Copyright Huawei Technologies Co., Ltd. 2010. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.
Website: Email:
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Intended Audience
This document describes the functions of and the operation procedures, steps, and precautions for the iManager U2000 Multi-service Control Gateway NE Explorer. This document helps you to understand how to use the iManager U2000 Multi-service Control Gateway NE Explorer to manage multi-service control gateways. This document is intended for: l l l l l Installation and Commissioning Engineer Network Monitoring Engineer Data Configuration Engineer NM Administrator System Maintenance Engineer
Symbol Conventions
The symbols that may be found in this document are defined as follows. Symbol Description
DANGER
Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury.
Issue 03 (2010-11-19)
iii
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Symbol
Description Indicates a hazard with a medium or low level of risk, which if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement important points of the main text.
WARNING
CAUTION
TIP
NOTE
Command Conventions
The command conventions that may be found in this document are defined as follows. Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] { x | y | ... }* Description The keywords of a command line are in boldface. Command arguments are in italics. Items (keywords or arguments) in brackets [ ] are optional. Optional items are grouped in braces and separated by vertical bars. One item is selected. Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected. Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected.
[ x | y | ... ]*
GUI Conventions
The GUI conventions that may be found in this document are defined as follows. Convention Boldface Description Buttons, menus, parameters, tabs, window, and dialog titles are in boldface. For example, click OK.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iv
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Convention >
Description Multi-level menus are in boldface and separated by the ">" signs. For example, choose File > Create > Folder.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
vi
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Contents
Contents
About This Document...................................................................................................................iii 1 Setting Telnet/STelnet Parameters.........................................................................................1-1
1.1 Configuring a Telnet/STelnet Parameter Template.........................................................................................1-2 1.2 Setting Telnet/STelnet Parameters with a Template.......................................................................................1-2 1.3 Manually Modifying Equipment Telnet/STelnet Parameters.........................................................................1-3
2 Managing Devices......................................................................................................................2-1
2.1 Viewing System Information..........................................................................................................................2-2 2.2 Setting the IP Address of an NE......................................................................................................................2-2 2.3 NE Panel Management....................................................................................................................................2-3 2.3.1 Viewing the NE Panel............................................................................................................................2-3 2.3.2 Resetting a Card.....................................................................................................................................2-4 2.4 Refreshing Board Information........................................................................................................................2-5 2.5 Managing Abnormal Resources......................................................................................................................2-6 2.5.1 Viewing Abnormal Resources...............................................................................................................2-6 2.5.2 Viewing Dependency Between Abnormal Resources............................................................................2-6 2.5.3 Exporting Abnormal Resources.............................................................................................................2-7
3 Interface Management...............................................................................................................3-1
3.1 Interface Management Overview....................................................................................................................3-4 3.1.1 Interface Management Functions...........................................................................................................3-4 3.1.2 Basic Concepts.......................................................................................................................................3-4 3.2 General Interface Configuration......................................................................................................................3-8 3.2.1 Configuring Interface Information.........................................................................................................3-8 3.2.2 Enabling and Disabling an Interface....................................................................................................3-10 3.2.3 Enabling and Disabling IPv6 on an Interface.......................................................................................3-10 3.2.4 Monitoring the Real-Time Performance of Interfaces.........................................................................3-11 3.3 Configuring an Ethernet Interface.................................................................................................................3-12 3.4 Creating an Ethernet Subinterface.................................................................................................................3-13 3.5 Configuring a POS Interface.........................................................................................................................3-14 3.6 Creating an Eth-Trunk Interface....................................................................................................................3-15 3.7 Creating an Eth-Trunk Subinterface..............................................................................................................3-17 3.8 Creating an IP-Trunk Interface......................................................................................................................3-18 3.9 Configuring an ATM Interface.....................................................................................................................3-19 Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. vii
Contents
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3.10 Creating an ATM Subinterface...................................................................................................................3-20 3.11 Creating a Tunnel Interface.........................................................................................................................3-21 3.12 Creating a VE Interface...............................................................................................................................3-21 3.13 Creating a VE Subinterface.........................................................................................................................3-22 3.14 Creating a Loopback Interface....................................................................................................................3-23 3.15 Creating a VT Interface...............................................................................................................................3-24
4 NE Channel Management........................................................................................................4-1
4.1 Overview of NE Channel Management..........................................................................................................4-2 4.1.1 Functions of NE Channel Management.................................................................................................4-2 4.1.2 Concepts.................................................................................................................................................4-2 4.2 Configuring the VTY Service.........................................................................................................................4-3 4.3 Configuring the Status of the FTP Server.......................................................................................................4-4 4.4 Configuring the Syslog Service.......................................................................................................................4-4 4.4.1 Configuring the Syslog Source Interface...............................................................................................4-5 4.4.2 Creating the Log Host............................................................................................................................4-5 4.4.3 Configuring the Advanced Attributes of the Syslog Service.................................................................4-6 4.5 Configuring the Trap Service..........................................................................................................................4-6 4.5.1 Configuring the Alarm Source Interface................................................................................................4-6 4.5.2 Creating a Trap Receiving Host.............................................................................................................4-7 4.5.3 Configuring the Module for Sending Traps...........................................................................................4-8 4.5.4 Configuring the Advanced Attributes of the Trap Service.....................................................................4-9
5 ACL Management......................................................................................................................5-1
5.1 ACL Management Overview..........................................................................................................................5-2 5.1.1 ACL Management Functions.................................................................................................................5-2 5.1.2 Basic Concepts.......................................................................................................................................5-2 5.2 Process of Configuring an ACL Service.........................................................................................................5-4 5.3 Configuring a Time Range..............................................................................................................................5-5 5.3.1 Creating a Time Range...........................................................................................................................5-5 5.3.2 Creating an Absolute Time Range.........................................................................................................5-6 5.3.3 Creating a Periodic Time Range............................................................................................................5-7 5.4 Creating an ACL Group..................................................................................................................................5-7 5.5 Configuring ACL Rules..................................................................................................................................5-8 5.5.1 Creating a Basic Rule.............................................................................................................................5-9 5.5.2 Creating an Interface Rule....................................................................................................................5-10 5.5.3 Creating an Advanced Rule..................................................................................................................5-10 5.5.4 Creating a User Group Rule.................................................................................................................5-11 5.5.5 Creating a Simple Rule........................................................................................................................5-12 5.5.6 Creating an Ethernet Frame Rule.........................................................................................................5-13 5.6 Example for Configuring an ACL Service....................................................................................................5-14
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Contents
6.1.1 Ethernet OAM Management Functions.................................................................................................6-2 6.1.2 802.1ag OAM Concepts.........................................................................................................................6-3 6.1.3 Test Diagnosis Concepts........................................................................................................................6-6 6.2 Processes of Configuring the Ethernet OAM..................................................................................................6-7 6.3 Configuring Ethernet OAM Globally............................................................................................................. 6-9 6.4 Configuring 802.1ag OAM...........................................................................................................................6-10 6.4.1 Creating an MD....................................................................................................................................6-10 6.4.2 Creating an MA....................................................................................................................................6-11 6.4.3 Creating a Local MEP..........................................................................................................................6-11 6.4.4 Creating a Remote MEP.......................................................................................................................6-12 6.4.5 Configuring the MIP Creation Policy on a Specified Interface...........................................................6-13 6.5 Configuring 802.3ah OAM...........................................................................................................................6-14 6.5.1 Setting Port Parameters........................................................................................................................6-14 6.5.2 Synchronizing the OAM Session.........................................................................................................6-15 6.5.3 Performing a Loopback Test................................................................................................................6-16 6.6 Configuring Test Diagnosis..........................................................................................................................6-17 6.6.1 Creating or Running a Diagnosis Task Based on 802.1ag...................................................................6-17 6.6.2 Creating a General Test Diagnosis Task..............................................................................................6-18
7 Route Management....................................................................................................................7-1
7.1 Route Management Overview.........................................................................................................................7-2 7.1.1 Functions of Route Management........................................................................................................... 7-2 7.1.2 Basic Concepts.......................................................................................................................................7-2 7.2 Viewing Routing Information.........................................................................................................................7-5 7.3 Creating a Static Route....................................................................................................................................7-6 7.4 Creating a BGP Route.....................................................................................................................................7-7 7.4.1 Configuring Basic Information About BGP...........................................................................................7-8 7.4.2 Creating a BGP Peer Group...................................................................................................................7-8 7.4.3 Creating a BGP Peer............................................................................................................................7-10 7.4.4 Importing an External Route................................................................................................................7-12 7.4.5 Distributing a Route.............................................................................................................................7-12 7.4.6 Creating a VPN Instance Address Family............................................................................................7-13 7.4.7 Setting a VPN IPv4 Address Family....................................................................................................7-13 7.4.8 Creating a VPLS Address Family........................................................................................................7-14 7.5 Creating an OSPF Route...............................................................................................................................7-15 7.5.1 Creating an OSPF Process....................................................................................................................7-15 7.5.2 Creating an OSPF Interface..................................................................................................................7-16 7.6 Creating an IS-IS Route................................................................................................................................7-17 7.6.1 Creating an IS-IS Process.....................................................................................................................7-17 7.6.2 Creating an IS-IS Interface...................................................................................................................7-18 7.7 Creating a Routing Policy.............................................................................................................................7-19 7.8 Viewing Running Information......................................................................................................................7-19 7.8.1 Viewing the Running Information About a BGP Peer Group.............................................................7-20 Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. ix
Contents
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management 7.8.2 Viewing the Running Information About a BGP Peer.........................................................................7-20 7.8.3 Viewing OSPF Running Information...................................................................................................7-21 7.8.4 Viewing IS-IS Running Information....................................................................................................7-23
8 MPLS Management...................................................................................................................8-1
8.1 MPLS Management Overview........................................................................................................................8-2 8.1.1 MPLS Management Functions...............................................................................................................8-2 8.1.2 Basic Concepts.......................................................................................................................................8-2 8.2 Configuring MPLS and MPLS TE..................................................................................................................8-4 8.2.1 Configuring MPLS on the NE................................................................................................................8-4 8.2.2 Configuring MPLS TE on the NE..........................................................................................................8-5 8.2.3 Configuring MPLS and MPLS TE on an Interface................................................................................8-7 8.3 Creating a Static LSP Segment.....................................................................................................................8-11 8.4 Configuring a Tunnel....................................................................................................................................8-12 8.4.1 Adding a Tunnel...................................................................................................................................8-12 8.4.2 Creating an Explicit Path......................................................................................................................8-14 8.5 Configuring MPLS OAM Detection.............................................................................................................8-16 8.5.1 Configuring MPLS OAM Ingress Detection.......................................................................................8-16 8.5.2 Configuring MPLS OAM Egress Detection........................................................................................8-17 8.5.3 Starting and Stopping MPLS OAM Detection.....................................................................................8-18 8.6 Creating a Protection Group..........................................................................................................................8-19 8.7 Counting LSPs...............................................................................................................................................8-20 8.8 Viewing a Label FIB.....................................................................................................................................8-20 8.9 Maintaining an MPLS Service......................................................................................................................8-21 8.9.1 Auditing the Tunnel Status...................................................................................................................8-21 8.9.2 Auditing Tunnel Connectivity..............................................................................................................8-22 8.9.3 Resetting a Tunnel Service...................................................................................................................8-22 8.9.4 Switching a Protection Group..............................................................................................................8-23
9 LLDP Management....................................................................................................................9-1
9.1 LLDP Management Overview........................................................................................................................9-2 9.1.1 LLDP Management Functions...............................................................................................................9-2 9.1.2 Basic Concepts.......................................................................................................................................9-2 9.2 Configuring an LLDP Service.........................................................................................................................9-2 9.2.1 Setting Parameters on the Equipment....................................................................................................9-3 9.2.2 Configuring LLDP Globally..................................................................................................................9-4 9.2.3 Configuring LLDP on Interfaces............................................................................................................9-5 9.3 Synchronizing LLDP Neighbor Information..................................................................................................9-5
10 VRRP Management...............................................................................................................10-1
10.1 VRRP Management Overview....................................................................................................................10-2 10.1.1 VRRP Management Functions...........................................................................................................10-2 10.1.2 Basic Concepts...................................................................................................................................10-2 10.2 Configuring Global VRRP Attributes.........................................................................................................10-3 x Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Contents
10.3 Configuring VRRP......................................................................................................................................10-4 10.3.1 Creating a VR.....................................................................................................................................10-5 10.3.2 Configuring the Global Attributes of an Interface.............................................................................10-5 10.3.3 Creating VRRP Tracking for a BFD Session.....................................................................................10-6 10.3.4 Creating VRRP Tracking for an Interface..........................................................................................10-7 10.3.5 Creating VRRP Tracking for an Ethernet OAM Interface.................................................................10-8 10.3.6 Binding a Service VR.........................................................................................................................10-9 10.3.7 Creating Interface Tracking Performed by the Management VR......................................................10-9 10.4 Configuring VGMP...................................................................................................................................10-10 10.4.1 Enabling and Disabling VGMP........................................................................................................10-10 10.4.2 Creating VGMP Configuration........................................................................................................10-11 10.4.3 Creating a VGMP Member..............................................................................................................10-12 10.4.4 Creating VGMP Tracking for a BFD Session..................................................................................10-13 10.4.5 Enabling and Disabling the Average VRRP Running Priority........................................................10-13
11 BFD Management...................................................................................................................11-1
11.1 BFD Management Overview......................................................................................................................11-2 11.1.1 BFD Management Functions.............................................................................................................11-2 11.1.2 Basic Concepts...................................................................................................................................11-2 11.2 Configuring Global BFD Attributes............................................................................................................11-3 11.3 Configuring Service Detection....................................................................................................................11-4 11.3.1 Enabling and Disabling the Administrative Status............................................................................11-5 11.3.2 Configuring Link Detection...............................................................................................................11-5 11.3.3 Configuring MPLS TE Detection......................................................................................................11-6 11.3.4 Configuring VRF Detection...............................................................................................................11-7 11.3.5 Configuring PW Detection.................................................................................................................11-8
12 QoS Management...................................................................................................................12-1
12.1 QoS Management Overview.......................................................................................................................12-2 12.1.1 Functions of QoS Management..........................................................................................................12-2 12.1.2 CBQoS...............................................................................................................................................12-2 12.1.3 HQoS..................................................................................................................................................12-4 12.1.4 Interface QoS......................................................................................................................................12-5 12.1.5 Other QoS Functions..........................................................................................................................12-7 12.2 Configuring CBQoS....................................................................................................................................12-8 12.2.1 Creating a Traffic Classification........................................................................................................12-8 12.2.2 Creating a Traffic Behavior..............................................................................................................12-10 12.2.3 Creating and Deploying a Traffic Policy.........................................................................................12-11 12.2.4 Linking to Query Performance Data................................................................................................12-12 12.2.5 Linking to Configure Performance Monitoring...............................................................................12-13 12.3 Configuring HQoS....................................................................................................................................12-13 12.3.1 Creating a Queue Profile..................................................................................................................12-14 12.3.2 Creating a QoS Profile.....................................................................................................................12-15 12.3.3 Creating a Scheduling Profile..........................................................................................................12-16 Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xi
Contents
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management 12.3.4 Creating a User Group Queue..........................................................................................................12-17 12.3.5 Creating a Drop Profile....................................................................................................................12-18 12.3.6 Creating a Discard Policy.................................................................................................................12-20
12.4 Creating and Deploying a DS Domain Policy..........................................................................................12-21 12.5 Configuring Domain QoS.........................................................................................................................12-22 12.5.1 Configuring the VC Scheduling for Domain QoS...........................................................................12-23 12.5.2 Configuring the Time Range for Domain QoS................................................................................12-23 12.5.3 Configuring the User Priority for Domain QoS...............................................................................12-24 12.5.4 Configuring L2TP QoS for Domain QoS........................................................................................12-24 12.6 Configuring L2TP Group QoS..................................................................................................................12-25 12.6.1 Configuring L2TP Group QoS.........................................................................................................12-25 12.6.2 Configuring the Scheduling Mode for L2TP Group QoS................................................................12-26 12.7 Configuring Interface QoS........................................................................................................................12-27 12.7.1 Configuring the Bandwidth for Interface QoS.................................................................................12-27 12.7.2 Configuring a Queue for Interface QoS...........................................................................................12-28 12.7.3 Configuring the GTS for Interface QoS...........................................................................................12-29 12.7.4 Deploying Applying Policies for Interface QoS..............................................................................12-29 12.7.5 Configuring a VC Group for Interface QoS.....................................................................................12-30 12.7.6 Configuring a VP Group for Interface QoS.....................................................................................12-30 12.7.7 Configuring the VC Scheduling for Interface QoS..........................................................................12-31 12.7.8 Configuring the VP Group Scheduling for Interface QoS...............................................................12-31 12.7.9 Configuring the Port Scheduling for Interface QoS.........................................................................12-31 12.7.10 Configuring the VC Group Scheduling for Interface QoS.............................................................12-32 12.7.11 Configuring Other Parameters for Interface QoS...........................................................................12-33 12.7.12 Querying the Performance Data.....................................................................................................12-34 12.7.13 Configuring the Performance Instance...........................................................................................12-34 12.8 Configuring the Mirroring.........................................................................................................................12-35 12.8.1 Creating an Observing Port..............................................................................................................12-35 12.8.2 Adding Port Mirroring.....................................................................................................................12-35 12.9 Configure System QoS..............................................................................................................................12-36 12.9.1 Creating a soft CAR.........................................................................................................................12-36
13 BRAS Management................................................................................................................13-1
13.1 BRAS Management Overview....................................................................................................................13-2 13.1.1 Functions of BRAS Management......................................................................................................13-2 13.1.2 Features of BRAS Services................................................................................................................13-2 13.2 Setting Global BRAS Parameters...............................................................................................................13-2 13.3 Configuring AAA........................................................................................................................................13-5 13.3.1 Adding a RADIUS Server Group.......................................................................................................13-6 13.3.2 Adding a TACACS Template............................................................................................................13-7 13.3.3 Adding an Authentication Scheme.....................................................................................................13-7 13.3.4 Adding an Accounting Scheme..........................................................................................................13-8 13.3.5 Adding an Authorization Scheme......................................................................................................13-9 xii Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Contents
13.3.6 Adding a Record Scheme.................................................................................................................13-10 13.3.7 Adding a User Group.......................................................................................................................13-10 13.3.8 Adding a Web Authentication Server..............................................................................................13-11 13.3.9 Adding a COPS Server Group.........................................................................................................13-11 13.4 Configuring IP Address Management.......................................................................................................13-13 13.4.1 Adding a DHCP Server Group.........................................................................................................13-13 13.4.2 Adding an Address Pool...................................................................................................................13-14 13.4.3 Adding an Address Segment............................................................................................................13-15 13.5 Configuring User Management.................................................................................................................13-16 13.5.1 Adding a User Domain.....................................................................................................................13-16 13.5.2 Adding an Equipment Domain.........................................................................................................13-17 13.6 Configuring a Access Service...................................................................................................................13-18 13.6.1 Adding an Interface Service.............................................................................................................13-19 13.6.2 Setting PPP Parameters....................................................................................................................13-20 13.6.3 Adding C-VLANs in Batches..........................................................................................................13-21 13.6.4 Adding User PVCs in Batches.........................................................................................................13-22 13.6.5 Adding Static Users in Batches........................................................................................................13-23 13.6.6 Adding Equipment Users in Batches...............................................................................................13-24 13.7 Querying Real-Time Performance............................................................................................................13-25
14 VPDN Management...............................................................................................................14-1
14.1 VPDN Management Overview...................................................................................................................14-2 14.1.1 VPDN Management Functions..........................................................................................................14-2 14.1.2 Basic Concepts...................................................................................................................................14-2 14.2 Configuring L2TP Globally........................................................................................................................14-3 14.3 Configuring a LAC Service.........................................................................................................................14-4 14.3.1 LAC Configuration Flowchart...........................................................................................................14-4 14.3.2 Enabling L2TP...................................................................................................................................14-5 14.3.3 Adding an L2TP Group......................................................................................................................14-5 14.3.4 Binding an L2TP Group to a Domain................................................................................................14-6 14.4 Configuring an LNS Service.......................................................................................................................14-7 14.4.1 LNS Configuration Flowchart............................................................................................................14-7 14.4.2 Enabling L2TP...................................................................................................................................14-8 14.4.3 Adding an L2TP Group......................................................................................................................14-8 14.4.4 Adding an LNS Backup Group..........................................................................................................14-8 14.5 Displaying the L2TP Status.........................................................................................................................14-9 14.6 Querying Real-time Performance................................................................................................................14-9 14.7 Deleting an L2TP Tunnel..........................................................................................................................14-10
15 VPN Management..................................................................................................................15-1
15.1 VPN Management Overview......................................................................................................................15-2 15.2 Creating a Tunnel Policy.............................................................................................................................15-2 15.3 Creating a PW Template.............................................................................................................................15-3 15.4 Creating a PW.............................................................................................................................................15-3 Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xiii
Contents
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15.5 Creating a VSI.............................................................................................................................................15-5 15.5.1 Creating a Martini Service VSI..........................................................................................................15-6 15.5.2 Creating a Management VSI..............................................................................................................15-7 15.5.3 Enabling and Disabling a Service VSI...............................................................................................15-9 15.6 Creating a VRF............................................................................................................................................15-9
17 Diagnosis Management........................................................................................................17-1
17.1 Overview of the Test Diagnosis Tool......................................................................................................... 17-2 17.1.1 Function Overview.............................................................................................................................17-2 17.1.2 Basic Concepts...................................................................................................................................17-3 17.1.3 Test Diagnosis Type...........................................................................................................................17-5 17.2 Process of Using the Test Diagnosis Tool.................................................................................................. 17-8 17.2.1 Flowchart of Detecting Network Connectivity..................................................................................17-8 17.2.2 Flowchart of Locating Faults............................................................................................................. 17-9 17.3 Common Operations.................................................................................................................................17-10 17.3.1 Defining a Test Suite........................................................................................................................17-10 17.3.1.1 Creating a Test Suite.....................................................................................................................17-10 17.3.1.2 Creating a Test Case......................................................................................................................17-11 17.3.2 Performing Test Diagnosis...............................................................................................................17-11 17.3.2.1 Manually Performing Test Diagnosis...........................................................................................17-12 17.3.2.2 Running a Temporary Test Case...................................................................................................17-13 17.3.2.3 Periodically Performing Test Diagnosis with Diagnosis Policies.................................................17-13 17.3.3 Creating a Result Analysis Template...............................................................................................17-15 17.3.4 Managing History Data....................................................................................................................17-15 17.3.4.1 Viewing History Data....................................................................................................................17-15 17.3.4.2 Exporting History Data.................................................................................................................17-16 17.3.5 Using the Trace Route Tool to Locate Faults..................................................................................17-17 17.4 Performing Network Scanning..................................................................................................................17-18 17.5 Typical Examples for Performing Test Diagnosis Tasks..........................................................................17-19 17.5.1 Example for Detecting Connectivity of the L3VPN........................................................................17-19
xiv
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Figures
Figures
Figure 5-1 Flowchart of configuring an ACL service..........................................................................................5-4 Figure 5-2 Networking diagram of ACL configuration.....................................................................................5-15 Figure 6-1 Typical application model..................................................................................................................6-2 Figure 6-2 MDs of different levels.......................................................................................................................6-3 Figure 6-3 MEP and MIP.....................................................................................................................................6-4 Figure 6-4 MEP types...........................................................................................................................................6-5 Figure 6-5 Application scenario of CFM-BFD binding.......................................................................................6-6 Figure 6-6 Flowchart of configuring the 802.1ag................................................................................................6-8 Figure 6-7 Flowchart of configuring the 802.3ah................................................................................................6-9 Figure 8-1 Encapsulation structure of a label.......................................................................................................8-3 Figure 8-2 Constraint relations among MPLS-related parameters.......................................................................8-8 Figure 14-1 L2TP-based VPDN networking......................................................................................................14-2 Figure 14-2 LAC configuration flowchart.........................................................................................................14-5 Figure 14-3 LNS configuration flowchart..........................................................................................................14-7 Figure 17-1 Flowchart of detecting network connectivity.................................................................................17-8 Figure 17-2 Flowchart of locating faults............................................................................................................17-9 Figure 17-3 Flowchart of periodically performing test diagnosis....................................................................17-14 Figure 17-4 L3VPN networking example........................................................................................................17-19 Figure 17-5 Process of diagnosing L3VPN faults............................................................................................17-20
Issue 03 (2010-11-19)
xv
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Tables
Tables
Table 5-1 ACL types............................................................................................................................................5-2 Table 5-2 Time range structure............................................................................................................................5-4
Issue 03 (2010-11-19)
xvii
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Issue 03 (2010-11-19)
1-1
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Choose Administration > NE Communicate Parameter > NE Telnet/STelnet Template Management from the main menu. 2 In the dialog box that is displayed, click Create. 3 Click OK after setting Protocol Name and Template Name in the New Template dialog box. l To configure a Telnet parameter template, set Protocol Name to Telnet. l To configure an STelnet parameter template, set Protocol Name to STelnet. 4 In the Details group box of the Telnet/STelnet Template Management dialog box, configure the Telnet/STelnet parameter template. 5 Click Apply or OK. The Telnet/STelnet parameter template is configured. ----End
Prerequisite
l The related parameters, such as the user name and password, must be set on equipment.
NOTE
The device login header cannot contain special characters # ] >. Otherwise, the U2000 fails to verify Telnet/STelnet parameters.
The Telnet/STelnet template must be configured on the U2000, and the parameters in the template must be consistent with those on NEs.
Procedure
1 In the Main Topology, select the equipment whose Telnet or STelnet parameters need to be set. 2 Choose Administration > NE Communicate Parameter > Set NE Telnet/STelnet Parameter from the main menu.
NOTE
You can also right-click the selected equipment and then choose Set NE Telnet/STelnet Parameter from the shortcut menu.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 In the Select Telnet/STelnet Template dialog box, select the template to be used, and then click OK. 5 Click Test. l If the message indicating successful test is displayed, click OK. l If the message indicating test failure is displayed, modify the settings of the Telnet/STelnet parameters according to the prompt. 6 Click OK. ----End
Context
In the U2000, you can configure one Telnet parameter template and one STelnet parameter template. If required, you can manually modify the configured templates to set the Telnet/ STelnet parameters for equipment.
NOTE
The device login header cannot contain special characters # ] >. Otherwise, the U2000 fails to verify Telnet/ STelnet parameters.
Procedure
1 In the Main Topology, select the equipment whose Telnet/STelnet parameters need to be modified. 2 Choose Administration > NE Communicate Parameter > Set NE Telnet/STelnet Parameter from the main menu.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-3
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
You can also right-click the selected equipment and then choose Set NE Telnet/STelnet Parameter from the shortcut menu.
3 In the Details group box of the Device Telnet/STelnet Parameter Management dialog box, modify Telnet/STelnet parameters manually. l l To modify Telnet parameters: Set Protocol Name to Telnet. To modify STelnet parameters: Set Protocol Name to STelnet. 4 Click Apply. 5 Click Test. l If the message indicating successful test is displayed, click OK. l If the message indicating test failure is displayed, modify the settings of the Telnet/STelnet parameters according to the prompt. 6 Click OK. ----End
1-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 Managing Devices
2
About This Chapter
Managing Devices
This describes how to maintain devices, such as viewing device information, resetting devices, and refreshing the device status. 2.1 Viewing System Information This describes how to view system information of the device, such as the system name, object ID, and device version. 2.2 Setting the IP Address of an NE This topic describes how to set the IP address of an NE. If you change the IP address of an NE by using the associated command, the communication between the NMS and the NE is interrupted. You can change the IP address of the NE through the NMS to restore the communication. 2.3 NE Panel Management An NE panel is an illustration of the front panel of a device. An NE panel displays the running status and alarm status of boards and ports through alarm indicators and legends of different colors. 2.4 Refreshing Board Information This describes how to refresh board information. When you need to synchronize the latest board information from the database to the NMS, you need to use the function of refreshing board information. 2.5 Managing Abnormal Resources This topic describes how to manage abnormal resources through the U2000.
Issue 03 (2010-11-19)
2-1
2 Managing Devices
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, choose Device Management > System Information. 3 On the System Information tab, view the following information: System Name, Object ID, Device Version, Duration, Location, Contact, IP Address, MAC Address, and Description.
NOTE
You can modify the values of System Name, Location, and Contact.
4 Optional: Click Synchronize to refresh system information displayed on the U2000. ----End
Context
Ensure that the NE IP address set on the NMS is the same as the actual IP address of the NE. Otherwise, the communication fails.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Device Management > NE IP Management from the service tree. 3 On the NE IP Management tab page, the original IP address of the NE is displayed. You can change the NE IP address stored on the NMS through New IP Address to restore the communication. 4 Click Apply. In the Confirm dialog box, click OK. The IP address that you set is displayed in Present IP Address. ----End
2-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 Managing Devices
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. The NE Panel tab page is displayed by default. 2 Optional: If you are currently visiting other tab pages on the NE Explorer tab page, you can choose Device Management > NE Panel from the service tree to access the NE Panel tab page. The display styles of different NE panels are different. The following figure takes an NE as an example.
Port color representing Port status Alarmindicator color Card color Standby representing severity level representing card card status of an alarm
Slot ID
Idle slot
Power
Fan
Issue 03 (2010-11-19)
2-3
2 Managing Devices
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l The colors of the card, power supply, and fan indicate the running status of the card, power supply, and fan. l The alarm status of the card does not include the port alarm. l The color of a port indicates the status of the port. For the colors of specific ports, see the legend on the right of the panel. l When the administrative status of a port is Down, the following situations occur: l If no alarm is generated on the port, the color of the port is gray. l If there is an alarm on the port, the color of the port depends on the severity level of the alarm. l When the administrative status of a port is Up, the following situations occur: l If no alarm is generated on the port, the color of the port is green. l If there is an alarm on the port, the color of the port depends on the severity level of the alarm. l When the administrative status of a port is Up, the running status of the port is Down, and no alarm is generated on the port, the color of the port is red, which is the same as that of the critical alarm. l When a card is inserted into a slot, the slot blinks in blue. After being successfully registered, the card is displayed on the NE panel. l The standby card is marked with the letter (S) to differentiate from the active card.
