table 13-14 Related operations for configuring the IS-IS route leaking.........................................................13-21 Table 13-15 Related operation for configuring the network type of an IS-IS interface...................................13-22 Table 13-16 Related operations for configuring the IS-IS interface level........................................................13-23 Table 13-17 Related operations for configuring the DIS priority of an IS-IS interface...................................13-24 Table 13-18 Related operations for configuring the IS-IS for not checking the IP addresses of the received Hello packets...............................................................................................................................................................13-25 Table 13-19 Related operations for configuring the IS-IS packet timer..........................................................13-27 Table 13-20 Related operations for configuring the LSP parameters..............................................................13-29 Table 13-21 Related operation for configuring the LSP fast flooding.............................................................13-30 Table 13-22 Related operations for configuring the SPF parameters...............................................................13-31 Table 13-23 Related operations for configuring host name mapping..............................................................13-32 Table 13-24 Related operations for configuring the IS-IS authentication........................................................13-34 Table 13-25 Related operation for configuring the LSDB overload flag bit....................................................13-35 Table 13-26 Related operation for enabling the output of the adjacency state................................................13-36 Table 14-1 Data plan for configuring the BGP..................................................................................................14-3 Table 14-2 Related operation for configuring the BGP basic description..........................................................14-7 Table 14-3 Related operations for advertising the BGP local routes.................................................................14-8 Table 14-4 Related operation for configuring the local interface used for a BGP connection........................14-10 Table 14-5 Related operation for configuring the maximum number of hops in an EBGP connection..........14-11 Table 14-6 Related operation for configuring the Next_Hop attribute............................................................14-14 Table 14-7 Related operation for configuring the AS_Path attribute...............................................................14-15 Table 14-8 Related operations for configuring the BGP to import routes.......................................................14-16 Table 14-9 Related operation for filtering the routes imported by BGP..........................................................14-17 Table 14-10 Related operations for configuring the BGP route aggregation...................................................14-18 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxv

Tables

SmartAX MA5600T Multi-service Access Module Table 14-11 Related operations for configuring the MA5600T to advertise the default routes to its peer......14-19 Table 14-12 Related operations for configuring the BGP access list...............................................................14-20 Table 14-13 Parameters for configuring a routing policy................................................................................ 14-21 Table 14-14 Related operations for configuring a routing policy.................................................................... 14-21 Table 14-15 Related operations for configuring the policy for advertising the BGP routing information......14-24 Table 14-16 Related operations for configuring the policy for receiving the BGP routing information.........14-26 Table 14-17 Related operations for configuring the BGP timer...................................................................... 14-28 Table 14-18 Related operations for configuring the interval for sending the update messages.......................14-29 Table 14-19 Related operations for configuring the BGP soft reset................................................................ 14-30 Table 14-20 Related operation for enabling the quick reset function of the EBGP connection...................... 14-31 Table 14-21 Related operation for configuring the MD5 authentication.........................................................14-32 Table 14-22 Related operation for configuring the maximum number of equal-cost routes........................... 14-33 Table 14-23 Related operations for configuring the split horizon function among the EBGP neighbors........14-34 Table 15-1 Related operations for enabling the MSTP function........................................................................15-4 Table 15-2 Related operation for setting the working mode of MSTP..............................................................15-6 Table 15-3 Related operation for setting the MD5-Key for the MD5 encryption algorithm configured on the MST region...................................................................................................................................................................15-8 Table 15-4 Related operations for configuring the MST region name...............................................................15-9 Table 15-5 Related operations for mapping the specified VLAN to the specified MSTP instance.................15-10 Table 15-6 Related operations for mapping all VLANs to the MSTP instances............................................. 15-11 Table 15-7 Related operations for setting the MSTP revision level of the device...........................................15-13 Table 15-8 Related operation for activating the configuration of the MST region..........................................15-14 Table 15-9 Related operation for specifying the device as a root bridge or a backup root bridge...................15-15 Table 15-10 Related operations for setting the priority of the device in the specified spanning tree instance ...........................................................................................................................................................................15-17 Table 15-11 Related operation for setting the maximum number of hops of the MST region........................ 15-18 Table 15-12 Related operation for setting the diameter of the switching fabric..............................................15-19 Table 15-13 Related operation for setting the calculation standard for the path cost...................................... 15-20 Table 15-14 Related operations for setting the Forward Delay of the specified network bridge.....................15-22 Table 15-15 Related operations for setting the Hello Time of the specified network bridge.......................... 15-23 Table 15-16 Related operations for setting the Max Age of the specified network bridge..............................15-25 Table 15-17 Related operation for setting the timeout time factor of the specified network bridge................15-26 Table 15-18 Related operation for setting the maximum transmission rate of the specified port....................15-27 Table 15-19 Related operation for setting the specified port as an edge port.................................................. 15-29 Table 15-20 Related operation for setting the path cost of a specified port.....................................................15-30 Table 15-21 Related operation for setting the priority of the specified port....................................................15-31 Table 15-22 Related operation for setting the point-to-point link connection of the specified port................15-32 Table 15-23 Related operation for enabling the BPDU protection function of the device.............................. 15-34 Table 15-24 Related operations for enabling the loop protection function of the device................................ 15-35 Table 15-25 Related operations for enabling the root protection function of the device.................................15-37 Table 16-1 Data plan for configuring the NTP broadcast mode........................................................................16-4 Table 16-2 Data plan for configuring the NTP multicast mode.........................................................................16-7 Table 16-3 Data plan for configuring NTP server/client mode........................................................................16-11

