Wednesday , September 20 2017
Home / System Management

System Management

NAP – Neighbor Access Protocol

NAP is a Huawei proprietary protocol, which implements remote configuration in Layer 3 networks. It allows to log into an unconfigured device from a directly connected device. It is very simple and can be really helpful, when implementing new devices. NAP establishes a temporary neighbor relationship between configured and unconfigured devices. Both must be directly connected through a physical link. When NAP relationship is established, telnet can be done to the unconfigured device.

NAP relationship can be established in two different ways:

  • Automatically – using IP addresses allocated by the system
  • Statically – using IP addresses allocated by the administrator.

NAP cannot be used on interfaces, configured with commands affecting the IP address configuration or IP packet forwarding, such as commands related to VPNs or Ethernet trunks.

How to use NAP? Let’s assume that we have two switches as in the picture below:

Read More »

configuring SNMPv3 on Huawei devices

SNMPv1 and SNMPv2c protocols security model uses the community-based pseudo-authentication. That means that a password (called a community string) is sent in a clear text between a network management station and managed devices. Both SNMPv1 and v2c are subject to packet sniffing because they do not implement encryption. Security has been the biggest weakness of the SNMP since the beginning. More about SNMPv2c concepts, operation and configuration you can find at “SNMPv2c configuration on Huawei devices“.

What if we want SNMP to be used over a public network?

SNMPv3 can be implemented. It provides important security features, which are not available in both SNMPv1 and v2c:

  • Confidentiality – encryption of packets to prevent snooping by an unauthorized source
  • Integrity – to ensure that a packet has not been tampered while in transit using optional packet reply protection
  • Authentication – to verify that a packet comes from a valid source.

Read More »

bootrom update on Huawei S5300 switch

Some time ago I had a case with damaged file system on Huawei S5300 switch. It had been caused by power failure on one site. The switch was not able to decompress VRP software and rebooted itself all the time.

Copyright (c) 2008-2010 HUAWEI TECH CO., LTD.
(Ver107, Jan 18 2011, 22:52:53)

Press Ctrl+B to enter BOOTROM menu... 1
Update Epld file ............................ None
Decompressing VRP software ..................

Copyright (c) 2008-2010 HUAWEI TECH CO., LTD.
(Ver107, Jan 18 2011, 22:52:53)

Press Ctrl+B to enter BOOTROM menu... 1
Update Epld file ............................ None
Decompressing VRP software ..................

Read More »

new options in display elabel command

Some time ago I described how to display electronic labels. As you probably could see, the displayed information looked illegibly, especially for budding engineers.

Starting from V6R6 software of carrier class devices (like Huawei NE40E, CX600), it looks much better. You have all the information at a glance:

<labnario>display elabel brief
Slot     BoardType    BarCode                 Description
LPU 1    CR52LPUF40A  030KWD10AB000351        LPUF-40-A
  PIC 0  CR52L2XXN0   03675210A9000134        P40-2x10GBase LAN/WAN-XFP
  PIC 1  CR52L2XXN0   03675210A9000115        P40-2x10GBase LAN/WAN-XFP
LPU 2    CR52LPUF40A  030KWD10B7000867        LPUF-40-A
  PIC 0  CR52L2XXN0   03675210B7001018        P40-2x10GBase LAN/WAN-XFP
  PIC 1  CR52L2XXN0   03675210B7001188        P40-2x10GBase LAN/WAN-XFP
LPU 3    CR52LPUKD0   030KJY10A8000126        LPUF-21-A
  PIC 0  CR52L1XX0    030GSK10A9002012
  PIC 1  CR52L1XX0    030GSK10B7001228
LPU 7    CR52LPUKD0   030KJY10B1000383        LPUF-21-A
  PIC 0  CR52L1XX0    030GSK10A2001595
  PIC 1  CR52EBGF0    030GSH10B1000971
LPU 8    CR52LPUKD0   030KJY10CC001471        LPUF-21-A
  PIC 0  CR52L1XX0    030GSK10A2001005
  PIC 1  CR52EBGF0    030GSH10B1000795
MPU 9    CR57SRU40A4  030KSR10AA000258        SRUA4-40
MPU 10   CR57SRU40A4  030KSR10AA000175        SRUA4-40
SFU 11   CR57SFU40C0  030KSY10A9000472        SFUI-40-C
SFU 12
SFU 13

Read More »

from Huawei CLI – fixdisk

I’ve had only one case when I used this command and … full success.

Sometimes it can happen that the file system doesn’t work properly. When you run dir command, you can find the space, which usage status is unknown. The system prompts you that the file system should be restored. Then you can run fixdisk command to release the unknown space.

Notice that:

  • It is not recommended to use it when the file system works correctly.
  • It doesn’t help when physical medium is damaged.
  • Do not use it when CPU usage is high.
Lost chains in flash detected, please use fixdisk to recover them!
<labnario>fixdisk flash:
Fixdisk flash: will take long time if needed
%Fixdisk flash: completed.

Read More »