Page 1 HP MSR Router Series Network Management and Monitoring Configuration Guide(V5) Part number: 5998-8189 Software version: CMW520-R2513 Document version: 6PW106-20150808...
Page 2 The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an...
Page 3: Table Of Contents
Contents Configuring SNMP ······················································································································································· 1 Overview ············································································································································································ 1 SNMP framework ····················································································································································· 1 MIB and view-based MIB access control ··············································································································· 1 SNMP operations ····················································································································································· 2 SNMP protocol versions ·········································································································································· 2 SNMP configuration task list ············································································································································ 2 ...
Page 4 Disabling an interface from receiving NTP messages ······················································································· 33 Configuring the allowed maximum number of dynamic sessions ···································································· 34 Configuring access-control rights ································································································································· 34 Configuration prerequisites ·································································································································· 34 Configuration procedure ······································································································································ 35 Configuring NTP authentication ··································································································································· 35 ...
Page 5 Configuring CWMP (TR-069) ···································································································································· 73 Overview ········································································································································································· 73 CWMP network framework ·································································································································· 73 Basic CWMP functions ········································································································································· 73 CWMP mechanism ··············································································································································· 75 CWMP configuration approaches ······························································································································· 76 Configuring ACS and CPE attributes through ACS ··························································································· 77 ...
Page 6 Flow aging approaches ········································································································································ 97 Configuration procedure ······································································································································ 98 Displaying and maintaining NetStream ······················································································································ 99 NetStream configuration examples ······························································································································ 99 NetStream traditional data export configuration example ··············································································· 99 NetStream aggregation data export configuration example ········································································· 100 ...
Page 7 Configuring counter sampling ···································································································································· 147 Displaying and maintaining sFlow ····························································································································· 147 sFlow configuration example ······································································································································ 147 Troubleshooting sFlow configuration ························································································································· 148 The remote sFlow collector cannot receive sFlow packets ·············································································· 148 Configuring samplers ·············································································································································· 150 ...
Page 8 Verifying the configuration ································································································································· 170 Configuring traffic mirroring ·································································································································· 171 Overview ······································································································································································· 171 Traffic mirroring configuration task list ······················································································································ 171 Configuring traffic mirroring ······································································································································· 171 Configuring match criteria ································································································································· 171 Mirroring traffic to an interface ························································································································· 172 ...
Page 9 IPv6 NetStream traditional data export configuration example ····································································· 216 IPv6 NetStream aggregation data export configuration example ································································· 217 Support and other resources ·································································································································· 219 Contacting HP ······························································································································································ 219 Subscription service ············································································································································ 219 Related information ······················································································································································ 219 ...
Page 10: Configuring Snmp
Configuring SNMP This chapter provides an overview of the Simple Network Management Protocol (SNMP) and guides you through the configuration procedure. Overview SNMP is an Internet standard protocol widely used for a management station to access and operate the devices on a network, regardless of their vendors, physical characteristics and interconnect technologies. SNMP enables network administrators to read and set the variables on managed devices for state monitoring, troubleshooting, statistics collection, and other management purposes.
Page 11: Snmp Operations
The device supports only traps. SNMP protocol versions HP supports SNMPv1, SNMPv2c, and SNMPv3. An NMS and an SNMP agent must use the same SNMP version to communicate with each other. SNMPv1—Uses community names for authentication. To access an SNMP agent, an NMS must use •...
Page 12 Step Command Remarks Optional. By default, the SNMP agent is disabled. You can also enable the SNMP Enable the SNMP agent. snmp-agent agent by using any command that begins with snmp-agent except for the snmp-agent calculate-password command. Optional. snmp-agent sys-info { contact The defaults are as follows: Configure system information sys-contact | location sys-location...
Page 13: Configuring Snmpv1 Or Snmpv2C Basic Parameters
Step Command Remarks snmp-agent usm-user v3 user-name group-name [ [ cipher ] authentication-mode { md5 | sha } Add a user to the SNMPv3 auth-password [ privacy-mode group. { 3des | aes128 | des56 } priv-password ] ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * Optional.
Page 14: Configuring Snmp Logging
Step Command Remarks • (Method 1) Create an SNMP community: snmp-agent community { read | write } [ cipher ] community-name [ mib-view view-name ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * Use either method. • (Method 2) Create an SNMP group, and By default, no SNMP group add a user to the SNMP group: exists.
Page 15: Configuring Snmp Traps
Configuring SNMP traps The SNMP agent sends traps to inform the NMS of important events, such as a reboot. Traps include generic traps and vendor-specific traps. Available generic traps include authentication, coldstart, linkdown, linkup and warmstart. All other traps are vendor-defined. SNMP traps generated by a module are sent to the information center.
Page 16: Configuring The Snmp Agent To Send Traps To A Host
Configuring the SNMP agent to send traps to a host The SNMP module buffers the traps received from a module in a trap queue. You can set the size of the queue, the duration that the queue holds a trap, and trap target (destination) hosts, typically the NMS. To successfully send traps, you must also perform the following tasks: •...
Page 17: Displaying And Maintaining Snmp
Displaying and maintaining SNMP Task Command Remarks Display SNMP agent system display snmp-agent sys-info [ contact | location information, including the contact, | version ]* [ | { begin | exclude | include } Available in any view. physical location, and SNMP regular-expression ] version.
Page 18 Configuration procedure Configure the SNMP agent: # Configure the IP address of the agent, and make sure the agent and the NMS can reach each other. (Details not shown.) # Specify SNMPv1 and SNMPv2c, and create a read-only community public and a read and write community private.
Page 19: Snmpv3 Configuration Example
Time Stamp = 8:35:25.68 SNMPv3 configuration example Network requirements As shown in Figure 4, the NMS (1.1.1.2/24) uses SNMPv3 to monitor and manage the interface status of the agent (1.1.1.1/24), and the agent automatically sends traps to report events to the NMS. The NMS and the agent perform authentication when they set up an SNMP session.
Page 20: Snmp Logging Configuration Example
Set the timeout time and maximum number of retries. For information about configuring the NMS, see the NMS manual. NOTE: The SNMP settings on the agent and the NMS must match. Verify the configuration: # Try to get the count of sent traps from the agent. The get attempt succeeds. Send request to 1.1.1.1/161 ...
Page 21 Figure 5 Network diagram Configuration procedure This example assumes that you have configured all required SNMP settings for the NMS and the agent (see "SNMPv1/SNMPv2c configuration example" or "SNMPv3 configuration example"). # Enable displaying log messages on the configuration terminal. (This function is enabled by default. Skip this step if you are using the default.) <Agent>...
Page 22 Field Description node MIB node name and OID of the node instance. errorIndex Error index, with 0 meaning no error. errorStatus Error status, with noError meaning no error. Value set by the SET operation. This field is null for a GET operation.
Page 23: Configuring Rmon
RMON groups Among the RFC 2819 defined RMON groups, HP implements the statistics group, history group, event group, and alarm group supported by the public MIB. HP also implements a private alarm group, which enhances the standard alarm group. Ethernet statistics group...
Page 24 History group The history group defines that the system periodically collects traffic statistics on interfaces and saves the statistics in the history record table (ethernetHistoryTable). The statistics include bandwidth utilization, number of error packets, and total number of packets. The history statistics table record traffic statistics collected for each sampling interval. The sampling interval is user-configurable.
Page 25: Configuring The Rmon Statistics Function
Private alarm group The private alarm group calculates the values of alarm variables and compares the results with the defined threshold for a more comprehensive alarming function. The system handles the private alarm entry (as defined by the user) in the following ways: Periodically samples the private alarm variables defined in the private alarm formula.
Page 26: Configuring The Rmon Alarm Function
You can successfully create a history control entry, even if the specified bucket size exceeds the • history table size supported by the device. However, the effective bucket size will be the actual value supported by the device. To configure the RMON history statistics function: Step Command Enter system view.
Page 27: Displaying And Maintaining Rmon
Table 2 RMON configuration restrictions Maximum number of Entry Parameters to be compared entries Event description (description string), event type (log, trap, Event logtrap or none) and community name (trap-community or log-trapcommunity) Alarm variable (alarm-variable), sampling interval (sampling-interval), sampling type (absolute or delta), rising Alarm threshold (threshold-value1) and falling threshold (threshold-value2)
Page 28: History Group Configuration Example
Figure 7 Network diagram Configuration procedure # Configure the RMON statistics group on the RMON agent to gather statistics for Ethernet 1/1. <Sysname> system-view [Sysname] interface ethernet 1/1 [Sysname-Ethernet1/1] rmon statistics 1 owner user1 # Display statistics collected by the RMON agent for Ethernet 1/1. <Sysname>...
Page 29 Configuration procedure # Configure the RMON history group on the RMON agent to gather traffic statistics every minute for Ethernet 1/1. Retain up to eight records for the interface in the history statistics table. <Sysname> system-view [Sysname] interface ethernet 1/1 [Sysname-Ethernet1/1] rmon history 1 buckets 8 interval 60 owner user1 # Display the history data collected for Ethernet 1/1.
Page 30: Alarm Group Configuration Example
multicast packets : 6 , CRC alignment errors : 0 undersize packets : 0 , oversize packets fragments , jabbers collisions , utilization Sampled values of record 7 : dropevents , octets : 766 packets , broadcast packets multicast packets : 6 , CRC alignment errors : 0 undersize packets : 0 , oversize packets...
Page 31 [Sysname] snmp-agent target-host trap address udp-domain 1.1.1.2 params securityname public # Configure the RMON statistics group to gather traffic statistics for Ethernet 1/1. [Sysname] interface ethernet 1/1 [Sysname-Ethernet1/1] rmon statistics 1 owner user1 [Sysname-Ethernet1/1] quit # Create an RMON event entry and an RMON alarm entry so the RMON agent sends traps when the delta sampling value of node 1.3.6.1.2.1.16.1.1.1.4.1 exceeds 100 or drops below 50.
Page 32: Configuring Ntp
Configuring NTP You must synchronize your device with a trusted time source by using the Network Time Protocol (NTP) or changing the system time before you run it on a live network. Various tasks, including network management, charging, auditing, and distributed computing depend on an accurate system time setting, because the timestamps of system messages and logs use the system time.