3 When you select components on the panel, you can view the detailed information about the components through the related tabs on the lower part of the panel. l When you select the card, power supply, and fan, the Board Information tab page displays the detailed information about the card, power supply, and fan. If the card has subcards or ports, you can view the detailed information about the subcards or ports through the Buckledcard Info tab or the Port Information tab. If you double-click the card, the Port Information tab page is displayed. l When you select a port, the port record is displayed on the Port Information tab page. Rightclick the port record. ----End
Prerequisite
Telnet or STelnet parameters must be set on the equipment and the equipment information must be synchronized to the NMS.
2-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 Managing Devices
Context
CAUTION
l In most cases, do not reset a card, because the network related to the device will be Down for a while. l Back up the key data before resetting the card. l When you reset a card, do not perform hot swap for the card. l When the active control card is reset, the equipment restarts without powering off the CPU of the card. If the equipment has the standby control card, the equipment performs the active/ standby switchover after the card is reset.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. The NE Panel tab page is displayed by default. 2 Optional: If you are currently visiting other tab pages on the NE Explorer tab page, you can choose Device Management > NE Panel from the service tree to access the NE Panel tab page. 3 Select the card to be reset on the NE panel, right-click it, and then select Reset Board. 4 Click OK in the Confirm dialog box. ----End
Follow-up Procedure
If the status of the card is still offline after the card is reset for 10 minutes, click Synchronize in the lower part of the NE panel to manually synchronize the status of the NE panel. The status of the card cannot be refreshed when the configurations of other modules are being synchronized.
Context
If you want to obtain the latest board information from a device, it is recommended that you synchronize the NE panel information before refreshing board information. To synchronize the NE panel information, do as follows: 1. 2.
Issue 03 (2010-11-19)
Choose Device Management > NE panel from the service tree. The NE panel tab page is displayed. Click Synchronize.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-5
2 Managing Devices
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Device Management, and then click Board Information. 3 Click Refresh. The query result area displays the latest board information. 4 Select a board record in the query result area. The details about this board are displayed in the detailed information area. ----End
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Device Management > Abnormal Resource from the service tree. 3 On the Abnormal Resources tab page, set Resource Type and Abnormal Time. 4 Click Query. ----End
Context
Resource relations can be registered only after services are created on equipment entities.
2-6 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 Managing Devices
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Device Management > Abnormal Resource from the service tree. 3 On the Abnormal Resource tab page, set the filter criteria and click Query. 4 In the query result list, right-click a record and choose Show Resource Relationships from the shortcut menu. 5 In the Resource Relationship dialog box, you can view the resource relations between the tree view and table view. There are two types of dependency relations, that is, depending and depended. l The l The button shows the depending relation. button shows the depended relation.
Context
The data in the database is not deleted when abnormal resources are exported. Thus, you can still query the data through the client.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Device Management > Abnormal Resource from the service tree. 3 On the Abnormal Resource tab page, set the filter criteria and click Query. 4 Click Export. 5 In the Save dialog box, set the path, name, and format of the file to be saved. 6 Click Save. ----End
Issue 03 (2010-11-19)
2-7
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
3
About This Chapter
Interface Management
Interface management is applicable to the Ethernet interface, POS interface, trunk interface, ATM interface, tunnel interface, VE interface, loopback interface, VLAN interface, and VT interface. 3.1 Interface Management Overview This topic describes the functions and basic concepts of interface management. 3.2 General Interface Configuration This topic describes the general configuration of an interface, which includes enabling and disabling an interface, viewing the real-time performance of an interface, configuring interface information, and enabling or disabling IPv6 on an interface. 3.3 Configuring an Ethernet Interface This topic describes how to configure an Ethernet interface, which includes configuring the general information and physical features Ethernet features and IP address. You need to configure the Ethernet interface when transmitting packets through the Ethernet. 3.4 Creating an Ethernet Subinterface This topic describes how to create an Ethernet subinterface, which includes configuring the general information, features, and advanced information, and setting the IP address. Configuring an Ethernet subinterface is similar to creating an Ethernet subinterface. The following takes the creation of an Ethernet subinterface as an example to describe the operation procedure. 3.5 Configuring a POS Interface This topic describes how to configure a POS interface, which includes configuring the general information, physical features, and PPP authentication protocol, and setting the IP address. The PPP authentication protocol can be configured only when the link layer protocol is set to PPP. If you use the SONET/SDH optical interface to transmit packets, you need to configure the POS interface. 3.6 Creating an Eth-Trunk Interface This topic describes how to create an Eth-Trunk interface, which includes configuring the general information, physical features, and member interfaces, and setting IP addresses. Configuring an Eth-Trunk interface is similar to creating an Eth-Trunk interface. The following takes the creation of an Eth-Trunk interface as an example to describe the operation procedure.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-1
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3.7 Creating an Eth-Trunk Subinterface This topic describes how to create an Eth-Trunk subinterface, which includes configuring the general information, features, and advanced information, and setting IP addresses. Configuring an Eth-Trunk subinterface is similar to creating an Eth-Trunk subinterface. The following takes the creation of an Eth-Trunk subinterface as an example to describe the operation procedure. 3.8 Creating an IP-Trunk Interface This topic describes how to create an IP-Trunk interface, which includes configuring the general information, physical features, and member interfaces, and setting the IP address. To improve the communication capability of links, you can bind multiple POS interfaces together as an IPTrunk interface. With the IP-Trunk interface, you can implement load balancing and improve the reliability of links. Configuring an IP-Trunk interface is similar to creating an IP-Trunk interface. The following takes the creation of an IP-Trunk interface as an example to describe the operation procedure. 3.9 Configuring an ATM Interface This topic describes how to configure an ATM interface, which includes configuring the general information, physical features, ATM features, and PVC, and setting the IP address. You can set these parameters according to the actual conditions of the ATM network so that these parameters can perfectly match the physical network. 3.10 Creating an ATM Subinterface This topic describes how to create an ATM subinterface, which includes configuring the general information, ATM features, and PVC/PVP, and setting the IP address. If you use the ATM subinterface to communicate with the peer equipment, you need to configure the ATM subinterface. The parameters of the ATM subinterface do not include certain parameters, such as the clock mode, frame format, and scramble function. You can set these parameters on the main ATM interface. Then, the ATM subinterface can automatically inherit these parameters from the main interface. Configuring an ATM subinterface is similar to creating an ATM subinterface. The following takes the creation of an ATM subinterface as an example to describe the operation procedure. 3.11 Creating a Tunnel Interface This topic describes how to create a tunnel interface, which includes configuring the general information and setting IP addresses. The GRE and MPLS TE tunnels use a type of virtual logical interface, namely, the tunnel interface, for forwarding. Before using these types of tunnels, you need to create a tunnel interface. Configuring a tunnel interface is similar to creating a tunnel interface. The following takes the creation of a tunnel interface as an example to describe the operation procedure. 3.12 Creating a VE Interface This topic describes how to create a VE interface, which includes configuring the general information and Ethernet features, and setting the IP address. The VE interface supports the common attributes of the Ethernet interface. Although the VE interface is mainly applied to IPoEoA, it can also be used to access the L2VPN, VPLS, and L3VPN, or to perform Layer 3 forwarding. Configuring a VE interface is similar to creating a VE interface. The following takes the creation of a VE interface as an example to describe the operation procedure. 3.13 Creating a VE Subinterface This topic describes how to create a VE subinterface, which includes configuring the general information, features, and advanced information, and setting the IP address. Configuring a VE subinterface is similar to creating a VE subinterface. The following takes the creation of a VE subinterface as an example to describe the operation procedure. 3.14 Creating a Loopback Interface This topic describes how to create a loopback interface, which includes configuring the general information and setting the IP address. If you need the IP address of an interface whose state is
3-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
always Up, you can select the IP address of a loopback interface. Configuring a loopback interface is similar to creating a loopback interface. The following takes the creation of a loopback interface as an example to describe the operation procedure. 3.15 Creating a VT Interface This topic describes how to create a VT interface, which includes configuring the general information and setting the IP address. Layer 2 protocols, such as the PPP protocol, Ethernet protocol, and ATM protocol, cannot bear each other directly. They can communicate with each other through VA interfaces. A VA interface is automatically created by the system when the Layer 2 protocols need to communicate with each other. A VT is the template that the system uses to configure a VA interface. You can configure a VA interface only by setting the attributes of a VT. Configuring a VT interface is similar to creating a VT interface. The following takes the creation of a VT interface as an example to describe the operation procedure.
Issue 03 (2010-11-19)
3-3
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
The U2000 interface management supports the following functions for equipment: l The functions not supported by the related equipment are grayed out or hidden in interface management GUIs. l When you place a cursor in a text box for a while, the related value range tip is displayed to help you with parameter setting.
Interface Overview
Through the interface, a set of equipment can exchange data and interact with other sets of equipment on the network. The interfaces can be divided into two types: physical interfaces and logical interfaces. Physical interfaces are on the corresponding physical components and exist actually. Physical interfaces can be classified into two types: l l LAN interfaces: LAN interfaces are mainly Ethernet interfaces through which routers exchange data with equipment on a LAN. WAN interfaces: WAN interfaces include serial interfaces, POS interfaces, and ATM interfaces through which routers exchange data with equipment of external networks.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
3-4
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Logical interfaces realize data exchange but do not actually exist and need to be configured. Logical interfaces include sub-interfaces, loopback interfaces, and VLAN interfaces. The NE interface management provides the diversified function of configuring physical interfaces including the Ethernet interface and POS interface, and various virtual interfaces such as the sub-interface, Trunk interface, loopback interface, and Virtual Template (VT) interface.
Subinterface Overview
Generally, one physical interface can be configured with only one IP address. In a point-to-point connection, one IP address can meet the requirements of applications. If the link layer of an interface supports the multiplexing of multiple connections, one IP address can meet the requirements. For example, when the FR supports multiple virtual connections; if the peer network and local IP addresses of these virtual connections are in the same network segment, one IP address can meet the requirements. If the peers of virtual connections are in different network segments, however, the requirements of applications cannot be met with only one IP address on the interface. In this case, a sub-interface must be used. The subinterface supports multiple logical interfaces on one physical interface. That is, set up connections of multiple interfaces with one physical interface. These logical interfaces share the configuration parameters with physical interfaces, though they have their own configuration parameters at the link layer and the network layer.
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Two stations can receive and send at the same time. In full-duplex mode, two stations share the link bandwidth. Auto-negotiation mode In auto-negotiation mode, a station can negotiate with other network equipment to select the most appropriate working mode and rate. Thus, the configuration and management of the system are greatly simplified. l Rate The Ethernet electrical interface supports multiple rates. The FE electrical interface supports the rate of 10 Mbit/s and 100 Mbit/s. The FE optical interface supports only the rate at 100 Mbit/s. The GE optical interface supports only the rate at 1000 Mbit/s and the rate cannot be configured. Thus, only the Ethernet electrical interface needs to be configured. The default rate of the FE electrical interface is 100 Mbit/s. You can select the auto-negotiation mode to configure the rate.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
l l
The ATM OC-3/STM-1 interface and ATM OC-12/STM-4 interface that carries ATM service over SONET/SDH. The ATM E1/T1 interface that carries ATM service over E1/T1 line, which realizes IMA feature. For T1 connection, the uplink port operates at the rate of 1.544 Mbit/s to 12.288 Mbit/s (8T1). For the E1 connection, the uplink port operates at the rate of 2.048 Mbit/s to 16.384 Mbit/s (8E1). Single ATM E3/T3 interface that carries ATM service over E3/T3 line. ATM Sub-interface.
l l
VT Interface Overview
The VT interface, also called the virtual interface template, is the template used by the system to configure the VA interface. It is mainly used to application environments such as VPN, MP, and PPPoX (PPPoE, PPPoA, and PPPoEoA). After the VPN session is connected, create a VA that is used to exchange data with the peer. Select a VT according to user configuration, and dynamically create a VA based on the configuration parameters of the VT. After you bind multiple PPP links to MP, you need to create a VA that is used to exchange data with the peer. You can also select a VT to dynamically create a VA. When an interface applies the PPPoX, create a VA for a sub-interface or PVC to exchange data with the peer. You can also select a VT to dynamically create a VA. When the link is disconnected, the VT is automatically deleted.
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
VE Interface Overview
The VE interface is a logical interface, which is realized on an SIC. It has the characteristics of the Ethernet. The VE interface is mainly applied to PPPoEoA and IPoEoA.
When creating tunnel interfaces on distributed equipment, the slot number of the tunnel interface and source interface should be identical. That is, to improve the efficiency of transmitting packets, use the actual slot number through which the interfaces send packets.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Prerequisite
The features of related interface modules must be synchronized to the NMS.
Context
l l IP addresses cannot be set for the NULL interface, RPR interface, Logic-Channel interface, CPOS interface, E1 interface or Layer 2 interface. On the Interface Information tab page, right-click an interface record and choose IPv6 Enable from the shortcut menu to enable IPv6 on this interface. On the current NMS, only the Ethernet interfaces and their subinterfaces, POS interfaces, loopback interfaces, trunk interfaces and their subinterfaces, VLAN interfaces, and tunnel interfaces can be configured with IPv6 addresses. A tunnel interface can borrow the IP addresses of Ethernet interfaces, loopback interfaces, or IP-Trunk interfaces. The Ethernet interface, VE interface, trunk interface, VLAN interface, and loopback interface, however, cannot borrow the IP addresses of other interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Interface Information. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface to be configured. 6 Click Configure. 7 In the Config Interface Information dialog box, set the related parameters. l Click the General tab. Then, set Interface Description. l Click the IPv4 Address tab. Then, set IPv4 Address or IPv4 Address Unnumbered.
NOTE
If the peers of virtual connections are in different network segments, only one master IP address on the local interface cannot meet the requirements of communication. In this case, click Add to set a secondary IPv4 address to solve this problem.
l Click the IPv6 Address tab. Then, set IPv6 address of the interface.
NOTE
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
NOTE
If the interface is a Layer 2 interface, the IP address of the interface cannot be set.
8 Click OK.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-9
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
In the query result area, information about the modified interface is displayed. ----End
Prerequisite
The features of related interface modules must be synchronized to the NMS.
Context
l l l When a physical interface is idle or not connecting to any cable, you need to disable the interface to avoid the interface abnormality caused by interference. The loopback interface or Null interface cannot be enabled or disabled. Enable or disable an interface with caution. In certain special cases, certain interface parameters such as the working mode take effect only after the interface is enabled or disabled.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Interface Information. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface to be enabled or disabled, and then perform either of the following operations: l Right-click the selected interface and choose Up from the shortcut menu to enable the interface. l Right-click the selected interface and choose Down from the shortcut menu. In the dialog box that is displayed, click OK to disable the interface.
NOTE
Alternatively, you can right-click an interface on all interface tabs (except for the RPR Interface tab page) and then choose Up or Down from the shortcut menu.
----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. IPv6 must be enabled on the equipment. If IPv6 is enabled on the interface only, the status of IPv6 is still Down on the equipment and the equipment cannot forward IPv6 packets. Before enabling IPv6 on the equipment, log in to the equipment through Telnet and do as follows on the equipment: 1. 2. Run the system-view command to access the system view. Run the ipv6 command to enable IPv6.
Context
The following Layer-3 interfaces support IPv6 addresses: l l l l l l Gigabit-Ethernet interfaces and their subinterfaces POS interfaces Tunnel interfaces Loopback interfaces VLAN interfaces Eth-Trunk interfaces and their subinterfaces or IP-Trunk interfaces
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Interface Information. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface on which IPv6 needs to be enabled or disabled, and then perform either of the following operations: l Right-click the interface and then choose IPv6 Enable from the shortcut menu to enable IPv6 on the interface. l Right-click the interface and then choose IPv6 Disable from the shortcut menu to disable IPv6 on the interface.
NOTE
On the Ethernet Interface tab page, you can also right-click the interface and choose IPv6 Enable or IPv6 Disable from the shortcut menu.
----End
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
The features of related interface modules must be synchronized to the NMS. Before monitoring real-time performance or querying performance data, please make sure that the version of SNMP protocol is SNMPv2c or higher when creating NEs. Otherwise, the NMS cannot properly collect the performance data.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 The U2000 provides the monitoring of real-time performance for Ethernet interfaces, Ethernet subinterfaces and tunnel interfaces. To monitor the real-time performance of interfaces, do as follows: l l l Choose Interface Management > Interface Information from the service tree to monitor the real-time performance of all the interfaces that support this function. Choose Interface Management > Ethernet Interface from the service tree to monitor the real-time performance of Ethernet interfaces and subinterfaces. Choose Interface Management > Tunnel Interface from the service tree to monitor the real-time performance of tunnel interfaces.
3 In the query result area, right-click the interface to be monitored and choose Monitor RealTime Performance from the shortcut menu. 4 In the dialog box that is displayed, select the real-time performance indicators, and then click OK. In the Real-time Performance window, view the graph of real-time board performance. ----End
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment supports Ethernet interfaces and the Ethernet interface to be configured must exist.
Context
l When you configure an Ethernet interface, note that except for the IP address of the interface, all parameters have default values. If you need to modify the default values, make sure that the changed values are consistent with the corresponding values on the peer equipment. After an Ethernet subinterface is added, the main interface cannot be configured.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
l
3-12
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Ethernet Interface. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface to be configured. 6 Click Configure. 7 In the Configure Ethernet Interface dialog box, set the related parameters as required. l l l Click the General tab. Then, set Interface Description. Click the Physical Feature tab. Then, set Working Mode, Rate, Auto-Negotiation, CRC Check, and Medium Mode. Click the Ethernet Feature tab. Then, set User Termination Mode, VLAN Swap, interface layer, and MTU. For the configuration on a PE, set the IPv4 address and MAC address of the Ethernet interface connecting to the CE and set whether to enable broadcast. Click the IPv4 Address tab. Then, set parameters such as the IPv4 address. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
l l
You can configure an IPv6 address for an interface only after IPv6 is enabled on it.
NOTE
If the interface is an Layer 2 interface, the IP address of the interface cannot be set.
8 Click OK. In the query result area, information about the modified interface is displayed. ----End
Prerequisite
l l
Issue 03 (2010-11-19)
The features of related interface modules must be synchronized to the NMS. The equipment must support Ethernet interfaces and Ethernet subinterfaces.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-13
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Ethernet Interface. 3 On the Ethernet Interface tab page, click Create.
NOTE
After creation, you can also select the subinterface to be configured in the query result area and click Configure to configure the created subinterface.
4 In the Create Ethernet Subinterface dialog box, set the related parameters as required. l Click the General tab. Then, set Main Interface Name, Subinterface No., and Subinterface Description.
NOTE
By default, the main interface name is the name of the currently selected main interface. You can click the ... button to re-select the main interface.
Click the Subinterface Feature tab. Then, do as follows to set Access Mode of the subinterface: If User Termination Mode is not set for the main interface, you can set Access Mode to either of the following values for the subinterface: VLAN Encapsulation Flexible Access If User Termination Mode is set for the main interface, you can set Access Mode to either of the following values for the subinterface: VLAN Termination Flexible Access
l l
Click the IPv4 Address tab. Then, set the IPv4 address of the subinterface. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address.
NOTE
You can configure an IPv6 address for an interface only after IPv6 is enabled on it.
Click the Advanced tab. Then, set the MTU value of the subinterface. For the configuration on a PE, set the IPv4 address and MAC address of the interface connecting to the CE and set whether to enable broadcast.
5 Optional: Click Apply. The subinterface is added. You can add more subinterfaces by repeating the preceding steps. Information about the new subinterface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
PPP authentication protocol can be configured only when the link layer protocol is set to PPP. If you use the SONET/SDH optical interface to transmit packets, you need to configure the POS interface.
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support POS interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click POS Interface. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface to be configured. 6 Click Configure. 7 In the Config POS Interface dialog box, set the related parameters as required. l l l Click the General tab. Then, set Interface Description. Click the Physical Feature tab. Then, set the basic information, CRC Check, and Byte Overhead. Click the PPP tab. Then, set the related parameters of the PPP protocol. You can click the Advanced tab to view the information about the PPP link status.
NOTE
You can configure the PPP protocol on the interface only when Link Layer Protocol is set to PPP.
l l
Click the IPv4 Address tab. Then, set parameters such as IPv4 Address and IPv4 Address Unnumbered. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
8 Click OK. In the query result area, information about the modified interface is displayed. ----End
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Configuring an Eth-Trunk interface is similar to creating an Eth-Trunk interface. The following takes the creation of an Eth-Trunk interface as an example to describe the operation procedure.
Prerequisite
l l l The features of related interface modules must be synchronized to the NMS. The equipment must support Eth-Trunk interfaces. Before creating an Eth-Trunk interface, you must ensure that the link layer parameters of all member interfaces are set and the link status is normal.
Context
To increase bandwidth of the links, you can bind multiple Ethernet interfaces together as an EthTrunk interface. Load balancing can be carried out among member interfaces of a trunk. Member interfaces disperse traffic over member links, and the traffic finally reaches the same destination. Thus, network congestion can be prevented. To improve the reliability of the Eth-Trunk interface, you can configure backup interfaces for member interfaces. When a member interface is invalid, you can enable the backup interface.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Trunk Interface. 3 On the Trunk Interface tab page, click Create, and then choose Eth-Trunk from the related drop-down list.
NOTE
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create Eth-Trunk Interface dialog box, set the related parameters as required. l l Click the General tab. Then, set Interface No. and Interface Description. Click the Feature tab. Then, set User Termination Mode, VLAN Swap, interface layer, Working Mode, Load Balancing Mode, Minimum Up Links, Maximum AffectBandwidth Links. Click the Member Interface tab. Then, add member interfaces. Click the IPv4 Address tab. Then, set parameters such as the IPv4 address. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
l l l
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
3-16 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support Eth-Trunk interfaces and Eth-Trunk subinterfaces.
Context
An Eth-Trunk subinterface supports multiple logical subinterfaces on an Eth-Trunk interface. These logical subinterfaces share the configuration parameters of the Eth-Trunk interface at the physical layer and link layer, though they have their own configuration parameters at the network layer.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Trunk Interface. 3 On the Trunk Interface tab page, click Create, and then choose Eth-Trunk Subinterface from the related drop-down list.
NOTE
After creation, you can also select the subinterface to be configured in the query result area and click Configure to configure the created subinterface.
4 In the Create Eth-Trunk Subinterface dialog box, set the related parameters as required. l Click the General tab. Then, set Main Interface Name, Subinterface No. , and Subinterface Description.
NOTE
By default, the main interface name is the name of the currently selected main interface. You can click the ... button to re-select the main interface.
Click the Subinterface Feature tab. Then, do as follows to set Access Mode of the subinterface: If User Termination Mode is not set for the main interface, you can set Access Mode to either of the following values for the subinterface: VLAN Encapsulation Flexible Access If User Termination Mode is set for the main interface, you can set Access Mode to either of the following values for the subinterface: VLAN Termination Flexible Access
l
Issue 03 (2010-11-19)
Click the IPv4 Address tab. Then, set parameters such as the IPv4 address.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-17
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Click the IPv6 Address tab. Then, set parameters such as the IPv6 address.
NOTE
You can configure an IPv6 address for an interface only after IPv6 is enabled on it.
Click the Advanced tab. Then, set the MTU value of the sub-interface. For the configuration on a PE, set the IP address and MAC address of the interface connecting to the CE and set whether to enable broadcast.
5 Optional: Click Apply. The subinterface is added. You can add more subinterfaces by repeating the preceding steps. Information about the new subinterface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Prerequisite
l l l The features of related interface modules must be synchronized to the NMS. The equipment must support IP-Trunk interfaces. Before you create an IP-Trunk interface, configure the link layer protocol for each POS interface as HDLC and ensure that the links are in the normal state.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Trunk Interface. 3 On the Trunk Interface tab page, click Create, and then select IP-Trunk from the related dropdown list.
NOTE
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create IP-Trunk Interface dialog box, set the related parameters as required. l l l
3-18
Click the General tab. Then, set Interface No. and Interface Description. Click the Feature tab. Then, set the related parameters. Click the Member Interface tab. Then, add member interfaces.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
l l
Click the IPv4 Address tab. Then, set parameters such as IPv4 address. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support ATM interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click ATM Interface. 3 Optional: Click Condition. In the Set Filter Condition dialog box, set query conditions, and then click OK.
NOTE
When querying all records, you can click Query without setting any filtering rule.
4 Click Query. Query results are displayed according to the set filtering rule. 5 In the query result area, select the interface to be configured. 6 Click Configure. 7 In the Configure ATM Interface dialog box, set the related parameters as required. l l l l
Issue 03 (2010-11-19)
Click the General tab. Then, set Interface Description. Click the Physical Feature tab. Then, set Frame Format, Clock Mode, and Scramble. Click the ATM Feature tab. Then, set the MTU value of the ATM interface. Click the PVC. Then, set the related PVC parameters of the ATM interface.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-19
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Click the IPv4 Address tab. Then, set parameters such as IPv4 Address and IPv4 Address Unnumbered.
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support ATM interfaces and ATM subinterfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click ATM Interface. 3 On the ATM Interface tab page, click Create.
NOTE
After creation, you can also select the subinterface to be configured in the query result area and click Configure to configure the created subinterface.
4 In the Create ATM Subinterface dialog box, set the related parameters as required. l l l l Click the General tab. Then, set Subinterface Type, Subinterface No., and Subinterface Description. Click the ATM Feature tab. Then, set the MTU value of the ATM subinterface. Click the PVC/PVP tab. Then, set the related PVC/PVP parameters of the ATM subinterface. Click the IPv4 Address tab. Then, set parameters such as IPv4 Address and IPv4 Address Unnumbered.
5 Optional: Click Apply. The subinterface is added. You can add more subinterfaces by repeating the preceding steps. Information about the new subinterface is displayed in the query result area. 6 Click OK.
3-20 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support tunnel interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Tunnel Interface. 3 On the Tunnel Interface tab page, click Create.
NOTE
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create Tunnel Interface dialog box, set the related parameters as required. l l l Click the General tab. Then, set Interface No. and Interface Description. Click the IPv4 Address tab. Then, set parameters such as IPv4 Address and IPv4 Address Unnumbered. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
3 Interface Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
common attributes of the Ethernet interface. Although the VE interface is mainly applied to IPoEoA, it can also be used to access the L2VPN, VPLS, and L3VPN, or to perform Layer 3 forwarding. Configuring a VE interface is similar to creating a VE interface. The following takes the creation of a VE interface as an example to describe the operation procedure.
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support VE interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click VE Interface. 3 On the VE Interface tab page, click Create, and then select VE from the related drop-down list.
NOTE
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create VE Interface dialog box, set the related parameters as required. l l l Click the General tab. Then, set Interface No. and Interface Description. Click the Ethernet Feature tab. Then, set parameters such as User Termination Mode and VE-Group. Click the IPv4 Address tab. Then, set parameters such as IPv4 Address.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Prerequisite
l l l
3-22
The features of related interface modules must be synchronized to the NMS. The equipment must support VE interfaces and VE subinterfaces. The main interface must be configured with User Termination Mode.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click VE Interface. 3 On the VE Interface tab page, click Create, and then select VE Subinterface from the related drop-down list.
NOTE
After creation, you can also select the subinterface to be configured in the query result area and click Configure to configure the created subinterface.
4 In the Create VE Subinterface dialog box, set the related parameters as required. l l l l Click the General tab. Then, set Subinterface No. and Subinterface Description. Click the Subinterface Feature tab. Then, set the encapsulate mode or termination mode for the subinterface. Click the IPv4 Address tab. Then, set parameters such as the subinterface IPv4 address. Click the Advanced tab. Then, set the MTU value of the sub-interface. For the configuration on a PE, set the IPv4 address and MAC adress of the interface connecting to the CE and set whether to enable broadcast.
5 Optional: Click Apply. The subinterface is added. You can add more subinterfaces by repeating the preceding steps. Information about the new subinterface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support loopback interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click Loopback Interface. 3 On the Loopback Interface tab page, click Create.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-23
3 Interface Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create Loopback Interface dialog box, set the related parameters as required. l l l Click the General tab. Then, set Interface No. and Interface Description. Click the IPv4 Address tab. Then, set parameters such as IPv4 Address. Click the IPv6 Address tab. Then, set parameters such as the IPv6 address of the interface.
NOTE
You can set an IPv6 address for an interface only after IPv6 is enabled on it.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Prerequisite
l l The features of related interface modules must be synchronized to the NMS. The equipment must support VT interfaces.
Procedure
1 Right-click an NE in the topology view and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Interface Management, and then click VT Interface. 3 On the VT Interface tab page, click Create.
NOTE
After creation, you can also select the interface to be configured in the query result area and click Configure to configure the created interface.
4 In the Create VT Interface dialog box, set the related parameters as required. l
3-24
Click the General tab. Then, set Interface No. and Interface Description.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3 Interface Management
Click the IPv4 Address tab. Then, set parameters such as IPv4 Address and IPv4 Address Unnumbered.
5 Optional: Click Apply. The interface is added. You can add more interfaces by repeating the preceding steps. Information about the new interface is displayed in the query result area. 6 Click OK. Close the dialog box. ----End
Issue 03 (2010-11-19)
3-25
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 NE Channel Management
4
About This Chapter
NE Channel Management
This topic describes the functions and basic concepts of NE channel management, and instructs you to configure and maintain NE channel management. 4.1 Overview of NE Channel Management This topic describes the functions and concepts of NE channel management that you need to learn before configuring NE channel management on the U2000. 4.2 Configuring the VTY Service This topic describes how to set the maximum number of VTYs accessing the equipment locally or remotely, and how to customize the rule of each VTY. 4.3 Configuring the Status of the FTP Server This topic describes how to configure the status of the FTP server. Through the FTP service management, you can enable or disable the FTP server on the equipment, and change the timeout period of the FTP service. 4.4 Configuring the Syslog Service This topic describes how to configure the Syslog source interface, create the Syslog host, and configure the advanced attributes of the Syslog service. 4.5 Configuring the Trap Service This topic describes how to configure trap information, such as configuring the trap source interface, creating the trap receiving host, configuring the module for sending traps, and setting the advanced attributes of the trap service.
Issue 03 (2010-11-19)
4-1
4 NE Channel Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4.1.2 Concepts
This topic describes the concepts of the VTY service, NAP service, FTP service, local user service, Syslog service, and trap service provided by the U2000.