xxvi

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Table 16-4 Data plan for configuring the NTP peer mode...............................................................................16-14 Table 16-5 Related operations for configuring the NTP ID authentication.....................................................16-18 Table 16-6 Related operation for configuring the NTP master clock..............................................................16-20 Table 16-7 Related operations for configuring the NTP broadcast server mode.............................................16-21 Table 16-8 Related operations for configuring the NTP broadcast client mode..............................................16-22 Table 16-9 Related operations for configuring the NTP multicast mode.........................................................16-23 Table 16-10 Related operations for configuring the NTP server/client mode..................................................16-24 Table 16-11 Related operation for configuring the NTP peer mode................................................................16-25 Table 16-12 Related operations for configuring the authority of access to an NTP service of a local device ...........................................................................................................................................................................16-27 Table 16-13 Related operations for configuring an interface for transmitting or receiving NTP packets.......16-28 Table 17-1 Clock synchronization description...................................................................................................17-2 Table 17-2 Data plan for configuring the system clock.....................................................................................17-4 Table 17-3 Related operations for configuring the system clock.......................................................................17-6 Table 17-4 Related operations for setting the priority of a clock source............................................................17-7 Table 18-1 Related operation for adding a static MAC address.........................................................................18-3 Table 18-2 Related operation for configuring the MAC address filtering.........................................................18-7 Table 19-1 Related operation for configuring the synwait timer.......................................................................19-3 Table 19-2 Related operation for configuring the finwait timer.........................................................................19-4 Table 19-3 Related operation for configuring the socket buffer........................................................................19-4 Table 19-4 Related operations for enabling the IP packets debugging..............................................................19-5 Table 19-5 Related operations for enabling the IP packets debugging..............................................................19-6 Table 20-1 ACL types........................................................................................................................................20-3 Table 20-2 Data plan for configuring the basic ACL.........................................................................................20-6 Table 20-3 Data plan for configuring the advanced ACL..................................................................................20-7 Table 20-4 Data plan for configuring the L2 ACL.............................................................................................20-9 Table 20-5 Data plan for configuring the user-defined ACL...........................................................................20-11 Table 20-6 ACL number range.........................................................................................................................20-13 Table 20-7 Related operations for creating an ACL.........................................................................................20-13 Table 20-8 Related operation for setting the step.............................................................................................20-15 Table 20-9 Related operation for creating a basic ACL rule............................................................................20-16 Table 20-10 Related operation for creating an advanced ACL rule.................................................................20-17 Table 20-11 Related operation for creating an L2 ACL rule............................................................................20-18 Table 20-12 Description of letters and their offset values................................................................................20-19 Table 20-13 Related operation for creating a used defined ACL rule..............................................................20-20 Table 20-14 Related operation for activating the ACL of a port......................................................................20-21 Table 21-1 Data plan for configuring queue scheduling....................................................................................21-4 Table 21-2 Data plan for configuring the traffic management based on service streams..................................21-7 Table 21-3 Data plan for configuring the traffic management based on ACL rules........................................21-10 Table 21-4 Traffic parameters defined in the IP traffic profile........................................................................21-12 Table 21-5 Related operations for configuring the traffic entry ......................................................................21-14 Table 21-6 Relations between the service type, traffic description, and traffic parameters. ...........................21-14 Table 21-7 Application scenario of the ATM services ....................................................................................21-15 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxvii

Tables

SmartAX MA5600T Multi-service Access Module Table 21-8 Related operation for configuring the traffic entry .......................................................................21-17 Table 21-9 Mapping between the queue weight and the actual queue.............................................................21-19 Table 21-10 Related operations for configuring the queue scheduling mode..................................................21-20 Table 21-11 Mapping between the 802.1p priority and queue.........................................................................21-21 Table 21-12 Related operations for mapping the 802.1p priority to the queue of a service board..................21-22 Table 21-13 Default buffer size........................................................................................................................21-22 Table 21-14 Related operations for configuring the queue buffer of a service board .....................................21-23 Table 21-15 Related operation for enabling traffic limit of packets matching an ACL on a specified port ...........................................................................................................................................................................21-25 Table 21-16 Related operation for adding a priority tag to packets matching an ACL on a specified port ...........................................................................................................................................................................21-26 Table 21-17 Related operations for enabling the traffic statistics for packets matching an ACL on a port ...........................................................................................................................................................................21-27 Table 21-18 Related operation for enabling the traffic mirroring of packets matching an ACL rule on a specified port....................................................................................................................................................................21-28 Table 21-19 Related operation for redirecting traffic matching an ACL on a port..........................................21-29 Table 21-20 Related operation for enabling the line rate limit on an upstream port........................................21-30 Table 22-1 Related operation for setting the Ethernet encapsulation type.........................................................22-6 Table 22-2 Related operations for enabling the DHCP option82.......................................................................22-7 Table 22-3 Related operation for binding the IP address...................................................................................22-9 Table 22-4 Related operations for enabling the anti MAC spoofing function.................................................22-11 Table 22-5 Related operations for enabling the anti MAC spoofing function.................................................22-12 Table 23-1 Related operations for enabling the anti DoS attack........................................................................23-4 Table 23-2 Related operation for enabling the anti IP attack function...............................................................23-4 Table 23-3 Related operation for enabling the anti ICMP attack function.........................................................23-5 Table 23-4 Related operation for enabling the function of source route filtering..............................................23-6 Table 23-5 Related operation for configuring the MAC address filtering.........................................................23-7 Table 23-6 Related operations for configuring the firewall black list function.................................................23-9 Table 23-7 Related operation for configuring the firewall function.................................................................23-11 Table 23-8 Related operations for configuring an accessible address segment...............................................23-11 Table 23-9 Related operations for configuring the inaccessible address segment...........................................23-12 Table 24-1 Data plan for configuring the fiber access service-single port for single service............................24-3 Table 24-2 Data plan for configuring the fiber access service-single port for multi-service.............................24-6 Table 25-1 Configurations of the GPON service in different application scenarios..........................................25-4 Table 25-2 Data plan for configuring the GPON service...................................................................................25-6 Table 25-3 Related operations for adding a DBA profile...................................................................................25-9 Table 25-4 Related operation for binding a DBA profile.................................................................................25-11 Table 25-5 Related operations for adding an alarm profile..............................................................................25-12 Table 25-6 Related operations for adding a GEM port....................................................................................25-14 Table 25-7 Related operations for adding a GPON ONT................................................................................25-17 Table 25-8 Related operation for activating a GPON ONT.............................................................................25-18 Table 25-9 Related operations for enabling the ONT auto-find function of a GPON port..............................25-19 Table 25-10 Related operations for setting the aging time of the ONT auto-find function.............................25-20

xxviii

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Table 25-11 Related operations for confirming an automatically found ONT................................................25-21 Table 26-1 Data plan for configuring the upstream link protection...................................................................26-4 Table 26-2 Related operations for configuring the protection group.................................................................26-6 Table 27-1 Ethernet ports of the MA5600T.......................................................................................................27-3 Table 27-2 Related operation for enabling the flow control of an Ethernet port............................................. 27-10 Table 27-3 Related operations for enabling traffic suppression.......................................................................27-12 Table 27-4 Related operation for enabling the Ethernet port aggregation....................................................... 27-13 Table 27-5 Related operation for mirroring an Ethernet port...........................................................................27-14 Table 27-6 Related operation for adding an Ethernet Port to a VLAN............................................................27-15 Table 28-1 Data plan for configuring the VLAN stacking multi-ISP wholesale access....................................28-4 Table 29-1 Data plan for configuring the private line service............................................................................29-3 Table 29-2 Data plan for the QinQ VLAN private line service.........................................................................29-6 Table 29-3 Related operation for enabling the transparent transmission of BPDUs..........................................29-9 Table 30-1 Data plan for configuring the IGMP proxy multicast service..........................................................30-5 Table 30-2 Data plan for configuring the IGMP snooping multicast service.....................................................30-9 Table 30-3 Data plan for configuring the IGMP snooping multicast service...................................................30-13 Table 30-4 Data plan for configuring the subtended multicast service............................................................30-17 Table 30-5 Data plan for the example network of the multicast service in MSTP networking.......................30-23 Table 30-6 Data plan for configuring the multicast service through the PIM-SSM protocol..........................30-30 Table 30-7 Related operation for configuring the IGMP upstream port..........................................................30-34 Table 30-8 Related operations for setting the multicast mode of the upstream port........................................30-35 Table 30-9 Related operations for enabling the multicast routing function.....................................................30-36 Table 30-10 Related operations for configuring a subtending port..................................................................30-37 Table 30-11 Related operation for configuring a program for a static subtending port...................................30-38 Table 30-12 Related operation for enabling the IGMP proxy authorization....................................................30-40 Table 30-13 Related operation for setting the robustness variable...................................................................30-41 Table 30-14 Related operation for setting the general query interval..............................................................30-42 Table 30-15 Related operation for setting the maximum response time to the general query.........................30-44 Table 30-16 Related operation for setting the number of specific queries.......................................................30-45 Table 30-17 Related operation for setting the group-specific query interval...................................................30-46 Table 30-18 Related operation for setting the maximum response time for the group-specific query............30-47 Table 30-19 Related operations for setting the TTL for a V2 router................................................................30-48 Table 30-20 Related operation for setting the preview recognition time.........................................................30-49 Table 30-21 Related operation for enabling the user action report function....................................................30-50 Table 30-22 Related operation for configuring the IGMP mode..................................................................... 30-54 Table 30-23 Related operation for configuring the IGMP version...................................................................30-55 Table 30-24 Related operations for configuring the multicast program...........................................................30-57 Table 30-25 Related operations for setting the unsolicited report interval...................................................... 30-59 Table 30-26 Related operations for Enabling the proxy of the IGMP leave packet.........................................30-60 Table 30-27 Related operations for enabling the proxy of the IGMP report packet........................................30-61 Table 30-28 Related operations for enabling the function of sending the global-leave packet....................... 30-62 Table 30-29 Related operation for setting the priority of the IGMP packet.....................................................30-63 Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxix

Tables

SmartAX MA5600T Multi-service Access Module Table 30-30 Related operations for configuring the multicast VLAN member...............................................30-64 Table 30-31 Related operation for enabling the logging function....................................................................30-65 Table 30-32 Related operations for setting the IP address range of the multicast VLAN to generate the program group dynamically.............................................................................................................................................30-66 Table 30-33 Related operation for enabling the program matching mode of the multicast VLAN.................30-67 Table 30-34 Related operations for configuring the virtual upstream port......................................................30-68 Table 30-35 Related operation for enabling the PIM-SSM function...............................................................30-70 Table 30-36 Related operations for setting the DR priority of a PIM router...................................................30-72 Table 30-37 Related operations for setting the interval for a PIM router to send Hello messages..................30-75 Table 30-38 Related operations for setting the holdtime for receiving the Hello messages............................30-77 Table 30-39 Related operation for setting the longest delay for triggering the transmission of the Hello message ...........................................................................................................................................................................30-78 Table 30-40 Related operations for setting the specifications of the Join/Prune messages.............................30-80 Table 30-41 Related operations for setting the interval for sending the Join/Prune messages........................30-82 Table 30-42 Related operations for setting the delay for a PIM router to perform pruning.............................30-84 Table 30-43 Related operations for setting the delay for a PIM router to override pruning............................30-87 Table 30-44 Related operations for setting the holdtime for a PIM router to maintain the join status of a downstream interface.............................................................................................................................................................30-89 Table 30-45 Related operation for setting the range of the PIM-SSM multicast addresses.............................30-90 Table 30-46 Related operation for enabling the bandwidth management function..........................................30-92 Table 30-47 Related operation for modifying an authority profile..................................................................30-93 Table 30-48 Related operations for adding a BTV user...................................................................................30-95 Table 30-49 Related operations for modifying the attributes of a user............................................................30-97 Table 30-50 Related operation for blocking a BTV user.................................................................................30-98 Table 30-51 Related operation for binding a user with an authority profile....................................................30-99 Table 30-52 Related operation for enabling the switch of monitoring BTV users........................................30-100 Table 30-53 Related operation for configuring the preview profile...............................................................30-101 Table 30-54 Related operation for enabling the preview function.................................................................30-102 Table 30-55 Related operations for setting the preview auto reset time........................................................30-103 Table 30-56 Related operation for resetting the preview record....................................................................30-104 Table 30-57 Related operations for enabling the logging function on the multicast VLAN.........................30-106 Table 30-58 Related operation for setting the logging interval......................................................................30-107 Table 30-59 Related operations for configuring the log reporting.................................................................30-107 Table 30-60 Related operations for setting the automatic CDR reporting.....................................................30-110 Table 31-1 Modes to provide the triple play service..........................................................................................31-3 Table 31-2 Data plan for configuring the triple play service..............................................................................31-5 Table 31-3 Data plan for configuring the triple play service - single PVC for multiple services (based on the userside VLAN).......................................................................................................................................................31-10 Table 31-4 Data plan for configuring the triple play service - single PVC for multiple services (based on 802.1p) ...........................................................................................................................................................................31-15 Table 31-5 Data plan for configuring the triple play service - single PVC for multiple services (based on service encapsulation type) ...........................................................................................................................................31-20 Table 31-6 Data plan for configuring the triple play service............................................................................31-25 Table 32-1 Data plan for configuring an ONT...................................................................................................32-4

xxx

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Tables

Table 32-2 Attributes of an ONT capability set profile......................................................................................32-8 Table 32-3 Related operations for configuring an ONT capability set profile.................................................32-11 Table 32-4 Related operations for binding an ONT T-CONT with GEM ports.............................................. 32-13 Table 32-5 Related operations for configuring the mapping between ONT services and GEM ports ............32-14 Table 32-6 Related operation for configuring a VLAN on a GPON ONT port...............................................32-15 Table 33-1 Data plan for configuring Ethernet OAM........................................................................................33-4 Table 33-2 Related operation for creating an MD..............................................................................................33-7 Table 33-3 Related operations for creating an MA............................................................................................33-8 Table 33-4 Related operation for creating an MEP............................................................................................33-9 Table 33-5 Related operation for creating an RMEP.......................................................................................33-10 Table 33-6 Related operation for enabling the CFM globally..........................................................................33-11 Table 33-7 Related operation for enabling CFM alarm globally..................................................................... 33-12 Table 33-8 Related operation for enabling the administration function of an MEP........................................ 33-13 Table 33-9 Related operation for enabling the CC transmission of an MEP...................................................33-14 Table 33-10 Related operation for enabling the global detection function of an RMEP.................................33-15 Table 33-11 Related operation for enabling the detection function of the RMEP...........................................33-16 Table 33-12 Related operation for configuring the priorities for transmitting CCMs/LTMs of an MEP........33-17 Table 33-13 Related operation for configuring the interval for an MA to transmit a CC................................33-18 Table 33-14 Related operations for configuring the loop detection function...................................................33-20 Table 33-15 Related operations for configuring the Link trace function.........................................................33-21 Table 34-1 Correspondence between the H801ESC DIP switch and the slave node number............................34-4 Table 34-2 Correspondence between the FAN DIP switch and the slave node number....................................34-5 Table 34-3 Correspondence between the POWER4845 and the slave node number.........................................34-6 Table 34-4 Data plan for configuring the H801ESC..........................................................................................34-7 Table 34-5 Data plan for configuring the FAN..................................................................................................34-9 Table 34-6 Related operation for adding an EMU...........................................................................................34-12 Table 34-7 Commands for configuring a POWER4845 EMU.........................................................................34-12 Table 34-8 Related operations for configuring a POWER4845 EMU.............................................................34-15 Table 34-9 Related operations for configuring H801ESC analog parameters.................................................34-17 Table 34-10 Related operations for configuring H801ESC digital parameters................................................34-19 Table 34-11 Related operations for configuring the FAN alarm report...........................................................34-20 Table 34-12 Related operations for setting the fan speed adjustment mode....................................................34-21 Table 34-13 Related operations for setting the FAN speed level.....................................................................34-22

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

xxxi

SmartAX MA5600T Multi-service Access Module

About This Document

About This Document Purpose This document describes the configuration of various services supported by the MA5600T. The description covers the following topics: l

Purpose

l

Networking

l

Data plan

l

Prerequisite(s)

l

Note

l

Configuration flowchart

l

Operation procedure

l

Result

This document helps users to know the configuration of various services on the MA5600T.