Page 33: Ntp Message Format
Prior to the time synchronization, the time of Device A is set to 10:00:00 am and that of Device B • is set to 1 1:00:00 am. Device B is used as the NTP server. Device A is to be synchronized to Device B. •...
Page 34 NTP uses two types of messages: clock synchronization messages and NTP control messages. NTP control messages are used in environments where network management is needed. Because NTP control messages are not essential for clock synchronization, they are not described in this document. A clock synchronization message is encapsulated in a UDP message, as shown in Figure 1 Figure 11 Clock synchronization message format...
Page 35: Ntp Operation Modes
Precision—An 8-bit signed integer that indicates the precision of the local clock. • • Root Delay—Roundtrip delay to the primary reference source. Root Dispersion—The maximum error of the local clock relative to the primary reference source. • Reference Identifier—Identifier of the particular reference source. •...
Page 36 Symmetric peers mode Figure 13 Symmetric peers mode In symmetric peers mode, devices that operate in symmetric active mode and symmetric passive mode exchange NTP messages with the Mode field 3 (client mode) and 4 (server mode). Then the device that operates in symmetric active mode periodically sends clock synchronization messages, with the Mode field in the messages set to 1 (symmetric active).
Page 37: Ntp For Vpns
Multicast mode Figure 15 Multicast mode In multicast mode, a server periodically sends clock synchronization messages to the user-configured multicast address, or, if no multicast address is configured, to the default NTP multicast address 224.0.1.1, with the Mode field in the messages set to 5 (multicast mode). Clients listen to the multicast messages from servers.
Page 38: Ntp Configuration Task List
Figure 16 Network diagram NTP configuration task list Task Remarks Configuring NTP operation modes Required. Configuring the local clock as a reference source Optional. Configuring optional parameters for NTP Optional. Configuring access-control rights Optional. Configuring NTP authentication Optional. Configuring NTP operation modes Devices can implement clock synchronization in one of the following modes: Client/server mode—Configure only clients.
Page 39: Configuring Ntp Client/Server Mode
Configuring NTP client/server mode If you specify the source interface for NTP messages by specifying the source interface source-interface option, NTP uses the primary IP address of the specified interface as the source IP address of the NTP messages. A device can act as a server to synchronize other devices only after it is synchronized. If a server has a stratum level higher than or equal to a client, the client does not synchronize to that server.
Page 40: Configuring Ntp Broadcast Mode
Step Command Remarks By default, no symmetric-passive ntp-service unicast-peer peer is specified. [ vpn-instance vpn-instance-name ] { ip-address | peer-name } The ip-address argument must be a Specify a symmetric-passive [ authentication-keyid keyid | unicast address, rather than a peer for the device. priority | source-interface broadcast address, a multicast interface-type interface-number |...
Page 41: Configuring The Local Clock As A Reference Source
Configure the NTP multicast mode on both the server and clients. The NTP multicast mode must be configured in a specific interface view. For more information about tunnel interfaces, see Layer 3—IP Services Configuration Guide. Configuring a multicast client Step Command Remarks Enter system view.
Page 42: Configuring Optional Parameters For Ntp
Step Command Remarks The value of the ip-address Configure the local clock as a ntp-service refclock-master argument must be 127.127.1.u, reference source. [ ip-address ] [ stratum ] where u represents the NTP process ID in the range of 0 to 3. Configuring optional parameters for NTP This section explains how to configure the optional parameters for NTP.
Page 43: Configuring The Allowed Maximum Number Of Dynamic Sessions
Step Command Remarks interface interface-type Enter interface view. interface-number Disable the interface from By default, an interface is enabled ntp-service in-interface disable receiving NTP messages. to receive NTP messages. Configuring the allowed maximum number of dynamic sessions Step Command Remarks Enter system view.
Page 44: Configuration Procedure
Configuration procedure To configure the NTP service access-control right to the local device: Step Command Remarks Enter system view. system-view Configure the NTP service ntp-service access { peer | query | access-control right for a peer server | synchronization } The default is peer.
Page 45: Configuring Ntp Authentication In Symmetric Peers Mode
Step Command Remarks By default, no NTP authentication ntp-service authentication-keyid key is configured. Configure an NTP keyid authentication-mode md5 authentication key. Configure the same authentication [ cipher | simple ] value key on the client and server. Configure the key as a trusted ntp-service reliable By default, no authentication key is key.
Page 46: Configuring Ntp Authentication In Broadcast Mode
Configuring NTP authentication for an active peer Step Command Remarks Enter system view. system-view By default, NTP authentication is Enable NTP authentication. ntp-service authentication enable disabled. By default, no NTP authentication key is configured. ntp-service authentication-keyid Configure an NTP keyid authentication-mode md5 Configure the same authentication authentication key.
Page 47: Configuring Ntp Authentication In Multicast Mode
Step Command Remarks By default, NTP authentication is Enable NTP authentication. ntp-service authentication enable disabled. By default, no NTP authentication ntp-service authentication-keyid key is configured. Configure an NTP keyid authentication-mode md5 authentication key. Configure the same authentication [ cipher | simple ] value key on the client and server.
Page 48: Displaying And Maintaining Ntp
Step Command Remarks By default, no NTP authentication ntp-service authentication-keyid key is configured. Configure an NTP keyid authentication-mode md5 authentication key. Configure the same authentication [ cipher | simple ] value key on the client and server. Configure the key as a trusted ntp-service reliable By default, no authentication key is key.
Page 49: Ntp Configuration Examples
NTP configuration examples NTP client/server mode configuration example Network requirements Perform the following configurations to synchronize the time between Device B and Device A: As shown in Figure 17, the local clock of Device A is to be used as a reference source, with the •...
Page 50: Ntp Symmetric Peers Mode Configuration Example
Clock precision: 2^7 Clock offset: 0.0000 ms Root delay: 31.00 ms Root dispersion: 1.05 ms Peer dispersion: 7.81 ms Reference time: 14:53:27.371 UTC Sep 19 2005 (C6D94F67.5EF9DB22) The output shows that Device B has synchronized to Device A. The stratum level of Device B is 3, and that of Device A is 2.
Page 51: Ntp Broadcast Mode Configuration Example
Configure Device B: # Specify Device A as the NTP server of Device B. <DeviceB> system-view [DeviceB] ntp-service unicast-server 3.0.1.31 Configure Device C (after Device B is synchronized to Device A): # Specify the local clock as the reference source, with the stratum level 1. <DeviceC>...
Page 52 Router B and Router A operate in broadcast client mode and receive broadcast messages through • their respective Ethernet 1/1. Figure 19 Network diagram Eth1/1 3.0.1.31/24 Router C Eth1/1 3.0.1.30/24 Router A Eth1/1 3.0.1.32/24 Router B Configuration procedure Set the IP address for each interface as shown in Figure 19.
Page 53: Ntp Multicast Mode Configuration Example
Actual frequency: 64.0000 Hz Clock precision: 2^7 Clock offset: 0.0000 ms Root delay: 31.00 ms Root dispersion: 8.31 ms Peer dispersion: 34.30 ms Reference time: 16:01:51.713 UTC Sep 19 2005 (C6D95F6F.B6872B02) The output shows that Router A has synchronized to Router C. The stratum level of Router A is 3, and that of Router C is 2.
Page 54 <RouterC> system-view [RouterC] ntp-service refclock-master 2 # Configure Router C to operate in multicast server mode and send multicast messages through Ethernet 1/1. [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] ntp-service multicast-server Configure Router D: # Configure Router D to operate in multicast client mode and receive multicast messages on Ethernet 1/1.
Page 55: Configuration Example For Ntp Client/Server Mode With Authentication
[RouterB-Ethernet1/1] quit [RouterB] interface ethernet 1/2 [RouterB-Ethernet1/2] pim dm Configure Router A: <RouterA> system-view [RouterA] interface ethernet 1/1 # Configure Router A to operate in multicast client mode and receive multicast messages on Ethernet 1/1. [RouterA-Ethernet1/1] ntp-service multicast-client # Display the NTP status of Router A after clock synchronization. [RouterA-Ethernet1/1] display ntp-service status Clock status: synchronized Clock stratum: 3...
Page 56 Figure 21 Network diagram Configuration procedure Set the IP address for each interface as shown in Figure 21. (Details not shown.) Configure Device A: # Specify the local clock as the reference source, with the stratum level 2. <DeviceA> system-view [DeviceA] ntp-service refclock-master 2 Configure Device B: <DeviceB>...
Page 57: Configuration Example For Ntp Broadcast Mode With Authentication
# Display NTP session information for Device B, which shows that an association has been set up Device B and Device A. [DeviceB] display ntp-service sessions source reference stra reach poll offset delay disper ************************************************************************** [12345] 1.0.1.11 127.127.1.0 -75.5 31.0 16.5 note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured Total associations :...
Page 58 # Enable NTP authentication on Router B. Configure an NTP authentication key, with the key ID of 88 and key value of 123456. Specify the key as a trusted key. <RouterB> system-view [RouterB] ntp-service authentication enable [RouterB] ntp-service authentication-keyid 88 authentication-mode md5 123456 [RouterB] ntp-service reliable authentication-keyid 88 # Configure Router B to operate in broadcast client mode and receive NTP broadcast messages on Ethernet 1/1.
Page 59 Clock status: unsynchronized Clock stratum: 16 Reference clock ID: none Nominal frequency: 100.0000 Hz Actual frequency: 100.0000 Hz Clock precision: 2^18 Clock offset: 0.0000 ms Root delay: 0.00 ms Root dispersion: 0.00 ms Peer dispersion: 0.00 ms Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000) # Enable NTP authentication on Router C.
Page 60: Configuration Example For Mpls Vpn Time Synchronization In Client/Server Mode
Clock stratum: 4 Reference clock ID: 3.0.1.31 Nominal frequency: 64.0000 Hz Actual frequency: 64.0000 Hz Clock precision: 2^7 Clock offset: 0.0000 ms Root delay: 31.00 ms Root dispersion: 8.31 ms Peer dispersion: 34.30 ms Reference time: 16:01:51.713 UTC Sep 19 2005 (C6D95F6F.B6872B02) Configuration example for MPLS VPN time synchronization in client/server mode Network requirements...