4-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 NE Channel Management
VTY Service
After a Telnet connection or SSH connection is set up between a terminal and the equipment, you set up a VTY. The VTY service allows you to set the virtual link parameters for a terminal to locally or remotely access the equipment.
FTP Service
In the TCP/IP protocol suite, FTP runs on the application layer. FTP is used to transfer files between remote hosts and is implemented on the basis of the related file systems. FTP service management mentioned in this chapter refers to managing the running status of the FTP server and setting the timeout period of the FTP server. Here, the FTP server refers to the equipment managed by the U2000. You can log in to the equipment as the FTP client to access files on the equipment.
Syslog Service
The log service is realized through the information center module. The information center receives log information from all modules and forwards the information to the log host through port 514. By configuring the Syslog service, you can configure the Syslog source interface and its IP address. In this manner, the Syslog host can identify the source of messages through the source IP address and classify the messages.
Trap Service
The managed equipment automatically sends traps to the U2000 to report events. Traps are the unrequested messages that the managed equipment automatically sends to the U2000. Traps are used to report emergent and important events. To enable the equipment to automatically send traps, you must configure the trap function.
Prerequisite
Telnet or STelnet parameters must be set on the equipment and the equipment information must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > VTY Service from the service tree. 3 On the VTY Service tab page, set Available Max VTY with up and down arrows. Click Apply.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 4-3
4 NE Channel Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 Select a VTY record in the VTY service view. Set VTY parameters through the related dropdown lists or text boxes. 5 Click Apply on the right of Synchronize. ----End
Prerequisite
Telnet or STelnet parameters must be set on the equipment and the equipment information must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > FTP Service from the service tree. 3 On the FTP Service tab page, determine whether to enable FTP Server and set FTP Server Timeout (Minute). If FTP Server is disabled, you cannot set FTP Server Timeout (Minute). 4 Click Apply.
NOTE
----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 NE Channel Management
Prerequisite
l l l The selected equipment must support the log service function on the U2000. Telnet or STelnet parameters must be set on the equipment and the equipment information must be synchronized to the U2000. The Syslog source interface and its IP address must be known.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Syslog Service from the service tree. 3 On the Syslog Service tab page, click Synchronize. 4 Click Enable or Disable to change the service status of the Syslog source interface.
NOTE
If the Syslog source of the host is in use, you cannot select the Syslog source interface from the drop-down list box. The displayed status button is Disable. Click Disable to disable the log source. Then, you can select the Syslog source interface from the drop-down list box. The status button that is displayed changes to Enable.
5 When the Syslog source is disabled, select the source interface for sending Syslog files from the drop-down list box, and then click Enable. ----End
Prerequisite
The IP address of the log host must be known.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Syslog Service from the service tree. 3 Right-click on the Syslog Service tab page and choose Create from the shortcut menu. 4 In the Create Log Host dialog box, set the related parameters. 5 Click OK.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 4-5
4 NE Channel Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
If more than one log host is created, the Create Log Host progress bar is displayed. After all the log hosts are created, click OK. ----End
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Syslog Service from the service tree. 3 On the Syslog Service tab page, click Advanced. 4 In the Advanced Configuration dialog box, set the parameters in the Log buffer and Log File areas. 5 Click OK. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 NE Channel Management
Prerequisite
The trap source interface and its IP address must be known.
Context
An SNMP trap, no matter which interface it comes from, carries a trap address, also called the address of the trap source interface. When you want to trace a certain event through the trap address, you can configure the trap source interface.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Trap Service from the service tree. 3 On the Trap Service tab page, click Synchronize. 4 Click Enable or Disable to change the service status of the trap source interface.
NOTE
If the trap source of the host is in use, you cannot select the trap source interface from the drop-down list box. The status button that is displayed is Disable. Click Disable to disable the trap source. Then, you can select the trap source interface from the drop-down list box. The status button that is displayed changes to Enable.
5 When the trap source is disabled, select the source interface for sending traps from the dropdown list box, and then click Enable. ----End
Prerequisite
The IP address of the trap receiving host must be known.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Trap Service from the service tree. 3 Right-click on the Trap Service tab page and choose Create from the shortcut menu. 4 In the Create Receiving Host dialog box, set the related parameters. 5 Click OK.
NOTE
If more than one receiving host is created, the Create Receiving Host progress bar is displayed. After the receiving hosts are created, click OK.
----End
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 4-7
4 NE Channel Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l The selected equipment must support the configuration of the trap service on the U2000. Telnet or STelnet parameters must be set on the equipment, and configurations on the equipment must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Trap Service from the service tree. 3 On the Trap Service tab page, click Send. 4 In the Configure Sending Module dialog box, do as follows: l Select the Global Configuration option button. Then, you can configure alarm control on all modules of the equipment, including Enable Function of All Non-excessive Alarms, Disable Function of All Non-excessive Alarms, Disable Function of All Excessive Alarms, and Disable All Alarms. l Select the Feature Configuration option button. Then, you can configure alarm control on certain feature modules of the equipment. To configure alarm control, you need to select a module node and then select the corresponding option button on the right. If you need to enable a certain excessive alarm, expand the feature module of the alarm and select the check box corresponding to this module.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 NE Channel Management
Prerequisite
l l The selected equipment must support the configuration of the trap service on the U2000. Telnet or STelnet parameters must be set on the the equipment, and configurations on the equipment must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose NE Channel Management > Trap Service from the service tree. 3 On the Trap Service tab page, click Advanced. 4 In the Advanced Configuration dialog box, set the related parameters. 5 Click OK. ----End
Issue 03 (2010-11-19)
4-9
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
5
About This Chapter
ACL Management
This topic describes the functions provided by the ACL management module, the methods of configuring these functions, and the example for configuring an ACL service. 5.1 ACL Management Overview This topic describes the functions and basic concepts of ACL management. 5.2 Process of Configuring an ACL Service This topic describes the process of configuring an ACL service. 5.3 Configuring a Time Range This topic describes how to configure the time range. You need to configure a time range for an ACL rule before enabling the ACL rule to take effect in the set time range. 5.4 Creating an ACL Group This topic describes how to create an ACL group. The ACL group is used to define the types, matching order, and step length of ACL rules. Before configuring an ACL rule, you need to create an ACL group. An ACL group can contain one or multiple ACL rules. 5.5 Configuring ACL Rules This topic describes ACL rules, including basic rules, advanced rules, interface rules, user group rules, and simple rules.. 5.6 Example for Configuring an ACL Service This topic describes how to configure an ACL service with an example.
Issue 03 (2010-11-19)
5-1
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
ACL Type
Based on application purposes, ACLs are classified into seven types, as shown in Table 5-1. Table 5-1 ACL types ACL Type Interface ACL Basic ACL Advanced ACL Ethernet frame ACL User group ACL Simple ACL Group Name Range 1000 to 1999 2000 to 2999 3000 to 3999 4000 to 4099 6000 to 9999 10000 to 42767
NOTE
The ACL type and group number vary according to equipment types and versions.
Matching Order
An ACL group can consist of multiple rules. These rules may be overlapped or contradictory. Thus, the matching order of ACL rules determines the priorities of the ACL rules to be matched with a packet.
5-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
There are two types of matching orders: l l Configuration order The ACL rules are matched according to their configuration order. Automatic order The automatic order follows the depth-first principle. The depth-first principle means that the statement specifying the smallest range of hosts is placed before the others. For basic ACL rules The source address wildcards are compared. If the source address wildcards are the same or cannot be compared, the ACL rules are matched with packets according to the configuration order. For advanced ACL rules The source address wildcards are compared. If the source address wildcards are the same, the destination address wildcards are then compared. If the destination address wildcards are also the same, the ranges of port numbers are compared. If the ranges of port numbers are still the same, the ACL rules are matched with packets according to the configuration order. For interface ACL rules The rules configured with "any" are compared last. Other rules are matched with packets according to the configuration order. If two ACL rules cannot be compared with each other, the ACL rules are matched with packets according to the configuration order.
Rule ID
When you configure certain rules, the system automatically generates an ID for each rule. A certain space exists between generated rule IDs so that new rules can be added among rules. The size of the space is determined by the ACL step. For instance, if the step is set to 5, IDs are the multiples of 5 (beginning with 5), that is, 5, 10, 15 and so on. The features of ACL rule IDs are as follows: l IDs of the ACL rules that are matched according to the configuration order If a rule ID is specified when the rule is configured with the configuration order, the specified rule ID determines the position where the rule is inserted. For example, the IDs of the rules in the system are 5, 10, and 15. If 7 is specified as the rule ID for a new ACL rule, the matching order of the rules is 5, 7, 10, and 15. l l IDs of the ACL rules that are matched according to the automatic order In the case of automatic order, you cannot specify an ID for a rule. Rules that take effect first The rule with the smallest rule ID takes effect first.
Inverse Mask
The masks of the IP addresses in the ACL are inverse masks, which are distinguished from the masks of interface IP addresses. When an IP address is compared with another one, the IP mask specifies the bits to be ignored in the IP address. The mask is represented by dotted decimal notation. In practice, the masks are compared in binary mode. The number of 1 in the inverse
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5-3
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
mask indicates the bit to be ignored in an IP address and the number of 0 indicates the bit to be reserved and compared.
Time Range
In practice, certain ACL rules may need to take effect in a specific time period or certain specific time periods. In this case, you can configure ACL rules to take effect according to time ranges. The time range defines the period during which an ACL rule is valid. A time range consists of three parts, as shown in Table 5-2. Table 5-2 Time range structure Part Time range name Absolute time range Periodic time range Description Indicates a time range. When configuring the ACL, you can use a name to describe a time range. Indicates a specific time range, including the start time and end time. Indicates a time range with the one-week interval. You can specify the days when the ACL takes effect in a week.
Start
End
5-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
5.3.1 Creating a Time Range This topic describes how to create a time range. 5.3.2 Creating an Absolute Time Range This topic describes how to create an absolute time range in a specified time range. 5.3.3 Creating a Periodic Time Range This topic describes how to create a periodic time range in a specified time range.
Prerequisite
Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000.
Context
l l When creating a time range, you must configure at least one periodic or absolute time range. Creating null time ranges is not allowed. You can configure multiple periodic or absolute time ranges for a time range.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > Time Range from the service tree. 3 On the Time Range tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Time Range dialog box, set Time Range Name. 5 Right-click in the Absolute Time Range area and choose Create from the shortcut menu. 6 In the Create Absolute Time Range dialog box, set the related parameters and click OK. 7 Right-click in the Periodic Time Range area and choose Create from the shortcut menu.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5-5
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 In the Create Periodic Time Range dialog box, set the related parameters and click OK.
Prerequisite
Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000.
Context
l l l You can enable a time range to take effect during the specific period by creating an absolute time range in the time range. You can create an absolute time range when creating a time range. For details, see 5.3.1 Creating a Time Range. The absolute time ranges in a time range must be different.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu.
5-6 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
2 Choose ACL Management > Time Range from the service tree. 3 On the Time Range tab page, click Query. 4 In the query result area, select a time range record. 5 On the Detail Information tab page, right-click in the Absolute Time Range area and choose Create from the shortcut menu. 6 In the Create Absolute Time Range dialog box, set the related parameters and click OK. 7 Click Apply. ----End
Prerequisite
Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000.
Context
l l l You can enable a time range to take effect at a specific time by creating a periodic time range in the time range. You can create a periodic time range when creating a time range. For details, see 5.3.1 Creating a Time Range. The periodic time ranges in a time range must be different.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > Time Range from the service tree. 3 On the Time Range tab page, click Query. 4 In the query result area, select a time range record. 5 On the Detail Information tab page, right-click in the Periodic Time Range area and choose Create from the shortcut menu. 6 In the Create Periodic Time Range dialog box, set the related parameters and click OK. 7 Click Apply. ----End
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Group from the service tree. 3 On the ACL Group tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create ACL Group dialog box, set the related parameters.
l l l
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
This topic describes how to create a basic rule. 5.5.2 Creating an Interface Rule This topic describes how to create an interface rule. 5.5.3 Creating an Advanced Rule This topic describes how to create an advanced rule. 5.5.4 Creating a User Group Rule This topic describes how to create a user group rule. 5.5.5 Creating a Simple Rule This topic describes how to create a simple rule. 5.5.6 Creating an Ethernet Frame Rule This topic describes how to create an Ethernet frame rule.
Prerequisite
l l l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000. A basic ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000. If a time range is configured, the time range must be synchronized.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > Basic Rule from the service tree. 3 On the Basic Rule tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Basic Rule dialog box, set the related parameters.
Issue 03 (2010-11-19)
5-9
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l l l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000. An interface ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000. Interface information on equipment must be synchronized to the U2000. If a time range is configured, the time range must be synchronized.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > Interface Rule from the service tree. 3 On the Interface Rule tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Interface Rule dialog box, set the related parameters.
5-10
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
Prerequisite
l l l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000. An advanced ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000. If a time range is configured, the time range must be synchronized.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > Advanced Rule from the service tree. 3 On the Advanced Rule tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Advanced Rule dialog box, set the related parameters.
Prerequisite
l l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000. A user group ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5-11
Issue 03 (2010-11-19)
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l l
User group configurations on equipment must be synchronized to the U2000. If a time range is configured, the time range must be synchronized.
Context
User group ACL rules are similar to advanced ACL rules. Their difference is that the user group ACL rules can also be defined according to user groups.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > User Group Rule from the service tree. 3 On the User Group Rule tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create User Group Rule dialog box, set the related parameters.
Prerequisite
l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
5-12
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
l l
A simple ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000. If a time range is configured, the time range must be synchronized.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > Simple Rule from the service tree. 3 On the Simple Rule tab page, click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Simple Rule dialog box, set the related parameters.
Prerequisite
l l Telnet or STelnet parameters must be set on the U2000 for accessing equipment and equipment configurations must be synchronized to the U2000. An Ethernet frame ACL group must be configured and ACL group configurations on equipment must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose ACL Management > ACL Rules > Ethernet Frame Rule from the service tree. 3 On the Ethernet Frame Rule tab page, click Create.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5-13
5 ACL Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Ethernet Rule dialog box, set the related parameters.
Networking Requirements
As shown in Figure 5-2, a company accesses the Internet through GE1/0/0 of an NE. The NE is connected to the Intranet through GE2/0/0. NEs are connected to each other through valid routes. The company provides WWW, FTP, and Telnet services for the equipment outside the Intranet. The internal subnet of the company is 129.38.1.0. The IP address of the internal FTP server is 129.38.1.1; the IP address of the internal Telnet server is 129.38.1.2; the IP address of the WWW server is 129.38.1.3. The networking requirements are as follows: l l Only the specified users outside the Intranet can access the servers on the Intranet. Only the specified hosts on the Intranet can access the external networks and they can access the external networks on only Saturday and Sunday.
Suppose that the IP address of a specified external user that can access the Intranet is 202.39.2.3.
5-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 ACL Management
FTP server
129.38.1.1/16
Telnet server
129.38.1.2/16
WWW server
129.38.1.3/16
129.38.1.4/16
GE2/0/0 129.38.1.5/16
WAN
GE1/0/0 202.38.160.1/16 202.39.2.3/16
Configuration Roadmap
1. 2. 3. Configure the time range during which the ACL takes effect. Configure an ACL group. Configure the rules for the ACL group.
Data Preparation
To configure the ACL service, you need the following data: l l l l ACL group number Source IP addresses that can access the Intranet Destination IP addresses that the hosts on the Intranet can access Data for configuring the time range
Configuration Procedure
1. 2. 3. Create a time range. For details, see 5.3.1 Creating a Time Range. In this example, the time range includes Saturday and Sunday. Create an ACL group. For details, see 5.4 Creating an ACL Group. In this example, an advanced ACL group is created. Create an advanced ACL rule. For details, see 5.5.3 Creating an Advanced Rule. In this example, do as follows to set the parameters: (1) On the Basic Information tab page, set the action to Permit. (2) On the Source Settings tab page, set the matching type to Specified IP Address, source IP address to 129.38.1.4, and wildcard to 0.0.0.0. (3) On the Destination Settings tab page, set the matching type to Specified IP Address, destination IP address to 202.39.2.3, and wildcard to 0.0.0.0. (4) On the Extend Settings tab page, select the created time range.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5-15
5 ACL Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
The ACL rule that allows the host 129.38.1.4 on the Intranet to access the external networks is configured. 4. Repeat step 3. configure the ACL rules that allow the internal servers 129.38.1.1, 129.38.1.2, and 129.38.1.3 to access external networks, and allow user 202.39.2.3 on the external network to access the internal servers.
Verifying Configurations
After the configuration, log in to equipment and run the display acl command to view the ACL configurations and confirm that the ACL rules take effect.
5-16
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
6
About This Chapter
This describes the related concepts and service configurations of the Ethernet OAM. Operation, Administration, and Maintenance (OAM) is a mechanism used to simplify network operations, test the network performance in real time, and reduce network operation costs. The Ethernet service OAM, based on the Ethernet service traffic, is used to provide the automatic check, fault location and performance check for the connectivity of the Ethernet link. 6.1 Ethernet OAM Management Overview This describes the functions and concepts of Ethernet OAM management. 6.2 Processes of Configuring the Ethernet OAM This describes the processes of configuring the Ethernet OAM. 6.3 Configuring Ethernet OAM Globally This describes how to configure Ethernet OAM on a device globally. Here, the global configurations refers to the Ethernet OAM configurations on a device. The configuration items affect the Ethernet OAM functions of a device. 6.4 Configuring 802.1ag OAM This describes how to configure 802.1ag OAM, such as creating the MD, MA, local MEP, remote MEP, and configuring the creation policy of the interface MIP. 6.5 Configuring 802.3ah OAM This describes how to configure 802.1ah OAM, such as specifying port parameters, synchronizing OAM sessions, and performing loopback tests. 6.6 Configuring Test Diagnosis This describes how to configure different types of test diagnosis tasks, such as the test diagnosis task based on 802.1ag, and general test diagnosis task.
Issue 03 (2010-11-19)
6-1
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
MD 0 MD 1 MD 2 MD 3
CE
MAN
Core
MAN
CE
6-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
MD
An MD is a network or part of the network for which connectivity faults need to be managed. Normally, an MD is a multiple spanning tree (MST) domain composed of multiple connected Ethernet switches. Part of the network inside an MD may be maintained by another administrator, that is, the MD may be nested. The MD level information in the CFM PDU is used to handle the OAM packets spanning different levels. The low-level OAM packets are discarded in high-level MDs whereas high-level OAM packets can be transmitted through low-level MDs. In this manner, the transmission of OAM packets is restricted to certain domains. In the network of Figure 6-2, MD 2 is contained in MD 1. The OAM packets of MD 1 need to be transmitted through MD 2. You can set MD 1 level to 6 and MD 2 level to 3, so that the OAM packets of MD 1 can be transmitted through MD 2 to implement CFM in MD 1 completely. The OAM packets of MD 2 cannot be transmitted to MD 1. Figure 6-2 MDs of different levels
......
MA
A maintenance association (MA) is a part of the MD. An MD can be divided into one or multiple MAs. On a device, an MA can associate with only one VLAN. Ethernet CFM performs connectivity fault detection on each MA. In the carrier network, one VLAN corresponds to one service instance. By dividing an MD into MAs, you can implement CFM on a network that transmits a certain service instance. You can create a maximum of 4096 MAs in an MD. You can create a maximum of 4096 MAs for a device. The level of an MA is equal to that of the MD where it resides.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-3
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
MEP
A maintenance association end point (MEP) is an edge node of the MA, as shown in Figure 6-3. Figure 6-3 MEP and MIP
MA
MEP MIP
MEPs, manually created, reside on the interfaces of CXs. The level of an MEP is the level of the MD to which the MEP belongs. For a network device enabled with Ethernet CFM, its MEP is called the local MEP. For the other devices in the same MA, their MEPs are called the remote maintenance association end points (RMEPs). MEPs are divided into two types: l inward: See MEP 1 in Figure 6-4. An inward MEP does not send CCMs through the interface on which it resides. The inward MEP sends CCMs through other interfaces in the VLAN that is associated with the MA to which the inward MEP belongs. The MA to which an inward MEP belongs must associate with a VLAN. outward: See MEP 2 and MEP 3 in Figure 6-4. An outward MEP sends CCMs through the interface on which it resides. The MA to which an outward MEP belongs does not have to associate with a VLAN.
6-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
VLAN3
Outward type MPE2 MPE3 Data flow send by MEP1 Data flow send by MEP2 Data flow send by MEP3
MIP
An MIP is an internal node of the MA, as shown in Figure 6-3. MIPs, residing on the interfaces of CXs, are automatically created by the CXs according to MIP creation policies. You can configure the global MIP creation policy on a device, or configure the interface MIP creation policy on a specified interface. The MIP creation policy is described as follows: l The type of the MIP creation policy is Default. The device is configured with MDs, but no interface on the device is configured with MEPs. The device is configured with MDs, the interfaces on the device are configured with MEPs, and the highest level of the MEP on the interfaces is smaller than that of the MD on the device. l The type of the MIP creation policy is Explicit. The interface is configured with MEPs, and the highest level of the MEP is smaller than that of the MD on the device. l The type of the MIP creation policy is None. MIPs cannot be automatically created on a device interface.
NOTE
The MIP level equals to the MD level, which is the lowest one of all levels higher than the highest MEP level.
Connectivity Check
Ethernet CFM divides the entire network into one or multiple MDs, and divides each MD into one or multiple MAs. By sending the CCM periodically between MEPs in the same MA, Ethernet CFM checks the Ethernet connectivity in the MA.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-5
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
An MEP periodically sends multicast CCMs to all the other MEPs inside the MA. If a certain MEP does not receive the CCM from the peer MEP within a certain time, it indicates that a fault occurs in a certain part of the MA.
CFM-BFD Binding
CFM-BFD binding is usually applicable to the following scenario: As shown in Figure 6-5, CEs are dual homed to PEs, which are connected over the MPLS network. To implement end-to-end link fault detection, BFD is configured for the MPLS LSP between PEs, and Ethernet OAM is configured between the CEs and PEs. When the BFD module on the core network side detects a fault, it notifies the Ethernet OAM module of it. Then, the CE is switched to the backup path. Figure 6-5 Application scenario of CFM-BFD binding
Y.1731
Y.1731 is an OAM protocol defined by the ITU-T. It provides test diagnosis and performance management (statistics on the packet loss ratio, frame delay, frame delay jitter, and throughput) besides implementing the E2E detection, loopback detection, and link tracing on the Metro Ethernet. Also, more message types, such as AIS, RDI, LCK (lock signal), TST (test signal), APS, MCC (maintenance channel management), EXP (experiment), VSP, LM, and DM. Compared with IEEE 802.1ag, functions such as performance management are added in Y.1731.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
In intrusive mode, that is, the 802.1ag intrusive LB, all frames are looped back. This mode can be used for offline testing. At present, the U2000 supports only the non-intrusive mode. l General LB The general LB is similar to 802.1ag LB in principle, but the general LB does not need to be initiated by the MEP and a destination node does not need to be an MEP. That is, you can perform the general LB test without configuring MD, MA, or MEPs on the source device, intermediate device, and destination device. l Multicast LB Before the configuration of an RMEP, all RMEPs can be discovered through multicast test diagnosis.
Issue 03 (2010-11-19)
6-7
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
No
Create an MA
Is the interface MIP policy modified? Yes Configure the interface MIP creation policy
No
No
Do the local MEP and remote MEP or MIP exist? Yes Create a OAM measure task
Mandatory Optional
6-8
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
No
Is the status of the OAM session Detected? Yes Set loopback test parameters
No
End
Context
OAM functions are unavailable when you perform the following operations: l l l
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click Ethernet OAM Global Configuration. 3 Configure Ethernet OAM globally.
NOTE
If data synchronization is not performed on the NE, perform data synchronization first.
6.4.1 Creating an MD
This describes how to create an MD. With this function, you can configure MDs for a device.
Prerequisite
CFM is enabled in Ethernet OAM Global Configuration.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management > 802.1ag, and then click MD Management. 3 On the MD Management tab, Click Create, or right-click in the query result area and select Create on the shortcut menu.
6-10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 In the Create MD dialog box, set MD parameters. 5 Click OK or Apply. The U2000 sets MD parameters on the device. ----End
6.4.2 Creating an MA
This describes how to create an MA. With this function, you can configure MAs for a device.
Prerequisite
l l CFM is enabled in Ethernet OAM Global Configuration. MDs are created.
Context
A maximum of 4096 MAs can be configured for a device.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management > 802.1ag, and then click MA Management. 3 On the MA Management tab, Click Create, or right-click in the query result area and select Create on the shortcut menu. 4 In the Create MA dialog box, set general MA parameters. You can do as follows to copy the MA information created by another equipment: 1. 2. Click the ... button to the right of the MD Name field and then select an MD. Click Select and select a piece of MA information created by another equipment. You can also modify the MA information copied from another equipment.
NOTE
Due to equipment version differences, certain parameters may be unable to be copied to the destination equipment.
5 Optional: On the Parameter of Alarm tab, set OAM alarm parameters. 6 Click OK or Apply. The U2000 sets MA parameters on the device. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l CFM is enabled in Ethernet OAM Global Configuration. MAs are created.
Context
l l l l You can create a local MEP on a device interface, either a GE interface, a common FE interface, or a trunk interface. For a CX380, a maximum of 16384 local MEPs can be configured. For devices of other types , a maximum of 32768 local MEPs can be configured. If an MA is not associated with any VLAN, the local MEP direction in the MA cannot be Inward or Outward. The level of the MIP on the interface cannot be lower than the level of any MEP on the interface. Thus, the creation of an MEP affects the MIP level.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management > 802.1ag, and then click Local MEP Management. 3 On the Local MEP Management tab, Click Create, or right-click in the query result area and select Create on the shortcut menu. 4 In the Create Local MEP dialog box, set the general parameters of a local MEP. You can do as follows to copy the local MEP information created by another equipment: 1. 2. Click the ... button to the right of the MD Name field and then select an MD for which an MA is created. Click Select and select a piece of MEP information created by another equipment. You can also modify the MEP information copied from another equipment.
NOTE
Due to equipment version differences, certain parameters may be unable to be copied to the destination equipment.
5 Optional: On the AIS VLAN Configuration tab, set alarm indication signal parameters. 6 Click OK or Apply. The U2000 sets the parameters of local MEPs on the device. ----End
Prerequisite
l
6-12
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l l
Context
l l For a device, a maximum of 16384 remote MEPs can be configured. For an MA, a maximum of 4096 remote MEPs can be configured.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management > 802.1ag, and then click Remote MEP Management. 3 On the Remote MEP Management tab, Click Create, or right-click in the query result area and select Create on the shortcut menu. 4 In the Create Remote MEP dialog box, you can set the related parameters. 5 Click OK or Apply. The U2000 configures the parameters of remote MEPs to the device. ----End
Prerequisite
l l l l CFM is enabled in Ethernet OAM Global Configuration. MDs are created. MAs are created. Local MEPs are created.
Context
When the type of the MIP creation policy is Default or Explicit on the U2000, the device automatically creates MIPs based on the policy. To generate an MIP, the interface needs to meet one of the following requirements: l The type of the MIP creation policy is Default. The interface does not need to be configured with MEPs. If the interface is configured with MEPs, the highest level of the MEP must be lower than that of the MD on the device. l The type of the MIP creation policy is Explicit. The interface must be configured with MEPs, and the highest level of the MEP must be lower than that of the MD on the device. l
Issue 03 (2010-11-19)
When the type of the MIP creation policy is None, the interface does not generate MIPs.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-13
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
If no MIP creation policy is configured on the specified interface, or the existing MIP creation policy is deleted, the interface inherits the global MIP creation policy.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management > 802.1ag, and then click MIP Policy Management. 3 On the MIP Policy Management tab, click Query. The device automatically generates MIP records according to certain rules and displays them in the query result area. 4 Select an MIP record, and then click the Configure Creation Policy drop-down list. You can also right-click the record and select Configure Creation Policy on the shortcut menu. You can reset the MIP creation policy of the interface. In this case, the configuration mode is changed accordingly. ----End
Prerequisite
EFM is enabled in Ethernet OAM Global Configuration.
Context
Setting port parameters is the prerequisite for detecting the connectivity of directly connected ports. It is also used to monitor errored frames, errored framing seconds, and errored symbols.
6-14 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click 802.3ah. 3 On the 802.3ah tab, click Query. Information about the available ports on the device is displayed. 4 Select the port, and then click Set, or right-click it and select Set on the shortcut menu. 5 In the Set Port dialog box, click the General and Advanced tabs to set the related parameters.
NOTE
The U2000 provides default values for parameters on the Advanced tab. It is recommended to adopt the default values rather than modify those parameters.
6 After port parameters are set, click OK or Apply. The U2000 applies all parameter values to the port. ----End
Prerequisite
EFM is enabled in Ethernet OAM Global Configuration.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click 802.3ah. 3 On the 802.3ah tab, click Query. Information about the available ports on the device is displayed.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-15
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 Select the port, and then click the OAM Session tab. Click Synchronize. 5 After the synchronization, you can view the status of the OAM session between the ports through EFM Protocol Status of Port. ----End
Prerequisite
The link between two ports is directly connected and packets can be transmitted over the link. The following requirements need to be satisfied: l l l EFM is enabled in Ethernet OAM Global Configuration. The EFM protocol is enabled on both ports. The status of the OAM session is Detection on at least one port.
Context
The current services of the tested port are terminated when a loopback test is performed.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click 802.3ah. 3 On the 802.3ah tab, click Query. Information about the available interfaces is displayed in the query result area. 4 Select the port, click Loopback Test, or right-click it and then select Loopback Test on the shortcut menu. 5 Optional: In the Loopback Test dialog box, click Set. 6 In the dialog box that is displayed, set the related parameters.
NOTE
The parameters in the dialog box varies according to device types. The CX600 is taken as an example here. The U2000 provides default values for test parameters. It is recommended to adopt the default values.
7 After configuring the related parameters, click OK to close the Test Parameter dialog box. 8 In the Loopback Test dialog box, click Run.