Related Versions The following table lists the product versions related to this document. Product Name

Version

MA5600T

V800R005

N2000 BMS

V200R011

Intended Audience The intended audience of this document is: l

Installation and commissioning engineers

l

System maintenance engineers

l

Data configuration engineers

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1

About This Document

SmartAX MA5600T Multi-service Access Module

Organization This document describes the configuration on the MA5600T. Each chapter gives an overview to the configuration first, then describes the configuration flow and the configuration example (some chapters not) and finally describes the basic operations in detail. For the readers that know the product well, it is recommended to read the configuration example (s) directly; For the readers that do not know the product well, it is recommended to read the basic operations first. This document consists of the following chapters and is organized as follows.

2

Chapter…

Describes…

1 Maintenance Terminal Configuration

How to configure the maintenance terminal

2 Getting Started With CLI

The basic CLI operations on the MA5600T

3 Network Management Configuration

How to configure the network management system on the MA5600T

4 Log Host Configuration

How to configure the log host

5 User Management

User levels and user management operations

6 Device Management

How to manage the shelf and boards of the MA5600T

7 Remote User Authentication Configuration

How to configure the remote users authentication

8 VLAN Configuration

How to configure various VLANs, including standard VLAN, smart VLAN, MUX VLAN and super VLAN

9 DHCP Relay Configuration

How to configure DHCP relay to obtain IP addresses dynamically

10 ARP & ARP Proxy Configuration

How to configure ARP and ARP proxy

11 RIP Routing Protocol Configuration

How to configure the RIP routing protocols supported by the MA5600T

12 OSPF Routing Protocol Configuration

How to configure the OSPF routing protocols supported by the MA5600T

13 IS-IS Routing Protocol Configuration

How to configure the IS-IS routing protocols supported by the MA5600T

14 BGP Routing Protocol Configuration

How to configure the BGP routing protocols supported by the MA5600T

15 MSTP Configuration

How to configure MSTP

16 NTP Configuration

How to configure the four NTP modes

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Issue 02 (2008-04-25)

About This Document

Chapter…

Describes…

17 System Clock Configuration

How to configure the system clock on the MA5600T

18 MAC Address Management

How to configure MAC addresses and the MAC address pool

19 TCP/IP Connection Configuration

How to configure TCP and IP connections

20 ACL Configuration

ACL and the method of configuring ACL on the MA5600T

21 QoS Configuration

QoS and the method of configuring QoS on the MA5600T

22 User Security Configuration

How to configure user security on the MA5600T

23 System Security Configuration

How to configure system security on the MA5600T

SHDSL Service Configuration

The SHDSL technology and the method of configuring the SHDSL service on the MA5600T

VDSL2 Service Configuration

The VDSL2 technology and the method of configuring the VDSL2 service on the MA5600T

25 GPON Service Configuration

The GPON technology and the method of configuring the GPON service on the MA5600T

26 Protection Configuration for Upstream Link

The service protection on the upstream port of the MA5600T

27 Device Subtending Configuration

The Ethernet technology and how to subtend MA5600T devices

ATM-DSLAM Access Configuration

How to configure the ATM-DSLAM access service on the MA5600T

28 VLAN Stacking Wholesale Service Configuration

How to configure the wholesale service on the MA5600T

29 QinQ VLAN Private Line Service Configuration

How to configure the private line service on the MA5600T

30 Multicast Service Configuration

How to configure the multicast service on the MA5600T

31 Triple Play Service Configuration

How to configure the triple play service on the MA5600T

CPE Management

How to log on and configure the CPE terminal through the MA5600T

32 ONT Management

How to configure the ONT on the MA5600T side

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

3

About This Document

SmartAX MA5600T Multi-service Access Module

Chapter…

Describes…

33 Ethernet OAM Configuration

Applications of Ethernet OAM to the MA5600T

34 Environment Monitoring Configuration

The EMUs supported by the MA5600T and the method of configuring them

RSTP Networking Example

The configuration example of MSTP networking

Subtending Networking Example

The configuration example of subtending networking

35 Acronyms and Abbreviations

Acronyms and abbreviations used in the document

Differences Between the ETSI Service Shelf and the 19-inch Service Shelf The MA5600T supports both the ETSI service shelf and the 19-inch service shelf. The following table lists the differences between the two shelves. Shelf Type

Slots

Slots for the Control Board

Slots for Service Boards

Slots for Upstream Interface Boards

ETSI shelf

20

9, 10

1-8, 11-18

19, 20

19-inch shelf

18

7, 8

1-6, 9-16

17, 18

This document uses the ETSI service shelf as an example because the two shelves support the same software functions, although their hardware are different.

Conventions Symbol Conventions The symbols that may be found in this document are defined as follows. Symbol

Description

DANGER

WARNING

4

Indicates a hazard with a high level of risk which, if not avoided, could result in death or serious injury. Indicates a hazard with a medium or low level of risk which, if not avoided, could result in minor or moderate injury.

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

Symbol

About This Document

Description

CAUTION

Indicates a potentially hazardous situation that, if not avoided, could cause equipment damage, data loss, and performance degradation, or unexpected results.

TIP

Indicates a tip that may help you solve a problem or save time.

NOTE

Provides additional information to emphasize or supplement important points of the main text.

General Conventions Convention

Description

Times New Roman

Normal paragraphs are in Times New Roman.

Boldface

Names of files, directories, folders, and users are in boldface. For example, log in as user root.

Italic

Book titles are in italics.

Courier New

Terminal display is in Courier New.

Command Conventions

Issue 02 (2008-04-25)

Convention

Description

Boldface

The keywords of a command line are in boldface.

Italic

Command arguments are in italic.

[]

Items (keywords or arguments) in square brackets [ ] are optional.

{ x | y | ... }

Alternative items are grouped in braces and separated by vertical bars. One is selected.

[ x | y | ... ]

Optional alternative items are grouped in square brackets and separated by vertical bars. One or none is selected.

{ x | y | ... } *

Alternative items are grouped in braces and separated by vertical bars. A minimum of one or a maximum of all can be selected.