Page 61: Configuration Example For Mpls Vpn Time Synchronization In Symmetric Peers Mode
Configuration procedure Before you perform the following configuration, be sure you have completed MPLS VPN-related configurations and make sure of the reachability between CE 1 and PE 1, between PE 1 and PE 2, and between PE 2 and CE 3. For information about configuring MPLS VPN, see MPLS Configuration Guide. Set the IP address for each interface as shown in Figure 23.
Page 62 Configuration procedure Set the IP address for each interface as shown in Figure 23. (Details not shown.) Configure CE 1: # Specify the local clock as the reference source, with the stratum level 1. <CE1> system-view [CE1] ntp-service refclock-master 1 Configure PE 1: # Specify CE 1 as the symmetric-passive peer for VPN 1.
Page 63: Configuring Cluster Management
Configuring cluster management Overview Cluster management is an effective way to manage large numbers of dispersed network devices in groups and offers the following advantages: Saves public IP address resources. You do not need to assign one public IP address for every cluster •...
Page 64: How A Cluster Works
As shown in Figure 24, the device configured with a public IP address and performing the management function is the management device, the other managed devices are member devices, and the device that does not belong to any cluster but can be added to a cluster is a candidate device. The management device and the member devices form the cluster.
Page 65 NDP runs on the data link layer and supports different network layer protocols. About NTDP NTDP provides information required for cluster management. It collects topology information about the devices within the specified hop count. Based on the neighbor information stored in the neighbor table maintained by NDP, NTDP on the management device advertises NTDP topology-collection requests to collect the NDP information of all the devices in a specific network range as well as the connection information of all its neighbors.
Page 66 Figure 26 Management/member device state change A cluster manages the state of its member devices as follows: After a candidate device is added to the cluster and becomes a member device, the management • device saves its state information and identifies it as Active. The member device also saves its state information and identifies itself as Active.
Page 67: Configuration Restrictions And Guidelines
To ensure security of the cluster management VLAN, PCs and other network devices that do not belong to the cluster are not allowed to join the management VLAN, only ports on devices of the cluster can join the management VLAN. IMPORTANT: To guarantee the communication within the cluster, ensure VLAN handling consistency on all ports on the path from a member device or candidate device to the management device.
Page 68: Configuring The Management Device
Task Remarks • Configuring communication between the management device and the Optional. member devices within a cluster • Configuring cluster management protocol packets Optional. • Cluster member management Optional. Configuring the member devices: • Enabling NDP Required. • Enabling NTDP Required.
Page 69: Configuring Ndp Parameters
Configuring NDP parameters An NDP-enabled port periodically sends NDP packets that have an aging time. If the receiving device has not received any NDP packet before that aging time expires, the receiving device automatically removes the neighbor entry for the sending device. To avoid NDP table entry flappings, make sure the NDP aging timer is equal to or longer than the NDP packet sending interval.
Page 70: Manually Collecting Topology Information
Forwarding delay for the first NTDP-enabled port—After receiving a topology request, the requested device forwards the request out of the first NTDP-enabled port when this forwarding delay expires rather than immediately. Forwarding delay for other NTDP-enabled ports—After the first NTDP-enabled port forwards the request, all other NTDP-enabled ports forward the request in turn at this delay interval.
Page 71: Establishing A Cluster
Establishing a cluster To successfully establish a cluster: Make sure UDP port 40000 is not used by any application. This port will be used by the cluster • management module for exchanging handshake packets. • Perform the following tasks before establishing the cluster: Specify a management VLAN.
Page 72: Configuring Communication Between The Management Device And The Member Devices Within A Cluster
To enable management VLAN autonegotiation on the management device: Step Command Remarks Enter system view. system-view Enter cluster view. cluster Enable management VLAN management-vlan synchronization By default, this function is auto-negotiation. enable disabled. Configuring communication between the management device and the member devices within a cluster In a cluster, the management device and its member devices communicate by sending handshake packets to maintain a connection.
Page 73: Cluster Member Management
If the interval for sending MAC address negotiation broadcast packets is 0, the system • automatically sets it to 1 minute. If the interval for sending MAC address negotiation broadcast packets is not 0, the interval remains • unchanged. To configure the destination MAC address of the cluster management protocol packets: Step Command Remarks...
Page 74: Configuring The Member Devices
When a candidate device is added to the cluster, its super password for level-3 commands changes • to be the same as that on the management device. To avoid authentication failures, HP recommends you not modify the super password settings of any member (including the management device and member devices) in the cluster.
Page 75: Adding A Candidate Device To A Cluster
Task Command Remarks cluster switch-to { member-number | Access the CLI of a member device mac-address mac-address | sysname from the management device. member-sysname } You can use this command Access the CLI of the management only if you are not logged in to cluster switch-to administrator device from a member device.
Page 76: Configuring Interaction For A Cluster
All cluster members send their traps to the SNMP NMS through the management device. • To isolate cluster management and control packets from the external networks for security, HP recommends you configure the ports connected to the external networks as not allowing the management VLAN to pass through.
Page 77: Configuring The Snmp Configuration Synchronization Function
Step Command Remarks snmp-host ip-address Configure the SNMP NM host By default, no SNMP host is [ community-string read string1 shared by the cluster. configured. write string2 ] Configure the NM interface of nm-interface vlan-interface Optional. the management device. interface-name Configuring the SNMP configuration synchronization function SNMP configuration synchronization simplifies SNMP configuration in a cluster by enabling the management device to propagate its SNMP settings to all member devices on a whitelist.
Page 78: Displaying And Maintaining Cluster Management
devices) in a cluster through Web. These Web user account settings are retained on the member devices after they are removed from the whitelist or the cluster is dismissed. To configure Web user accounts in batches: Step Command Enter system view. system-view Enter cluster view.
Page 79: Cluster Management Configuration Example
Task Command Remarks display cluster members [ member-number Display information about | verbose ] [ | { begin | exclude | include } Available in any view. cluster members. regular-expression ] Clear NDP statistics. reset ndp statistics [ interface interface-list ] Available in user view.
Page 80 [DeviceA-Ethernet1/1] ntdp enable [DeviceA-Ethernet1/1] quit # Enable the cluster function. [DeviceA] cluster enable Configure the member device Device C: As the configurations of the member devices are the same, the configuration procedure of Device C is not shown. Configure the management device Device B: # Enable NDP globally and for ports Ethernet 1/2 and Ethernet 1/3.
Page 81 [DeviceB-Ethernet1/2] port trunk permit vlan 10 [DeviceB-Ethernet1/2] quit [DeviceB] interface ethernet 1/3 [DeviceB-Ethernet1/3] port link-type trunk [DeviceB-Ethernet1/3] port trunk permit vlan 10 [DeviceB-Ethernet1/3] quit # Enable the cluster function. [DeviceB] cluster enable # Configure a private IP address range for the member devices, which is from 172.16.0.1 to 172.16.0.7.
Page 82: Configuring Cwmp (Tr-069)
Configuring CWMP (TR-069) Overview CPE WAN Management Protocol (CWMP), also called "TR-069," is a DSL Forum technical specification for remote management of home network devices. It defines the general framework, message format, management method, and data model for managing and configuring home network devices. CWMP applies mainly to DSL access networks, which are hard to manage because end-user devices are dispersed and large in number.
Page 83 A CPE is configured to send Inform messages periodically. The CPE automatically sends an Inform • message at the configured interval to establish connections. A CPE is configured to send an Inform message at a specific time. The CPE automatically sends an •...
Page 84: Cwmp Mechanism
ManufacturerOUI • • SerialNumber HardwareVersion • SoftwareVersion • • DeviceStatus UpTime • Configuration file (ConfigFile) • ACS address (URL) • ACS username (Username) • • ACS password (Password) PeriodicInformEnable • PeriodicInformInterval • PeriodicInformTime • CPE address (ConnectionRequestURL) • • CPE username (ConnectionRequestUsername) CPE password (ConnectionRequestPassword) •...
Page 85: Cwmp Configuration Approaches
Figure 29 Example of the CWMP message interaction The following steps show how CWMP works: Establish a TCP connection. Initialize SSL and establish a security connection. The CPE sends an Inform request message to initiate a CWMP connection. The Inform message carries the reason for sending this message in the Eventcode field.
Page 86: Configuring Acs And Cpe Attributes Through Acs
CPE, the DHCP server sends the ACS parameters in DHCP Option 43 to the CPE. If the DHCP server is an HP device that supports DHCP Option 43, you can configure the ACS parameters at the CLI with the command option 43 hex 01length URL username password, where: length is a hexadecimal string that indicates the total length of the length URL, username, and •...
Page 87: Enabling Cwmp
Task Remarks Enabling CWMP Required. Configuring ACS attributes: Required. • Configuring the ACS URL Supports configuration through ACS, DHCP, and CLI. Optional. • Configuring the ACS username and password Supports configuration through ACS, DHCP, and CLI. Configuring CPE attributes: Optional. •...
Page 88: Configuring The Acs Url
the request, if the parameter values in the request are consistent with those configured locally, the authentication succeeds, and the connection is allowed to be established. If not, the authentication fails, and the connection is not allowed to be established. Configuring the ACS URL You can assign only one ACS for a CPE and the ACS URL you configured overwrites the old one, if any.
Page 89: Configuring The Cpe Username And Password
Configuring the CPE username and password Step Command Remarks Enter system view. system-view Enter CWMP view. cwmp By default, no CPE username is Configure the CPE username configured for connection to the cwmp cpe username username for connection to the CPE. CPE.
Page 90: Configuring The Maximum Number Of Attempts Made To Retry A Connection
Step Command Remarks Enter system view. system-view Enter CWMP view. cwmp Enable the periodic sending cwmp cpe inform interval enable By default, this function is disabled. of Inform messages. Optional. Configure the interval between sending the Inform cwmp cpe inform interval seconds By default, the CPE sends an Inform messages.
Page 91: Configuring The Cpe Working Mode
To configure the close-wait timer for the CPE: Step Command Remarks Enter system view. system-view Enter CWMP view. cwmp Optional. Set the CPE close-wait timer. cwmp cpe wait timeout seconds The default setting is 30 seconds. Configuring the CPE working mode Configure the device to operate in one of the following CPE modes depending on its position in the network: Gateway mode—Enables the ACS to manage the device and any CPE attached to the device.