6-16 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
9 In the Confirm dialog box, click OK. The U2000 starts the loopback test of the interface. 10 When the loopback test is complete, click Close to close the dialog box. ----End
Prerequisite
l l The current MA is associated with a VLAN. The local MEP is configured on the current MA. To be specified as an outbound interface, an interface needs to meet the following conditions: It is not configured with any inward MEP. It has been added to the VLAN that is associated with the current MA. l l The destination node can be either the remote MEP or the MIP. If the remote MEP serves as the destination node, you need to specify this remote MEP for the current local MEP. The intermediate devices of the tested link do not need to be configured with MD, MA or MEPs.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-17
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
The U2000 supports the configuration of a maximum of 4096 test diagnosis tasks based on 802.1ag on one device.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click Test Diagnosis. 3 On the Test Diagnosis tab, click the Task Type drop-down list and select Test Diagnosis Task Based on 802.1ag. 4 Click Create, or right-click in the query result area and select Create on the shortcut menu. 5 Set test diagnosis parameters in the Create Test Diagnosis Task Based on 802.1ag dialog box.
6 Optional: Click Set to the right of Diagnosis Parameter, and you can configure the test diagnosis parameters. You can also adopt the default values provided by the U2000.
NOTE
The U2000 provides default values for test diagnosis parameters. It is recommended to adopt the default values rather than modify the parameters.
7 After setting the related parameters, click OK. 8 If the Immediate Run check box is selected, the Confirm dialog box is displayed. Click OK. The U2000 creates a test diagnosis task, and performs the task based on the set parameters. In the Run Test Diagnosis Task dialog box, you can view the operation process. If the test diagnosis fails to be performed, an error prompt is displayed. When the operation is complete, click Close to close the dialog box. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
MIP. That is, you can perform the general LB or LT test without configuring MD, MA, or MEPs on the source device, intermediate device, and destination device.
Prerequisite
l l If LB is adopted, you need to enable G-MAC ping in global configuration. If LT is adopted, you need to enable G-MAC trace in global configuration.
Context
The U2000 supports the configuration of a maximum of 4096 general test diagnosis tasks on a device.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand Ethernet OAM Management, and then click Test Diagnosis. 3 On the Test Diagnosis tab, click the Task Type drop-down list and select General Test Diagnosis Task. 4 Click Create, or right-click in the query result area and select Create on the shortcut menu. 5 Set test diagnosis parameters in the Create General Test Diagnosis Task dialog box.
6 Optional: Click Set to the right of Diagnosis Parameter, and then you can set the test diagnosis parameters. You can also adopt the default values provided by the U2000. 7 After setting the related parameters, click OK. 8 If the Immediate Run check box is selected, the Confirm dialog box is displayed. Click OK. The U2000 creates a test diagnosis task, and performs the task based on the set parameters. In the Run Test Diagnosis Task dialog box, you can view the operation progress. If the test diagnosis fails to be performed, an error prompt is displayed. When the operation is complete, click Close to close the dialog box. ----End
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6-19
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
7
About This Chapter
Route Management
This topic describes the basic concepts of route management and instructs users to configure routes. 7.1 Route Management Overview This topic describes the functions and related concepts of route management. 7.2 Viewing Routing Information This topic describes how to view route information and route configurations. The route information includes information and statistics about the routing table and FIB table. You can locate the route faults according to route information. 7.3 Creating a Static Route This topic describes how to create a static route on an NE. In the case of a simple network, you need to configure only static routes so that the network can work normally. The U2000 supports common static routes and the static routes being associated with VPN instances. 7.4 Creating a BGP Route This topic describes how to create a BGP route on an NE. 7.5 Creating an OSPF Route This topic describes how to create an OSPF route on an NE. 7.6 Creating an IS-IS Route This topic describes how to create an IS-IS route on an NE. 7.7 Creating a Routing Policy This topic describes how to query, create, modify, delete, and synchronize a routing policy. You can query the newly created routing policies when configuring BGP routes, OSPF routes, or ISIS routes. 7.8 Viewing Running Information This topic describes how to view running information on an NE. The information in the query result area can be saved, copied, and searched.
Issue 03 (2010-11-19)
7-1
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Static Route
Static routes are manually configured and managed by the network administrator.
7-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
On a simple network, you need to configure only static routes so that the network can run normally. Proper configuration and use of static routes improve the network performance and guarantee the required bandwidth for important applications. When a fault occurs on a static route or when the topology changes, the static route, however, cannot change automatically and must be modified by the network administrator.
Default Route
A default route is another special route. Generally, a default route can be manually configured. A default route can also be generated through dynamic routing protocols, such as OSPF and ISIS. The default route is used only when no matching entry exists in the routing table. In the routing table, the default route is destined for the network 0.0.0.0 with the mask being 0.0.0.0. If the destination address of a packet does not match any entry in the routing table, the router selects a default route to forward this packet. If no default route exists and the destination address of the packet does not match any entry in the routing table, the packet is discarded. In this case, an ICMP packet is sent to notify the originating host that the destination host or network is unreachable.
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
address, you can set the same preference for these routes to implement load balancing. You can also set different preferences to implement routing redundancy.
BGP Route
There are many ASs on the Internet, and each AS has its own rules. For example, two ISPs run different routing protocols in their individual AS. At the same time, the ISPs need to exchange information, so the Internet traffic flows in and out their ASs. As a dynamic routing protocol used between ASs, BGP is widely applied among ISPs. BGP uses the TCP with the port number being 179 as the transport layer protocol. The reliability of BGP is thus enhanced. BGP runs on a router in either of the following modes: l l IBGP EBGP
OSPF Routes
Defined by the IETF, OSPF is a link-state IGP. At present, OSPF version 2 (defined in RFC 2328) is intended for IPv4.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
NBMA: If the link layer protocol is FR, ATM, or X.25, OSPF defaults the network type to NBMA. In this type of networks, protocol packets, such as Hello packets, DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in unicast mode. P2MP: Regardless of the type of the link layer protocol, OSPF does not default the network type to P2MP. A P2MP network must be forcibly changed from other network types. The common practice is to change a non-fully connected NBMA network to a P2MP network. On the networks of this type, protocol packets, such as Hello packets, DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in multicast mode through multicast address 224.0.0.5. P2P: If the link layer protocol is PPP, HDLC, or LAPB, OSPF defaults the network type to P2P. On the networks of this type, protocol packets, such as Hello packets, DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in multicast mode through the multicast address 224.0.0.5.
IS-IS Routes
The IS-IS is a dynamic routing protocol initially designed by the ISO for its CLNP. As an IGP, IS-IS is used in ASs. IS-IS is a link state protocol. It uses the SPF algorithm to calculate routes.
For an NBMA network such as the ATM, you should configure its sub-interfaces as P2P interfaces. IS-IS cannot run on the P2MP networks.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > Routing Information from the service tree. 3 Select the route information to be queried from the View Routing Information drop-down list. 1. If you select Routing Table, set VPN Name in the Condition area. Click Condition to set Protocol and Destination IP Address.
NOTE
In the Condition area, select Details to view details about the routing table.
2. 3.
If you select Route Statistics, in the Condition area, set VPN Name. If you select FIB Table and FIB Statistics, in the Condition area, set VPN Name. Click Condition to set Slot No..
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 7-5
Issue 03 (2010-11-19)
7 Route Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
When you select FIB Table, select FIB Details to view details about the FIB table.
4. 5.
If you select BGP Routing Table, in the Condition area, set VPN Name. Click Condition to set IP Address. If you select OSPF Routing Table, in the Condition area, set OSPF Process ID. Click Condition to set Destination IP Address, Outgoing Interface, and Destination Router ID. If you select IS-IS Routing Table, in the Condition area, set IS-IS Process ID. Click Condition to set Router Level, Destination IP Address, and Mask. If you select Configuration Information, in the Condition area, set Protocol Type.
6. 7.
You can save, copy, and search the displayed route information. : saves the route information displayed in the query result area to the local disk in a TXT file. : copies the selected route information in the query result area to the clipboard. : searches the required information in the route information displayed in the query result area by keyword.
Prerequisite
The data of the route management must be synchronized to the U2000.
Context
If the destination IP address and subnet mask are 0.0.0.0, this route is the default route.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > Static Route from the service tree. 3 Click Create. Set corresponding parameters.
7-6
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
4 After the settings, click OK to return to the Static Route tab page. The information about the newly created static route is displayed in the query result area.
NOTE
In the query result area, Deployment Status indicates whether the configurations on the U2000 are deployed on NEs. If so, Deployed is displayed; if not, Undeployed is displayed.
----End
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
This topic describes how to distribute a route, that is, how to statically add a route in the local routing table to the BGP routing table and distribute it to a peer. 7.4.6 Creating a VPN Instance Address Family This topic describes how to create a VPN instance address family on an NE to manage the routes of VPNs with overlapped address spaces. 7.4.7 Setting a VPN IPv4 Address Family This topic describes how to enable the VPN IPv4 address family on an NE. After the VPN IPv4 address family is enabled, flexible VPN access control and diversified VPN networking schemes can be implemented. 7.4.8 Creating a VPLS Address Family This topic describes how to create a VPLS address family. When configuring Kompella VPLS, you can use BGP as signaling. BGP-VPLS and common BGP use the same TCP connection, and VGP-VPLS inherits most features of common BGP. As the VPLS label block information is exchanged, you need to enable the peer to exchange VPLS label blocks.
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Basic Information from the service tree. 3 On the Basic Information tab page, select Enable BGP Status and set Local AS No., Router ID, Enable GR Status, BGP Session Rebuild Time, and End-of-RIB Waiting Time. 4 Click Apply to complete the configurations. ----End
Prerequisite
l l l l The selected equipment must support the BGP configuration. The data of the route management must be synchronized to the U2000. The peer group members to be added to the peer group must be available. Before you configure basic BGP functions, the IP addresses of adjacent stations at the network layer must be pinged through.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
7-8
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
Context
l l l The peer group AS number is specified only when you create the EBGP peer group. The peer group name uniquely identifies the peer group. It is mandatory and is used to ease management. The peer groups are classified into three types: the IBGP peer group, pure EBGP peer group, and hybrid EBGP peer group.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Peer Group from the service tree. 3 Click Create. 1. Click the General tab and set the related parameters.
2.
Click the Routing Policy tab and set the related parameters.
Issue 03 (2010-11-19)
7-9
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3. 4.
Click the Password Verification tab. Then, set Password Type, and then enter the values of New Password and Confirm Password. Click the Member tab, and then click Select. The Select Peer list box is displayed. You can select the peers to be added.
4 After the settings, click OK to return to the Peer Group tab page. The information about the newly created BGP peer group is displayed in the query result area.
NOTE
In the query result area, Deployment Status indicates whether the configurations on the U2000 are deployed on NEs. If so, Deployed is displayed; if not, Undeployed is displayed.
----End
Prerequisite
l l l The selected equipment must support the BGP configuration. The data of the route management must be synchronized to the U2000. Before you add a BGP peer, the IP addresses of adjacent stations at the network layer must be pinged through.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Peer from the service tree. 3 Click Create.
7-10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
1.
2.
Click the Routing Policy tab and set the related parameters.
3.
Click the Password Verification tab. Then, set Password Type, and then enter the values of New Password and Confirm Password.
4 After the settings, click OK to return to the Peer tab page. The information about the newly created BGP peer is displayed in the query result area.
Issue 03 (2010-11-19)
7-11
7 Route Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
In the query result area, Deployment Status indicates whether the configurations on the U2000 are deployed on NEs. If so, Deployed is displayed; if not, Undeployed is displayed.
----End
Prerequisite
l l BGP and IGP must be configured on the selected equipment and run normally. The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Import Route from the service tree. 3 Click Create. Then, set Protocol, Process ID, MED Value, and Routing Policy. 4 After the settings, click OK to return to the Import Route tab page. The information about the newly imported route is displayed in the query result area. ----End
Prerequisite
l l l BGP must be configured on the selected equipment and runs normally. The network segment routes to be advertised must exist in the local IP routing table. Using routing policies, you can control the routes to be advertised more flexibly. The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Route Distribution from the service tree. 3 Click Create and set IP Address, Mask and Routing Policy. 4 After the settings, click OK to return to the Route Distribution tab page.
7-12 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
The information about the newly distributed route is displayed in the query result area. ----End
Prerequisite
l l BGP and VPN instances must be configured on the selected equipment and run normally. The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Private Network Route > VPN Instance Address Family from the service tree. 3 Click Create and set the related parameters. 1. 2. Click the General tab. Then, set VPN Instance Name and Auto FRR. On the Peer Group tab page, click Create. Then, set related parameters.
NOTE
The operations on the Peer Group tab page are similar to those on the Public Network Route tab page. For details, see Creating a BGP Peer Group.
3.
The operations on the Peer tab page are similar to those on the Public Network Route tab page. For details, see Creating a BGP Peer.
4.
On the Import Route tab page, click Create. Then, set related parameters.
NOTE
The operations on the Import Route tab page are similar to those on the Public Network Route tab page. For details, see Importing an External Route.
5.
On the Distribute Route tab page, click Create. Then, set related parameters.
NOTE
The operations on the Distribute Route tab page are similar to those on the Public Network Route tab page. For details, see Distributing a Route.
4 After the settings, click OK to return to the VPN Instance Address Family tab page. The information about the newly created VPN instance address family is displayed in the query result area. ----End
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l BGP and VPN instances must be configured on the selected equipment and run normally. The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Private Network Route > VPN IPv4 Address Family from the service tree. 3 Select Enable VPN IPv4 Family and set the related parameters. 4 Optional: Select VPN-target filter and determine whether to perform VPN-Target filtering. 5 Set filter number to specify the reflection policy for the route reflector. In this manner, the route reflector can flexibly send and receive specified routes. 6 Click Advanced. In the dialog box that is displayed, click Select, and then select and set peer parameters. 7 After the peer of the VPN IPv4 address family is configured, click OK to return to the VPN IPv4 Address Family tab page. 8 Click Advanced. In the dialog box that is displayed, click Select, and then select and set peer group parameters. 9 After the peer group of the VPN IPv4 address family is configured, click OK to return to the VPN IPv4 Address Family tab page. 10 Click Apply. ----End
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Private Network Route > VPLS Address Family from the service tree. 3 Select Enable VPLS Address Family and set the related parameters.
7-14 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
4 Click Advanced and set the parameters related to the VPLS address family peer. 5 Click Advanced and set the parameters related to the VPLS address family peer group. 6 Click Apply. ----End
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > OSPF Route > OSPF Process from the service tree. 3 Click Create and set the related parameters. 1. 2. Click the General tab and set Process ID, Description, Router ID, and VPN Name. Click the Area tab. Then, click Create, and set Area No., Area Description, Area Type, Area Default Cost, Non-Convergent, Route Distribution, Authentication Mode, and Virtual Link.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 7-15
Issue 03 (2010-11-19)
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
3.
Optional: Click the Import Route tab. l Click Create. Then, set Protocol, Process ID, Cost, and Routing Policy. l Click Advanced. Then, select Enable Default Routing Notification and set Type, Cost, LSA Type, and Routing Policy.
4.
Optional: Click the Advanced tab. l In the Filter Route area, click Set. Then, set the Import policy and Export policy. l In the Optimize Route area, set the interval for calculating OSPF routes. Select Enable Opaque LSA to enable Opaque LSA and select Enable OSPF GR to enable GR. l In the VPN area, click Set. Then, set Route Tag, Disable VPN Route Loop Detection, Main Domain ID, and Secondary Domain ID.
NOTE
After selecting VPN Name and the corresponding VPN on the General tab page, you can perform this step.
l In the Route Aggregation area, click Set. In the displayed dialog box, click Create to set Object, Area, IP Address, Mask, Advertise, and Cost. l In the Other area, click Set. In the dialog box that is displayed, click Select to select related silent interfaces. 4 After the settings, click OK to return to the OSPF Process tab page. The information about the newly created OSPF process is displayed in the query result area.
NOTE
In the query result area, Deployment Status indicates whether the configurations on the U2000 are deployed on NEs. If so, Deployed is displayed; if not, Undeployed is displayed.
----End
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > OSPF Route > OSPF Interface from the service tree. 3 Click Create and set Interface Name, Network Type, Hello, and Cost.
NOTE
The numbers of available network types vary with the types of interfaces.
4 After the settings, click OK to return to the OSPF Interface tab page. The information about the newly created OSPF interface is displayed in the query result area. ----End
7-16 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > IS-IS Route > IS-IS Process from the service tree. 3 Click Create and set the related parameters. 1. 2. Click the General tab and set Process ID, Network Entity, Route Level, Cost Type and VPN Name. Optional: Click the Import Route tab. l In the Route Leaking Area, set the Level-1 to Level-2 and Level-2 to Level-1. l In the Import External Route area, click Create to set Protocol Type, Process ID, Route Level, Import Cost Type, Cost, and Routing Policy. l To set default route advertisement, click Set and Set Default Route Advertisement to set Route Advertise Condition, Route Level, Cost, and Avoid Learning of Default Route. 3. Optional: Click the Advanced tab. l In the Filter Route area, click Set. Then, set the Import policy and Export policy. l In the Route Aggregation area, click Set to set IP Address, Mask, Avoid Feedback, Generate Null0 Route, Tag and Route Level. l In the IS-IS Adjustment and Optimization area, click Set. In the dialog box that is displayed, set SPF Timer and LSP Flash Flood. l In the IS-IS Process Authentication area, click Set. In the dialog box that is displayed, set Set IS-IS Process Domain Authentication.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 7-17
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l Select Enable_Auto FRR and set LFA IS-IS Level. l Select Configure Global Cost and set Level-1 Cost and Level-2 Cost. l Select Enable GR and set Restart Interval. 4 After the settings, click OK to return to the IS-IS Process tab page. The information about the newly created IS-IS process is displayed in the query result area.
NOTE
In the query result area, Deployment Status indicates whether the configurations on the U2000 are deployed on NEs. If so, Deployed is displayed; if not, Undeployed is displayed.
----End
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > IS-IS Route > IS-IS Interface from the service tree. 3 Click Create and set the related parameters.
7-18
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
4 After the settings, click OK to return to the IS-IS Interface tab page. The information about the newly created IS-IS interface is displayed in the query result area. ----End
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > Routing Policy from the service tree. 3 Click Create and set Policy Name, Node Information, and Rule Information. 4 After the settings, click OK to return to the Routing Policy tab page. The information about the newly created routing policy is displayed in the query result area. ----End
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
the running faults according to the information in the query result area, and save, copy, and search the information in the query result area.
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Peer Group or Route Management > BGP Route > Private Network Route > VPN Instance Address Family from the service tree. 3 Click Query. All the peer group records or VPN instance records are displayed in the query result area. 4 Right-click a record and choose View Running Information > BGP Peer Group Information. 5 In the BGP Peer Group Information dialog box that is displayed, set VPN and then click Display. The information about the BGP peer group is displayed in the query result area. ----End
Follow-up Procedure
You can save, copy, and search the information about the queried BGP peer group. : saves the information displayed in the query result area to the local disk in a TXT file. : copies the selected information in the query result area to the clipboard. : searches the required information in the information displayed in the query result area by keyword.
Prerequisite
The data of the route management must be synchronized to the U2000.
7-20 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > BGP Route > Public Network Route > Peer or Route Management > BGP Route > Private Network Route > VPN Instance Address Family from the service tree.
NOTE
On the VPN Instance Address Family tab page, the running information that is displayed includes only the BGP peer information. The reason is that each record in the VPN instance address family represents a VPN instance, but the BGP peer log information and BGP peer statistics are based on a single peer.
3 Click Query. All the peer records or VPN instance records are displayed in the query result area. 4 To view the information about a BGP peer, right-click a record in the query result area and choose View Running Information > BGP Peer Information from the shortcut menu. 5 In the BGP Peer Information dialog box that is displayed, set VPN and then click Display. The information about the BGP peer is displayed in the query result area. 6 To view the information about a BGP peer, right-click a record in the query result area and choose View Running Information > BGP Peer Log Information from the shortcut menu. 7 In the BGP Peer Log Information dialog box that is displayed, click Display. The information about the BGP peer log is displayed in the query result area. 8 Optional: To view the information about a BGP peer, right-click a record in the query result area and choose View Running Information > BGP Peer Statistic Information from the shortcut menu. 9 Optional: In the BGP Peer Statistic dialog box that is displayed, the statistics about the BGP peer are displayed.
NOTE
Certain equipment does not support the ability to view statistics about the BGP peer. Therefore, Step 8 and Step 9 are not applicable to these equipments.
----End
Follow-up Procedure
You can save, copy, and search the information about the queried BGP peer. : saves the information displayed in the query result area to the local disk in a TXT file. : copies the selected information in the query result area to the clipboard. : searches the required information in the information displayed in the query result area by keyword. The statistics about the BGP peer cannot be saved, copied, or searched.
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
locate the running faults according to the information in the query result area, and save, copy, and search the information in the query result area.
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > OSPF Route > OSPF Process from the service tree. 3 Click Query. All the OSPF process records are displayed in the query result area. 4 To view an OSPF summary, right-click a record in the query result area and choose View Running Information > OSPF Summary Information from the shortcut menu. 5 In the OSPF Summary Information dialog box that is displayed, click Display. The information about the OSPF summary is displayed in the query result area.
NOTE
To view the OSPF summary information of a specified process, you can manually enter the value of Process ID.
6 To view an OSPF summary, right-click a record in the query result area and choose View Running Information > OSPF LSDB Information from the shortcut menu. 7 In the OSPF LSDB Information dialog box that is displayed, set Link Type and click Display. The information about the OSPF LSDB is displayed in the query result area.
NOTE
To view the OSPF LSDB information of a specified process, you can manually enter the value of Process ID.
8 To view a virtual link, right-click a record in the query result area and choose View Running Information > OSPF Virtual Link Information from the shortcut menu. 9 In the OSPF Virtual Link Information dialog box that is displayed, click Display. The information about the OSPF virtual link is displayed in the query result area.
NOTE
To view the OSPF virtual link information of a specified process, you can manually enter the value of Process ID.
10 To view error information, right-click a record in the query result area and choose View Running Information > OSPF Error Information from the shortcut menu. 11 In the OSPF Error Information dialog box that is displayed, set Error Type and click Display. The OSPF error information is displayed in the query result area.
NOTE
To view the OSPF error information of a specified process, you can manually enter the value of Process ID.
----End
7-22 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
7 Route Management
Follow-up Procedure
You can save, copy, and search the queried OSPF running information. : saves the information displayed in the query result area to the local disk in a TXT file. : copies the selected information in the query result area to the clipboard. : searches the required information in the information displayed in the query result area by keyword.
Prerequisite
The data of the route management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose Route Management > IS-IS Route > IS-IS Process from the service tree. 3 Click Query. All the IS-IS process records are displayed in the query result area. 4 To view IS-IS summary information, right-click a record in the query result area and choose View Running Information > IS-IS Summary Information from the shortcut menu. 5 In the IS-IS Summary Information dialog box that is displayed, click Display. The information about the IS-IS summary is displayed in the query result area.
NOTE
To view the IS-IS summary information of a specified process, you can manually enter the value of Process ID.
6 To view IS-IS summary information, right-click a record in the query result area and choose View Running Information > IS-IS LSDB Information from the shortcut menu. 7 In the IS-IS LSDB Information dialog box that is displayed, click Display. The information about the IS-IS LSDB is displayed in the query result area.
NOTE
To view the IS-IS LSDB information of a specified process, you can manually enter the value of Process ID and select Route Level.
----End
Follow-up Procedure
You can save, copy, and search the queried IS-IS running information. : saves the information displayed in the query result area to the local disk in a TXT file.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 7-23
7 Route Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
: copies the selected information in the query result area to the clipboard. : searches the required information in the information displayed in the query result area by keyword.
7-24
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
8
About This Chapter
MPLS Management
This topic describes the basic concepts of MPLS and the MPLS management functions provided by the U2000. It also describes how to configure the related MPLS functions. 8.1 MPLS Management Overview This topic describes the basic concepts of MPLS and the MPLS management functions provided by the U2000. 8.2 Configuring MPLS and MPLS TE This topic describes how to configure MPLS and MPLS TE on the NE and also describes the related precautions. 8.3 Creating a Static LSP Segment This topic describes the procedure for creating a static LSP segment. You can use this procedure to create a static LSP segment or a static CR-LSP segment. 8.4 Configuring a Tunnel This topic describes tunnel-related configuration operations, such as creating a tunnel, setting tunnel parameters, creating an explicit path and so on. 8.5 Configuring MPLS OAM Detection This topic describes how to configure MPLS OAM detection, including MPLS OAM ingress detection and MPLS OAM egress detection. 8.6 Creating a Protection Group This topic describes how to create a protection group for the working tunnel. 8.7 Counting LSPs This topic describes how to count different types of LSPs on the current equipment. 8.8 Viewing a Label FIB This topic describes how to view a label FIB. 8.9 Maintaining an MPLS Service This topic describes how to maintain an MPLS service.
Issue 03 (2010-11-19)
8-1
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
FEC
The FEC is a term used in MPLS, a packet forwarding technology, to describe a group of packets that can be forwarded in the same manner. Packets of the same FEC are processed in exactly the same manner on MPLS networks. FECs are classified according to the source IP address, destination IP address, source port, destination port, protocol type, or VPN, or a random combination of these conditions. For example, in the traditional IP forwarding that adopts the longest match algorithm, the FEC refers to the packets with the same destination IP address.
8-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
Label
A label is a short identifier of fixed length that is only of local significance. A label is used to uniquely identify the FEC to which a packet belongs. In certain cases such as load balancing, an FEC may correspond to multiple labels. A label, however, can represent only one FEC. A label does not contain topology information. It is carried in the header of a packet and is of only local significance. A label contains four bytes. Figure 8-1 shows the encapsulation structure of a label. Figure 8-1 Encapsulation structure of a label
0 Lable 19 Exp 22 S 23 TTL 31
LDP
As an MPLS control protocol, LDP is used for classifying FECs, distributing labels, and setting up and maintaining LSPs. It functions like the signaling protocol on traditional networks. LDP defines the messages in label distribution and the related message handling processes. Through LDP, LSRs can directly map routing information at the network layer to the switched paths at the data link layer. As a result, LSPs are set up at the network layer. An LSP may be set up between two neighboring LSRs or end at a network egress node, enabling labels to be switched on all the transit nodes of the network. MPLS supports multiple label distribution protocols. It supports protocols tailored for label distribution, such as LDP and CR-LDP. It also supports the protocols supporting label distribution after extension, such as BGP and RSVP.
LSP
An LSP is the path that an FEC passes through on an MPLS network. The LSP is a unidirectional path from the ingress to the egress. It functions like the virtual circuit in ATM and FR. LSPs are classified into two types: static LSP and dynamic LSP. Static LSPs are manually configured by the administrator while dynamic LSPs are dynamically generated through the routing protocol and LDP.
MPLS OAM
OAM is a key method of reducing network maintenance costs. The MPLS OAM mechanism is used at the MPLS layer. MPLS supports multiple Layer 2 and Layer 3 protocols, such as IP, FR, ATM, and Ethernet. MPLS provides an OAM mechanism that is independent of the upper and lower layers. The functions of the MPLS OAM mechanism on the user plane are as follows: l
Issue 03 (2010-11-19)
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l l
Measuring network utilization and performance Performing protection switching in the case of link failures to provide services according to the SLA signed with customers
With the MPLS OAM mechanism, you can detect, identify, and locate the faults inside the MPLS network, and take effective measures to rectify these faults according to the fault reports of this mechanism. MPLS OAM also provides a mechanism for triggering protection switching. For details about MPLS OAM, see ITU-T Recommendation Y.1710.
Prerequisite
l l l The MPLS data of the NE must be synchronized to the U2000. The IP address of the related interface must be configured. Enabling MPLS is a prerequisite to MPLS L2VPN, and MPLS OAM configuration.
Context
l l If you disable MPLS on a set of NE, all the MPLS configurations on the NE are deleted. Before enabling MPLS, you need to configure the related LSR ID.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > MPLS Configuration > MPLS Base Configuration from the service tree. 3 Click Synchronize. 4 On the MPLS Base Configuration tab page, set MPLS, MPLS L2VPN, and MPLS OAM parameters as required.
8-4 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
NOTE
5 After the settings, click Apply. 6 In the Confirm dialog box, click OK. The configurations are applied to the NE. ----End
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. MPLS must be enabled on the NE.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > MPLS Configuration > MPLS TE Configuration from the service tree. 3 On the MPLS TE Configuration tab page, set MPLS TE parameters as required.
NOTE
l Before enabling MPLS TE, you need to enable MPLS. l Before enabling CSPF and RSVP-TE, you need to enable MPLS TE.
Issue 03 (2010-11-19)
8-5
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 In the OSPF TE and IS-IS TE areas, set the related parameters. 5 Optional: Click Advanced. 1. 2. In the Advanced MPLS TE Property of NE dialog box, click the MPLS TE tab. On the MPLS TE tab page, set MPLS TE parameters.
3. 4.
Click the RSVP-TE tab. On the RSVP-TE tab page, set RSVP-TE parameters.
8-6
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
5.
After setting parameters in the Advanced MPLS TE Property of NE dialog box, click OK.
6 On the MPLS TE Configuration tab page, click Apply. 7 In the Confirm dialog box, click OK. The configurations are applied to the NE. ----End
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. MPLS and MPLS TE are enabled on the NE.
Context
Figure 8-2 shows the constraint relations among the parameters about NE MPLS, NE MPLS TE, NE RSVP-TE, and interface RSVP-TE.
Issue 03 (2010-11-19)
8-7
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > MPLS Configuration > MPLS Interface from the service tree. 3 On the MPLS Interface tab page, click Query. 4 Select the interface on which MPLS and MPLS TE are to be configured. 5 In the details area, click the MPLS tab. 6 On the MPLS tab page, set interface MPLS parameters as required.
7 In the details area, click the MPLS TE tab. 8 On the MPLS TE tab page, set interface MPLS TE parameters as required.
8-8
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
9 In the details area, click the LDP tab. 10 On the LDP tab page, set interface LDP parameters as required.
11 Optional: Click Advanced. 12 Optional: In the Advanced MPLS TE Property of Interface dialog box, click the MPLS TE tab. 13 Optional: On the MPLS TE tab page, set MPLS TE parameters.
NOTE
The Advanced button and the MPLS TE tab are available only when you select the Enable MPLS TE check box in the details area.