[ x | y | ... ] *

Optional alternative items are grouped in square brackets and separated by vertical bars. Many or none can be selected.

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

5

About This Document

SmartAX MA5600T Multi-service Access Module

GUI Conventions Convention

Description

Boldface

Buttons, menus, parameters, tabs, window, and dialog titles are in Boldface. For example, click OK.

>

Multi-level menus are in boldface and separated by the “>” signs. For example, choose File > Create > Folder.

Keyboard Operation Format

Description

Key

Press the key. For example, press Enter and press Tab.

Key 1+Key 2

Press the keys concurrently. For example, pressing Ctrl+Alt +A means the three keys should be pressed concurrently.

Key 1, Key 2

Press the keys in turn. For example, pressing Alt, A means the two keys should be pressed in turn.

Mouse Operation Action

Description

Click

Select and release the primary mouse button without moving the pointer.

Double-click

Press the primary mouse button twice continuously and quickly without moving the pointer.

Drag

Press and hold the primary mouse button and move the pointer to a certain position.

Update History Updates between document versions are cumulative. Therefore, the latest document version contains all updates made to previous versions.

Updates in Issue 02 (2008-04-25) This release has updated the following sections:

6

l

Sections "Overview", "Configuration Example of the User-Defined ACL", "Creating a Customized ACL Rule" of the chapter "ACL Configuration"

l

Section "Adding a Static ARP Entry" of the chapter "ARP & ARP Proxy Configuration" Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

About This Document

Updates in Issue 01 (2007-10-30) This is the first release.

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

7

SmartAX MA5600T Multi-service Access Module

1

1 Maintenance Terminal Configuration

Maintenance Terminal Configuration

About This Chapter This topic describes the different maintenance modes of theMA5600T through the maintenance terminal. 1.1 Overview This topic describes the different maintenance modes of the MA5600T through the maintenance terminal and describes the features of the maintenance modes. 1.2 Configuring the Terminal Through the Local Serial Port This topic describes how to log in to the MA5600T and configure the MA5600T by using the HyperTerminal of the Windows operating system. 1.3 Configuring the Terminal Through the Remote Serial Port This topic describes how to log in to the MA5600T and configure the MA5600T through the remote serial port. 1.4 Configuring the Terminal Through the Outband Management Channel This topic describes how to connect the maintenance terminal to the MA5600T over a local area network (LAN) or a wide area network (WAN), and configure the MA5600T through the outband management channel. 1.5 Configuring the Terminal Through the Inband Management Channel This topic describes how to configure the MA5600T through the inband management channel. 1.6 Configuring the Terminal Through SSH This topic describes how to connect the maintenance terminal to the MA5600T through SSH. Then, you can log in to the MA5600T through SSH for maintenance. This helps to protect the MA5600T from network attacks.

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-1

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

1.1 Overview This topic describes the different maintenance modes of the MA5600T through the maintenance terminal and describes the features of the maintenance modes. You can maintain the SmartAX MA5600T Multi-service Access Module Optical Access Equipment (the MA5600T for short) through a maintenance terminal in the command line interface (CLI) mode. The configuration of a maintenance terminal involves the following: l

1.2 Configuring the Terminal Through the Local Serial Port

l

1.3 Configuring the Terminal Through the Remote Serial Port

l

1.4 Configuring the Terminal Through the Outband Management Channel

l

1.5 Configuring the Terminal Through the Inband Management Channel

l

1.6 Configuring the Terminal Through SSH

Table 1-1 lists the features of the maintenance modes. Table 1-1 Features of the maintenance modes Maintenance mode

Description

Feature

Local serial port

Uses the HyperTerminal of the operating system for configuration.

No network management software is required.

Remote serial port

Uses the HyperTerminal of the operating system for configuration.

It connects modems on the MA5600T side and the maintenance terminal side.

Inband management channel

Uses the service channel of the MA5600T to manage the network device.

l

Advantages: It adopts flexible networking, and does not require additional networking device, thus saving networking cost.

l

Disadvantages: The maintenance work cannot be performed if the service channel fails.

l

Advantages: It provides reliable device management channel. The fault can be located in time even if the managed device fails.

l

Disadvantage: An additional network device is required for setting up a maintenance channel that is unrelated to the service channel.

Outband management channel

1-2

Uses the maintenance network port (ETH) of the control board (SCU) of the MA5600T to manage the system.

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Maintenance mode

Description

Feature

SSH mode

Uses the service channel of the MA5600T, or the maintenance network port of the SCU board to manage the system.

Secure Shell (SSH) ensures network security through the authentication, encryption, and identification functions. When a user telnets to the MA5600T from an insecure network, SSH protects the MA5600T from malicious attacks such as IP address spoofing and clear text password interception.

1.2 Configuring the Terminal Through the Local Serial Port This topic describes how to log in to the MA5600T and configure the MA5600T by using the HyperTerminal of the Windows operating system.

Networking Figure 1-1 shows an example network for configuring the MA5600T through the local serial port. Figure 1-1 Example network for configuring the MA5600T through the local serial port RS-232 serial port cable

Serial port

CON ETH ESC

SCU

MA5600T

PC

Configuration Flowchart Figure 1-2 shows the flowchart for configuring the MA5600T through the local serial port.

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-3

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Figure 1-2 Flowchart for configuring the MA5600T through the local serial port Start

Connect the serial port cable

Run the HyperTerminal

Set the parameters of the terminal

Define the terminal emulation type

Set ASCII code

Log in to the system

End

Procedure Step 1 Connect the serial port cable. Use a RS-232 serial port cable to connect the serial port of the PC to the CON port of the SCU board, as shown in Figure 1-1. Step 2 Start the HyperTerminal. 1.

Set up a connection. Choose Start > Programs > Accessories > Communication > HyperTerminal to start the HyperTerminal and set up a serial port connection. Enter the connection name, and click OK.

2.

Configure the serial port. Select the standard character terminal or the PC terminal serial port that is connected to the MA5600T. (Assume that the serial port is serial COM2.) Click OK.

Step 3 Set the parameters of the terminal. In step 2, click OK. Then, set the serial port parameters in the dialog box as shown in Figure 1-3. The parameters are set as follows:

1-4

l

Bits per second: 9600

l

Data bits: 8

l

Parity: None Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module l

Stop bits: 1

l

Flow control: None

1 Maintenance Terminal Configuration

NOTE

l

When setting the baud rate, make sure that the baud rate of the HyperTerminal is consistent with the baud rate of the serial port in the MA5600T. By default, the baud rate of the serial port is 9600 bit/s.

l

There may be illegible characters in the input information after you log in to the system. This is because the baud rate between the HyperTerminal and the MA5600T is inconsistent. In such cases, use a different baud rate to log in to the system. The system supports the baud rates of 9600 bit/s, 19200 bit/ s, 38400 bit/s, 57600 bit/s, and 115200 bit/s.

Figure 1-3 Setting parameters of the terminal

Click OK. Step 4 Define the terminal emulation type. Choose File > Properties on the HyperTerminal interface. Click the Settings tab. Select VT100 or Auto Detection as the type of terminal emulation, as shown in Figure 1-4.