Page 92: Displaying And Maintaining Cwmp
Displaying and maintaining CWMP Task Command Remarks display cwmp configuration [ | Display CWMP configuration. { begin | exclude | include } Available in any view. regular-expression ] display cwmp status [ | { begin | Display the current status of exclude | include } Available in any view.
Page 93: Configuring Ip Accounting
Configuring IP accounting IP accounting collects IP packet statistics on the device. It uses IP accounting rules to classify packets and uses flow entries to store packet statistics in different tables. Each IP accounting rule specifies a subnet to match packets sourced from and destined to the subnet. Each flow entry records the source and destination IP addresses, protocol number, packet sum, and byte sum for a flow.
Page 94: Displaying And Maintaining Ip Accounting
Step Command Remarks • Enable IP accounting for valid incoming IP packets on the current interface: ip count inbound-packets • Enable IP accounting for valid outgoing IP packets on the current interface: ip count outbound-packets Select at least one type of packet •...
Page 95: Configuration Procedure
Figure 30 Network diagram Configuration procedure The two hosts can be replaced by other types of network devices such as routers. Configure the router: # Enable IP accounting. <Router> system-view [Router] ip count enable # Configure an IP accounting rule. [Router] ip count rule 1.1.1.1 24 # Set the timeout time to 1440 minutes (24 hours).
Page 96: Configuring Netstream
Configuring NetStream Overview Conventional ways to collect traffic statistics, like SNMP and port mirroring, cannot provide precise network management because of inflexible statistical methods or the high cost of required dedicated servers. This calls for a new technology to collect traffic statistics. NetStream provides statistics about network traffic flows, and it can be deployed on access, distribution, and core layers.
Page 97: Netstream Key Technologies
NetStream collector (NSC)—The NSC is usually a program running in UNIX or Windows. It parses • the packets sent from the NDE, and then it stores the statistics to the database for the NDA. The NSC gathers the data from multiple NDEs, and then it filters and aggregates the total received data. •...
Page 98 NetStream aggregation data export NetStream aggregation merges the flow statistics according to the aggregation criteria of an aggregation mode, and it sends the summarized data to the NetStream server. This process is the NetStream aggregation data export, which uses less bandwidth than traditional data export. For example, the aggregation mode configured on the NDE is protocol-port, which means that is aggregates statistics about flow entries by protocol number, source port, and destination port.
Page 99 Aggregation mode Aggregation criteria • Source prefix • Destination prefix • Source address mask length • Destination address mask length • Prefix-port aggregation • Protocol number • Source port • Destination port • Inbound interface index • Outbound interface index •...
Page 100: Netstream Export Formats
In an aggregation mode with AS, if the packets are not forwarded according to the BGP routing table, the statistics on the AS number cannot be obtained. In the aggregation mode of ToS-BGP-nexthop, if the packets are not forwarded according to the BGP routing table, the statistics on the BGP next hop cannot be obtained.
Page 101: Enabling Netstream On An Interface
Figure 32 NetStream configuration flow Start Enable NetStream Configure filtering Filter? Configure sampling Sample? Configure export format Configure flow aging Configure aggregation Aggregate? data export Configure common data export Complete these tasks to configure NetStream: Task Remarks Enabling NetStream on an interface Required.
Page 102: Configuring Netstream Filtering And Sampling
Step Command Remarks Enable NetStream on the ip netstream { inbound | outbound } Disabled by default. interface. Configuring NetStream filtering and sampling Before you configure NetStream filtering and sampling, use the ip netstream command to enable NetStream. Configuring NetStream filtering When you configure NetStream filtering, follow these guidelines: The NetStream filtering function is not effective on MPLS packets.
Page 103: Configuring Netstream Data Export
NetStream traditional data interface. interface-type interface-number export. HP recommends that you connect the network management interface to the NetStream server and configure it as the source interface. Optional.
Page 104: Configuring Attributes Of Netstream Export Data
If no source interface is export. configured in aggregation view, the source interface configured in system view, if any, is used. • HP recommends you connect the network management interface to the NetStream server. Enable the NetStream aggregation enable Disabled by default.
Page 105 Step Command Remarks Enter system view. system-view Optional. By default: • NetStream traditional data export Configure the version • ip netstream export version 5 uses version 5. for NetStream export [ origin-as | peer-as ] format, and specify • IPv4 NetStream aggregation data •...
Page 106: Configuring The Refresh Rate For Netstream Version 9 Templates
Configuring the refresh rate for NetStream version 9 templates Version 9 is template-based and supports user-defined formats, so the NetStream-enabled device needs to resend a new template to the NetStream server for an update. If the version 9 format is changed on the NetStream-enabled device and is not updated on the NetStream server, the server cannot associate the received statistics with its proper fields.
Page 107: Configuration Procedure
Forced aging • • TCP FIN- and RST-triggered aging (automatically triggered if a TCP connection is terminated) Periodical aging Periodical aging uses the following approaches: • Inactive flow aging—A flow is considered inactive if its statistics have not been changed, which means no packet for this NetStream entry arrives in the time specified by the ip netstream timeout inactive command.
Page 108: Displaying And Maintaining Netstream
Step Command Remarks Optional. Set the maximum entries that the cache can accommodate: By default, the cache can ip netstream max-entry max-entries Configure forced accommodate a maximum of aging of the Exit to user view: 100 entries. NetStream entries. quit The reset ip netstream Configure forced aging: statistics command also...
Page 109: Netstream Aggregation Data Export Configuration Example
Configuration procedure # Enable NetStream for incoming traffic on Ethernet 1/0. <RouterA> system-view [RouterA] interface ethernet 1/0 [RouterA-Ethernet1/0] ip address 11.110.2.1 255.255.0.0 [RouterA-Ethernet1/0] ip netstream inbound [RouterA-Ethernet1/0] quit # Enable NetStream for outgoing traffic on Ethernet1/1. [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ip address 12.110.2.1 255.255.0.0 [RouterA-Ethernet1/1] ip netstream outbound [RouterA-Ethernet1/1] quit...
Page 110 [RouterA-Ethernet1/0] ip address 3.1.1.1 255.255.0.0 [RouterA-Ethernet1/0] ip netstream inbound [RouterA-Ethernet1/0] ip netstream outbound [RouterA-Ethernet1/0] quit # In system view, configure the destination address and the destination UDP port number for the NetStream traditional data export with IP address 4.1.1.1 and port 5000. [RouterA] ip netstream export host 4.1.1.1 5000 # Configure the aggregation mode as AS, and, then, in aggregation view, configure the destination address and the destination UDP port number for the NetStream AS aggregation data export.
Page 111: Configuring Nqa
Configuring NQA Overview Network quality analyzer (NQA) allows you to monitor link status, measure network performance, verify the service levels for IP services and applications, and troubleshoot network problems. It provides the following types of operations: ICMP echo • DHCP •...
Page 112: Threshold Monitoring
Figure 37 Collaboration Application modules Detection module VRRP Static routing Associates with a Associates with detection entry a track entry Policy-based Track routing module Interface backup Sends the Sends the track detection result entry status Traffic redirection WLAN uplink detection The following describes how a static route destined for 192.168.0.88 is monitored through collaboration: NQA monitors the reachability to 192.168.0.88.
Page 113: Nqa Configuration Task List
NQA configuration task list Complete the following task to configure the NQA server: Task Remarks Required for NQA operations types of TCP, UDP echo, UDP Configuring the NQA server jitter, and voice. Complete these tasks to configure the NQA client: Task Remarks Enabling the NQA client...
Page 114: Configuring The Nqa Client
Step Command Remarks Enter system view. system-view Enable the NQA server. nqa server enable Disabled by default. • Method 1: nqa server tcp-connect ip-address port-number Configure a listening service. Use at least one method. • Method 2: nqa server udp-echo ip-address port-number Configuring the NQA client Enabling the NQA client...
Page 115: Configuring A Dhcp Operation
Step Command Remarks Optional. Configure the string to be By default, the string is the filled in the payload of each data-fill string hexadecimal number ICMP echo request. 00010203040506070809. Optional. Specify the VPN where the vpn-instance vpn-instance-name By default, the operation is operation is performed.
Page 116: Configuring A Dns Operation
Step Command Remarks By default, no interface is specified to perform a DHCP operation. Specify an interface to operation interface interface-type The specified interface must be up. perform the DHCP operation. interface-number Otherwise, no probe packets can be sent out. Configuring a DNS operation A DNS operation measures the time the NQA client uses to translate a domain name into an IP address through a DNS server.
Page 117: Configuring An Http Operation
Step Command Remarks Enter system view. system-view Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation operation-tag created. view. Specify the FTP type and enter type ftp its view. Specify the IP address of the FTP server as the destination By default, no destination IP destination ip ip-address...
Page 118: Configuring A Udp Jitter Operation
Step Command Remarks Specify the HTTP type and type http enter its view. Configure the IP address of the HTTP server as the By default, no destination IP destination ip ip-address destination address of HTTP address is configured. request packets. Optional.
Page 119 Step Command Remarks Create an NQA operation nqa entry admin-name By default, no NQA operation is and enter NQA operation operation-tag created. view. Specify the UDP jitter type type udp-jitter and enter its view. By default, no destination IP address is configured. Configure the destination destination ip ip-address The destination IP address must be...
Page 120: Configuring An Snmp Operation
NOTE: The display nqa history command does not show the results of the UDP jitter operation. Use the display nqa result command to display the results, or use the display nqa statistics command to display the statistics of the operation. Configuring an SNMP operation An SNMP operation measures the time the NQA client uses to get a value from an SNMP agent.
Page 121: Configuring A Udp Echo Operation
Step Command Remarks Specify the TCP type and type tcp enter its view. By default, no destination IP address is configured. Configure the destination The destination address must be destination ip ip-address address of TCP packets. the same as the IP address of the listening service configured on the NQA server.
Page 122: Configuring A Voice Operation
Step Command Remarks By default, no destination port number is configured. Configure the destination port destination port port-number The destination port number must of UDP packets. be the same as that of the listening service on the NQA server. Optional. Configure Payload size in data-size size each UDP packet.