Issue 03 (2010-11-19)
8-9
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 In the Advanced MPLS TE Property of Interface dialog box, click the RSVP-TE tab and then set RSVP-TE parameters on this tab page.
NOTE
The RSVP-TE tab is available only when you select the Enable RSVP-TE check box in the details area.
15 Optional: After setting parameters in the Advanced MPLS TE Property of Interface dialog box, click OK. 16 On the MPLS TE tab page, click Apply.
8-10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
17 In the Confirm dialog box, click OK. The configurations are applied to the NE. ----End
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. MPLS must be enabled on the related NE and interface.
Context
Static LSP segments are classified into two types: static LSP segments and static CR-LSP segments.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Static LSP Segment from the service tree. In the query condition area, click Query to display all static LSP segments. 3 Right-click in the query result area and choose Add from the shortcut menu. 4 In the Add Static LSP Segment dialog box, set the parameters of the static LSP segment.
5 After setting the parameters, click OK. In the subsequent Confirm dialog box, click OK. ----End
Issue 03 (2010-11-19)
8-11
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l l The MPLS data of the NE must be synchronized to the U2000. MPLS must be enabled on the related NE and interface. MPLS TE and MPLS RSVP-TE must be enabled on the related NE and interface.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Tunnel Configuration from the service tree. 3 On the Tunnel Configuration tab page, click Query to display all tunnels. 4 Right-click in the query result area and choose Add from the shortcut menu. 5 In the Add Tunnel dialog box, click the Basic tab and then set the basic parameters of the tunnel service.
NOTE
l The parameters on the Basic tab page are mandatory, whereas the parameters on other tab pages are optional. l If the selected NE does not support a certain feature, the parameters about this feature become unavailable.
8-12
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
6 Optional: Click the Property tab. 7 On the Property tab page, set tunnel parameters.
8 Optional: Click the Application tab. 9 On the Application tab page, set tunnel parameters.
Issue 03 (2010-11-19)
8-13
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 Optional: Click the Protection tab. 11 On the Protection tab page, set tunnel parameters.
12 Click OK. In the subsequent Confirm dialog box, click OK. ----End
8-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. MPLS TE must be enabled on the related NE and interface.
Context
The explicit path is an optional restriction in the creation of a tunnel service. You can determine whether to create and apply an explicit path as required.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Tunnel Configuration from the service tree. 3 On the Tunnel Configuration tab page, click Query. 4 Right-click in the query result area and choose Add from the shortcut menu. 5 Click the Property tab. 6 Click the ... button to the right of the Explicit Path field. 7 In the Create Explicit Path dialog box, set the basic information about the explicit path.
NOTE
l Click Add or Delete to add or delete nodes along the explicit path. l Multiple nodes can exist on an explicit path in a certain sequence. By selecting a node and then clicking Up or Down, you can change the sequence of nodes. l At least one node needs to be configured on an explicit path.
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l l The MPLS data of the NE must be synchronized to the U2000. MPLS OAM must be enabled. Tunnel must be configured.
Context
Assume that the source NE and destination NE of Tunnel 1/0/0 are A and B respectively. You need to configure MPLS OAM ingress detection on NE A and MPLS OAM egress detection on NE B.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > OAM Detection Configuration > Ingress Detection from the service tree. 3 Right-click in the query result area and choose Create from the shortcut menu. You can also click Create on the Ingress Detection tab page. 4 In the Create Ingress Detection dialog box, set the parameters of OAM ingress detection as required.
8-16
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. MPLS OAM must be enabled.
Context
Assume that the source NE and destination NE of Tunnel 1/0/0 are A and B respectively. You need to configure MPLS OAM ingress detection on NE A and MPLS OAM egress detection on NE B.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > OAM Detection Configuration > Egress Detection from the service tree. 3 Right-click in the query result area and choose Create from the shortcut menu. You can also click Create on the Egress Detection tab page.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 8-17
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 In the Create Egress Detection dialog box, set the parameters of OAM egress detection as required.
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
Context
Starting MPLS OAM detection is similar to stopping MPLS OAM detection. The following takes the start of MPLS OAM detection as an example. MPLS OAM detection includes ingress detection and egress detection. Starting MPLS OAM ingress detection is similar to starting MPLS OAM egress detection. The following takes the start of the MPLS OAM ingress detection as an example. Before starting MPLS OAM egress detection, you need to start MPLS OAM ingress detection.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu.
8-18 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
2 Choose MPLS Management > OAM Detection Configuration > Ingress Detection from the service tree. 3 On the Ingress Detection tab page, click Query. 4 Right-click an MPLS OAM detection task in the list and choose Start Detection from the shortcut menu. If the task is successfully started, Start is displayed in the Start Detection column.
NOTE
If the Start Detection and Stop Detection buttons are unavailable on the shortcut menu when you start OAM egress detection, it indicates that the Auto-Protocol check box is selected during egress detection configuration. In this case, you do not need to manually start or stop OAM detection.
----End
Prerequisite
l l The MPLS data of the NE must be synchronized to the U2000. The working tunnel and protection tunnel must be available.
Context
The protection group is used in the following scenarios: l l When a fault occurs in the working tunnel, the MPLS OAM mechanism or another detection mechanism switches traffic to the tunnel in the protection group after detecting the fault. Manually switch traffic from the working tunnel to the tunnel in the protection group.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Protection Management from the service tree. 3 Right-click in the query result area and choose Create from the shortcut menu. You can also click Create on the Protection Management tab page. 4 In the Create Protection Group dialog box, set the related parameters as required.
Issue 03 (2010-11-19)
8-19
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
The MPLS data of the equipment must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > LSP Statistic from the service tree. 3 Click Collect. 4 Select a collection result. On the General tab page of the details area, the information such as the type and number of currently collected LSPs is displayed. ----End
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
8-20 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
Context
l l The label FIB can be viewed only when the protocol type is STATIC, STATIC-CR, LDP, or RSVP-TE. Label FIB stands for the label forwarding information base. The core LSR uses the label FIB to forward labeled packets.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Label FIB from the service tree. 3 Click Query in the query condition area. Query results are displayed according to set filter criteria. 4 Select the label FIB to be viewed. On the General tab page of the details area, the details about this label FIB are displayed. ----End
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Tunnel Configuration from the service tree. 3 On the Tunnel Configuration tab page, click Query to display all tunnels.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 8-21
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4 Right-click the tunnel to be audited and choose Audit Status from the shortcut menu. You can select multiple tunnels for batch auditing. 5 On the Audit MPLS TE Tunnel Service Status tab page, select the tunnels to be audited. 6 Click Start. The auditing starts. A progress bar is displayed indicating the auditing progress. The Operation Result column indicates whether the service status is successfully audited. If the auditing fails, the failure cause is displayed in the details area. ----End
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Tunnel Configuration from the service tree. 3 On the Tunnel Configuration tab page, click Query to display all tunnels. 4 Right-click the tunnel to be audited and choose Audit Connectivity from the shortcut menu. You can select multiple tunnels for batch auditing. 5 On the Audit MPLS TE Tunnel Service Connectivity tab page, select the tunnels to be audited. 6 Click Start. The auditing starts. A progress bar is displayed indicating the auditing progress. The Operation Result column indicates whether the service status is successfully audited. If the auditing fails, the failure cause is displayed in the details area. ----End
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu.
8-22 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
8 MPLS Management
2 Choose MPLS Management > Tunnel Configuration from the service tree. 3 On the Tunnel Configuration tab page, click Query to display all tunnels. 4 Right-click the tunnel to be reset and choose Reset from the shortcut menu. 5 In the Confirm dialog box, click OK. If the resetting is successful, the status bar prompts that the MPLS TE tunnel is successfully reset. ----End
Prerequisite
The MPLS data of the NE must be synchronized to the U2000.
Context
You can switch a protection group in either of the following modes: l l l Clear: It is used to cancel the request of manually configuring switchover for the protection group. Lock: It is used to forcibly lock the traffic in the working tunnel for transmission. The traffic is not switched to the protection tunnel even when a fault occurs in the working tunnel. Forcibly Switch: It is used to forcibly switch traffic to the protection tunnel. After forcible switching, the traffic cannot be reverted to the working tunnel even when the reversion conditions are met. Manually Switch: It is used to manually switch traffic from the working tunnel to the protection tunnel, or conversely, from the protection tunnel to the working tunnel.
NOTE
l The preceding modes have different priorities. A new switching request is carried out only when the priority of the new switching mode is higher than the current switching priority of the protection group. l The priority of these switching modes in descending order is as follows: Clear, Lock, Forcibly Switch, and Manually Switch.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose MPLS Management > Protection Management from the service tree. 3 On the Protection Management tab page, click Query. 4 Right-click the protection group to be switched and choose Switch > Manually Switch from the shortcut menu. Select the switching mode as required.
Issue 03 (2010-11-19)
8-23
8 MPLS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
If the OAM protection group is successfully switched, the current operation is displayed in the Switch Status column of the list, and the switching result is displayed in the Switch Result column. If the switching of the OAM protection group fails, the system prompts failure causes. ----End
8-24
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
9 LLDP Management
9
About This Chapter
LLDP Management
This topic describes the functions of LLDP management, such as enabling and configuring LLDP on the equipment and interfaces. With these functions, you can discover Layer 2 links in the view. 9.1 LLDP Management Overview This topic describes the concepts of LLDP and the LLDP management functions. You need to learn these information before configuring LLDP services. 9.2 Configuring an LLDP Service This topic describes how to configure an LLDP service. Before enabling LLDP on an interface, you need to configure LLDP globally on the equipment. By synchronizing LLDP neighbor information, you can synchronize the latest LLDP configurations of the neighbor nodes to the U2000. 9.3 Synchronizing LLDP Neighbor Information This topic describes how to synchronize the LLDP neighbor information on the equipment. LLDP neighbor information is one of the information sources for generating Layer 2 links through the link search function. The generated Layer 2 links are displayed in the physical view.
Issue 03 (2010-11-19)
9-1
9 LLDP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
9 LLDP Management
9.2.2 Configuring LLDP Globally This topic describes how to configure LLDP globally on a set of equipment through the U2000. With this function, you can enable the LLDP functions of the equipment. 9.2.3 Configuring LLDP on Interfaces This topic describes how to configure LLDP on interfaces. Before using the LLDP functions of an interface, you need to enable LLDP on the interface.
After the LLDP alarm function is enabled, any of the following situation will trigger the equipment to send alarm information to the U2000: l The global LLDP function is disabled. l The LLDP management address is changed. l The neighbor information is changed. (No alarm information is generated on the local end if the neighbor management address is changed.)
9 LLDP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
4.
Run the following command to set the SNMP version: snmp-agent group v3 group-name [ authentication | privacy] [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]
5.
Run the following command to set the SNMP user group: snmp-agent usm-user v3 user-name group-name [ [ authentication-mode { md5 | sha } password ] [ privacy-mode des56 password ] ] [ acl acl-number ]
6. 7.
Run the following command to add a user to the SNMPv3 user group: snmp-agent mib-view included view-name iso Run the following command to enable the LLDP alarm function: snmp-agent trap enable lldp
NOTE
After the LLDP alarm function is enabled, any of the following situation will trigger the equipment to send alarm information to the U2000: l The global LLDP function is disabled. l The LLDP management address is changed. l The neighbor information is changed. (No alarm information is generated on the local end if the neighbor management address is changed.)
Prerequisite
l l l The related parameters must be set on the equipment. The data of the equipment must be synchronized to the U2000. The equipment must support the ability to configure LLDP globally.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose LLDP Management > LLDP Global Configuration from the service tree. 3 Set parameters such as Managing IP Address, Interval for Message Transmission, and Message Transmission Holding Multiple.
9-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
9 LLDP Management
NOTE
Unless necessary, keep the default parameter settings unchanged because modifying the settings may increase the load of the system.
Prerequisite
l l l The related parameters must be set on the equipment. The data of the equipment must be synchronized to the U2000. Configuring LLDP globally must be enabled on the equipment.
NOTE
By default, the LLDP function on interfaces is enabled after the global LLDP function is enabled.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose LLDP Management > LLDP Interface Configuration from the service tree. 3 On the LLDP Interface Configuration tab page, click Query. The interfaces supporting LLDP after LLDP is globally enabled are displayed in a list. 4 Right-click one or more interfaces that run LLDP and choose Enable or Disable from the shortcut menu to apply the interface configurations to the equipment. l If the status of the interfaces is Enabled, you can choose only Disable from the shortcut menu. l If the status of the interfaces is Disabled, you can choose only Enable from the shortcut menu. l If both Enabled and Disabled interfaces are selected, you can choose either Enable or Disable from the shortcut menu. Then, the status of all the interfaces becomes the same as the selected status. ----End
Prerequisite
The related parameters must be set on the equipment.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 9-5
9 LLDP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose Synchronize NE Data from the shortcut menu. 2 On the Synchronize NE Data tab page, click .... 3 In the dialog box that is displayed, choose LLDP Management > LLDP Neighbor Information, and then click OK. 4 Click Synchronize. ----End
9-6
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
10
About This Chapter
VRRP Management
This topic describes the VRRP management functions that the U2000 provides for single NEs. It also describes the concepts related to VRRP management and the methods of configuring VRRP, VGMP, and global VRRP attributes. 10.1 VRRP Management Overview This topic describes the concepts of VRRP management and the VRRP management functions provided by the U2000. 10.2 Configuring Global VRRP Attributes This topic describes how to configure global VRRP attributes. Configuring global VRRP attributes is to perform NE-level VRRP configuration. This configuration affects the VRRP function of the entire NE. 10.3 Configuring VRRP This topic describes how to configure VRRP functions, such as creating a VR, configuring the global attributes of an interface, creating VRRP tracking for a BFD session, and creating VRRP tracking for an interface. 10.4 Configuring VGMP This topic describes how to configure VGMP.
Issue 03 (2010-11-19)
10-1
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
VRRP Router
The VRRP router is the equipment that runs VRRP. A VRRP router may belong to one or more virtual routers.
Virtual Router
VRRP combines a group of routers on a LAN into a backup group that functions as a virtual router. A virtual router, also called VRRP backup group, is an abstract object managed by VRRP. A virtual router acts as a default router for the hosts on a shared LAN. A virtual router consists of a virtual router identifier and a set of virtual IP addresses.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
Backup router The backup router is a VRRP router that does not forward packets. When the master router fails, the backup router takes over as the new master router through election.
IP Address Owner
If the actual IP address of a VRRP router is the same as the IP address of the virtual router, the VRRP router is the IP address owner. When the VRRP router works normally, it responds to packets with the destination address as the virtual IP address.
mVRRP
To meet various service requirements, multiple VRRP backup groups can run between routers. If each VRRP backup group needs to maintain its own state machine, a large number of VRRP packets are generated between routers. To simplify the operation and reduce the bandwidth occupied by protocol packets, you can configure a VRRP backup group to be the mVRRP backup group and bind it to other member backup groups. Then, the status of the member backup groups is determined by the status of the bound mVRRP backup group.
VGMP
The VRRP management group that is established based on VGMP manages the status of all the joined VRRP backup groups. Thus, the interfaces on the same router work in active or standby state at the same time. This ensures the consistency of router VRRP status.
Prerequisite
The data of the VRRP management must be synchronized to the U2000.
Context
l l By periodically sending gratuitous ARP packets, the VRRP router advertises the mapping between the virtual IP address and the virtual MAC address on the network. The VRRP router can ping the virtual IP addresses of the VRRP group. Thus, you can conveniently monitor the running status of the virtual router. In this case, however, the router is vulnerable to ICMP attacks. You need to determine whether to perform the configuration according to requirements.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 10-3
Issue 03 (2010-11-19)
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VRRP Global from the service tree. 3 On the VRRP Global tab page, set the related parameters. 4 Click Apply. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
the mVRRP backup group, you can bind the service interfaces to the specified mVRRP backup group.
10.3.1 Creating a VR
This topic describes how to create a VR that consists of a group of physical routers on a LAN. A host on the LAN needs to know only the IP address of the VR instead of the IP address of any specific physical router. After setting the default gateway address of hosts on the LAN to the IP address of the VR, the host can communicate with external networks through this virtual gateway.
Prerequisite
l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. The VR must be configured.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a VR configuration record in the query result area. 5 Click the Interface Global Configuration tab and then set the related parameters on the tab page.
NOTE
l If Authentication is set to Yes, you need to set Authenticator. l The system checks the TTL value of received VRRP packets. If the value is not 255, the VRRP packets are discarded. In certain networking environments, especially when the equipment from different manufacturers is used together, the preceding processing mode may cause incorrect discarding of packets. In this case, you can configure the system not to check the TTL value of VRRP packets. l The parameters to be set vary according to interface types.
Prerequisite
l l l l l The equipment must support BFD; otherwise, the Track BFD Session tab page is not displayed. The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. The VR must be configured. The BFD session must be configured and be in Up state.
Context
l l
10-6
By tracking the status of BFD sessions, VRRP implements fast switchover between the master router and the backup router. For the BFD configuration, see 11 BFD Management.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
10 VRRP Management
If a router is the IP address owner, the related BFD sessions cannot be tracked.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a VR configuration record in the query result area. 5 Click the Track BFD Session tab. Then, click Create and set the related parameters.
Prerequisite
l l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. The VR must be configured.
Context
l VRRP can monitor the status of interfaces. When the interface where the backup group resides is faulty or another interface of the router is faulty, VRRP provides the backup function. A router can monitor a maximum of eight interfaces. When a tracked interface becomes Down, the priority of the router automatically descends or ascends to a certain value. As a result, the order of router priorities in the backup group is changed and the VRRP router reelects the master router.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 10-7
Issue 03 (2010-11-19)
10 VRRP Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l If a router is the IP address owner, its interfaces cannot be tracked. l The following interfaces cannot be tracked: loopback interfaces, Null interfaces, E1-group interfaces, VT interfaces, BRI interfaces, DIALER interfaces, AUX interfaces, and CPOS interfaces.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a VR configuration record in the query result area. 5 Click the Track Interface tab page. Then, click Create and set the related parameters in the dialog box that is displayed. 6 Click OK to return to the Track Interface tab page. ----End
Prerequisite
l l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. The VR must be configured.
Context
Only VRP5.6 or later supports this function.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a VR configuration record in the query result area. 5 Click the Track Ethernet OAM Interface tab page. Then, select the Track EFM Session check box and set Ethernet OAM Interface on the tab page. 6 Click Apply. ----End
10-8 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
Prerequisite
l l l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. This configuration is applicable to only management VRs. The service VR must be configured.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a management VR configuration record in the query result area. 5 Click the Bind Service VR tab. Then, click Create and select the service VR to be bound to the management VR. 6 Click OK to return to the Bind Service VR tab page. ----End
Prerequisite
l l l l The data of the interface information must be synchronized to the U2000. The data of the VRRP management must be synchronized to the U2000. This configuration is applicable to only management VRs. The service VR must be configured.
Context
l The service interface and the interface that is configured with the mVRRP backup group must be different. Otherwise, the flow Up and flow Down states of services and the Up and Down states of the interface affect each other. The service interface can be bound to only the mVRRP backup group configured on an interface of the same card.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 10-9
Issue 03 (2010-11-19)
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
One mVRRP backup group can be bound to a maximum of 512 service interfaces, depending on the PAF and license files.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VR from the service tree. 3 Click Query. 4 Select a management VR configuration record in the query result area. 5 Click the Interface Track Management VR tab. Then, click Create and select the interface to be bound to the management VR. 6 Click OK to return to the Interface Track Management VR tab page. ----End
Prerequisite
l l
10-10
The data of the VRRP management must be synchronized to the U2000. VGMP must be configured.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VGMP from the service tree. 3 Click Query. 4 Select one or more VGMP configuration records in the query result area. 5 Right-click the selected records and choose Enable VGMP or Disable VGMP from the shortcut menu.
NOTE
Batch operation is supported. If you select multiple VGMP configuration records, a progress bar is displayed showing the progress of enabling or disabling VGMP. Finally, the operation result is displayed in the Prompt dialog box.
You need to perform this operation only when multiple VGMP configuration records are selected for enabling or disabling VGMP.
----End
Prerequisite
l l The data of the VRRP management must be synchronized to the U2000. The VR group must be configured.
Context
Do not configure the MTU on any physical interface. VGMP packets do not support fragmentation. Configuring the MTU may result in the abnormality of sending VGMP packets.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VGMP from the service tree. 3 Click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l l The data of the VRRP management must be synchronized to the U2000. VGMP must be configured. The VR must be configured.
Context
The VRRP management group function can be enabled only when the channel type of VGMP members meets at least one of the following conditions: l l There is at least one VGMP member whose Channel Type is Data Channel. There are both VGMP members whose Channel Type is Data Transfer Channel and VGMP members whose Channel Type is No Channel.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VGMP from the service tree. 3 Click Query. 4 Select a VGMP configuration record in the query result area. 5 Click the VGMP Member tab and then click Create. 6 In the Create VGMP Member dialog box, set the related parameters.
10-12 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
10 VRRP Management
Prerequisite
l l l l The data of the VRRP management must be synchronized to the U2000. The data of the BFD management module must be synchronized to the U2000 VGMP must be configured. The BFD session must be configured and be in Up state.
Context
l l By tracking the status of BFD sessions, VGMP implements fast switchover between the master router and the backup router. For the BFD configuration, see 11 BFD Management.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VRRP Management > VGMP from the service tree. 3 Click Query. 4 Select a VGMP configuration record in the query result area. 5 Click the Track BFD Session tab and then click Create. 6 In the Create Track BFD Session dialog box, set the related parameters. 7 Click OK. ----End
Prerequisite
l l The data of the VRRP management must be synchronized to the U2000. VGMP must be configured.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 10-13
10 VRRP Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 Choose VRRP Management > VGMP from the service tree. 3 Click Query.. 4 Select one or more VGMP configuration records in the query result area 5 Right-click the selected records and choose Using VRRP Average Run Priority or Disusing VRRP Average Run Priority from the shortcut menu.
NOTE
Batch operation is supported. If you select multiple VGMP configuration records, a progress bar is displayed showing the progress of enabling or disabling the average VRRP running priority. Finally, the operation result is displayed in the Prompt dialog box.
You need to perform this operation only when multiple VGMP configuration records are selected for enabling or disabling the average VRRP running priority.
----End
10-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
11 BFD Management
11
About This Chapter
BFD Management
This topic describes the BFD management functions that the U2000 provides for single NEs. It also describes the concepts related to BFD management and the methods of configuring service detection and global BFD attributes. 11.1 BFD Management Overview This topic describes the BFD management functions provided by the U2000 for single NEs and the concepts of BFD management. 11.2 Configuring Global BFD Attributes This topic describes how to configure global BFD attributes. Configuring global BFD attributes is to perform NE-level BFD configuration. This configuration affects the BFD function of the entire NE. 11.3 Configuring Service Detection This topic describes how to configure service detection. BFD can be used to quickly detect various service forwarding faults because of its simplification. Thus, it provides real-time services of high reliability for customers and enables the U2000 to detect links, MPLS TE, VRF, and PWs.
Issue 03 (2010-11-19)
11-1
11 BFD Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Demand mode
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
11 BFD Management
If a lot of BFD sessions exist in a system, periodically sending the overheads of BFD control packets affects the running of the system. To prevent this problem, you can use the demand mode. In demand mode, after a BFD session is set up, the system does not periodically send BFD control packets. Instead, the system detects the connectivity through another mechanism to reduce the overheads of the BFD session.
Single-Hop Detection
BFD single-hop detection detects the IP connectivity between two directly connected systems. Here, "single-hop" refers to a single IP hop. In the two systems adopting single-hop BFD detection, only one BFD session exists on the specified interface for a specified data protocol. Therefore, the BFD session is bound to the interface that can be either a physical interface or a virtual interface.
Multi-Hop Detection
BFD can detect any path between two systems. These paths can span many hops or overlap.
Detection Time
The BFD detection time depends on the following values: l l l DMTI: indicates the desired minimum interval for sending BFD control packets by the local system. RMRI: indicates the required minimum interval for receiving BFD control packets by the local system. Detect Mult: indicates the detection time multiplier.
When a local system receives a BFD control packet from the peer, the system compares the RMRI carried in this packet with the local DMTI. The local system chooses the longer interval from the RMRI and the DMTI for sending the BFD control packet. That is, the system with a lower rate determines the rate of sending BFD control packets. The detection times in demand mode and in asynchronous mode are calculated by different Detect Mult values. l l Asynchronous mode: Detection time = remote Detect Mult that is received x maximum (local RMRI or received DMTI) Demand mode: Detection time = local Detect Mult x maximum (local RMRI or received DMTI)
Prerequisite
The data of the BFD management must be synchronized to the U2000.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 11-3
11 BFD Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
l l Enabling BFD is a prerequisite to BFD configuration. If BFD is disabled, all the BFD configurations are deleted.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > BFD Global from the service tree. 3 On the BFD Global tab page, set the parameters.
NOTE
l If single-hop BFD detection needs to be performed on the Layer 2 interfaces or the Layer 3 physical interfaces without IP addresses, such as the IP-Trunk member interface and Layer 3 Eth-Trunk member interface, adopt the default multicast IP address. l You can set Default multicast address only when Enable BFD is set to Enable. l If BFD Bind Type is set to Default multicast address, Default multicast address on the BFD Global tab page cannot be modified.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
11 BFD Management
Prerequisite
l l Service detection must be configured. The data of the BFD management must be synchronized to the U2000.
Context
Service detection supporting this function includes link detection, TE detection, VRF detection, and PW detection. The procedures for enabling and disabling the administrative status are similar for all types of service detection. The following takes link detection as an example to describe the procedure.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > Service Detection Configuration > Link Detection Configuration from the service tree. 3 Click Query. 4 Select one or more BFD configuration records in the query result area. 5 Right-click the selected records and choose Enable Administrative Status or Disable Administrative Status from the shortcut menu.
NOTE
Batch operation is supported. If you select multiple BFD configuration records, a progress bar is displayed showing the progress of enabling or disabling the administrative status. Finally, the operation result is displayed in the Prompt dialog box.
You need to perform this operation only when multiple BFD configuration records are selected for enabling or disabling the administrative status of service detection.
----End
Prerequisite
l l
Issue 03 (2010-11-19)
The data of the interface information module must be synchronized to the U2000. BFD must be globally enabled.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 11-5
11 BFD Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > Service Detection Configuration > Link Detection Configuration from the service tree. 3 Click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create Link Detection Configuration dialog box, set the related parameters.
5 Click OK to return to the Link Detection Configuration tab page. 6 Click Query. You can query the link detection configurations. ----End
Prerequisite
l l Before you configure BFD to detect an MPLS TE tunnel, the related tunnel interface must be configured. BFD must be globally enabled.
Context
l
11-6
BFD can detect only the TE tunnel whose signaling type is CR-Static or RSVP-TE.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
11 BFD Management
l l
If the TE tunnel detected by BFD is in Down state, a BFD session can be established but cannot be Up. One tunnel may have multiple LSPs. In the case where a tunnel is detected through a BFD session, the BFD session becomes Down only when all the related LSPs are faulty.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > Service Detection Configuration > MPLS TE Detection Configuration from the service tree. 3 Click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create MPLS TE Detection Configuration dialog box, set the related parameters.
5 Click OK to return to the MPLS TE Detection Configuration tab page. 6 Click Query. You can query the MPLS TE detection configurations. ----End
Prerequisite
l l l The data of the interface management module must be synchronized to the U2000. The data of the VRF management module must be synchronized to the U2000. BFD must be globally enabled and the VRF must exist.
Issue 03 (2010-11-19)
11-7
11 BFD Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > Service Detection Configuration > VRF Detection Configuration from the service tree. 3 Click Create.
NOTE
You can also right-click in the query result area and choose Create from the shortcut menu.
4 In the Create VRF Detection Configuration dialog box, set the related parameters.
5 Click OK to return to the VRF Detection Configuration tab page. 6 Click Query. You can query the VRF detection configurations. ----End
Prerequisite
l l l
11-8
The data of the interface management module must be synchronized to the U2000. The data of the PW management module must be synchronized to the U2000. BFD must be globally enabled and the PW must exist.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
11 BFD Management
Context
l l l The VC of the PW to be detected must be created through the control word method. During PW detection, BFD must work in asynchronous mode. In addition, BFD sessions must be established at the local and peer ends of the PW by binding the PW. When the PW is in Down state, a BFD session can be established but cannot be Up.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose BFD Management > Service Detection Configuration > PW Detection Configuration from the service tree. 3 Click Create. l Select Create Static BFD from the drop-down list. In the Create PW Detection Configuration dialog box, set the related parameters.
Select Create Dynamic BFD from the drop-down list. In the Create PW Detection Configuration dialog box, set the related parameters.
4 Click OK to return to the PW Detection Configuration tab page. 5 Click Query. You can query the PW detection configurations. ----End
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 11-9
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
12
About This Chapter
QoS Management
This describes the basic information about QoS management. 12.1 QoS Management Overview This describes the basic information about Quality of Service (QoS) management. The QoS management includes the management of CBQoS, HQoS,drop profile,discard policy, DS domain policy, L2TP group QoS,interface QoS, mirroring configuration, and system QoS. 12.2 Configuring CBQoS This describes how to configure CBQoS. With this function, you can classify packets from different perspectives and take different actions on different packet flows. 12.3 Configuring HQoS This describes how to configure HQoS. HQoS can differentiate users to limit the bandwidth of different users and schedule the services of the same user. 12.4 Creating and Deploying a DS Domain Policy This describes how to create and deploy a DS domain policy. 12.5 Configuring Domain QoS This describes how to configure domain QoS. 12.6 Configuring L2TP Group QoS This describes how to configure L2TP group QoS. 12.7 Configuring Interface QoS This describes how to configure interface QoS. 12.8 Configuring the Mirroring This describes how to configure the mirroring. 12.9 Configure System QoS This describes how to configure system QoS.