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-5

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Figure 1-4 Setting the terminal emulation type

Step 5 Set ASCII code. Click ASCII Setup. Set the line delay and the character delay as 200 ms, as shown in Figure 1-5. NOTE

When you paste text to the HyperTerminal, character delay controls the character transmit speed, and the line delay controls the interval of sending every line. If a delay is very short, it leads to loss of characters. When the pasted text is displayed abnormally, modify the setting.

1-6

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Figure 1-5 Setting ASCII Code

----End

Result In the HyperTerminal interface, press Enter. The system displays a message requesting you to enter the user name. Enter the user name and password for user registration (by default, the super user name is root and the password is admin), and wait until the command line prompt (MA5600T) appears. If the login fails, click the Hang-up icon first, and then click the Dial icon. If you still cannot log in, return to step 1 to check the parameter settings and the physical connections, and then try again.

1.3 Configuring the Terminal Through the Remote Serial Port This topic describes how to log in to the MA5600T and configure the MA5600T through the remote serial port.

Prerequisite Connect a PSTN modem on the MA5600T side and PC side before using a serial port for remote maintenance. In this way, you can set up a remote connection between the PC and the MA5600T through modem dialup. The PSTN modem on the MA5600T side is referred to as the called PSTN modem. The PSTN modem on the PC side is referred to as the calling PSTN modem. The PSTN modems must meet the following requirements: l

Issue 02 (2008-04-25)

Both the calling and called PSTN modems must be the standard modems, and must support the AT command set. Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-7

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

l

The called PSTN modem must be an external modem.

l

The calling PSTN modem can be either a built-in modem or an external modem. For better compatibility and to facilitate monitoring of status, it is recommended that you use the calling and called PSTN modems made by the same vendor.

l

The following configuration is based on one type of modem. In actual applications, you can configure the modem by referring to the related AT command set.

Networking Figure 1-6 shows an example network for configuring the MA5600T through the remote serial port. Figure 1-6 Example network for configuring the MA5600T through the remote serial port

Telephone line

CON ETH ESC

Serial port cable Modem

Telephone line

Serial port cable Modem

SCU

MA5600T

PC

Configuration Flowchart Figure 1-7 shows the flowchart for configuring the MA5600T through the remote serial port.

1-8

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Figure 1-7 Flowchart for configuring the MA5600T through the remote serial port Start

Set the called modem parameters

Set the calling modem parameters

Set up the configuration environment

Start the HyperTerminal

Set the HyperTerminal parameter

Dial up on the HyperTerminal

End

Procedure Step 1 Set the called modem parameters. Only three signal lines, namely SD, RD, and SG, are used for connecting the MA5600T and the modem. Therefore, before connecting the modem to the MA5600T, shield the handshake signals and the flow control signals of the modem. The configuration of a modem requires an intelligent terminal. The following modem configuration is based on the HyperTerminal operating in Windows. 1.

Connect the serial port of the modem to the serial port of the maintenance terminal by using the dedicated cable for the modem, and then power on the system. You need not install a driver during this operation.

2.

Assume that the modem is connected to COM2 port. Start the HyperTerminal, and select Direct to COM2 in the Connect using column in the dialog box that appears. Set the serial port parameters as follows: 9600 bit/s for baud rate, 8 for data bits, 1 for stop bits, None for parity, and None for data traffic control. NOTE

After the connection, the terminal may not display anything. This is because the display function of the modem was disabled at the previous configuration operation. To enable the terminal to display the input information and the output information, run the AT&F command to restore the default settings and press Enter.

3.

Check the modem. In the HyperTerminal, enter the AT&F command to restore the default settings of the modem. Check whether the screen displays "OK". If it displays "OK", the modem is normal. If it does not display "OK", the modem is faulty and it must be replaced with a new modem.

4. Issue 02 (2008-04-25)

In the HyperTerminal, run the following commands: Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-9

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

ATS0=1 //Enable the auto replay function (ringing sound). AT&D //Ignore DTR signals. AT&K0 //Disable the flow control function. AT&R1 //Ignore the RTS signals. AT&S0 //Set DSR as high level. ATEQ1&W //Disable the modem’s response to the command while executing the command and saving the configurations. NOTE

After the last command is executed, running the AT command disables the echo function of the terminal and prevents the display of the execution results. l

Due to the limitation of the bit rate of the modem, you can run the baudrate command to modify the baud rate of the serial port of the MA5600T to 9600 bit/s or 19200 bit/s.

l

To prevent an extremely high bit rate on the line between the two modems, you can set AT $MB=9600 (or another value) before running the ATEQ1&W command.



Step 2 Set the calling modem parameters. After the power-on, the calling modem can function in the normal state without any configuration. However, if you connect the maintenance terminal to the modem by using a standard cable, shield the handshake signals and the flow control signals of the modem before the connection. For more information on the shield operation, refer to the settings of the called modem parameters. Step 3 Set up the configuration environment. Figure 1-6 shows the configuration environment. 1.

Connect the called modem. Plug the telephone line into the LINE port of the called modem. Connect the serial port of the called modem to the maintenance port CON of SCU board on the MA5600T by using the dedicated serial port cable for the MA5600T, and then power on the modem.

2.

Connect the calling modem. For an external modem, plug the telephone line into the LINE port of the calling modem, connect the serial port of the calling modem to the serial port of the maintenance terminal by using the dedicated cable for the modem, and then power on the modem. For a built-in modem, you only need to plug the telephone line into the LINE port of the calling modem.

Step 4 Start the HyperTerminal. 1.

Set up a new connection. Choose Start > Programs > Accessories > Communication > HyperTerminal to start the HyperTerminal and enter the name. Click OK.

2.

Configure the serial port. Select the standard character terminal or the PC terminal serial port that is connected to the MA5600T. (Assume that the serial port is serial COM2.) Click OK.

Step 5 Set the parameters of the HyperTerminal. In the preceding substep 2, click OK. Then, set the serial port parameters in the dialog box as shown in Figure 1-8. The parameters are set as follows: 1-10

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module l

Baud rate: 9600 bit/s

l

Data bits: 8

l

Parity: None

l

Stop bits: 1

l

Flow control: None

1 Maintenance Terminal Configuration

NOTE

l

When setting the baud rate, make sure that the baud rate of the HyperTerminal is consistent with the baud rate of the serial port. By default, the baud rate of the serial port is 9600 bit/s.

l

There may be illegible characters in the input information after you log in to the system. This is because the baud rate between the HyperTerminal and the system is inconsistent. In such cases, use another baud rate to log in to the system. The system supports the baud rates of 9600 bit/s, 19200 bit/s, 38400 bit/s, 57600 bit/s, and 115200 bit/s.

Figure 1-8 Setting the parameters of the HyperTerminal

Click OK and the HyperTerminal interface appears. Step 6 Dial up on the HyperTerminal. 1.