Page 123 The evaluation of voice quality depends on users' tolerance for voice quality, which you should consider. For users with higher tolerance for voice quality, use the advantage-factor command to configure the advantage factor. When the system calculates the ICPIF value, it subtracts the advantage factor to modify ICPIF and MOS values, so both objective and subjective factors are considered.
Page 124: Configuring A Dlsw Operation
Step Command Remarks Optional. By default, the voice packet size depends on the codec type. The Configure Payload size in data-size size default packet size is 172 bytes for each voice packet. G.711A-law and G.711 μ-law codec type, and 32 bytes for G.729 A-law codec type.
Page 125: Configuring Optional Parameters For An Nqa Operation
Step Command Remarks Optional. By default, no source IP address is specified. Configure the source IP The source IP address must be the source ip ip-address address of probe packets. IP address of a local interface. The local interface must be up. Otherwise, no probe packets can be sent out.
Page 126: Configuring The Collaboration Function
Step Command Remarks Optional. Specify the TTL for probe 20 by default. ttl value packets. This setting is not available for the DHCP operation. Optional. Specify the ToS value in the IP 0 by default. packet header of probe tos value This setting is not available for the packets.
Page 127 An NQA operation supports the following threshold types: average—If the average value for the monitored performance metric either exceeds the upper threshold or goes below the lower threshold, a threshold violation occurs. accumulate—If the total number of times that the monitored performance metric is out of the specified value range reaches or exceeds the specified threshold, a threshold violation occurs.
Page 128 Step Command Remarks Specify an type { dhcp | dlsw | dns | ftp | http | icmp-echo | snmp | tcp | operation type udp-echo | udp-jitter | voice } and enter its view. • Enable sending traps to the NMS when specified conditions are met: reaction trap { probe-failure consecutive-probe-failures | test-complete | test-failure cumulate-probe-failures }...
Page 129: Configuring The Nqa Statistics Function
Configuring the NQA statistics function NQA collects statistics for an operation in a statistics group. To view information about the statistics groups, use the display nqa statistics command. To set the interval for collecting statistics, use the statistics interval command. If a new statistics group is to be saved when the number of statistics groups reaches the upper limit, the oldest statistics group is deleted.
Page 130: Scheduling An Nqa Operation
If the maxim number is reached, the earliest history records are removed. To configure the history records saving function: Step Command Remarks Enter system view. system-view Create an NQA By default, no NQA operation operation and enter nqa entry admin-name operation-tag is created.
Page 131: Displaying And Maintaining Nqa
All MSR routers support the nqa agent max-concurrent command, but they have different value ranges and default values: Hardware Value range and default value Value range: 1 to 50 MSR900 Default: 5 Value range: 1 to 50 MSR93X Default: 5 Value range: 1 to 50 MSR20-1X Default: 5...
Page 132: Nqa Configuration Examples
NQA configuration examples ICMP echo operation configuration example Network requirements As shown in Figure 38, configure and schedule an ICMP echo operation from the NQA client Device A to Device B through Device C to test the round-trip time. Figure 38 Network diagram Device C 10.1.1.2/24 10.2.2.1/24...
Page 133 # Enable saving history records and configure the maximum number of history records that can be saved as 10. [DeviceA-nqa-admin-test1-icmp-echo] history-record enable [DeviceA-nqa-admin-test1-icmp-echo] history-record number 10 [DeviceA-nqa-admin-test1-icmp-echo] quit # Start the ICMP echo operation. [DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the ICMP echo operation after a period of time.
Page 134: Dhcp Operation Configuration Example
DHCP operation configuration example Network requirements As shown in Figure 39, configure and schedule a DHCP operation to test the time required for Router A to obtain an IP address from the DHCP server (Router B). Figure 39 Network diagram Configuration procedure # Create a DHCP operation to be performed on interface Ethernet 1/1.
Page 135: Dns Operation Configuration Example
Succeeded 2011-11-22 09:54:03.8 The output shows that Router A uses 512 milliseconds to obtain an IP address from the DHCP server. DNS operation configuration example Network requirements As shown in Figure 40, configure a DNS operation to test whether Device A can translate the domain name host.com into an IP address through the DNS server, and test the time required for resolution.
Page 136: Ftp Operation Configuration Example
Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the DNS operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history record(s): Index...
Page 137: Http Operation Configuration Example
[DeviceA-nqa-admin-test1-ftp] filename config.txt # Enable the saving of history records. [DeviceA-nqa-admin-test1-ftp] history-record enable [DeviceA-nqa-admin-test1-ftp] quit # Start the FTP operation. [DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the FTP operation after a period of time. [DeviceA] undo nqa schedule admin test1 # Display the results of the FTP operation.
Page 138 # Configure static routes or a routing protocol to make sure the devices can reach each other. (Details not shown.) # Create an HTTP operation. <DeviceA> system-view [DeviceA] nqa entry admin test1 [DeviceA-nqa-admin-test1] type http # Specify the IP address of the HTTP server 10.2.2.2 as the destination IP address. [DeviceA-nqa-admin-test1-http] destination ip 10.2.2.2 # Configure the HTTP operation to get data from the HTTP server.
Page 139: Udp Jitter Operation Configuration Example
The output shows that Device A uses 64 milliseconds to obtain data from the HTTP server. UDP jitter operation configuration example Network requirements As shown in Figure 43, configure a UDP jitter operation to test the jitter, delay, and round-trip time between Device A and Device B.
Page 140 Square-Sum of round trip time: 3235 Last succeeded probe time: 2008-05-29 13:56:17.6 Extended results: Packet loss in test: 0% Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0...
Page 141: Snmp Operation Configuration Example
Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 UDP-jitter results: RTT number: 410 Min positive SD: 3 Min positive DS: 1 Max positive SD: 30 Max positive DS: 79 Positive SD number: 186 Positive DS number: 158 Positive SD sum: 2602...
Page 142: Tcp Operation Configuration Example
# Set the read community to public. [DeviceB] snmp-agent community read public # Set the write community to private. [DeviceB] snmp-agent community write private Configure Device A: # Create an SNMP operation, and configure 10.2.2.2 as the destination IP address. <DeviceA>...
Page 143 Figure 45 Network diagram Configuration procedure Assign each interface an IP address. (Details not shown.) Configure static routes or a routing protocol to make sure the devices can reach each other. (Details not shown.) Configure Device B: # Enable the NQA server. <DeviceB>...
Page 144: Udp Echo Operation Configuration Example
Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the TCP operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history record(s): Index Response Status Time...
Page 145: Voice Operation Configuration Example
[DeviceA] nqa schedule admin test1 start-time now lifetime forever # Stop the UDP echo operation after a period of time. [DeviceA] undo nqa schedule admin test1 # Display the results of the UDP echo operation. [DeviceA] display nqa result admin test1 NQA entry (admin admin, tag test1) test results: Destination IP address: 10.2.2.2 Send operation times: 1...
Page 146 [DeviceB] nqa server enable # Configure a listening service to listen on IP address 10.2.2.2 and UDP port 9000. [DeviceB] nqa server udp-echo 10.2.2.2 9000 Configure Device A: # Create a voice operation. <DeviceA> system-view [DeviceA] nqa entry admin test1 [DeviceA-nqa-admin-test1] type voice # Configure 10.2.2.2 as the destination IP address and port 9000 as the destination port.
Page 147 One way results: Max SD delay: 343 Max DS delay: 985 Min SD delay: 343 Min DS delay: 985 Number of SD delay: 1 Number of DS delay: 1 Sum of SD delay: 343 Sum of DS delay: 985 Square sum of SD delay: 117649 Square sum of DS delay: 970225 SD lost packet(s): 0 DS lost packet(s): 0...
Page 148: Dlsw Operation Configuration Example
Square sum of SD delay: 483202 Square sum of DS delay: 973651 SD lost packet(s): 0 DS lost packet(s): 0 Lost packet(s) for unknown reason: 0 Voice scores: Max MOS value: 4.38 Min MOS value: 4.38 Max ICPIF value: 0 Min ICPIF value: 0 DLSw operation configuration example Network requirements...
Page 149: Nqa Collaboration Configuration Example
Failures due to no connection: 0 Failures due to sequence error: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packet(s) arrived late: 0 # Display the history records of the DLSw operation. [DeviceA] display nqa history admin test1 NQA entry (admin admin, tag test1) history record(s): Index Response...
Page 150 [RouterA-nqa-admin-test1-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [RouterA-nqa-admin-test1-icmp-echo] quit # Start the ICMP echo operation. [RouterA] nqa schedule admin test1 start-time now lifetime forever On Router A, create track entry 1, and associate it with reaction entry 1 of the ICMP echo operation.
Page 151 Destinations : 4 Routes : 4 Destination/Mask Proto Cost NextHop Interface 10.2.1.0/24 Direct 0 10.2.1.2 Eth1/1 10.2.1.2/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 The output shows that the static route does not exist, and the status of the track entry is Negative.
Page 152: Configuring Ip Traffic Ordering
Configuring IP traffic ordering IP traffic ordering enables a device to collect and rank statistics for IP flows. An interface can be specified as an external or internal interface to collect traffic statistics: External interface—Collects only inbound traffic statistics (classified by source IP addresses). •...
Page 153 Figure 50 Network diagram Configuration procedure Configure IP traffic ordering: # Enable IP traffic ordering on Ethernet 1/1 and specify the interface as an internal interface to collect statistics. <Device> system-view [Device] interface ethernet 1/1 [Device-Ethernet1/1] ip address 192.168.1.4 24 # Set the statistics interval to 30 seconds.
Page 154: Configuring Sflow
Configuring sFlow Sampled Flow (sFlow) is a traffic monitoring technology used to collect and analyze traffic statistics. As shown in Figure 51, the sFlow system involves an sFlow agent embedded in a device and a remote sFlow collector. The sFlow agent collects interface counter information and packet content information and encapsulates the sampled information in sFlow packets.
Page 155: Configuring Flow Sampling
{ ip ip-address | the sFlow NOTE: ipv6 ipv6-address } agent. • HP recommends that you configure an IP address manually for the sFlow agent. • Only one IP address can be specified for the sFlow agent on the device. sflow collector collector-id...