Issue 03 (2010-11-19)
12-1
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12.1.2 CBQoS
This describes the basic concepts of CBQoS. The CBQoS means: l l l Classifying traffic according to some rules Associating a type of traffic with a behavior to form a policy Applying the policy
After the policy is applied, the following functions based on class are realized: l l l
12-2
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Traffic Classification
Traffic classification is to identify the packets with some features according to a rule, so it is the prerequisite and basis for providing differentiated services. The typical traffic classification is classified into the complex traffic classification and the simple traffic classification. You can use a complex rule for traffic classification. For example, packets can be classified according to the following information at the link layer, network layer, and transport layer: l l l l l l Source MAC address Destination MAC address Source IP address Destination IP address User group number Protocol type or TCP/UDP port number
You can use a simple rule for traffic classification. For example, packets can be classified according to the following information: l l l ToS field in the IP packet User priority EXP field in the MPLS packet
DSCP
The Type of Service (ToS) field in the IPv4 header is defined in RFC 791, RFC 134, and RFC 1349. The ToS field consists of 3-bit Precedence, D bit, T bit, R bit, and C bit. The highest bit in the ToS must be 0. D means delay. T means throughput. R means reliability. C means cost. The device checks the priority of packets before implementing QoS. Other bits are reserved for future use. RFC 2474 re-defines the ToS field of the IPv4 packet header as the Differentiated Services (DS) field. The lower order six bits (bits 0 to 5) of the DS field serve as DSCP and the higher order two bits (bits 6 and 7) as reserved bits. The lower order three bits (bits 0 to 2) of the DS field are for Class Selector Code Point (CSCP), representing a kind of DSCP. DS nodes choose appropriate Per-Hop Behaviors (PHBs) according to the DSCP value.
Standard PHBs
Per Hop Behavior (PHB) is used to describe the next forwarding action of the packets with the same DSCP. Commonly, PHB contains traffic features, such as delay and packet loss ratio. At present, the IETF defines three standard PHBs: Expedited Forwarding (EF), Assured Forwarding (AF), and Best-Effort (BE). BE is the default PHB.
Traffic Behavior
The traffic classification is to provide differentiated services. The classification takes effect only after it is associated with a traffic control or resource allocation behavior. The following are the typical traffic behaviors that are based on traffic classification (Multiple behaviors can be used together):
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-3
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l l
Deny/permit is the simplest traffic control behavior. Devices control the network traffic by forwarding or discarding the packets. Marking is used to set the priority fields in the packets. The priority field of the packet depends on the network type. For example: In a VLAN, the priority field depends on the field 802.1p in a packet. In an IP network, the priority field depends on the field ToS in a packet. In an MPLS network, the priority field depends on the field EXP in a packet. Then, the router needs to mark the priorities of the packets according to the network. Generally, the border node marks the priority on an incoming packet, and the internal node provides the QoS based on the marked priority. The internal node can also mark the packet according to its own criteria.
l l
The packet is not forwarded according to the destination address, but redirected to other routes for policy-based routing. This is called redirection. Traffic policing is a traffic control policy that restricts the use of traffic and resources by monitoring the traffic specification. In traffic policing, the NE controls the size of each flow. The oversized flow is discarded, marked with color, marked with priority, or undergoes other QoS measures. Security behaviors refer to operations over packets such as checking the Unicast Reverse Path Forwarding (URPF), performing the port mirroring, or measuring the traffic statistics. A security behavior is not a QoS measure. It can be, however, combined with other QoS behaviors to improve the security of the network and packets. The security behaviors are not QoS measures. When used with other QoS behaviors, they can improve the security of the network and packets.
Traffic Policy
Associating a classifier with a QoS behavior forms a QoS traffic policy. The traffic policy can be applied to an interface, the whole system, or a service for user. After a traffic policy is applied, the traffic classification and behaviors defined in the traffic policy are also applied.
12.1.3 HQoS
This describes the technologies related to Hierarchical Quality of Service (HQoS) and the basic concepts of HQoS. Traditional QoS performs traffic scheduling based on interfaces. An interface can distinguish service priorities but cannot identify users or the services of different users. Packets of the same priority go to the same interface queue and compete for the same queue resource. As a result, the traditional QoS fails to identify a type of packet from a specific user on an interface and cannot provide differentiated services for this type of packet. HQoS performs the hierarchical scheduling based on multi-level queues. The scheduling mode varies according to devices. The following are the typical HQoS technologies:
Queue Template
HQoS enables a router to schedule flows per user. The service packets of a user can be classified into eight flow queues. You can configure priority queuing (PQ) or weighted fair queuing (WFQ) scheduling algorithms for these flow queues. In addition, you can configure weighted random early detection (WRED) and the rate of traffic shaping for each flow queue.
12-4 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Scheduler Template
HQoS enables a router to schedule flows per user. User scheduling can be used to set the CIR and PIR for each user, thus enabling HQoS to restrict the bandwidth of each user.
Discard Policy
Packet discard policies include Tail Drop, random early detection (RED), and WRED.
NOTE
The discard policy configured on the NMS is WRED. If no discard policy is configured on the NMS, queues adopt the Tail Drop policy by default.
l l l
Tail Drop indicates that the packets received after the queue is full are dropped. RED indicates that the packets are dropped randomly when the queue reaches a certain length, which can avoid global synchronization caused by slow TCP startup. Different from RED, WRED considers the queue length and packet priority when dropping packets. The packets with low priority are dropped early with a great probability.
Drop Template
The drop template is used to set the drop thresholds for WRED algorithms. The drop template cannot be used independently. It must be bound to the queue template or QoS template to specify the discard policy for flow queues or user groups.
QoS Template
The QoS template is an aggregation of the QoS scheduling parameters. The QoS template has no parameter. However, after it is bound to the scheduler template, queue template, or drop template, the QoS scheduling parameters can be set.
CAR
For the purpose of traffic control, there must be a mechanism that can measure the traffic flowing through a device. This mechanism is called granular control. The token bucket is a popular means to measure traffic. It is used in CAR and traffic shaping to control the traffic rate. A token bucket can be considered as a container of tokens, which has a predefined capacity. The system puts tokens into the bucket at a pre-set rate. When the bucket is full of tokens, the excessive ones overflow and the number of tokens in the bucket stop growing. Typical CAR applications can be classified into three types: single-rate single token bucket, single-rate dual token bucket, and dual-rate dual token bucket. l
Issue 03 (2010-11-19)
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
When the network traffic is simple, you can use the single-rate single token bucket to measure the traffic. The single-rate single token bucket involves two parameters: CIR: indicates the rate of putting tokens into the token bucket. It is the average traffic rate of a port in a long period of time. CBS: determines the maximum volume of traffic before the CIR is exceeded. It indicates the capacity or depth of the token bucket. The set burst size must be longer than the maximum length of packets. l Single-rate dual token bucket and dual-rate dual token bucket To measure more complex traffic and implement more flexible control policies, you can configure two token buckets. The two token buckets are called bucket C and bucket P. The single-rate dual token bucket involves three parameters: CIR: indicates the rate of putting tokens into buckets, that is, the average traffic rate permitted by buckets. CBS: determines the maximum volume of traffic before the CIR is exceeded. It indicates the capacity or depth of the buckets. The set burst size must be longer than the maximum length of packets. PBS: indicates the capacity of bucket P, that is, the maximum size of traffic permitted by bucket P for each burst. The dual-rate dual token bucket involves four parameters: CIR: indicates the rate of putting tokens into bucket C, that is, the average traffic rate permitted by bucket C. CBS: indicates the capacity of bucket C, that is, the maximum size of traffic permitted by bucket C for each burst. PIR: indicates the rate of putting tokens into bucket P, that is, the average traffic rate permitted by bucket P. PBS: indicates the capacity of bucket P, that is, the maximum size of traffic permitted by bucket P for each burst.
Bandwidth
The NMS can restrict the bandwidth of Eth-Trunk main interfaces.
GTS
When network congestion occurs, traffic policing with the CAR technology is used to control the traffic features of packets and restrict the traffic by dropping the packets that do not conform to the traffic features. Sometimes, to reduce the number of dropped packets, the packets that do not conform to specifications are cached and then sent at an even rate under the control of the token bucket. This is called traffic shaping. Traffic shaping reduces the number of dropped packets while satisfying the traffic features of packets. A typical application of traffic shaping is to control the flow and burst of the outgoing traffic from a certain network connection, so that the packets can be sent at an even rate. Traffic shaping adopts the GTS technology to shape the traffic that is irregular or does not conform to preset traffic features. This helps to match the bandwidth of the upstream network with that of the downstream network.
Queue
The queue configuration on an interface is used to direct the traffic of different service classes to predefined queues according to certain mapping rules and modify parameters such as the
12-6 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
scheduling mode, GTS, and discard policy. In this manner, traffic scheduling on interfaces is realized and network QoS is improved.
Application Policy
The NMS allows you to apply flow policies or DS domain policies to interfaces.
MPLS
The NMS allows you to re-mark the priorities of MPLS packets.
RPR Priority
When the RPR technology is applied, you need to adjust the priorities of RPR packets on a certain interface according to actual network conditions, so that the packets of higher priorities are forwarded ahead of the packets of lower priorities.
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
DS Domain Policy
The network nodes that implement the Diff-Serv (DS) function are called the DS nodes. The DS domain consists of the DS nodes that adopt the same service policies and Per-Hop Behavior (PHB) collection.
Mirroring Configuration
In an actual network, you usually need to observe the traffic of a certain port, but hope that the services running on the port are not interrupted. This can be done by using the mirroring function. The mirroring configuration is to create an observing port on the device, and then mirror the traffic or service flow to be observed to the observing port for viewing, so that the services running on the mirrored port are not interrupted.
System QoS
The system QoS configuration is a type of resource template configuration. With this function, you can create the template of a certain type of resource according to QoS requirements and device types. When required, certain QoS functions can reference or directly use the system QoS template to improve network QoS in an all-round manner.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l The related device supports the configuration of traffic classifications. The configurations of QoS management are synchronized to the U2000.
Context
l l The NMS performs traffic classification only according to specific matching rules supported by devices. The traffic classification includes one or more matching rules. Certain devices control the matching conditions through the selection of a value from the Logical Relation drop-down list.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose QoS Management > CBQoS > Traffic Classification from the service tree. 3 Right-click on the Traffic Classification tab and then select Create on the shortcut menu, or click Create on the Traffic Classification tab. 4 Set traffic classification parameters, which includes setting Traffic Classification Name and Logical Relation, and clicking Add to select the required matching rule.
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
Issue 03 (2010-11-19)
12-9
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l The related device supports the configuration of traffic behaviors. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > CBQoS, and then click Traffic Behavior. 3 Right-click on the Traffic Behavior tab and select Create on the shortcut menu, or click Create on the Traffic Behavior tab. 4 Set traffic behavior parameters, which includes entering the name of the traffic behavior to be created and setting required traffic behavior parameters.
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l l The traffic classification that needs to be associated with is created. The traffic behavior that needs to be associated with is created. The configurations of QoS management are synchronized to the U2000.
Context
l l If Enable Sharing Mode and Disable Sharing Mode do not exist on the shortcut menu, it indicates that the device does not support such configurations. If Enable Policy Statistics and Disable Policy Statistics do not exist on the shortcut menu, it indicates that the device does not support such configurations.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > CBQoS, and then click Traffic Policy. 3 Right-click on the Traffic Policy tab and then select Create on the shortcut menu, or click Create on the Traffic Policy tab. 4 In the Create Traffic Policy dialog box that is displayed, select the related traffic classification and traffic behavior.
5 Optional: Right-click one or multiple traffic policy records, and then select Enable Sharing Mode or Disable Sharing Mode on the shortcut menu.
NOTE
When the traffic policy is deployed on the interface, you cannot modify the sharing mode.
Issue 03 (2010-11-19)
12-11
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
6 Optional: Right-click one or multiple traffic policy records, and then select Enable Policy Statistics or Disable Policy Statistics on the shortcut menu. 7 Select a traffic policy and click the Applying Object tab. Then click Deploy. 8 Set the related parameters.
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
Prerequisite
l l l The NMS server is installed with the performance component. The configurations of QoS management are synchronized to the U2000. The traffic policy is created and deployed to the application object.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click CBQoS > Traffic Policy. 3 On the Traffic Policy tab page, click Query to display the attributes of all policies. 4 Select a traffic policy and click the Binding Relation Table tab. l Right-click a record and choose Query Performance Data > Traffic Classification Matching Information from the shortcut menu. l Right-click a record and choose Query Performance Data > CAR Statistics of Interface Traffic Classification from the shortcut menu.
12-12 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
The Query Data window of the performance component is displayed. For details about the operations related to performance, refer to the Huawei iManager U2000 User Guide (PMS). ----End
Prerequisite
l l l The NMS server is installed with the performance component. The configurations of QoS management are synchronized to the U2000. The traffic policy is created and deployed to the application object.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click CBQoS > Traffic Policy. 3 On the Traffic Policy tab page, click Query to display the attributes of all policies. 4 Select a traffic policy and click the Binding Relation Table tab. l Right-click a record and choose Configure Performance Monitoring > Traffic Classification Matching Information from the shortcut menu. l Right-click a record and choose Configure Performance Monitoring > CAR Statistics of Interface Traffic Classification from the shortcut menu. The Monitor Configuration window of the performance component is displayed. For details about the operations related to performance, refer to the Huawei iManager U2000 User Guide (PMS). ----End
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
This describes how to create a drop profile. 12.3.6 Creating a Discard Policy This describes how to create a discard policy.
Prerequisite
l l Devices support the configurations of a flow queue policy. The configurations of QoS management are synchronized to the U2000.
Context
Each queue can be bound to a queue discard profile. If a queue is not bound to any queue discard profile, packets are discarded in tail drop mode when the queue is full. To bind a queue profile to a discard policy, create the discard policy before creating the queue profile.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > HQoS, and then click Queue Profile. 3 Right-click on the Queue Profile tab and then select Create on the shortcut menu, or click Create on the Queue Profile tab. 4 In the Create Queue Profile dialog box, enter the name of a queue profile to be created.
NOTE
Click Restore Defaults to reset all the parameters of the queue profile to default values.
12-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
5 Select a queue parameter record, and then click Modify. 6 Modify the parameters.
7 In the Modify Queue Parameter dialog box, Click OK or Apply. 8 Click OK or Apply. ----End
Prerequisite
l l Devices support the configurations of a QoS profile. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > HQoS, and then click QoS Profile. 3 Right-click on the QoS Profile tab and then select Create on the shortcut menu, or click Create on the QoS Profile tab. 4 In the Create QoS Profile dialog box, enter the name of a QoS profile to be created.
Issue 03 (2010-11-19)
12-15
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 Optional: Click ... to the right of the Queue Profile text box to select the required queue profile. 6 Optional: Click ... to the right of the Scheduler Profile text box to select the required scheduling profile. 7 Optional: Click ... to the right of the Drop Profile text box to select the required drop profile. 8 Optional: Click ... to the right of the Flow Mapping text box to select a required flow queue mapping. 9 Select the required precision from the Adjusted Precision Length drop-down list box. 10 Click OK or Apply. ----End
Prerequisite
l l Devices support the configurations of a scheduling profile. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > HQoS, and then click Scheduler Profile. 3 Right-click on the Scheduler Profile tab and then select Create on the shortcut menu, or click Create on the Scheduler Profile tab. 4 Enter the name of a scheduling profile to be created.
12-16
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
5 Optional: Enter the required WFQ weight in the WFQ Weight text box. 6 On the Inbound Policy tab, select the GTS check box to set the values of CIR, PIR, and Length. Select the CAR check box to set the values of CIR, PIR, CBS, and PBS. 7 On the Outbound Policy tab, select the GTS check box to set the values of CIR, PIR, and Length. Select the CAR check box to set the values of CIR, PIR, CBS, and PBS.
Prerequisite
l l Devices support the configurations of a user group queue. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > HQoS, and then click User Group Queue. 3 Right-click on the User Group Queue tab and then select Create on the shortcut menu, or click Create on the User Group Queue tab. 4 Enter the name of a user group queue to be created.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-17
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 Click ... to the right of the QoS Profile text box to select the required QoS profile. 6 Optional: Click ... to the right of the Slot No. text box to select the required slot number. 7 Click OK or Apply. ----End
Prerequisite
l l Devices support the configurations of a drop profile. The configurations of QoS management are synchronized to the U2000.
Context
If a device does not exist in the service tree, it indicates that the device does not support this configuration.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Drop Profile. 3 Right-click on the Drop Profile tab and then select Create on the shortcut menu, or click Create on the Drop Profile tab. 4 In the Create Drop Profile dialog box, set corresponding parameters. 1. Enter the name of a drop profile to be created.
12-18
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
2. 3.
On the Mapping Parameter Configuration tab, select a record, and then click Modify. In the Modify Mapping Parameter dialog box, modify the drop threshold of the priority of all packets.
NOTE
Click Restore Defaults to reset all the mapping parameters to default values.
4. 5.
On the WRED Discard Threshold Parameter Configuration tab, select a record, and then click Modify. In the Modify WRED Discard Threshold dialog box, modify the upper limit and lower limit of the discard threshold of WRED.
NOTE
Click Restore Defaults to reset all the parameters of the WRED discard threshold to default values.
6. 7.
On the WRED Parameter Configuration tab, select a record, and then click Modify. In the Modify WRED Parameter dialog box, modify the upper limit and lower limit of the WRED discard threshold.
NOTE
Click Restore Defaults to reset all the WRED parameters to default values.
8. 9.
On the WRED Guaranteed Threshold Parameter Configuration tab, select a record, and then click Modify. In the Modify WRED Discard Threshold dialog box, modify the WRED-guranteed threshold.
NOTE
Click Restore Defaults to reset all the parameters of the WRED-guranteed threshold to default values.
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l Devices support the configurations of a discard policy. The configurations of QoS management are synchronized to the U2000.
Context
If a device does not exist in the service tree, it indicates that the device does not support this feature.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Discard Policy. 3 Right-click on the Discard Policy tab and then select Create on the shortcut menu, or click Create on the Discard Policy tab. 4 In the Create Discard Policy dialog box, set the related parameters. 1. Enter the name of a discard policy to be created.
2. 3. 4. 5.
12-20
Click the Type drop-down list box, and then modify the type of the discard policy. Select a discard policy record, and then click Modify. You can modify the lower limit, upper limit, and discard probability of the discard policy. Click OK or Apply.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
12 QoS Management
For an NE40, you can configure a discard policy by specifying the service class and protocol type of packets. l Select a service class in the service class list and click Modify. Then you can reconfigure the service class, including its upper limit, lower limit, and drop probability. You can click Restore Defaults to restore the default settings of service class parameters. l Select a protocol type in the packet protocol type list and click Modify. Then you can reconfigure the protocol type, including its upper limit, lower limit, and drop probability. You can click Restore Defaults to restore the default settings of protocol type parameters.
----End
Prerequisite
l l The related device supports the configurations of DS domain policies. The configurations of QoS management are synchronized to the U2000.
Context
If a device does not exist in the service tree, it indicates that the device does not support this configuration.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click DS Domain Policy. 3 Right-click on the DS Domain Policy tab and then select Create on the shortcut menu, or click Create on the DS Domain Policy tab. 4 Enter the name of the DS domain policy to be created.
Issue 03 (2010-11-19)
12-21
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
5 Click OK or Apply. 6 Select a DS domain policy, and then click the Applying Object tab. Click Deploy. 7 Click OK or Apply. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l l Devices support the configurations of domain QoS. The configurations of QoS management are synchronized to the U2000. You need to synchronize the configurations to the NMS on the User Domain tab.
NOTE
To synchronize the configurations, you can expand BRAS Management > AAA Management, and then click User Domain.
You need to synchronize the configurations to the NMS on the Time Range tab.
NOTE
To synchronize the configurations, you can expand ACL Management, and then click Time Range.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Domain QoS. 3 Click Query to show the names and definition types of domains on the device. 4 Select a domain record, and then click the Scheduling on VC tab. 5 Click ... to the right of the QoS Profile File text box to select the required QoS profile. 6 Optional: Select the Enable Configuration of Time Range check box to enable the time range QoS. 7 Click Apply. ----End
Prerequisite
l l l Devices support the configurations of domain QoS. The configurations of QoS management are synchronized to the U2000. You need to synchronize the configurations to the NMS on the User Domain tab.
NOTE
To synchronize the configurations, you can expand BRAS Management > AAA Management, and then click User Domain.
You need to synchronize the configurations to the NMS on the Time Range tab.
NOTE
To synchronize the configurations, you can expand ACL Management, and then click Time Range.
Issue 03 (2010-11-19)
12-23
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Domain QoS. 3 Click Query to show the names and definition types of domains on the device. 4 Select a domain record, and then click the QoS Configuration of Time Range tab. 5 Click Add. 6 In the QoS Configuration of Time Range dialog box, click ... to the right of Time Range Name text box to select the required time range. 7 In the QoS Configuration of Time Range dialog box, click ... to the right of QoS Profile Name text box to select the required QoS profile. 8 Click OK or Apply. ----End
Prerequisite
l l l Devices support the configurations of domain QoS. The configurations of QoS management are synchronized to the U2000. You need to synchronize the configurations to the NMS on the User Domain tab.
NOTE
To synchronize the configurations, you can expand BRAS Management > AAA Mamagement, and then click User Domain.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Domain QoS. 3 Click Query to show the names and definition types of domains on the device. 4 Select a domain record, and then click the User Priority tab. 5 Select the required Priority Type from the Priority Type drop-down list box in the Inbound User Priority and Outbound User Priority areas to set details of the user priority. The available options of the priority type are User Priority, Inner 8021.p Value, Outer 8021.p Value, DSCP Value, Inbound MPLS EXP, Outbound MPLS EXP, and Not Change User Priority. 6 Click Apply. ----End
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l l Devices support the configurations of domain QoS. The configurations of QoS management are synchronized to the U2000. You need to synchronize the configurations to the NMS on the User Domain tab.
NOTE
To synchronize the configurations, you can expand BRAS Management > AAA Mamagement, and then click User Domain.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Domain QoS. 3 Click Query to show the names and definition types of domains on the device. 4 Select a domain record, and then click the L2TP QoS Configuration tab. 5 Select the QoS Profile Configuration check box. 6 Click ... to the right of the QoS Profile Name text box to select the required QoS profile. 7 Select the required scheduling direction from the Scheduling Direction drop-down list box. 8 Click Apply. ----End
Prerequisite
l l l l QoS templates are configured on devices. The configurations of QoS management are synchronized to the U2000. Devices support the configurations of L2TP group QoS. The configurations on the L2TP Group tab are synchronized to the NMS.
Context
If a device does not exist in the service tree, it indicates that the device does not support this configuration.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-25
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click QoS Configuration of L2TP Group . 3 On the QoS Configuration of L2TP Group tab, click Query to display configuration information about L2TP group QoS on the device. 4 Select a record, and then click the QoS Configuration tab. 5 Click ... to the right of the Inbound QoS Profile Name text box to specify the QoS profile in the inbound direction. 6 Click ... to the right of the Outbound QoS Profile Name text box to specify the QoS profile in the outbound direction. 7 Click Apply. ----End
Prerequisite
l l l Devices support the configurations of L2TP group QoS. The configurations of QoS management are synchronized to the U2000. The configurations on the L2TP Group tab are synchronized to the NMS.
Context
If a device does not exist in the service tree, it indicates that the device does not support this configuration.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click QoS Configuration of L2TP Group. 3 On the QoS Configuration of L2TP Group tab, click Query to display all configuration information. 4 Select a record, and then click the QoS Scheduling Mode tab. 5 Select the required scheduling mode from the Scheduling Mode drop-down list box. The available options are Session and Tunnel. 6 Click Apply. ----End
12-26 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l Interfaces of devices support the configurations of the bandwidth for interface QoS. The configurations of QoS management are synchronized to the U2000.
Issue 03 (2010-11-19)
12-27
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 On the Configure Interface QoS tab, click Query to display the attributes of all interfaces. 4 Select an interface QoS record, and then click the Configure Bandwidth tab. Enter the required bandwidth of master ETH-Trunk interface in the Bandwidth of Master ETHTrunk Interface text box. 5 Click Apply. ----End
Prerequisite
l l Interfaces of devices support the configurations of a queue for interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 On the Configure Interface QoS tab, click Query to display the attributes of all interfaces. 4 Select an interface QoS record, and then click the Queue tab. 5 Select a queue record, and then click Modify. Modify parameters.
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
12-28
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l Interfaces of devices support the configurations of GTS parameters for the interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the GTS tab. 4 Select the GTS check box, and then set the values of PIR. 5 Click Apply. ----End
Prerequisite
l l The related device interface supports the deployment of applying policies for interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the Applying Policy tab. 4 Click Deploy. Set the related parameters.
Issue 03 (2010-11-19)
12-29
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
Prerequisite
l l Interfaces of devices support the configurations of a VC group for interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the VC Group tab. 4 Click Add. 5 Click ... to the right of the QoS Profile text box to select the required QoS profile. 6 Click OK or Apply. ----End
Prerequisite
l l Interfaces of devices support this configuration. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the VP Group tab. 4 Click Add. 5 Click ... to the right of the QoS Profile text box to select the required QoS profile. 6 Click OK or Apply. ----End
12-30 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l Interfaces of devices support the configurations of the VC scheduling for interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the Scheduling On VC tab. 4 Click ... to the right of the QoS Profile text box to select the required QoS profile. 5 Click Apply. ----End
Prerequisite
l l l Interfaces of devices support the configurations of the VP group scheduling for interface QoS. The configurations of QoS management are synchronized to the U2000. Sub-interfaces support the scheduling on VP Group.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the Scheduling On VP Group tab. 4 Click ... to the right of the VP Group text box to select the required VP group. 5 Click Apply. ----End
Prerequisite
l
Issue 03 (2010-11-19)
Interfaces of devices support the configurations of the port scheduling fro interface QoS.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-31
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the Scheduling On Port tab. l Method one: 1. 2. 3. l Click ... to the right of the QoS Profile text box to select the required QoS profile. Click ... to the right of the VC Group text box to select the required VC group. Click ... to the right of the VP Group text box to select the required VP group.
Method two: 1. 2. Click ... to the right of the QoS Profile text box to select the required QoS profile. In Outbound area, click ... to the right of the VC Group text box to select the required VC group.Click ... to the right of the User Group Queue text box to select the required user group queue. Click ... to the right of the VP Group text box to select the required VP group. In Outbound(before-layer2-encapsulation) area, click ... to the right of the VC Group text box to select the required VC group.Click ... to the right of the User Group Queue text box to select the required user group queue. Click ... to the right of the VP Group text box to select the required VP group. Select the Outbound-a check box. Click ... to the right of the VC Group text box to select the required VC group. Click ... to the right of the User Group Queue text box to select the required user group queue.
3. 4.
5. 6.
Method three: 1. 2. Click ... to the right of the QoS Profile text box to select the required QoS profile. In Outbound area, click ... to the right of the VC Group text box to select the required VC group.Click ... to the right of the User Group Queue text box to select the required user group queue. Click ... to the right of the VP Group text box to select the required VP group. In Outbound area, click ... to the right of the VC Group text box to select the required VC group.Click ... to the right of the User Group Queue text box to select the required user group queue. Select the Outbound-a(before-layer2-encapsulation) check box. Click ... to the right of the VC Group text box to select the required VC group. Click ... to the right of the User Group Queue text box to select the required user group queue.
3. 4.
5.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Prerequisite
l l Interfaces of devices support the configurations of the VC group scheduling for interface QoS. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record, and then click the Scheduling On VC Group tab. 4 Click Add. 5 In the Add Scheduling on VC Group dialog box, enter the required values in the VLAN Range and QinQ VLAN Range text boxes. Click ... to the right of the VC Group text box to select the required VC group. You can set whether to monitor the traffic of each value from the Traffic Policing on Each VLAN drop-down list box.
NOTE
The following figure takes ME60 V100R006C03 as an example. The configuration windows may vary according to devices.
Prerequisite
The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 Select an interface QoS record and click the Other tab. Then, set the related parameters.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-33
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
l l The NMS server is installed with the performance component. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 On the Configure Interface QoS tab page, click Query to display the attributes of all interfaces. 4 Right-click an interface record and choose Monitor Real-time Performance from the shortcut menu. The Query Data window of the performance component is displayed. For details about the operations related to performance, refer to the Huawei iManager U2000 User Guide (PMS).
NOTE
----End
Prerequisite
l l The NMS server is installed with the performance component. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Interface QoS. 3 On the Configure Interface QoS tab page, click Query to display the attributes of all interfaces. 4 Right-click an interface record and choose Configure Performance Monitoring from the shortcut menu. The Monitor Configuration window of the performance component is displayed. For details about the operations related to performance, refer to the Huawei iManager U2000 User Guide (PMS).
12-34 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
12 QoS Management
----End
Prerequisite
l l The related device supports mirroring configurations. The configurations of QoS management are synchronized to the U2000.
Context
l If the bandwidth of the mirrored port is greater than the bandwidth of the observing port, the rate of mirrored packets is greater than the bandwidth of the observing port. In this case, some mirrored packets may get lost. Thus, the bandwidth of the observing port is recommended to be equal to or greater than the bandwidth of the mirrored port.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management, and then click Configure Mirroring. 3 Right-click and then select Create on the shortcut menu, or click Create. 4 Select the index of an observing port from the Index of Observing Port drop-down list box. Then click ... to the right of the Port Name text box to select the port. 5 Click OK or Apply. ----End
Prerequisite
l l
Issue 03 (2010-11-19)
The related device supports mirroring configurations. The configurations of QoS management are synchronized to the U2000.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12-35
12 QoS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > Configure Mirroring, and then click Configure Mirroring. 3 On the Configure Mirroring tab, select an observing port. Click the Port Mirroring tab, and then click Add. 4 Click ... to select the port on which mirroring is to be configured. 5 Click the Inbound or Outbound option button to select the direction for observing a mirrored port. 6 Optional: Configure whether to perform the CRC check on packets through the Original CRC check box. 7 Click OK or Apply.
NOTE
You can click the Mirrored Traffic tab to view the flow mirroring of the observing port.
----End
Prerequisite
l l Devices support the configurations of a soft CAR. The configurations of QoS management are synchronized to the U2000.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand QoS Management > Configure System QoS, and then click Soft CAR. 3 Right-click on the Soft CAR tab and then select Create on the shortcut menu, or click Create on the Soft CAR tab. 4 Enter the name of a soft CAR to be created. 5 Enter the corresponding values in the CIR, CBS, PIR, and PBS text boxes.