In the case of an external modem, perform the following operations: In the case of an external modem, select a serial port instead of a modem from the Connect using drop-down list in the HyperTerminal to set up the connection to the modem. In the HyperTerminal interface, you can enter the AT command such as ATDTXXXXXXXX for dialup. XXXXXXXX indicates the telephone number used by the line of the remote modem connected to the host. For details of the dialup commands, refer to the AT command set. ATDT0 W 020XXXXXXXX indicates that you should dial "0" for connection by using the external

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-11

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

line. Wait for the dialing tone from the switch, and then dial the telephone number 020XXXXXXXX. 2.

In the case of a built-in modem, perform the following operations: Run the HyperTerminal. Set the called number. Select the modem from the Connect using drop-down list. Click Configure in the properties setting interface to set the modem properties. Select Bring up terminal window after dialing in the Options tab of the properties setting interface. Click OK to confirm the setting. Click Dial to continue the dialing. You need not use any ATDT commands for dialing.

----End

Result After the dialup, the "OH" and "RI" LEDs on the modem that connects to the PC turn on. The modem generates a sound, which indicates that the connection is in-progress. After the connection is set up, the two modem CD LEDs (for carrier detection) turn on, and the HyperTerminal interface displays "CONNECT9600 (or 19200)". This indicates that the intermodem connection is set up successfully. If "NO CARRIER" is displayed, the connection fails. Check the hardware connections and the telephone line. Press Enter until the login interface appears. After configuring the MA5600T, run the hang-up command of the HyperTerminal to break the connection.

WARNING l

When the modem connection setup is in progress, pressing any key on the keyboard interrupts the ongoing call.

l

After a remote maintenance operation, you need to disconnect the line, instead of directly shutting down the HyperTerminal. Otherwise, modems of certain models may remain online all the time, resulting in failure during the next dialup connection.

1.4 Configuring the Terminal Through the Outband Management Channel This topic describes how to connect the maintenance terminal to the MA5600T over a local area network (LAN) or a wide area network (WAN), and configure the MA5600T through the outband management channel.

Networking-LAN Figure 1-9 shows an example network for configuring the outband management in a LAN by Telnet.

1-12

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Figure 1-9 Example network for configuring the outband management in a LAN by Telnet CON ETH ESC

SCU

MA5600T

LAN

PC

PC

PC

Use a straight through cable to connect the MA5600T to the LAN. Make sure that the IP address of the maintenance network port of the control board and the IP address of the PC used for maintaining the MA5600T are located in the same subnet. NOTE

You can also use a crossover cable to connect the network port of the maintenance terminal to the maintenance network port of the control board to maintain the MA5600T.

Data Plan-LAN Table 1-2 provides the data plan for configuring the outband management in a LAN by Telnet. Table 1-2 Data plan for configuring the outband management in a LAN by Telnet Item

Data

Maintenance network port of the MA5600T

IP address: 10.10.20.1/24

PC used for maintaining the MA5600T

IP address: 10.10.20.3/24

Networking-WAN Figure 1-10 shows an example network for configuring the outband management in a WAN by Telnet.

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-13

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Figure 1-10 Example network for configuring the outband management in a WAN by Telnet

PC LAN

CON ETH ESC

Router

PC

PC SCU

MA5600T

Data Plan-WAN Table 1-3 provides the data plan for configuring the outband management in a WAN by Telnet. Table 1-3 Data plan for configuring the outband management in a WAN by Telnet Item

Data

Maintenance network port of the MA5600T

IP address: 10.10.20.1/24

PC used for maintaining the MA5600T

IP address: 10.10.21.1/24

Router port connecting to the MA5600T

IP address: 10.10.20.254/24

Configuration Flowchart Figure 1-11 shows the flowchart for configuring the outband management in a WAN by Telnet.

1-14

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Figure 1-11 Flowchart for configuring the outband management in a WAN by Telnet Start

Set up the configuration environment

Set the IP address of the maintenance network port

WAN environment or not?

No

Yes

Add a route for the NMS

Run the telent application

Log in to the system

End

Procedure Step 1 Set up the configuration environment. Figure 1-9 and Figure 1-10 show the example networks for configuring the MA5600T through the outband management channel. You can set up the environment according to the requirements. Step 2 Set the IP address of the maintenance network port. huawei(config)#interface meth 0 huawei(config-if-meth0)#ip address 10.10.20.1 24

Step 3 Add a route for the network management system (NMS). l

If setting up the WAN configuration environment as shown in Figure 1-9, you need not add a route.

l

If setting up the WAN configuration environment as shown in Figure 1-10, you need to add a next hop route to the NMS.

huawei(config-if-meth0)#quit huawei(config)#ip route-static 10.10.21.0 24 10.10.20.254

Step 4 Run the telnet application. Choose Start > Run on the PC. Enter the telnet command, followed by the IP address of the maintenance network port of the MA5600T in the Open field. Click OK to run the telnet application （Windows XP OS is considered as an example), as shown in Figure 1-12. Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-15

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Figure 1-12 Running the telnet application

Step 5 Log in to the system. By default, the super user uses root as the user name and admin as the password. Huawei Integrated Access Software. Copyright(C) Huawei Technologies Co., Ltd. 1998-2007. All rights reserved. >>User name:root >>User password:

----End

Result After logging in to the system, you can perform the configuration successfully.

1.5 Configuring the Terminal Through the Inband Management Channel This topic describes how to configure the MA5600T through the inband management channel.

Networking-LAN Figure 1-13 shows an example network for maintenance through the GE port in a LAN.

1-16

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Figure 1-13 Example network for maintenance through the GE port in a LAN GE 0/19/0

CON ETH ESC

SCU

MA5600T LAN

PC

PC

PC

Data Plan-LAN Table 1-4 provides the data plan for the network. Table 1-4 Data plan for the network Item

Data

Inband management interface of the MA5600T

IP address: 10.10.20.1/24

PC used for maintaining the MA5600T

IP address: 10.10.20.3/24

Networking-WAN Figure 1-14 shows an example network for maintenance through the GE port in a WAN. Figure 1-14 Example network for maintenance through the GE port in a WAN Router

PC GE 0/19/0

CON ETH ESC

SCU

Issue 02 (2008-04-25)

MA5600T

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-17

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Data Plan-WAN Table 1-5 provides the data plan for the network. Table 1-5 Data plan for the network Item

Data

GE port of the MA5600T

IP address: 10.10.20.1/24

PC used for maintaining the MA5600T

IP address: 10.10.21.1/24

Router port connecting to the MA5600T

IP address: 10.10.20.254/24

VLAN ID

30

Upstream port

0

Configuration Flowchart Figure 1-15 shows the flowchart for configuring the MA5600T through the inband management channel. Figure 1-15 Flowchart for configuring the MA5600T through the inband management channel Start Set up the configuration environment Create an NMS VLAN and add the upstream port to it Set the IP address of the VLAN layer 3 interface

WAN environment or not?

No

Yes Set inband NMS route

Run the telnet application

Log in to the system

End

1-18

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Procedure Step 1 Set up the configuration environment. Figure 1-13 and Figure 1-14 show the example network for configuring the MA5600T through the inband management channel. You can set up the environment based on the requirements. Step 2 Create an NMS VLAN and add the upstream port to it. 1.