Page 156: Configuring Counter Sampling
Configuring counter sampling Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Set the interval for counter Counter sampling is disabled by sflow counter interval seconds sampling. default. Specify the sFlow collector for No collector is specified for sflow counter collector collector-id counter sampling.
Page 157: Troubleshooting Sflow Configuration
# Configure parameters for an sFlow collector: specify sFlow collector ID 2, IP address 3.3.3.2, the default port number, and description of netserver for the sFlow collector. [Device] sflow collector 2 ip 3.3.3.2 description netserver Configure counter sampling: # Set the counter sampling interval to 120 seconds. [Device] interface ethernet 1/1 [Device-Ethernet1/1] sflow counter interval 120 # Specify sFlow collector 2 for counter sampling.
Page 158 Analysis The sFlow collector is not specified. • • sFlow is not configured on the interface. The IP address of the sFlow collector specified on the sFlow agent is different from that of the remote • sFlow collector. No IP address is configured for the Layer 3 interface on the device. Or the IP address is configured, •...
Page 159: Configuring Samplers
Configuring samplers Overview A sampler samples packets. The sampler selects a packet from among sequential packets, and it sends the packet to the service module for processing. The following sampling modes are available: • Fixed mode—The first packet is selected from among sequential packets in each sampling. Random mode—Any packet might be selected from among sequential packets in each sampling.
Page 160: Sampler Configuration Example
Sampler configuration example Network requirements As shown in Figure 53, configure IPv4 NetStream on Device to collect statistics on incoming and outgoing traffic on Ethernet 1/2. The NetStream data is sent to port 5000 on the NSC at 12.1 10.2.2/16. Do the following: Configure fixed sampling in the inbound direction to select the first packet from among 256 •...
Page 161 the number of packets for one sampling, and Device selected the first packet from among the 256 packets received on Ethernet 1/2. <Device> display sampler 256 Sampler name: 256 Index: 1, Mode: Fixed, Packet-interval: 8 Packet counter: 0, Random number: 1 Total packet number (processed/selected): 256/1 # Execute the display sampler command on Device to view the configuration and running information about sampler 1024.
Page 162: Configuring Poe
Configuring PoE Hardware compatibility PoE is available only for MSR50 routers that are installed with the MPU-G2, and MSR30- 1 6, MSR30-20, MSR30-40, MSR30-60, MSR50-40, and MSR50-60 routers that are installed with a PoE-capable switching module. Overview IEEE 802.3af-compliant power over Ethernet (PoE) enables a power sourcing equipment (PSE) to supply power to powered devices (PDs) through Ethernet interfaces over twisted pair cables.
Page 163: Enabling Poe
Before configuring PoE, make sure the PoE power supply and PSE are operating properly. Otherwise, either you cannot configure PoE or the PoE configuration does not take effect. If the PoE power supply is turned off while a device is starting up, the PoE configuration in the PoE profile might become invalid.
Page 164: Enabling Poe On A Poe Interface
If the PSE is not enabled with the PoE power management function, you cannot enable PoE for the • PSE. If the PSE is enabled with the PoE power management function, you can enable PoE for the PSE. • Whether the PSE can supply power depends on other factors, such as the power supply priority of the PSE.
Page 165: Detecting Pds
Step Command Remarks Optional. Configure a description for By default, no description for the the PD connected to the PoE poe pd-description text PD connected to the PoE interface interface. is available. Detecting PDs Enabling the PSE to detect nonstandard PDs There are standard PDs and nonstandard PDs.
Page 166: Configuring The Maximum Poe Interface Power
The maximum power of the PSE must be greater than or equal to the total maximum power of all critical PoE interfaces on the PSE to guarantee these PoE interfaces of power. To configure the maximum PSE power: Step Command Remarks Enter system view.
Page 167: Configuring Poe Interface Power Management
to critical, and this PSE preempts the power of the PSE that has a lower priority level. In this case, the PSE whose power is preempted is disconnected, but its configuration remains unchanged. If you change the priority of the PSE from critical to a lower level, other PSEs have an opportunity to be powered. To configure PSE power management: Step Command...
Page 168: Configuring The Poe Monitoring Function
Configuration prerequisites Enable PoE for PoE interfaces. Configuration procedure To configure PoE interface power management: Step Command Remarks Enter system view. system-view Configure PoE interface By default, this policy is not power management priority poe pd-policy priority configured. policy. interface interface-type Enter PoE interface view.
Page 169: Configuring A Poe Profile
A PoE profile is a collection of configurations that contain multiple PoE features. On large networks, you can apply a PoE profile to multiple PoE interfaces, and these interfaces have the same PoE features. If the PoE interface connecting to a PD changes to another one, instead of reconfiguring the features defined in the PoE profile one by one, you can apply the PoE profile from the original interface to the current one, simplifying the PoE configurations.
Page 170: Upgrading Pse Processing Software In Service
Step Command Apply the PoE profile to one or multiple PoE apply poe-profile { index index | name profile-name } interfaces. interface interface-range To apply the PoE profile in interface view: Step Command Enter system view. system-view Enter PoE interface view. interface interface-type interface-number Apply the PoE profile to the current PoE interface.
Page 171: Poe Configuration Example
Task Command Remarks Display power information for display poe power-usage [ | { begin | the PoE power supply and all Available in any view. exclude | include } regular-expression ] PSEs. display poe pse [ pse-id ] [ | { begin | Display PSE information.
Page 172 Figure 55 Network diagram Configuration procedure # Enable PoE for the PSE. <Sysname> system-view [Sysname] poe enable pse 10 [Sysname] poe enable pse 16 # Set the maximum power of PSE 10 to 400 watts. [Sysname] poe max-power 400 pse 10 # Enable PoE on GigabitEthernet 3/1 and GigabitEthernet 5/1.
Page 173: Troubleshooting Poe
Troubleshooting PoE Failure to set the priority of a PoE interface to critical Analysis The guaranteed remaining power of the PSE is lower than the maximum power of the PoE interface. • The priority of the PoE interface is already set. •...
Page 174: Configuring Port Mirroring
The HP MSR routers do not support configuring source ports in CPOS interface view. The HP MSR routers do not support using an aggregate interface as the monitor port. SIC-4FSW modules, DSIC-9FSW modules, MSR20- 1 X routers, and fixed Layer 2 Ethernet ports do not support inter-VLAN mirroring.
Page 175: Port Mirroring Classification And Implementation
Port mirroring classification and implementation Port mirroring includes local port mirroring and remote port mirroring based on whether the mirroring source and the mirroring destination are on the same device. Local port mirroring In local port mirroring, the mirroring source and mirroring destination are on the same device. You can configure local port mirroring by using the mirroring-group command or the mirror command.
Page 176: Configuring Source Ports For The Local Mirroring Group
Step Command Remarks Create a local mirroring No local mirroring group mirroring-group group-id local group. exists by default. NOTE: A local mirroring group takes effect only after you configure a monitor port and source port for it. The following matrix shows the feature and router compatibility: Feature MSR900 MSR93X...
Page 177: Configuring The Monitor Port For The Local Mirroring Group
• • HP recommends that you use a monitor port for port mirroring only. This is to make sure that the data monitoring device receives and analyzes only the mirrored traffic rather than a mix of mirrored traffic and other traffic.
Page 178: Configuring Remote Port Mirroring
Configuring remote port mirroring To configure remote port mirroring by using the mirror command: Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Mirror the traffic on the mirror number number { all | in | out } to By default, the traffic on an interface to a remote host.
Page 179: Configuration Procedure
Figure 56 Network diagram Configuration procedure # Create local mirroring group 1. <DeviceA> system-view [DeviceA] mirroring-group 1 local # Configure Ethernet 1/1 and Ethernet 1/2 as source ports, and configure port Ethernet 1/3 as the monitor port. [DeviceA] mirroring-group 1 mirroring-port ethernet 1/1 ethernet 1/2 both [DeviceA] mirroring-group 1 monitor-port ethernet 1/3 # Disable the spanning tree feature on the monitor port Ethernet 1/3.
Page 180: Configuring Traffic Mirroring
Configuring traffic mirroring The following matrix shows the feature and router compatibility: Feature MSR900 MSR93X MSR20-1X MSR20 MSR30 MSR50 MSR1000 Configuring traffic mirroring Overview Traffic mirroring copies specified packets to a specific destination for packet analysis and monitoring. Traffic mirroring is implemented through QoS policies. In other words, you define traffic classes and configure match criteria to classify packets to be mirrored, and then you configure traffic behaviors to mirror packets that fit the match criteria to the specified destination.
Page 181: Mirroring Traffic To An Interface
For more information about the traffic classifier and if-match commands, see ACL and QoS Command Reference. Mirroring traffic to an interface Step Command Remarks Enter system view. system-view By default, no traffic behavior exists. Create a behavior, and enter For more information about the traffic behavior behavior-name behavior view.
Page 182: Displaying And Maintaining Traffic Mirroring
Displaying and maintaining traffic mirroring Task Command Remarks display traffic behavior user-defined Display user-defined traffic [ behavior-name ] [ | { begin | exclude | Available in any view. behavior configuration. include } regular-expression ] display qos policy user-defined [ policy-name Display user-defined QoS policy [ classifier tcl-name ] ] [ | { begin | exclude | Available in any view.
Page 183 [DeviceA] acl number 3000 [DeviceA-acl-adv-3000] rule permit tcp source 192.168.2.0 0.0.0.255 destination-port eq www [DeviceA-acl-adv-3000] quit # Create traffic class tech_c, and then configure the match criterion as ACL 3000. [DeviceA] traffic classifier tech_c [DeviceA-classifier-tech_c] if-match acl 3000 [DeviceA-classifier-tech_c] quit # Create traffic behavior tech_b, and then configure the action of mirroring traffic to port Ethernet 1/3.
Page 184: Verifying The Configuration
[DeviceA-Ethernet1/2] qos apply policy mkt_p outbound Verifying the configuration # Verify that you can monitor the following traffic through the server: All traffic sent by the technical department to access the Internet. • All IP traffic that the technical department sends to the marketing department during working hours. •...
Page 185: Configuring The Information Center
Configuring the information center Overview The information center collects and classifies system information as follows: Receives system information including log, trap, and debug information from source modules. • Outputs system information to different information channels, according to user-defined output • rules.