12-36 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
12 QoS Management
Issue 03 (2010-11-19)
12-37
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
13
About This Chapter
BRAS Management
This topic describes the functions and configuration methods of BRAS management. 13.1 BRAS Management Overview This topic describes the functions of BRAS management and features of BRAS services. 13.2 Setting Global BRAS Parameters This topic describes how to set global BRAS parameters. The global BRAS parameters are globally effective on the ME60 and MA5200G. You can set the global parameters of AAA, COPS, DHCP, and Web authentication server. 13.3 Configuring AAA This topic describes how to configure AAA. AAA enables you to control user access through protocols such as RADIUS and HWTACACS. 13.4 Configuring IP Address Management This topic describes how to configure IP address management, an important function of the BRAS. The BRAS uses this function to allocate IP addresses to access users. The ME60 and MA5200G manage IP addresses in the form of an IP address pool. The address pools are classified into local address pools, remote address pools, and relay address pools. 13.5 Configuring User Management This topic describes how to configure user management. The ME60 and MA5200G manage users based on domains. Each user belongs to a certain domain. The users in the same domain have the same service attributes. 13.6 Configuring a Access Service This topic describes how to configure access services. Services on the MA5200G and ME60 are classified into access services and value-added services. In access services, the MA5200G or ME60 functions as a BRAS to control and manage access users. 13.7 Querying Real-Time Performance This topic describes how to query the global BRAS configuration and the real-time performance of the user domain. The procedures for querying the real-time performance of different modules are similar.
Issue 03 (2010-11-19)
13-1
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
CAUTION
Before performing operations on NEs, synchronize the configurations of the related modules on the NMS to NEs.
13-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management, and then click BRAS Global. 3 Set the parameters in the dialog box that is displayed.
Issue 03 (2010-11-19)
13-3
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Issue 03 (2010-11-19)
13-5
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
The ME60 and MA5200G manage RADIUS servers through RADIUS server groups. A RADIUS server group is a set of RADIUS servers that have the same attributes (excluding the IP addresses and port numbers) and work in active/standby or load balancing mode. The ME60 or MA5200G supports a maximum of 1024 RADIUS server groups.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click RADIUS Group. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the related parameters.
NOTE
On the Server Information tab page, set the related parameters. Then, click Save. To delete the server information, click Clear.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Context
The HWTACACS protocol is a security protocol developed on the basis of TACACS (RFC 1492). Compared with RADIUS, HWTACACS features more reliable transmission and encryption, and is more suitable for security control.
NOTE
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click TACACS Templet. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
NOTE
On the Server Information tab page, set the related parameters. Then, click Save. To delete the server information, click Clear.
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
l By default, the system provides two authentication schemes, that is, default0 for nonauthentication and default1 for RADIUS authentication. They can be modified but cannot be deleted. You can configure up to 32 authentication schemes in the system.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Authentication Scheme. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Context
l l By default, the system provides two accounting schemes, that is, default0 and default1. They can be modified but cannot be deleted. You can configure up to 256 accounting schemes in the system.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Accounting Scheme. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
13-8 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Context
l l By default, the system provides an authorization scheme named default. You can modify the default authorization scheme but you cannot delete it. You can configure up to 32 authorization schemes in the system.
NOTE
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Authorization Scheme. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Issue 03 (2010-11-19)
13-9
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
l l By default, no record scheme is available in the system. You can configure up to 128 record schemes in the system.
NOTE
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Record Scheme. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click User Group. 3 Right-click in the list and select Create on the shortcut menu.
13-10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Web Authentication Server. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
The services on the ME60 and MA5200G are classified into access services and value-added services. l Access services enable users to access the network. In the operation of access services, the ME60 or MA5200G functions as a BRAS and connects users to the ISP network. The RADIUS server delivers the access service policy to the ME60 or MA5200G. Value-added services, such as VoD, Gaming, and Triple play, are selected by users when they log in to the portal server of the carrier. Value-added services enable the carrier to gain sustained profits. In the operation of value-added services, the ME60 or MA5200G functions as a BRAS and SSG to connect users to the service servers and controls service flows.
You can configure up to 1024 COPS server groups in the system. Among the COPS server groups, only one COPS server group can be configured as the IPTN client.
NOTE
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click COPS Group. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
NOTE
On the Server Information tab page, set the related parameters. Then, click Save. To delete the server information, click Clear.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Context
l l l You can configure up to 4096 DHCP server groups in the system. If the primary DHCP server is not configured, the secondary server cannot be configured. If the VPN instance is not configured after the DHCP server is configured with an IP address, the DHCP server is bound to VPN instance public vpn-instance by default.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Address Management, and then click DHCP Server. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Issue 03 (2010-11-19)
13-13
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
A local address pool is used by the ME60 or MA5200G to allocate IP addresses. A remote address pool is used by the remote equipment to allocate IP addresses. The remote equipment can be a DHCP server or a RADIUS server. l l l You can configure up to 4096 address pools in the system. If the primary IP address of the DNS server is not configured, the secondary IP address of the DNS server cannot be configured. If the IP address of the primary NBNS server is not configured, the IP address of the secondary NBNS server cannot be configured.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Address Management, and then click IP Pool. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
13-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Context
l l l l l You can add up to eight address segments to a local address pool. The IP addresses in the address pool must be in the same subnet with the gateway of the address pool. The address segment cannot contain the IP address of the gateway. The address segments in the same address pool cannot overlap. The address segment cannot contain the broadcast address.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Address Management, and then click IP Section. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Issue 03 (2010-11-19)
13-15
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
By default, the system provides three domains, that is, default0, default1, and defaultadmin. These domains are used for the users whose management domains cannot be identified. The three default domains can be modified but cannot be deleted.
13-16 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click User Domain. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the related parameters.
Context
An equipment domain is invalid for common users, and a common domain is invalid for equipment users.
NOTE
Issue 03 (2010-11-19)
13-17
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > AAA Management, and then click Device Domain. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
13.6.4 Adding User PVCs in Batches This topic describes how to add PVCs in batches. When users access an ATM interface, you can configure PVCs on the ATM interface. The PVCs extend the interface and implement user management in a fine granularity. 13.6.5 Adding Static Users in Batches This topic describes how to add static users in batches. A static user is a user that uses a fixed IP address. The static user is different from the DHCP user and PPP user in terms of obtaining an IP address. A DHCP user obtains an IP address through DHCP and a PPP user obtains an IP address through PPP negotiation. Their features, however, are the same on the BRAS. 13.6.6 Adding Equipment Users in Batches This topic describes how to add equipment users in batches. An equipment user is the network equipment managed by the MA5200G. The equipment user can be identified through attributes such as the IP address, the MAC address, and the interface connected to the MA5200G.
Context
l l l l You cannot set the access type on the Ethernet interface that is added to an Eth-Trunk interface. You can set the access type only on the Eth-Trunk interface. If an interface is configured with an IP address, Layer 2 services cannot be created on the interface. If an interface is configured with the VLAN type, Layer 3 services cannot be created on the interface. For different access types, you need to set different parameters.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click Interface Service. 3 Right-click in the list and select Create on the shortcut menu. 4 Set the related parameters.
Issue 03 (2010-11-19)
13-19
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
The PPP suite consists of the LCP, NCP, and PAP/CHAP protocols. The ME60 and MA5200G support the PAP, CHAP, and MSCHAP protocols.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click PPP. 3 Click Query to check the set PPP parameters. 4 Select a record in the list. The details about this record are displayed in the detailed information area. 5 Set the related parameters. 6 Click Apply. ----End
13-20 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Prerequisite
You must add C-VLANs in batches on the Ethernet subinterface or trunk subinterface on which the access type is set to layer-2 authentication, layer-2 leased line, or layer-2 relay leased line.
Context
The C-VLANs can be common VLANs or QinQ VLANs. QinQ is short for 802.1Q in 802.1Q, which means encapsulation of double VLAN tags in a packet. QinQ enables you to bind more than 4096 VLANs on an interface. If the ME60 or MA5200G is connected to two layers of switches, the switch close to the users inserts the inner VLAN tag into a packet and the switch close to the ME60 or MA5200G inserts the outer VLAN tag into the packet.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click User VLAN. 3 Right-click in the list and choose Batch Add... from the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
NOTE
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Prerequisite
You must add PVCs in batches on the ATM interface on which the access type is set to layer-2 authentication, layer-2 leased line, or layer-2 relay leased line.
Context
l l l ME60 V100R002 does not support the query, batch adding, batch configuration, or batch deletion of PVCs. For the Layer 2 authentication users, Layer 2 leased line users, and Layer 2 relay leased line users on an ATM interface, you can add, configure, or delete PVCs in batches. For the Layer 3 leased line users on an ATM interface, you can only query the PVCs. When an ATM interface for the Layer 3 leased line is created on the BRAS, you can add only one PVC to the ATM interface.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click User PVC. 3 Right-click in the list and choose Batch Add... from the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
13-22
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
NOTE
Context
A static IP address must be reserved for the static user in the address pool of the domain and the IP address must be excluded.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click Static User. 3 Right-click in the list and choose Batch Add... from the shortcut menu. 4 Set the parameters in the dialog box that is displayed.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 13-23
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
The static IP address must be reserved for the equipment user in the address pool of the equipment domain.
NOTE
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand BRAS Management > Service Config, and then click Device User. 3 Right-click in the list and choose Batch Add... from the shortcut menu.
13-24 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
13 BRAS Management
Context
You can query the real-time performance of the following modules: l l l l l l l l l
Issue 03 (2010-11-19)
TACACS server template Web authentication server Address segment User domain User access Portal user Interface service C-VLAN User PVC
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 13-25
13 BRAS Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Procedure
l To query the real-time performance of global BRAS configurations, do as follows: 1. 2. 3. 4. l 1. 2. 3. 4. 5. 6. ----End Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. Choose BRAS Management > BRAS Global from the service tree. Right-click on the page and choose Performance Statistic from the shortcut menu. Select the performance indicators that you want to query in the dialog box that is displayed. Click OK. Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. In the service tree, expand BRAS Management > AAA Management, and then click User Domain. Set the query conditions and click Query. Right-click a record in the list and choose Performance Statistic from the shortcut menu. Select the performance indicators that you want to query in the dialog box that is displayed. Click OK.
To query the real-time performance of a user domain and other modules, do as follows:
13-26
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 VPDN Management
14
About This Chapter
VPDN Management
This describes the functions, configuration, and maintenance of VPDN management and provides the service configuration procedures. 14.1 VPDN Management Overview This describes the basic concepts of VPDN and the functions of VPDN management. 14.2 Configuring L2TP Globally Before configuring a device as the LAC, LNS, or LTS, you need to enable L2TP on the device. The global L2TP parameters take effect on the ME60 and MA5200G globally. That is, these parameters are applied to all the L2TP groups. 14.3 Configuring a LAC Service When an L2TP user goes online, the LAC sets up a tunnel with the remote LNS and sends user packets to the LNS through the tunnel. 14.4 Configuring an LNS Service This describes how to configure an LNS service. The LNS can respond to the tunnel setup request from an LAC, authenticate users, and assign IP addresses to users. 14.5 Displaying the L2TP Status This describes how to check whether an L2TP group is enabled. 14.6 Querying Real-time Performance This describes how to query real-time performance. Querying the real-time performance of the L2TP tunnel is similar to querying the real-time performance of the L2TP session. The following takes the query of the real-time performance of the L2TP tunnel as an example. 14.7 Deleting an L2TP Tunnel After an L2TP tunnel is deleted, all the sessions on the tunnel are cleared. Currently, only the tunnels on the LAC can be deleted. The tunnels on the LNS cannot be deleted.
Issue 03 (2010-11-19)
14-1
14 VPDN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
VPDN Management
By using the dial-up function of public networks (such as ISDN and PSTN) and cooperating with access networks, the virtual private dial-up network (VPDN) provides access services for enterprises, small Internet service providers, and mobile business subscribers. Based on special encryption communication protocols, the VPDN can set up a safe virtual private network over the public network. In this manner, the other branches of enterprises and staff traveling on business can access the headquarters over the public network through virtual encrypted tunnels. Other users on the public network cannot access the internal resources of the enterprise network through the virtual tunnel. VPDN tunneling protocols include the Point-to-Point Tunneling Protocol (PPTP), the Layer 2 Forwarding (L2F) protocol, and the Layer 2 Tunneling Protocol (L2TP). The protocol most widely used is L2TP. Figure 14-1 shows the L2TP-based VPDN networking. Figure 14-1 L2TP-based VPDN networking
LAC PSTN/ ISDN NAS Remote branch Internal server LNS
Remote subscriber
L2TP tunnel
14-2
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 VPDN Management
The L2TP-based VPDN contains the L2TP access concentrator (LAC) and the L2TP network server (LNS). l LAC As a device on the switch network, an LAC has the capability to process the packets of PPP systems and L2TP. The LAC lies between the LNS and remote system (remote users and remote branches) to exchange packets. l LNS As a device at the PPP system side, an LNS can process the packets of the L2TP server. The LNS is the peer of the LAC. It is the logical termination point of the PPP session transmitted over the tunnel by LAC.
NOTE
L2TP
L2TP (RFC 2661) defines an encapsulation mechanism for PPP packets. L2TP enables PPP packets to be transmitted over tunnels and extends the PPP model. L2TP is connection-oriented. There are two kinds of connections between an LNS and an LAC: l l Tunnel: defines an LNS-LAC couple. Session: indicates a PPP session over the tunnel. It is multiplexed on a tunnel.
More than one L2TP tunnel can be set up for an LNS-LAC couple. A tunnel consists of a control connection and one or more sessions. The sessions can be set up only after the tunnels are set up. Each session matches a PPP data flow between the LAC and LNS. Both the control messages and the PPP data packets are transmitted over the tunnels. The L2TP uses Hello packets to check the connectivity of the session. The LAC and the LNS periodically send Hello packets to each other. If no Hello response packet is received by either of them at a specified interval, the session between them is canceled.
CAUTION
Before performing operations on NEs, synchronize the configurations of the related modules to ensure that the data on the NMS is the same as the data on the device.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click L2TP Global.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 14-3
14 VPDN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
The following figure takes ME60 V100R006 as an example. The configuration windows may vary according to devices.
14-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 VPDN Management
Start
Enable L2TP
End
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click L2TP Global. 3 Set L2TP Enable to Open. 4 Click Apply. ----End
Context
l l
Issue 03 (2010-11-19)
The system has two default L2TP groups: default-lac and default-lns. They can be modified but cannot be deleted. default-lac is the default LAC group. default-lns is the default LNS group.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 14-5
14 VPDN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
The LAC can receive the IP address allocated by the LNS only after the dial-up network is configured on the LAC.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click L2TP Group. 3 Right-click in the list and select Add on the shortcut menu. 4 Set the parameters in the Add L2TP Group dialog box.
NOTE
The following figure takes ME60 V100R006 as an example. The configuration windows may vary according to devices.
14-6
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 VPDN Management
Start
Enable L2TP
End
Issue 03 (2010-11-19)
14-7
14 VPDN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
l l You can add a maximum of 16 LNS backup groups to the ME60, and add a maximum of 8 LNS backup groups to the MA5200G. A loopback interface cannot be bound to multiple LNS backup groups.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click LNS Backup Group. 3 Right-click in the list and select Add on the shortcut menu. 4 Set the parameters in the Add LNS Backup Group dialog box.
14-8
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
14 VPDN Management
NOTE
The following figure takes ME60 V100R006 as an example. The configuration windows may vary according to devices.
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click L2TP Global. 3 You can check whether the L2TP group is enabled in the L2TP global view. ----End
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 14-9
14 VPDN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
2 In the service tree, expand VPDN Management, and then click L2TP Tunnel. 3 Set the query conditions and click Query. 4 In the list, select a record and right-click it. Then select Performance Statistic on the shortcut menu. 5 Select L2TP Tunnel Statistics Profile from the Optional Indexes group box.
NOTE
6 Click OK.
NOTE
----End
Procedure
1 Right-click an NE on the Main Topology and choose NE Explorer from the shortcut menu. 2 In the service tree, expand VPDN Management, and then click L2TP Tunnel. 3 Set the query conditions and click Query. 4 In the list, select the record to be deleted and right-click it. Then select Clear Session on the shortcut menu. 5 Click OK.
NOTE
----End
14-10
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15 VPN Management
15
About This Chapter
VPN Management
This topic describes NE VPN management. In NE VPN management, VPNs can be configured for each PE device, constituting the VPN services without basic service information such as the service name and associated customer. NE VPN management and IP end-to-end configurations can be shared in the NMS database, that is, the VPN management configurations in the NE Explorer can be used for IP end-to-end configuration. 15.1 VPN Management Overview This topic describes the basic concepts of VPN management. You need to know the related basic concepts before managing VPN services. 15.2 Creating a Tunnel Policy This topic describes how to create a tunnel policy. Tunnel policies are used to select tunnels according to destination IP addresses. 15.3 Creating a PW Template This topic describes how to create a PW template. For easy expansion, certain common attributes of PWs are configured in a PW template. When you create a PW in interface mode, you can use this template. 15.4 Creating a PW This topic describes how to create a PW. The PW is a type of encapsulation bearer channels on PEs. You can create a static or dynamic PW. In addition, you can set the primary/secondary status of the dynamic PW. 15.5 Creating a VSI This topic describes how to create a VSI. In NE management, VSIs can be configured for each PE. The VSIs configured in NE management can also serve as optional service components for the creation of a VPLS. The VSIs can be classified into service VSIs and management VSIs. 15.6 Creating a VRF This topic describes how to create a VRF. In NE management, VRFs can be configured for each PE. VRFs that are configured in the NE Explorer can be used for configuring end-to-end L3VPN services.
Issue 03 (2010-11-19)
15-1
15 VPN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Static PW
.The Static PW negotiates parameters without the signaling protocol. You must specify the relevant information manually. Data is transmitted among PEs through a tunnel.
Dynamic PW
The dynamic PW is a PW set up through the signaling protocol. The UPE switches VC labels through LDP and is bound to the related CE through the VC ID. After the tunnel that connects two PEs is set up and the switching and binding of labels are complete, a VC is set up if the AC link of these two PEs is Up.
PW Template
The PW template is a set of public attributes of the PWs. A PW template is shared by different PWs. For easy expansion, the PW template command model is added to configure certain common attributes of PWs in a PW template. When you create a PW in interface mode, you can use this template.
VSI
Each VSI provides the independent VPLS. The VSI has the Ethernet bridge function and can terminate a PW.
VRF
L3VPN provides an instance for each VPN to construct a private information forwarding instance of the related VPN, that is, the VPN instance. The VPN instance is also named the VRF. In RFC 2547, a VPN instance is called the per-site forwarding table.
Prerequisite
l l The interface configurations must be synchronized. The tunnel interfaces and tunnels must exist on equipment and run normally. The MPLS configurations must be synchronized.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu.
15-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15 VPN Management
2 Choose VPN Management > Tunnel Policy Management from the service tree. 3 Click Create, and set the name and tunnel policy type.
NOTE
The types of tunnel policies are Bind Application to Tunnel and Tunnel Selection Sequence. The two are mutually exclusive.
4 After completing the settings, click OK to return to the Tunnel Policy Management tab page. The new tunnel policies will be displayed in the query result area. ----End
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > PW Template Management from the service tree. 3 Click Create and set the related parameters. 4 Click OK to return to the PW Template Management tab page. The created PW templates are displayed in the query result area. ----End
15.4 Creating a PW
This topic describes how to create a PW. The PW is a type of encapsulation bearer channels on PEs. You can create a static or dynamic PW. In addition, you can set the primary/secondary status of the dynamic PW.
Prerequisite
Before configuring a static PW, you must do as follows: l l l l l Configure an IGP on the PEs and Ps of the MPLS backbone network to realize the IP connectivity of the backbone network. Enable MPLS on PEs. Establish the tunnel of a corresponding type between the PEs according to the applied tunnel policy. When the CE access type is VLAN, configure sub-interfaces; when the CE access type is ATM, configure the virtual circuit; when the CE access type is FR, configure DLCI. Before configuring the MPLS L2VC connection, enable MPLS L2VPN.
15 VPN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l l l l l l l l l l l l l
Configure an IGP on the PEs and Ps of the MPLS backbone network to realize the IP connectivity of the backbone network. Enable MPLS on the backbone network. Establish the tunnel of a corresponding type between the PEs according to the applied tunnel policy. Set up a remote LDP session between PEs. When the CE access type is VLAN, configure sub-interfaces; when the CE access type is ATM, configure the virtual circuit; when the CE access type is FR, configure DLCI. Before configuring the MPLS L2VC connection, enable MPLS L2VPN. Configure IGP on the PEs and Ps of the MPLS backbone network to realize the IP connectivity of the backbone network. Enable MPLS on the backbone network. Establish the tunnel of a corresponding type between the PEs according to the applied tunnel policy. Establish tunnels used by the primary and secondary PWs between PEs in the primary and bypass paths, including the CR-LSP, LSP, and GRE tunnel. If the tunnel is the GRE or CR-LSP tunnel, configure a tunnel policy. If the tunnel is the LSP tunnel, configure a tunnel policy. Configure the primary PW on the PEs of the primary path. Configure the IP addresses of the CE access interfaces.
NOTE
l One interface cannot be configured as the AC interface of an L2VPN and as the AC interface of an L3VPN at the same time. When an interface is bound to an L2VPN, all the Layer 3 features configured on the interface, such as the IP address and routing protocol, are invalid. l PWE3 does not support P2MP. When you create an MPLS L2VC on an ATM sub-interface, the ATM sub-interface must be the end-to-end type. For the configuration of the transparent transmission of ATM cells, however, the restriction is not applicable. l You cannot configure two static PWs on one interface at the same time; however, you can configure the dynamic primary and secondary PWs. The types of the primary and secondary PWs must be consistent. That is, the encapsulation types of the primary and secondary PWs must be consistent.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > PW Management from the service tree. 3 Click Create. 1. 2. Click the Interface Configuration tab, and then set the values of Interface Name and Signalling Mode. Click the General tab. Then, set corresponding parameters.
15-4
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15 VPN Management
NOTE
The parameters to be configured on the General tab page vary according to the interface types and signalling types on the Interface Configuration tab page. The parameters unsupported are hidden. The following takes the Dynamic signalling as an example.
4 After the settings, click OK to return to the PW Management tab page. The created PWs are displayed in the query result area. 5 Optional: For existing dynamic PWs, you can perform the following configurations: 1. 2. Click Configure. The Configure PW dialog box is displayed. Click Advance on the General tab page to set advanced PW parameters.
----End
15 VPN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15.5.2 Creating a Management VSI This topic describes how to create a management VSI. The management VSI is used to transmit packets and facilitate link detection and the active/standby switchover. 15.5.3 Enabling and Disabling a Service VSI This topic describes how to enable and disable a service VSI. When a certain VSI needs to be stopped or certain specific maintenance operations need to be performed for a service, you need to disable the service or certain interfaces that are associated with the service. When the working status of the service needs to be recovered, you can enable the service or certain interfaces that are associated with the service.
Prerequisite
Before configuring the Martini service VSI, complete the following tasks: l l l l Configuring LSR IDs and enabling MPLS and MPLS LDP on PE and P equipment Enabling MPLS L2VPN on PEs Establishing tunnels between PEs to transmit user data Setting up remote LDP sessions if PEs are indirectly connected
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > VSI Management from the service tree. 3 Choose Create > Martini Service VSI. The Create Martini Service VSI dialog box is displayed. 1. On the Configure VSI tab page, set the related parameters.
15-6
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
15 VPN Management
The VSI parameters that need to be set vary according to equipment types.
2.
On the Configure VC tab page, click Create and select the VC type as required.
NOTE
The commands delivered by and the function of the mesh VC are different from those of the spoke VC The mesh VC is applicable to the full-mesh scenario, whereas the spoke VC is applicable to the HVPLS. The essential difference between the mesh VC and the spoke VC is whether to forward packets received from the PW to another VSI. The spoke VC forwards the packets, whereas the mesh VC does not.
3.
On the Bind Interface tab page, click Add. In the Select Interface dialog box, select the access interface associated with the VSI, and then click OK.
NOTE
l You cannot select the interfaces that are bound to other services. l If no eligible interfaces are displayed, you can click Create to create an interface or subinterface. l You need to set the VLAN ID for a new subinterface.
Result
On the VSI Management tab page, you can find the newly created Martini service VSI. You can select the VSI and view details about the VSI in the detailed information area.
Prerequisite
Before configuring a management VSI, you must do as follows: l l l l l Configure IGP on the PEs and Ps of the MPLS backbone network to realize the IP connectivity of the backbone network. Configure the LSR ID and enable MPLS and MPLS LDP on the PEs and Ps. Enable MPLS L2VPN on the PEs. Set up the remote LDP session if the PEs are not directly connected. Establish the tunnel of a corresponding type between the PEs according to the applied tunnel policy.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > VSI Management from the service tree. 3 Choose Create > Management VSI. The Create Management VSI dialog box is displayed. 1.
Issue 03 (2010-11-19)
15 VPN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
l In the MAC Address Configuration area, click Set, and then set the parameters related to the MAC address. l In the VSI QoS Configuration area, click Set, and then set the parameters related to the VSI QoS. l In the Diffserv Configuration area, click Set, and then set the parameters related to the Diffserv.
NOTE
The management VSI can be bound to multiple service VSIs. The service VSI, however, can be bound to only one management VSI.
NOTE
The VSI parameters that need to be set vary according to equipment types.
2.
On the Configure VC tab page, click Create and select the VC type as required.
NOTE
The commands delivered by and the function of the mesh VC are different from those of the spoke VC The mesh VC is applicable to the full-mesh scenario, whereas the spoke VC is applicable to the HVPLS. The essential difference between the mesh VC and the spoke VC is whether to forward packets received from the PW to another VSI. The spoke VC forwards the packets, whereas the mesh VC does not.
3.
On the Bind Interface tab page, click Add. In the Select Interface dialog box, select the access interface associated with the VSI, and then click OK.
NOTE
l You cannot select the interfaces that are bound to other services. l If no eligible interfaces are displayed, you can click Create to create an interface or subinterface. l You need to set the VLAN ID for a new subinterface.
4.
On the MAC Address Entry tab page, click Create. In the dialog box that is displayed, set the related parameters.
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15 VPN Management
Result
On the VSI Management tab page, you can find the newly created management VSI. You can select the VSI and view details about the VSI in the detailed information area.
Context
You can enable or disable the selected service VSI to control the management status of the VSI. The types of management statuses are enabled and disabled.
NOTE
The management VSI does not support the enabling or disabling operation.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > VSI Management from the service tree. 3 Click Query to query all records. 4 Click the VSI List tab. Select one or more VSIs to be operated from the service VSI list. Then perform either of the following operations: l Right-click the VSIs and choose Enabled from the shortcut menu. l Right-click the VSIs and choose Disabled from the shortcut menu. ----End
Prerequisite
Before configuring a VRF, you must do as follows: l l Create routing policies if import or export routing policies need to be applied to the VRF. Create tunnel policies if load balancing is required or MPLS TE tunnels are configured. For configurations about tunnel policies, see "Creating a Tunnel PolicyL".
Context
A VRF is also called a VPN instance. A PE has multiple forwarding tables, including a public routing and forwarding table and one or more VRFs. A VRF can be regarded as a virtual router, which maintains the independent address space and provides access interfaces.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 15-9
15 VPN Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
To be more specific, every connection between a CE and a PE corresponds to a VPN instance (not a one-to-one mapping). This mapping is realized on the basis of the configuration that the VPN instance is associated with (or bound to) the PE interface that directly connects the CE. The VPN instance realizes the independence of address space through the RD and realizes the VPN member relationship and routing rules control at the directly connected site and remote site through the RT attribute.
Procedure
1 Right-click the NE in the Main Topology and choose NE Explorer from the shortcut menu. 2 Choose VPN Management > VRF Management from the service tree. 3 Click Create. 4 In the Create VRF dialog box, perform the following tasks: 1. 2. 3. 4. On the VRF Configuration tab page, enter the VRF name, RD, and VRF description. Click Create. In the Create RT dialog box, set the RT value and type. Click OK. Optional: Click Advanced. In the Configure Advanced Attribute of VRF dialog box, set the related parameters. Click OK. On the Bind Interface tab page, click Add. In the Select Interface dialog box, set the query conditions and click Query. Select the interface that is bound to the VRF, and then click OK.
NOTE
l The interfaces that are bound to a PW or VSI cannot be selected. l If the selected interface is configured with an IP address, the IP address is cleared after the interface is bound to a VRF. l If no eligible interfaces are displayed, you can click Create to create a corresponding interface or sub-interface.
15-10
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
15 VPN Management
Result
The created VRF is displayed in the query result area in VRF Management. You can select the VRF and view details about the VRF in the detailed information area. The details about the VRF includes the general information and information about the bound interface.
Issue 03 (2010-11-19)
15-11
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
16
About This Chapter
This topic describes how to access NEs in the topology view of the U2000 through Telnet or SSH, and how to check the NE connectivity trough the ping, tracert, ICMP ping, or ICMP trace test. 16.1 Ping This topic describes how to send ping packets to a remote host to check whether it is reachable. To check the network connectivity or the line quality, you can also perform the ping test. 16.2 Tracert This topic descries how to test the route that a data packet passes from the source host to the destination host. The tracert command is used to check whether a network connection is reachable and to determine the position where a fault occurs. After detecting a fault on the network by using the ping command, you can use the tracert command to determine the fault position. 16.3 Telnet This topic describes how to remotely log in to an NE by performing the Telnet operation on the U2000 to configure and maintain the NE. 16.4 SSH This topic describes how to guarantee the security of network communications through SSH that provides authentication, encryption, and authorization. When a user remotely logs in to a router through an insecure network, SSH offers secure information guarantee and powerful authentication to protect the NE against attacks such as IP address spoofing and interception of plain text passwords. 16.5 ICMP Ping This topic describes how to perform the ICMP ping test on the selected NE through the shortcut menus in the topology view. 16.6 ICMP Trace This topic describes how to perform the ICMP trace test on the selected NE through the shortcut menus in the topology view.
Issue 03 (2010-11-19)
16-1
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
16.1 Ping
This topic describes how to send ping packets to a remote host to check whether it is reachable. To check the network connectivity or the line quality, you can also perform the ping test.
Context
During the ping process, the source host sends an ICMP ECHO-REQUEST packet to the destination host. If the network connection between the source host and the destination host is normal, after receiving the ICMP ECHO-REQUEST packet, the destination host responds to the source host with an ICMP ECHO-REPLY packet.