Run the vlan command to create an NMS VLAN. huawei(config)#vlan 30 standard huawei(config)#port vlan 30 0/9 0

2.

Run the native-vlan command to configure the native VLAN of the upstream port. huawei(config)#interface scu 0/9 huawei(config-if-scu-0/9)#native-vlan 0 vlan 30

Step 3 Set the IP address of the VLAN L3 interface. Run the ip address command to set the IP address and subnet mask of the MA5600T VLAN L3 interface. huawei(config-if-scu-0/9)#quit huawei(config)#interface vlanif 30 huawei(config-if-vlanif30)#ip address 10.10.20.1 255.255.255.0

Step 4 Set inband NMS route. If the configuration environment is set up as shown in Figure 1-13, you need not configure a route. If the configuration environment is set up as shown in Figure 1-14, you need to add the route of next hop. huawei(config-if-vlanif30)#quit huawei(config)#ip route-static 10.10.21.0 24 10.10.20.254

Step 5 Run the telnet application. Choose Start > Run on the PC. Enter the telnet command, followed by the IP address of the maintenance network port of the SCU board in the Open field. Click OK to run the telnet application as shown in Figure 1-16. Figure 1-16 Running the telnet application

Step 6 Log in to the system. By default, the super user uses root and admin as the user name and password. When you log in, the system prompts the following. Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-19

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Huawei Integrated Access Software. Copyright(C) Huawei Technologies Co., Ltd. 1998-2007. All rights reserved. >>User name:root >>User password:

----End

Result After logging in to the system, you can configure the terminal for maintenance.

1.6 Configuring the Terminal Through SSH This topic describes how to connect the maintenance terminal to the MA5600T through SSH. Then, you can log in to the MA5600T through SSH for maintenance. This helps to protect the MA5600T from network attacks.

Networking-LAN Figure 1-17 shows the connection for setting up the SSH configuration environment in the LAN outband mode. Figure 1-17 Setting up the SSH configuration environment in the LAN outband mode CON ETH ESC

SCU

MA5600T

LAN

PC

PC

PC

Data Plan-LAN Table 1-6 provides the data plan for the network.

1-20

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Table 1-6 Data plan for the network Item

Data

MA5600T

IP address of the maintenance network port: 10.10.20.2/24 Username: huawei User authentication mode: RSA public key authentication

PC used for maintaining the MA5600T

IP address: 10.10.20.1/24 Client software: PuTTY Password conversion tools: PuTTY.exe, PuTTYGen.exe, sshkey.exe

Networking-WAN Figure 1-18 shows the connection for setting up the SSH configuration environment in the WAN outband mode. Figure 1-18 Setting up the SSH configuration environment in the WAN outband mode

PC LAN

CON ETH ESC

Router

PC

PC SCU

MA5600T

Data Plan-WAN Table 1-7 provides the data plan for the network. Table 1-7 Data plan for the network Item

Data

MA5600T

IP address of the maintenance network port: 10.10.20.2/24 Username: huawei User authentication mode: RSA public key authentication

PC used for maintaining the MA5600T

IP address: 10.10.21.1/24 Client software: PuTTY Password conversion tools: PuTTY.exe, PuTTYGen.exe, sshkey.exe

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-21

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Item

Data

Router port connecting to the MA5600T

IP address: 10.10.20.254/24

Networking-LAN Figure 1-19 shows the connection for setting up the SSH configuration environment in the LAN inband mode. Figure 1-19 Setting up the SSH configuration environment in the LAN inband mode GE 0/19/0

CON ETH ESC

SCU

MA5600T LAN

PC

PC

PC

Data Plan-LAN Table 1-8 provides the data plan for the network. Table 1-8 Data plan for the network Item

Data

MA5600T

IP address of the VLAN L3 interface: 10.10.20.2/24 Username: huawei User authentication mode: RSA public key authentication

PC used for maintaining the MA5600T

IP address: 10.10.20.1/24 Client software: PuTTY Password conversion tools: PuTTY.exe, PuTTYGen.exe, sshkey.exe

1-22

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Networking-WAN Figure 1-20 shows the connection for setting up the SSH configuration environment in the WAN inband mode. Figure 1-20 Setting up the SSH configuration environment in the WAN inband mode Router

PC GE 0/19/0

CON ETH ESC

SCU

MA5600T

Data Plan-WAN Table 1-9 provides the data plan for the network. Table 1-9 Data plan for the network Item

Data

MA5600T

IP address of VLAN L3 interface: 10.10.20.2/24 Username: huawei User authentication mode: RSA public key authentication

PC used for maintaining the MA5600T

IP address: 10.10.21.1/24 Client software: PuTTY Password conversion tools: PuTTY.exe, PuTTYGen.exe, sshkey.exe

Router port connecting to the MA5600T

IP address: 10.10.20.254/24

Configuration Flowchart Figure 1-21 shows the flowchart for configuring the SSH environment. For details of the configuration, see "7.7 Configuring SSH."

Issue 02 (2008-04-25)

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

1-23

1 Maintenance Terminal Configuration

SmartAX MA5600T Multi-service Access Module

Figure 1-21 Flowchart for configuring in the SSH mode Start

Set the IP address of the maintenance network port/VLAN layer 3 interface

No

WAN environment or not? Yes Add a route for the NMS

Create an SSH user

Create the key pair for the SSH server

Set SSH user authentication mode

Password

rsa, all, passwordpublickey Generate the RSA public key

Generate the public key for SSH user

Authorize the public key to the SSH user

Log in to the system

End

1-24

Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd

Issue 02 (2008-04-25)

SmartAX MA5600T Multi-service Access Module

1 Maintenance Terminal Configuration

Procedure Step 1 Set up the configuration environment. You can set up the configuration environment as shown in Figure 1-17, Figure 1-18, Figure 1-19, and Figure 1-20. Step 2 Set the IP address of the maintenance network port/VLAN L3 interface. l

To set the IP address of the maintenance network port, do as follows: huawei(config)#interface meth 0 huawei(config-if-meth0)#ip address 10.10.20.2 255.255.255.0

l

To set the IP address of the VLAN L3 interface, do as follows: huawei(config)#vlan 30 standard huawei(config)#interface vlanif 30 huawei(config-if-vlanif30)#ip address 10.10.20.2 255.255.255.0

Step 3 Add a route for the NMS. To set up a LAN configuration environment based on Figure 1-17 or Figure 1-19, you need not add a route for the NMS. To set up a WAN configuration environment based on Figure 1-18 or Figure 1-20, you must add a route of next hop for the NMS, as follows: huawei(config-if-vlanif30)#quit huawei(config)#ip route-static 10.10.21.0 24 10.10.20.254

Step 4 Create a user. To create a user with the following parameters, do as follows: l

Bound user profile: root (default)

l

Level: Operator

l

User name: huawei

l

Password: huawei123

l

Login attempts: 4

huawei(config)#terminal user name User profile name(