Page 186: Output Channels And Destinations
Corresponding Severity Severity Description keyword in value commands Action must be taken immediately to solve a serious problem. For example, traffic on an interface exceeds the Alert alerts upper limit. Critical condition. For example, the device temperature Critical exceeds the upper limit, the power module fails or the fan critical tray fails.
Page 187: Default Output Rules Of System Information
The following matrix shows the feature and router compatibility: MSR20-1 MSR10 Feature MSR900 MSR93X MSR20 MSR30 MSR50 Yes except Eight output the log file destinations and Yes. Yes. Yes. Yes. Yes. Yes. output ten channels destination. Default output rules of system information A default output rule specifies the system information source modules, information type, and severity levels for an output destination.
Page 188: System Information Formats
%Jun 26 17:08:35:809 2008 Sysname trapbuffer, SNMP module/level/digest: content SHELL/4/LOGIN: VTY login from 1.1.1.1. module, or log file • HP format: <189>Oct 9 14:59:04 2009 Sysname %%10SHELL/5/SHELL_LOGIN(l): • HP format: VTY logged in from 192.168.1.21. <PRI>timestamp •...
Page 189 It is displayed only if the system information is sent to the log host in the UNICOM format. This optional field identifies the source of the information. It is displayed only if the system information is sent to a log host in HP format. It can take one of the following values: source •...
Page 190: Fips Compliance
Table 10 Description of the timestamp parameters Timestamp Description Example parameters Time since system startup, in the format of %0.109391473 Sysname xxx.yyy. xxx represents the higher 32 bits, FTPD/5/FTPD_LOGIN: User ftp and yyy represents the lower 32 bits, of (192.168.1.23) has logged in boot milliseconds elapsed.
Page 191: Information Center Configuration Task List
Hardware FIPS mode MSR50 Yes. MSR1000 Yes. Information center configuration task list Task Remarks Outputting system information to the console Optional. Outputting system information to the monitor terminal Optional. Outputting system information to a log host Optional. Outputting system information to the trap buffer Optional.
Page 192: Outputting System Information To The Monitor Terminal
Step Command Remarks Optional. Configure the timestamp info-center timestamp { debugging By default, the timestamp format format. | log | trap } { boot | date | none } for log, trap and debug information is date. Return to user view. quit Optional.
Page 193: Outputting System Information To A Log Host
Step Command Remarks Optional. Configure the timestamp info-center timestamp { debugging By default, the timestamp format format. | log | trap } { boot | date | none } for log, trap and debug information is date. Return to user view. quit The default setting is disabled.
Page 194: Outputting System Information To The Trap Buffer
Set the format to UNICOM: Set the format of the info-center format unicom Optional. system information sent • Set the format to HP: HP by default. to a log host. undo info-center format By default, no log host or related parameters are specified.
Page 195: Outputting System Information To The Log Buffer
Step Command Remarks Optional. Configure the timestamp info-center timestamp { debugging The timestamp format for log, trap format. | log | trap } { boot | date | none } and debug information is date by default. Outputting system information to the log buffer The log buffer only receives log information, and discards trap and debug information.
Page 196: Outputting System Information To The Web Interface
Step Command Remarks Optional. Enable the information center. info-center enable Enabled by default. Optional. info-center channel Name the channel with a channel-number name Table 6 for default channel specified channel number. channel-name names. Optional. info-center snmp channel By default, system information is Configure an output channel { channel-number | output to the SNMP module...
Page 197: Saving System Information To A Log File
Step Command Remarks info-center source { module-name | default } channel { channel-number Optional. Configure an output rule for | channel-name } [ debug { level "Default output rules of system the Web interface. severity | state state }* | log { level information."...
Page 198: Managing Security Logs
Step Command Remarks Optional. By default, the log file is saved in the logfile directory under the root directory of the storage device (the Configure the directory to info-center logfile switch-directory root directory of a storage device save the log files. dir-name varies with devices).
Page 199: Saving Security Logs Into The Security Log File
To solve this problem, you can save security logs into a security log file without affecting the current log output rules. After logging in to the device, the system administrator can enable the saving of security logs into the security log file and configure related parameters. However, the system administrator cannot perform any operations on the security log file.
Page 200: Managing The Security Log File
MSR20- MSR100 Feature MSR900 MSR93X MSR20 MSR30 MSR50 Saving security logs into the Yes. Yes. Yes. Yes. Yes. Yes. security log file Managing the security log file Task Command Remarks display security-logfile summary Optional. Display a summary of the security [ | { begin | exclude | include } log file.
Page 201 Task Command Remarks • Display the contents of the specified file: more file-url • Display information about all files and folders: dir [ /all ] [ file-url ] • Create a folder in a specified directory on the storage medium: mkdir directory •...
Page 202: Enabling Synchronous Information Output
Task Command Remarks • Establish an FTP connection: ftp [ server-address [ service-port ] [ [ vpn-instance vpn-instance-name ] | Optional. [ source { interface interface-type The ftp and ftp ipv6 commands are interface-number | ip available in user view. The other source-ip-address } ] ] ] commands are available in FTP •...
Page 203: Disabling An Interface From Generating Link Up/Down Logging Information
Disabling an interface from generating link up/down logging information By default, all interfaces generate link up or link down log information when the state changes. In some cases, you might want to disable specific interfaces from generating this information. For example: You are concerned only about the states of some interfaces.
Page 204: Information Center Configuration Examples
Task Command Remarks display trapbuffer [ reverse ] [ size Display the state and the trap buffersize ] [ | { begin | exclude | Available in any view. information of the trap buffer. include } regular-expression ] Clear the log buffer. reset logbuffer Available in user view.
Page 205: Outputting Log Information To A Unix Log Host
To avoid output of unnecessary information, disable the output of log, trap, and debug information of all modules on the specified channel (console in this example), and then configure the output rule as needed. # Configure an output rule to enable the ARP and IP modules to send log information that has a severity level of at least informational to the console.
Page 206: Outputting Log Information To A Linux Log Host
# Configure an output rule to output to the log host ARP and IP log information that has a severity level of at least informational. [Device] info-center source arp channel loghost log level informational state on trap state off [Device] info-center source ip channel loghost log level informational state on trap state off Configure the log host: The following configurations were performed on Solaris which has similar configurations to the...
Page 207 Figure 61 Network diagram Configuration procedure Before the configuration, make sure the device and the log host can reach each other. (Details not shown.) Configure the device: # Enable the information center. <Sysname> system-view [Sysname] info-center enable # Specify the host 1.2.0.1/16 as the log host, use the channel loghost to output log information, and specify local5 as the logging facility.
Page 208 # ps -ae | grep syslogd # kill -9 147 # syslogd -r & Make sure the syslogd process is started with the -r option on a Linux log host. Now, the system can record log information into the log file.
Page 209: Using Ping, Tracert, And System Debugging
Using ping, tracert, and system debugging Use the ping, tracert, and system debugging utilities to test network connectivity and identify network problems. Ping The ping utility sends ICMP echo requests (ECHO-REQUEST) to the destination device. Upon receiving the requests, the destination device responds with ICMP echo replies (ECHO-REPLY) to the source device. The source device outputs statistics about the ping operation, including the number of packets sent, number of echo replies received, and the round-trip time.
Page 210 Figure 62 Network diagram Configuration procedure # Use the ping command on Device A to test connectivity to Device C. <DeviceA> ping 1.1.2.2 PING 1.1.2.2: 56 data bytes, press CTRL_C to break Reply from 1.1.2.2: bytes=56 Sequence=1 ttl=254 time=205 ms Reply from 1.1.2.2: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 1.1.2.2: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 1.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms...
Page 211: Tracert
1.1.1.1 Reply from 1.1.2.2: bytes=56 Sequence=4 ttl=254 time=1 ms Record Route: 1.1.2.1 1.1.2.2 1.1.1.2 1.1.1.1 Reply from 1.1.2.2: bytes=56 Sequence=5 ttl=254 time=1 ms Record Route: 1.1.2.1 1.1.2.2 1.1.1.2 1.1.1.1 --- 1.1.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/11/53 ms The test procedure with the ping –r command (see...
Page 212: Prerequisites
Enable sending of ICMP timeout packets on the intermediate devices (devices between the source • and destination devices). If the intermediate devices are HP devices, execute the ip ttl-expires enable command on the devices. For more information about this command, see Layer 3—IP Services Command Reference.
Page 213: Using A Tracert Command To Identify Failed Or All Nodes In A Path
Enable sending of ICMPv6 timeout packets on the intermediate devices (devices between the • source and destination devices). If the intermediate devices are HP devices, execute the ipv6 hoplimit-expires enable command on the devices. For more information about this command, see Layer 3—IP Services Command Reference.
Page 214: Debugging A Feature Module
displayed on a terminal (including console or VTY). You can also send debugging information to other destinations. For more information, see "Configuring the information center." Figure 64 Relationship between the protocol and screen output switch Debugging a feature module Output of debugging commands is memory intensive. To guarantee system performance, enable debugging only for modules that are in an exceptional condition.
Page 215: Ping And Tracert Example
Step Command Remarks display debugging [ interface interface-type interface-number ] Optional. Display the enabled [ module-name ] [ | { begin | debugging functions. Available in any view. exclude | include } regular-expression ] Ping and tracert example Network requirements As shown in Figure 65, Device A failed to Telnet Device C.
Page 216 * * * <DeviceA> The output shows that Device A and Device C cannot reach other, Device A and Device B can reach each other, and an error occurred on the connection between Device B and Device C. # Use the debugging ip icmp command on Device A and Device C to verify that they can send and receive the specific ICMP packets, or use the display ip routing-table command to verify the availability of active routes between Device A and Device C.
Page 217: Configuring Ipv6 Netstream
Configuring IPv6 NetStream Overview Legacy ways to collect traffic statistics, like SNMP and port mirroring, cannot provide precise network management because of inflexible statistical methods or the high cost of required dedicated servers. This calls for a new technology to collect traffic statistics. IPv6 NetStream provides statistics about network traffic flows, and it can be deployed on access, distribution, and core layers.
