Wednesday , September 20 2017
Home / Basic Configuration

Basic Configuration

connection to ssh server by stelnet and sftp

Today I would like to focus on SSH application. What I want to do is to configure SSH connection between two switches, using password and RSA authentication:

  • Connection between stelnet client and SSH server
  • Connection between SFTP client and SSH server.

Let’s look at the simple SSH topology:

Read More »

basic NTP configuration on Huawei devices

Network Time Protocol (NTP) is one of the oldest Internet protocols. It is used for clock synchronization between computer systems over packet-switched data networks.  Because it was designed to operate in variable-latency environment, NTP can achieve up to 1 millisecond accuracy in local area networks and tens of milliseconds when running over the Internet. NTP can be a very useful tool especially, when we want to correlate issues during network failures.

It is important to remember that NTP uses hierarchical system of levels of clock sources, which is called a stratum.

At the top of this hierarchy we have a stratum-0 devices, which act as a reference clocks. These are usually atomic clocks which has little or no delay associated with it. The reference clock typically synchronizes to the correct time (UTC) using GPS, Irig-B, etc.

Devices which are directly connected (usually via RS-232, not over a network path) to the stratum-0 servers are called stratum-1 servers. Stratum-2 server is connected to the stratum-1 server over a network path. Thus, a stratum-2 server gets its time via NTP protocol from a stratum-1 server. A stratum-3 server gets its time via NTP from stratum-2 server, and so on.

So the stratum level simply defines its distance from the reference clock.

How to configure NTP on Huawei devices?

Look at the lab topology:

Read More »

file system of Huawei NE40E

How to manage storage devices, directories and files on Huawei’s equipment?

I will try to introduce the file system based on NE40E routers.

NE40E, as most of carrier class Huawei’s devices, has two MPU boards. Each board is equipped with two CFcards. The first CFcard, inside the board, is used for storing software and configuration’s files. The second one, at the front panel of the board, stores log files. Some of Huawei’s devices use flash memory to store all necessary files.

The file system manages files and directories in the storage device by creating, deleting, modifying, renaming files or directories and displaying contents of the files.

Let’s do an example:

  1. Create labnario and huawei directories in CFcard.
  2. Copy log.log file from CFcard2 to labnario directory.
  3. Display this file.
  4. Rename this file with old_log.log.
  5. Compress it.
  6. Move old_log.log.zip file to huawei directory of the same CFcard.
  7. Delete this file from huawei directory.
  8. Restore the deleted file.
  9. Delete this file permanently.
  10. Delete huawei directory.

Read More »

from Huawei CLI – reset saved-configuration

reset saved-configuration

If you need to reconfigure a Huawei device and do not want to delete its configuration line by line, it is the fastest way to restore the device to the default configuration. Reset saved-configuration command does not delete the existing configuration file in storage device. It is required to restart the device to activate changes. Before reboot, the device compares the configuration file to be loaded at the next startup and existing file to be deleted. Finally the device:

  • loads the default configuration if both files are the same
  • deletes the configuration file in use if they are different
  • displays a message indicating that the configuration file does not exist if the configuration file to be deleted does not exist
<labnario> reset saved-configuration
The action will delete the saved configuration in the device.
The configuration will be erased to reconfigure. Continue? [Y/N]: y

Which configuration file is set as the “next startup saved-configuration file” you can check by the following command:

Read More »

Huawei basic user environment

As you already know you can assign a different privilege level for each user, configured on a Huawei device. How to configure local user and how to access Huawei device you can read in one of my previous posts.

user privilege level

Today I want to focus on the privilege level of local user. Each year lots of accidents in IP networks are caused by inexperienced employees. We can decrease the number of such accidents setting privilege level for local users, logging into network devices. Setting a lower privilege level for such employees increases networks’ safety. For more experienced engineers  we can either configure higher privilege level or set a super password, to let them to perform advanced operation.

Let’s assume that we have created a local user with the lowest priority:

#
local-user labnario password cipher &EU15O"Q3/;Q=^Q`MAF4<1!!
 local-user labnario service-type telnet
 local-user labnario level 0
#

Read More »