Procedure
1 In the Main Topology, select the NE to be operated. 2 Right-click the NE and choose Tool > Ping from the shortcut menu. 3 In the dialog box that is displayed, select Ping or Continual Ping, and then click Start. ----End
Result
l If the operation is successful, it indicates that the destination host is reachable. In the Result area, the information indicating the normal connection is displayed. The information includes the number of sent packets, number of received response packets, percentage of no-response packets, and minimum, maximum, and average response time. If the operation fails, it indicates that the destination host is unreachable and the network connectivity or line failure cannot be detected. The Request time out message is displayed.
16.2 Tracert
This topic descries how to test the route that a data packet passes from the source host to the destination host. The tracert command is used to check whether a network connection is reachable and to determine the position where a fault occurs. After detecting a fault on the network by using the ping command, you can use the tracert command to determine the fault position.
Context
The execution process of the tracert command is as follows: l l l l
16-2
The source host sends a packet whose TTL is 1. The TTL times out. The first hop sends back an ICMP error message to indicate that this packet cannot be sent. The source host sends a packet whose TTL is 2. The TTL times out. The second hop sends back an ICMP error message to indicate that this packet cannot be sent. The source host sends a packet whose TTL is 3. The TTL times out. The third hop sends back an ICMP error message to indicate that this packet cannot be sent. The process continues in this manner until the packet reaches the destination host.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
The purpose of performing these operations is to record the source address of each ICMP TTL time-out message, so as to provide the route that an IP packet passes to reach the destination host.
Procedure
1 In the Main Topology, select the NE to be operated. 2 Right-click the NE and choose Tool > Tracert from the shortcut menu.
NOTE
In the Tracert Result dialog box, the gateways that the test packets pass from the source host to the destination host and the response time that the three sent test packets reach the gateways are displayed.
----End
16.3 Telnet
This topic describes how to remotely log in to an NE by performing the Telnet operation on the U2000 to configure and maintain the NE.
Prerequisite
Make sure that port 9811 between the U2000 server and clients is enabled before you telnet a device.
Procedure
1 In the Main Topology, select the NE to be operated. 2 Right-click the NE and choose Tool > Telnet from the shortcut menu. When you telnet to the remote server or NE successfully, you can operate the NE through command lines. ----End
16.4 SSH
This topic describes how to guarantee the security of network communications through SSH that provides authentication, encryption, and authorization. When a user remotely logs in to a router through an insecure network, SSH offers secure information guarantee and powerful authentication to protect the NE against attacks such as IP address spoofing and interception of plain text passwords.
Procedure
1 In the Main Topology, select the NE to be operated. 2 Right-click the NE and choose Tool > SSH from the shortcut menu. After logging in to a remote server or host remotely, you can perform operations on the NE through command lines. ----End
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 16-3
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
l Compared with the common ping test, the ICMP ping test supports the setting of test packet parameters and other advanced parameters, as well as the setting of the source and destination addresses. Thus, the ICMP ping test can provide more specific test results. Certain NEs do not support the ICMP ping test. The ICMP Ping option is not contained in the shortcut menus for these NEs.
Procedure
1 Right-click the source NE to be diagnosed in the Main Topology and choose Tool > ICMP Ping from the shortcut menu. 2 At the moment, the cursor turns into a cross. Click the destination NE. 3 In the Test dialog box, set the related parameters. 4 Click Run. 5 View the execution result in the Run Test dialog box. During the test execution, you can click Terminate to stop the test. ----End
Context
l Compared with the common tracert test, the ICMP trace test supports the setting of test packet parameters and other advanced parameters, as well as the setting of the source and destination addresses. Thus, the ICMP trace test can provide more specific test results. Certain NEs do not support the ICMP trace test. The ICMP Trace option is not contained in the shortcut menus for these NEs.
Procedure
1 Right-click the source NE to be diagnosed in the Main Topology and choose Tool > ICMP Trace from the shortcut menu. 2 At the moment, the cursor turns into a cross. Click the destination NE. 3 In the Test dialog box, set the related parameters. 4 Click Run.
16-4 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
5 View the execution result in the Run Test dialog box. During the test execution, you can click Terminate to stop the test. ----End
Issue 03 (2010-11-19)
16-5
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
17
About This Chapter
Diagnosis Management
This topic describes how to use the iManager U2000 for test and diagnosis. 17.1 Overview of the Test Diagnosis Tool This topic describes the functions and concepts of the test diagnosis tool as well as the test diagnosis types provided by the tool. 17.2 Process of Using the Test Diagnosis Tool This topic describes the process of using the test diagnosis tool to perform test diagnosis with a flowchart. 17.3 Common Operations Common operations of test diagnosis include creating a test suite, test case, and result analysis template, running the test diagnosis tool, and displaying and exporting the running results of the test suite. The following describes the methods of performing these common operations. 17.4 Performing Network Scanning This topic describes the application scenario of and the operation of performing network scanning. With this function, you can detect the connectivity of all side-by-side links, RPR links, IP virtual links and LLDP links in the U2000. 17.5 Typical Examples for Performing Test Diagnosis Tasks This topic describes the method of and the procedure for performing test diagnosis tasks with the test diagnosis tool in actual situations by using the related examples.
Issue 03 (2010-11-19)
17-1
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
The running results of all test suites are recorded as history data, which is convenient for you to view result information about the test suites.
The test diagnosis tool provides rich test suites and test cases that help diagnose the connectivity in different operation and maintenance scenarios. For details, see 17.1.3 Test Diagnosis Type.
The following concepts are introduced into test cases: l SLA To ensure the quality of network services for users, carriers sign the SLA(Service Level Agreements) with customers. The following contents need to be specified in the SLA to ensure the interests of both parties: Carriers need to provide network services with a good quality for customers according to the promises in the SLA. When the network performance and reliability customized by customers are ensured, the customers need to pay the corresponding fees according to the promises in the SLA. When the quality of network services is deteriorated to a certain extent, carriers need to compensate for customers' losses according to the promises in the SLA. Compared with QoS that is focused on the networks of carriers, the SLA ensures the quality of services that are closely related to customers. QoS is important for realizing and ensuring the SLA. l Delay It refers to the time spent on transmitting packets. Delay is classified into RTD(Round Trip Delay) and OWD(Odd Way Delay). The RTD is classified into the following types: Min RTD Max RTD Average RTD The OWD is classified into the following types: Max SD OWD: maximum OWD from the source equipment to the destination equipment Max DS OWD: maximum OWD from the destination equipment to the source equipment
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17-3
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Delay is an important index to measure the quality of data transmission. Voice services and video services impose a strict requirement on delay. The service quality is sharply decreased on a network with the long delay. l Jitter It indicates the interval for sending two adjacent packets minus the interval for receiving the two packets. This index reflects the delay stability of multiple test operations. l Packet loss ratio It indicates the proportion of the number of packets that are sent but with no returned response packets to the number of all sent packets during data transmission. l TTL(Time to Live) It indicates the maximum number of routers that data packets can pass through. The TTL is set by the equipment that sends packets. The TTL is decreased by one when packets pass through a router. When the TTL of a date packet is 0, the data packet is discarded and ICMP timeout packet is sent to notify the source equipment. In normal cases, the TTL of a packet is set to the number of hops at a site that the packet passes through.
Diagnosis Policy
A diagnosis policy is used to periodically run the test suite bound to the diagnosis policy, which realizes a flexible and periodic test. You can set Period Type to Daily,Weekly or Monthly to define a diagnosis policy.
Network Scanning
The network scanning module can be used to detect the connectivity of all the virtual links and LLDP links on the entire network. You can view the scanning results, find and record the faulty links, and locate the faults with the Trace Route tool. Virtual links are created according to factors such as the importance of links and users' concern.
l Green: indicates that the actual value is smaller than the lower threshold. l Yellow: indicates that the actual value ranges from the lower threshold to the upper threshold. l Red: indicates that the actual value is greater than the upper threshold.
Note that a test case can be bound to only one result analysis template and a result analysis template can be bound to multiple test cases.
History Data
History data stores the running records of test suites, such as information about parameters of each test and details about the running results.
17-4 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
Concepts
The following describes the common test diagnosis types: l DNS TCP/IP not only provides IP addresses to specify equipment but also specifically designs a host naming mechanism in the format of a string, that is, the DNS. By applying a hierarchical naming mode, the DNS specifies a meaningful name for equipment on the network and then sets a domain name resolution server. In this manner, the relationship between domain names and the IP addresses is established. The domain names are meaningful and easy to remember, thus freeing users from memorizing complicated IP addresses. l FTP FTP is used to control the bidirectional transmission of files and is applied at the application layer. FTP uses TCP to transmit packets to ensure the reliability of transmission. l DHCP With the expansion of the network scale and the increase of network complexity, network configurations are increasingly complicated, and the locations of computers are changed frequently with the emergence of portable computers and wireless networks. As a result, the number of computers may exceed the number of allocable IP addresses. DHCP is developed to meet these requirements. l HTTP HTTP is developed by the Internet engineering special group for file transmission. HTTP is used to send requests from the browser to the Web server and transmit pages on the server to the browser. l SNMP SNMP is widely used for network management. It is a widely accepted industrial standard. It aims to ensure that management information can be transmitted between any two nodes. By using SNMP, network administrators can search and modify information at any node on the network, locate and troubleshoot faults, plan capacities, and generate reports. SNMP applies the polling mechanism to provide the basic function set. It is most suitable to smallscale and low-cost environments. It requires only UDP that has no acknowledgement mechanism; thus it is popular among a large number of products.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17-5
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
VoIP VoIP is an application technology focused on IP phone through Internet and the corresponding value-added services. It uses PSN as the transport platform, and compresses and encodes simulated voice signals. Then, these voice data is packaged according to the related protocols such as TCP/IP and transmitted to the destination equipment over the IP network. The destination equipment reorganizes the voice data, and then decodes and restores the data to the original voice signals. In this manner, voice data can be transmitted on the IP network and voice communication is realized on the Internet. The VoIP technology realizes the voice transmission between the traditional SCN and the IP network, or the direct voice transmission on the IP network. This technology consists of the signaling technology, voice encoding and decoding technology, real-time transmission technology, QoS assurance technology, and network transmission technology.
TCP TCP is a core protocol of the Internet protocol suite. Using TCP, interconnected hosts can establish connections with each other and exchange data. TCP ensures the reliable and inorder delivery of data from the sender to the receiver. TCP also distinguishes data for multiple concurrent applications running on the same host.
UDP UDP is a core protocol of the Internet protocol suite. Using UDP, the programs on interconnected computers can send short messages (sometimes known as datagrams with addressing information) to each other.
ICMP ICMP is a protocol of the TCP/IP protocol suite and is applied at the network layer. This protocol is used to transmit control information, such as the reported error, exchanging limit control, and status information, between hosts and routers. When IP data cannot reach destinations and IP routers cannot forward data packets at the current transmission rate, the system automatically sends an ICMP message. In this case, you can run the ping command to configure the local equipment to send an ICMP echo request message and record the received ICMP echo reply message. These messages provide reference to fault troubleshooting on the network or equipment.
Jitter It refers to the jitter time of packets. Jitter time is an important index to measure the network performance. It refers to the interval for sending two adjacent packets to the same destination minus the interval for receiving the two packets.
MTU The MTU is the maximum size of packets transmitted on a physical network. The MTU is determined by network equipment.
802.1ag 802.1ag maintains Ethernet services. It is used to automatically detect the connectivity of Ethernet links and locate faults.
LSP For an LSP, after a label is assigned to an FEC on the ingress, the label determines the traffic forwarding. The traffic is transparent to the transit nodes on the LSP. In this sense, an LSP is regarded as an LSP tunnel. Currently, LSPs are mainly used to provide public network tunnels for VPNs.
l
17-6
MPLS TE Tunnel
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
The MPLS TE technology integrates the MPLS technology with traffic engineering. It can reserve resources by setting up the LSP tunnels to a specified path in an attempt to detour congested nodes and balance network traffic. l PWE3 PWE3 is a type of L2VPN. PWE3 simulates the basic behaviors and characteristics of the services such as ATM, FR, Ethernet, TDM circuit, SONET, and SDH on a PSN. l BGP/MPLS VPN A BGP/MPLS VPN is a L3VPN. BGP/MPLS VPN uses BGP to advertise VPN routes on the backbone network of the service provider and uses MPLS to forward VPN packets on the backbone network of the service provider. l VPLS VPLS is a type of MPLS L2VPN services. VPLS enables geographically isolated user sites to communicate with each other through the MAN/WAN as if they are on the same LAN. Unlike the P2P services of the normal MPLS L2VPN, the VPLS provides MP2MP private network services. Each VPN site can communicate with multiple related VPN sites. The following are the concepts related to VPLS: VSI: It is the instance that maps the physical access links of VPLS to the VCs. PW: It is a bidirectional virtual connection between two VSIs. A VSI consists of a pair of unidirectional MPLS VCs. AC: It is the connection between a CE and a PE. It can be a physical interface or a virtual interface. Generally, all user packets, including Layer 2 and Layer 3 protocol packets, on an AC are forwarded to the peer site without any change. CE: It is the customer edge equipment directly connected with the service provider. PE: It is the provide edge equipment that is connected to a CE over a backbone network. A PE is responsible for accessing VPN services. A PE performs the mapping and forwarding of packets from the private network to the public channel and then from the public channel to the private network. The PEs can be further classified into UPEs and SPEs. QinQ: It is a mechanism that uses the tunnel protocol based on 802.1Q encapsulation and provides multipoint L2VPN services. In QinQ, the VLAN tag of private networks is encapsulated in the VLAN tag of public networks. The packets carry double tags when being transmitted over the backbone network of the service provider. In this manner, the QinQ technique provides a simple Layer 2 VPN tunnel to realize transmission of packets with double tags over public networks. Forwarder: It is a type of PEs. After a forwarder receives a data frame from an AC, the forwarder selects a PW for forwarding the data frame. Actually, the forwarder functions as the forwarding table of VPLS. Tunnel: It is used to bear multiple PWs. Generally, a tunnel is an MPLS tunnel. A tunnel is a direct channel that connects a local PE to a remote PE and transparently transmits data between the PEs. Encapsulation: The packets transmitted on PWs use the standard PW encapsulation mode and technology. The encapsulation of VPLS packets transmitted on PWs has two modes: Tagged and Raw. PW signaling: It is the basis on which VPLS is implemented. It is used for creating and maintaining PWs. The PW signaling protocol can automatically discover the remote PEs of VSIs. LDP is applied here.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17-7
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Faults exist in results? Yes Judge the fault range based on test results
No
End
17-8
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
NOTE
A test suite is a collection of test cases. To define a test suite, you need to create a test suite and test cases. You can define different test suites according to the actual situations of operation and maintenance.
Start
Find faults
Yes
End
Issue 03 (2010-11-19)
17-9
17 Diagnosis Management
NOTE
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
A test suite is a collection of test cases. To define a test suite, you need to create a test suite and test cases. You can define different test suites based on the actual situations of operation and maintenance.
17-10
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
Procedure
1 Choose Fault > Test Suite from the main menu. 2 On the Test Suite tab, click Create and the Create Test Suite dialog box is displayed. 3 Set the parameters of the test suite. 4 Click OK. ----End
Prerequisite
The test suite for encapsulating the test case must be created.
Context
The procedures for creating various test cases are similar. The following takes the creation of an ICMP ping test case as an example.
Procedure
1 Choose Fault > Test Suite from the main menu. 2 On the Test Suite tab, select the test suite where the test case to be created resides in. 3 On the Test Case tab, select Create > Network Layer Diagnosis > ICMP Ping. The Create ICMP Test Case dialog box is displayed. 4 In the General area, set the general parameters related to the ICMP ping test case. 5 Optional: In the Advanced area, click Advanced. The Advanced Configuration dialog box is displayed. Set the advanced parameters of the test case. Then, Click OK. ----End
Result
The created ICMP ping test case is displayed in the test case list.
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
This topic describes how to run a temporary test case. A temporary test case is used to temporarily test network connectivity. The results of running a temporary test case are not saved in the U2000 database. These results are for temporary viewing only. 17.3.2.3 Periodically Performing Test Diagnosis with Diagnosis Policies This topic describes the application scenario of and the procedure for periodically performing test diagnosis with diagnosis policies.
Prerequisite
A test suite must be defined.
Context
You can manually perform test diagnosis in the following situations: l l Running test suites: Start running all the test suites. The system supports the running of multiple test suites simultaneously. Running test cases: Start one or more test cases in a test suite.
Procedure
1 Choose Fault > Test Suite from the main menu. 2 In the query condition area, set query conditions. Then, click Query. l Running test suites In the query result area of the Test Suite tab page, select one or more test suites, and then click Run. A progress bar is displayed to show the running progress of the test suites. l Running test cases On the Test Case tab page, select one or more test cases, and then click Run. A progress bar is displayed to show the running progress of the test cases. 3 Optional: Select a test case. Then, select Details. You can view the latest configurations of the test case, test results, and details about the result analysis template. ----End
17-12
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
Context
Different from the test case created in a test suite, a temporary test case is usually used to temporarily test the connectivity of network links. The operation of a temporary test case does not require any preparation. You can directly select a temporary test case, set the related parameters, and then run the temporary test case. The operation procedures for different temporary test cases are similar. The following takes a DNS test case as an example.
Procedure
1 Choose Fault > Router/Switch Test from the main menu. 2 In the dialog box that is displayed, choose Application Layer Diagnosis > DNS from the navigation tree. Then, set the parameters related to the DNS. In the Advanced area, click Advanced. In the Advanced Configuration dialog box, set the advanced parameters of the DNS test case. 3 Click Run. 4 The Run Test dialog box is displayed indicating the running results. The progress bar shows the test process. You can click Terminate to stop the test. ----End
Prerequisite
The test suite for periodically performing test diagnosis must be created.
Context
The test diagnosis tool uses a diagnosis policy to run a test suite flexibly on a daily, weekly, or monthly basis. At a specific moment in each specified period, the test diagnosis tool runs test cases in the test suite associated with the diagnosis policy. Figure 17-3 shows the process of periodically performing test diagnosis.
Issue 03 (2010-11-19)
17-13
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
End
Procedure
1 Choose Fault > Test Suite from the main menu. In the dialog box that is displayed, choose Diagnosis Policy from the navigation tree. 2 On the Diagnosis Policy tab page, click Create. The Create Diagnosis Policy dialog box is displayed. 3 In the Create Diagnosis Policy dialog box, set the related parameters. 4 Click Add. Multiple running time points can be added for a diagnosis policy. For example, you can set Period Type to Weekly and Running Time to 08:30 AM from Monday to Friday. 5 Click OK. On the Task Information tab page, details about the test diagnosis tasks are displayed. 6 In the detailed information area, click the Associated Test Suite tab. 7 On the Associated Test Suite tab page, click Bind. 8 In the Select Test Suite dialog box, select the test suite that needs to be associated with. 9 Click OK. 10 On the Diagnosis Policy tab page, select the created diagnosis policy, and then click Run.
NOTE
If you click Run, the diagnosis policy task is started, but the test suite associated with the diagnosis policy is not performed immediately. The test suite associated with the task runs at the specified moment in the set period.
----End
17-14
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
Procedure
1 Choose Fault > Test Suite from the main menu. In the dialog box that is displayed, choose Template from the navigation tree. 2 Click Create. The Create Template dialog box is displayed. 3 Enter a value in Template Name, select a type as required from the Type drop-down list, and then set the upper threshold and the lower threshold for the specifications. 4 Click OK. ----End
Result
The new result analysis template is displayed in the list.
Issue 03 (2010-11-19)
17-15
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Context
When network scanning is performed, the system automatically creates a test suite named defaultNetScan. Thus, the test suite named defaultNetScan in history data is the information about the results of the test suite through network scanning.
Procedure
1 Choose Fault > Test Suite from the main menu. In the dialog box that is displayed, choose History Data from the navigation tree. 2 In the query condition area, click Condition to set the filtering criteria. Then, click Query.
NOTE
You can directly click Query to view all the history data.
In the Test Result column, running the result of the test suite is displayed. The result can be Connected, Disconnected, or Partial Connection. l Connected: indicates that the running results of all the test cases in the test suite are Connected. l Disconnected: indicates that the running results of all the test cases in the test suite are Disconnected. l Partial Connection: indicates that running results of some test cases in the test suite are Connected and some are Disconnected or Operation failed. 3 Optional: In the query result area of the History Data tab, select the required running record of the test suite. On the Test Case tab page, information about the test cases in the test suite and the running results is displayed. In the query result area of the History Data tab page, right-click a test suite and choose View Related Test Suite from the shortcut menu. In the Test Suite dialog box, you can view the recent running records of the test suite related to history records. 4 Optional: Select a test case in the detailed information area. Then, click Details. In the Details dialog box, details about the latest configurations of the test cases, test results, and the result analysis template are displayed. 5 Optional: In the Details dialog box, click Back or Next to view other test cases. Then, click Close. ----End
Procedure
1 Choose Fault > Test Suite from the main menu. In the dialog box that is displayed, choose History Data from the navigation tree. 2 On the History Data tab page, click Query.
17-16 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
3 Click Export Result. 4 In the Export Result dialog box, set Start Row, End Row, and File Name. If the default values are used, all the result information is exported. 5 Click OK. A progress bar is displayed to show the progress of exporting. After data is exported, the system prompts you that the exporting is successful. ----End
Context
If there are faulty links in the results of test cases, you can use the Trace Route tool to locate faults. You can use the Trace Route tool to display transit nodes along the channel from the source equipment to the destination equipment. In addition, you can obtain information such as the packet loss ratio and delay from the source equipment to transit nodes. The Trace Route tool is classified into the following types: l l l l l l l ICMP Trace ICMP VRF Trace Multicast Trace Multicast VRF Trace LSP Trace PWE3 Trace VPLS MAC Trace
Each type of the Trace Route tool can be used to trace the corresponding test cases. For example, the ICMP Trace tool can be used to locate network faults of the ICMP ping test cases. The methods of tracing test cases with the three types of the Trace Route tools are similar. The following takes the ICMP Trace tool as an example.
Procedure
1 Choose Fault > Test Suite from the main menu. 2 In the query condition area of the Test Suite tab page, click Query. The eligible test suites are displayed in the query result area. 3 Select the test suite to be traced in the test suite list. 4 On the Test Case tab page, select the test case to be traced. 5 Click Trace Route.
Issue 03 (2010-11-19) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17-17
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
6 Optional: In the Run ICMP Trace dialog box, click Advanced. 7 Optional: In the Advanced dialog box, set the advanced parameters of the ICMP trace test case. Then, click OK. 8 Click Run. In the Run Test Case dialog box, information about the hop-by-hop connectivity of the path from the source equipment to the destination equipment is displayed. ----End
Prerequisite
The side-by-side links, RPR links, virtual links or LLDP links must exist on the U2000.
Application Scenario
Network scanning can be used detect the connectivity of all side-by-side links, RPR links, IP virtual links and LLDP links in the U2000 and locate faulty links and faults.
NOTE
The process of network scanning is the running of ICMP Ping test for all side-by-side links, RPR links, IP virtual links and LLDP links.
Procedure
1 Choose Fault > Test Suite from the main menu. In the dialog box that is displayed, choose Network Scan from the navigation tree. 2 Click Synchronization. On the Scan Result tab page, a progress bar is displayed to show the progress of the current operation. After synchronization, all the synchronized side-by-side links, RPR links, IP virtual links and LLDP links are displayed in the network scanning list. 3 Click Start Scan. On the Scan Result tab page, the progress bar shows the progress of the current operation. You can click Stop Scan to stop the current network scanning operation. ----End
Follow-up Procedure
After network scanning, you can view information about the network scanning on the Scan Result tab page. You can also view information about the connectivity of each link in the network scanning list. If faults occur on links, use the Trace Route tool to check the faulty links and locate the faults.
17-18 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
17 Diagnosis Management
1. 2.
3.
Select the faulty link to be diagnosed. Then, click Trace Route. In the Run ICMP Trace dialog box, click Run. You can click Advanced to set the advanced parameters of an ICMP Trace test case. For the description of parameters, see 17.3.5 Using the Trace Route Tool to Locate Faults. In the Run Test Case dialog box, view running results and the hop-by-hop information about the ICMP Trace test case. During the running of the ICMP Trace test case, you can click Terminate to terminate the test; you can click Cancel to cancel the test and close the dialog box. After the test, you can click Export Result to export result information about network scanning to a specified path and save it.
Application Scenario
Figure 17-4 shows the networking environment. The remote branches of enterprise A are interconnected through the L3VPN. A VPN is created between PE1 and PE2. CE1 and CE2 are added to the VPN. The network between CE1 and CE2 fails. You need to diagnose faults in the VPN. Figure 17-4 L3VPN networking example
MPLS Core Loopback0 192.2.2.2/32 POS2/0/0 10.1.1.1/24 PE1 GE1/0/0.1 GE1/0/0.1 100.1.1.1/24 POS1/0/0 10.1.1.2/24 P
VPNA
Loopback0 192.4.4.4/32
POS2/0/0 10.2.2.1/24
GE1/0/0.1 PE2
GE1/0/0.1 100.1.1.2/24
Issue 03 (2010-11-19)
17-19
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
Configuration Roadmap
1. 2. Create a test suite named VPN A. Create a test case according to segmentation and hierarchy. Figure 17-5 shows the process of diagnosing L3VPN faults.
Detect connectivity of the L3VPN service layer Check whether the route forwarding and the configuration of interfaces of AC links from PE to CE1 and from PE2 to CE2 are normal
No
Yes
Detect connectivity of the LSP bearing layer The fault occurs in the PE1PE2 segment in the L3VPN Check whether the configuration of L3VPN interfaces and the route forwarding are normal
Yes
Use the TraceRoute(LSP)tool to decide the network segment where the LSP fault occurs and troubleshoot the fault
No Use the TraceRoute(ICMP)tool to decide the network segment where the L3VPN fault occurs and troubleshoot the fault End
17-20
Issue 03 (2010-11-19)
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
NOTE
17 Diagnosis Management
l Yes: indicates that the test result is Connected. l No: indicates that the test result is Disconnected.
(1) Create the test cases of various service layers according to the service bearing relationship of the L3VPN. According to the operation results of the test cases of various service layers, you can determine the layer where the fault occurs. In this example, you need to create ICMP ping (VRF) test cases of the AC between PE1 and CE1 and the AC between PE2 and CE2, to test the connectivity of ACs in the L3VPN. If the AC is abnormal, check the configurations on the interfaces at both ends of the AC to locate the fault. If the AC is normal, create a test case named ICMP ping (VRF) to detect the link between PE1 and PE2. If the link from PE1 to PE2 is abnormal, you need to detect the connectivity of the LSP between PE1 and PE2 through hierarchical diagnosis. Create an LSP ping test case for the LSP between PE1 and PE2. If the LSP is normal, you can determine that the services at the upper layer are abnormal. If the LSP is abnormal, you can continue to check whether public network routes are normal. Using this method, you can determine the exact layer where the fault occurs. (2) Use the Trace Route tool to troubleshoot the fault segment by segment. Use the Trace Route tool (ICMP trace (VRF), LSP trace, and ICMP trace) provided for various service layers to probe the link between PE1 to PE2. If the link can be probed, you can determine the layer where the fault occurs according to the comparison of the detected path and the transmission path with normal services. Then, locate the fault through further detection of the corresponding nodes. If the link path cannot be probed because of reasons such as route convergence, you can locate the fault segment by segment. If the fault still cannot be located, you can seek technical support. 3. Run a test suite, view the test result, and locate the fault.
NOTE
You can create and run test cases step by step as required. You do not need to run test cases after all of them are created.
Data Preparation
l l Name of a test suite Names of test cases
Procedure
1 Create a test suite. 1. 2. 3. 4. Choose Fault > Test Suite from the main menu. The Test Suite tab page is displayed. On the Test Suite tab page, click Create. In the Create Test Suite dialog box, set Name to VPNA and Description to VPNA_Diag. Click OK.
17 Diagnosis Management
iManager U2000 Unified Network Management System Operation Guide for Multi-service Control Gateway NE Management
1. 2. 3.
Create an ICMP VRF ping test case named PE1_CE1_ICMP_VRF with PE1 serving as the source equipment and CE1 serving as the destination equipment. Create an ICMP VRF ping test case named PE2_CE2_ICMP_VRF with PE2 serving as the source equipment and CE2 serving as the destination equipment. Run the test cases PE1_CE1_ICMP_VRF and PE2_CE2_ICMP_VRF. l If the test result is Disconnected, it indicates that the AC is faulty. Check whether the route forwarding and the configurations of interfaces on the ACs between PE1 and CE1 and between PE2 and CE2 are normal. l If the test result is Connected, perform 2.4.
4.
Create an ICMP VRF ping test case named PE1_PE2_ICMP_VR with PE1 serving as the source equipment and PE2 serving as the destination equipment. Run the test case. l If the test result is Disconnected, perform 3 to detect the connectivity of the LSP bearing layer. l If the test result is Connected, it indicates that the L3VPN is normal and the fault may occur at the user side. Create an MTU test case from CE1 to CE2. Then, check whether the fault is caused by the improper MTU at the user side.
3 Detect the connectivity of the LSP bearing layer. 1. 2. Create an LSP ping test case named PE1_PE2_LSP with PE1 serving as the source equipment and PE2 serving as the destination equipment. Run the test case. l If the test result is Disconnected, perform 4. l If the test result is Connected, it indicates that a fault occurs on the network segment between PE1 and PE2 of the L3VPN. You can check whether the configurations of the L3VPN interfaces and the route forwarding are correct. 4 Detect the connectivity of public network routes. 1. 2. Create an ICMP ping test case named PE1_PE2_ICMP with PE1 serving as the source equipment and PE2 serving as the destination equipment. Run the test case. l If the test result is Disconnected, it indicates that the connectivity of the L3VPN is abnormal. You can use the Trace Route (ICMP) tool to locate the fault. l If the test result is Connected, it indicates that the public network LSP is abnormal. You can use the Trace Route (LSP) tool to locate the exact segment of the LSP where the fault occurs. 5 After the fault is located, rectify it. ----End
17-22
Issue 03 (2010-11-19)