Page 218: Ipv6 Netstream Key Technologies
NetStream collector (NSC)—The NSC is usually a program running in UNIX or Windows. It parses • the packets sent from the NDE, and then it stores the statistics to the database for the NDA. The NSC gathers the data from multiple NDEs. •...
Page 219: Ipv6 Netstream Export Format
IPv6 NetStream aggregation data export IPv6 NetStream aggregation merges the flow statistics according to the aggregation criteria of an aggregation mode, and it sends the summarized data to the IPv6 NetStream server. This process is the IPv6 NetStream aggregation data export, which uses less bandwidth than traditional data export. Table 12 lists the six IPv6 NetStream aggregation modes are supported.
Page 220: Ipv6 Netstream Configuration Task List
The version 9 format template-based feature provides support of different statistics, such as BGP next hop and MPLS information. IPv6 NetStream configuration task list Before you configure IPv6 NetStream, verify that the following configurations are proper, as needed: Make sure which device you want to enable IPv6 NetStream on. •...
Page 221: Configuring Ipv6 Netstream Aggregation Data Export
IPv6 source interface NetStream server) is used as the source interface. NetStream traditional interface-type HP recommends that you connect the network data export. interface-number management interface to the NetStream server and configure it as the source interface. Optional.
Page 222: Configuring Attributes Of Ipv6 Netstream Data Export
• HP recommends you connect the network management interface to the NetStream server. Enable the current IPv6 NetStream enable Disabled by default aggregation configuration.
Page 223: Configuring The Refresh Rate For Ipv6 Netstream Version 9 Templates
Step Command Remarks Optional. By default: Configure the version for IPv6 NetStream ipv6 netstream export • Version 9 format is used to export IPv6 export format, and version 9 [ origin-as | NetStream traditional data, IPv6 NetStream specify whether to peer-as ] aggregation data, and MPLS flow data with IPv6 record AS and BGP...
Page 224: Configuration Procedure
Inactive flow aging—A flow is considered inactive if its statistics have not been changed. No • packet for this IPv6 NetStream entry arrives in the time specified by the ipv6 netstream timeout inactive command. The inactive flow entry remains in the cache until the inactive timer expires. Then, the inactive flow is aged out and its statistics, which can no longer be displayed by the display ipv6 netstream cache command, are sent to the NetStream server.
Page 225: Displaying And Maintaining Ipv6 Netstream
Displaying and maintaining IPv6 NetStream Task Command Remarks display ipv6 netstream cache [ verbose ] Display IPv6 NetStream entry information in Available in any [ | { begin | exclude | include } the cache. view. regular-expression ] Display information about IPv6 NetStream display ipv6 netstream export [ | { begin | Available in any data export.
Page 226: Ipv6 Netstream Aggregation Data Export Configuration Example
# Configure the destination address and the destination UDP port number for the IPv6 NetStream traditional data export. [RouterA] ipv6 netstream export host 12.110.2.2 5000 IPv6 NetStream aggregation data export configuration example Network requirements As shown in Figure 68, configure IPv6 NetStream on Router A so that: •...
Page 227 [RouterA-ns6-aggregation-as] ipv6 netstream export host 4.1.1.1 2000 [RouterA-ns6-aggregation-as] quit # Configure the aggregation mode as protocol-port, and then, in aggregation view, configure the destination address and the destination UDP port number for the IPv6 NetStream protocol-port aggregation data export. [RouterA] ipv6 netstream aggregation protocol-port [RouterA-ns6-aggregation-protport] enable [RouterA-ns6-aggregation-protport] ipv6 netstream export host 4.1.1.1 3000 [RouterA-ns6-aggregation-protport] quit...
Page 228: Support And Other Resources
Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...
Page 229: Conventions
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
Page 230 Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 231: Index
Index NMM NTP client/server mode with MPLS VPN time synchronization, AC input undervoltage threshold configure failure NMM NTP symmetric peers mode with MPLS VPN PoE troubleshooting, time synchronization, access authenticating MIB view-based access control (SNMP), NTP broadcast authentication configuration, access control NTP broadcast mode with authentication, NTP access control rights configuration, NTP client/server mode authentication...
Page 232 enabling (NQA), data export (IPv6 NetStream), client/server data export (NetStream), NMM NTP client/server mode MPLS VPN time data export format (IPv6 NetStream), synchronization, DHCP operation (NQA), client/server operation mode DLSw operation (NQA), 115, NTP, DNS operation (NQA), 107, NTP authentication, 35, filtering (NetStream), NTP configuration, 30, flow sampling (sFlow),...
Page 233 NTP broadcast mode with authentication, SNMPv2c, NTP broadcast operation mode, 31, SNMPv2c basic parameters, NTP broadcast server, SNMPv3, NTP client/server mode authentication, SNMPv3 basic parameters, NTP client/server mode with authentication, statistics function (NQA), NTP client/server operation mode, 30, TCP operation (NQA), 111, NTP local clock as reference source, threshold monitoring (NQA), NTP max number dynamic sessions,...
Page 234 CPE status and performance monitoring, information center log save to log file, CPE system software image file and information center security log file configuration file management, management, CPE username and password configuration, information center security log save to security log file, CPE working mode, NMM information center configuration,...
Page 235 cluster function, FIN-triggered flow aging (NetStream), IP traffic ordering, FIPS management VLAN autonegotiation, information center FIPS compliance, NDP for specific ports, fixed mode (NMM sampler), NDP globally, flow NetStream, aging (NetStream), NQA client, configuring NetStream flow aging, 97, NTDP for specific ports, configuring sampling (sFlow), NTDP globally, enabling IP traffic ordering,...
Page 236 configuring local mirroring group source enabling system information synchronous ports, output, configuring RMON alarm, FIPS compliance, configuring RMON Ethernet statistics, maintaining, configuring RMON history, outputting system information console, creating local mirroring group, outputting system information log buffer, Ethernet statistics (RMON), outputting system information log host, event (RMON), outputting system information monitor...
Page 237 IP accounting configuration, 84, 84, information center security log file management, IP traffic ordering information center security log management, configuration, 143, information center security log save to security log displaying, file, 189, enabling, NMM information center configuration, IP traffic ordering interval outputting information (console), setting, outputting information (Linux log host),...
Page 238 retry a connection, maximum power IPv6 NetStream, PoE profile configuration, NetStream, mechanism pass authentication, IPv6 NetStream, send response, NetStream, TCP connection, member device enabling, roles in cluster, NDP information message NDP, NTP message receipt disable, NDP parameters NTP message source interface specification, configuring, NDP table configuring (SNMP),...
Page 239 configuring SNMPv2c, configuring NetStream, 87, configuring SNMPv3, configuring NQA, 102, feature module debug, configuring port mirroring, information center log save to log file, configuring RMON, information center security log file configuring sFlow, 145, management, configuring SNMP, 1, information center security log save to security configuring traffic mirroring, log file, CWMP configuration,...
Page 240 ping address reachability determination, authentication configuration, ping and tracert, broadcast client configuration, ping connectivity test, broadcast mode authentication configuration, sampler configuration, 150, broadcast mode with authentication, sampler creation, broadcast operation mode, system debugging, 200, broadcast operation mode configuration, 31, system maintenance, broadcast server configuration, tracert, client/server mode authentication...
Page 241 NTP configuration, ping and tracert NTP multicast, node failure identification, NTP multicast configuration, 31, NTP symmetric peers, configuration, 153, 153, NTP symmetric peers configuration, 30, detect nonstandard PDs enable, outputting displaying, configuring information center, enabling, enabling system information synchronous interface power management configure, output, maximum PoE interface power configure, log information (console),...
Page 242 NTP client/server operation mode collecting topology information, configuration, 30, configuring ACS attributes, NTP configuration, 23, configuring agent sending traps to host (SNMP), NTP local clock as reference source configuring aggregation data export (IPv6 configuration, NetStream), NTP message receipt disable, configuring close-wait timer of CPE, NTP message source interface specification, configuring cluster management protocol NTP multicast mode authentication...
Page 243 configuring NDP parameters, configuring PoE, 153, configuring NetStream flow aging, 97, configuring PoE interface power management, configuring NMM information center, configuring PoE interface using PoE profile, configuring NMM NTP client/server mode with MPLS VPN time synchronization, configuring PoE monitoring, configuring NMM NTP symmetric peers mode configuring PoE profile, with MPLS VPN time synchronization, configuring QoS policy (traffic mirroring),...
Page 244 determining address reachability with maintaining SNMP, ping, maintaining traffic mirroring, disabling a port from generating link up/down managing information center security log, logging information, managing information center security log file, disabling interface receipt of NTP outputting log information (console), messages, outputting log information (Linux log host), displaying information center, outputting log information (UNIX log host),...
Page 245 port mirroring, NTP optional parameter configuration, port mirroring configuration, NTP symmetric peers mode authentication configuration, RMON NTP symmetric peers operation mode alarm group, configuration, 30, configuring, RST-triggered flow aging (NetStream), configuring alarm function, rule configuring alarm group, IP accounting configuration, 84, 84, configuring Ethernet statistics function, system information default output rules, configuring Ethernet statistics group,...
Page 246 setting basic parameter configuration, IP traffic ordering interval, configuring, severity level (system information), protocol version, sFlow source configuring, 145, configuring local mirroring group port, configuring agent, port mirroring, configuring collector information, specifying configuring counter sampling, NTP message source interface, configuring flow sampling, SSL client policy to ACS, displaying, statistics...
Page 247 feature module debug, NetStream, ping, 200, testing ping and tracert, ping network connectivity test, ping connectivity test, testing configuration (NQA), tracert, 200, threshold monitoring tracert node failure identification, configuring (NQA), system information NQA, channels, toggling classifying, management and member device CLIs, configuring information center, topology information default output rules,...
Page 248 trap buffer output (system information), NTP symmetric peers mode authentication configuration, trapping NTP symmetric peers operation mode configuring agent sending to host (SNMP), configuration, 30, configuring information center, UNIX log host, configuring SNMP function, upgrading default output rules (system information), PSE processing software, enabling SNMP function, troubleshooting...

HP MSR Series Configuration Manual

Quick Links

Troubleshooting

Related Manuals for HP MSR Series

Summary of Contents for HP MSR Series