Home - Labnario

from Huawei CLI – user-interface current

24 Feb, 2014 0

Sometimes we want to change any parameter of our current user interface quickly, let’s say terminal length or idle timeout, but we don’t know which user interface we are currently using. To check that we use display user-interface command. Then we try to find the “+” mark in the command output, which means that this is our current user interface. After that we have to go back to our user interface configuration and change its parameters. Why not to do that in a quicker manner?

[labnario]display user-interface
  Idx  Type     Tx/Rx      Modem Privi ActualPrivi Auth  Int
  0    CON 0    9600       -     15    -           P     -
  33   AUX 0    9600       -     0     -           P     -  	
 + 34   VTY 0              -     0     3           A     -  
 + 34   VTY 0              -     0     3           A     -
  35   VTY 1               -     0     -           A     -
  36   VTY 2               -     0     -           A     -
  37   VTY 3               -     0     -           A     -
  38   VTY 4               -     0     -           A     -
  50   VTY 16              -     15    -           A     -
  51   VTY 17              -     15    -           A     -
  52   VTY 18              -     15    -           A     -
  53   VTY 19              -     15    -           A     -
  54   VTY 20              -     15    -           A     -
UI(s) not in async mode -or- with no hardware support:
1-32
  +    : Current UI is active.
  F    : Current UI is active and work in async mode.
  Idx  : Absolute index of UIs.
  Type : Type and relative index of UIs.
  Privi: The privilege of UIs.
  ActualPrivi: The actual privilege of user-interface.
  Auth : The authentication mode of UIs.
      A: Authenticate use AAA.
      N: Current UI need not authentication.
      P: Authenticate use current UI's password.
  Int  : The physical location of UIs.

In case we want to change any parameter of our current user terminal interface, without checking which user interface we are using, “current” option for the user-interface command can be used.

Let’s look at VTY configuration:

[labnario]dis current-configuration configuration user-interface
#
user-interface vty 0 4
 authentication-mode aaa
 idle-timeout 15 0
 protocol inbound ssh

Now we can change configuration of current user-interface:

[labnario]user-interface current
[labnario-ui-vty0]screen-length 0
[labnario-ui-vty0]idle-timeout 20 0

[labnario-ui-vty0]dis this
#
user-interface vty 0
 authentication-mode aaa
 idle-timeout 20 0
 screen-length 0
 protocol inbound ssh
user-interface vty 1 4
 authentication-mode aaa
 idle-timeout 15 0
 screen-length 40
 protocol inbound ssh

BGP MED attribute on Huawei router

20 Feb, 2014 0

Some time ago I published article about BGP local preference attribute. Today I’d like to show you how to configure BGP MED attribute.

What is it for?

The multi-exit discriminator MED determines an optimal route for incoming traffic of an AS. When a BGP device obtains multiple routes to the same destination but with different next hops from EBGP peers, the BGP device selects the route with the smallest MED value as the optimal route. Simply saying, configuring MED attribute, we would like to show the next hop for traffic coming from EBGP peer. The MED attribute is exchanged only between two neighboring ASs. The AS that receives the MED attribute does not advertise it to any other ASs.

Let’s look at typical scenario for MED attribute configuration:

If you want to recall the BGP configuration, just go to “basic BGP in Huawei CLI” article.

What we want to do in this lab is to force Warsaw router to send traffic to network 4.4.4.4 through Krakow router. Of course we will use BGP MED attribute to achieve this.

Configure IGP for AS200:

[Wroclaw]dis cur config ospf
#
ospf 1
 area 0.0.0.0
  network 2.2.2.2 0.0.0.0
  network 150.1.1.0 0.0.0.3

[Krakow]dis cur config ospf
#
ospf 1
 area 0.0.0.0
  network 3.3.3.3 0.0.0.0
  network 150.2.2.0 0.0.0.3

[Lublin]dis cur config ospf
#
ospf 1
 area 0.0.0.0
  network 4.4.4.4 0.0.0.0
  network 150.1.1.0 0.0.0.3
  network 150.2.2.0 0.0.0.3

Configure IBGP and BGP:

[Warsaw]dis cur config bgp
#
bgp 100
 router-id 1.1.1.1
 peer 200.1.1.2 as-number 200
 peer 200.2.2.2 as-number 200
 #
 ipv4-family unicast
  undo synchronization
  network 1.1.1.1 255.255.255.255
  peer 200.1.1.2 enable
  peer 200.2.2.2 enable

[Wroclaw]dis cu config bgp
#
bgp 200
 router-id 2.2.2.2
 peer 3.3.3.3 as-number 200
 peer 3.3.3.3 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200
 peer 4.4.4.4 connect-interface LoopBack0
 peer 200.1.1.1 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local
  peer 4.4.4.4 enable
  peer 4.4.4.4 next-hop-local
  peer 200.1.1.1 enable

[Krakow]dis cur config bgp
#
bgp 200
 peer 2.2.2.2 as-number 200
 peer 2.2.2.2 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200
 peer 4.4.4.4 connect-interface LoopBack0
 peer 200.2.2.1 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 2.2.2.2 next-hop-local
  peer 4.4.4.4 enable
  peer 4.4.4.4 next-hop-local
  peer 200.2.2.1 enable

[Lublin]dis cur config bgp
#
bgp 200
 peer 2.2.2.2 as-number 200
 peer 2.2.2.2 connect-interface LoopBack0
 peer 3.3.3.3 as-number 200
 peer 3.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 3.3.3.3 enable

Configure Loopback100 on Lublin router and add its address 100.100.100.100/32 to BGP:

[Lublin]interface LoopBack 100
[Lublin-LoopBack100]ip add 100.100.100.100 32

[Lublin-bgp]ipv4-family unicast 
[Lublin-bgp-af-ipv4]network 100.100.100.100 255.255.255.255

View BGP routing table of Warsaw router:

<Warsaw>dis bgp routing-table

 BGP Local router ID is 1.1.1.1 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 3
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   1.1.1.1/32         0.0.0.0         0                     0      i
 *>   100.100.100.100/32 200.1.1.2                             0      200i
 *                       200.2.2.2                             0      200i

<Warsaw>dis bgp routing-table 100.100.100.100

 BGP local router ID : 1.1.1.1
 Local AS number : 100
 Paths:   2 available, 1 best, 1 select
 BGP routing table entry information of 100.100.100.100/32:
 From: 200.1.1.2 (2.2.2.2)
 Route Duration: 00h00m29s  
 Direct Out-interface: GigabitEthernet0/0/0
 Original nexthop: 200.1.1.2
 Qos information : 0x0
 AS-path 200, origin igp, pref-val 0, valid, external, best, select, active, pre 
255
 Advertised to such 2 peers:
    200.1.1.2
    200.2.2.2
 BGP routing table entry information of 100.100.100.100/32:
 From: 200.2.2.2 (3.3.3.3)
 Route Duration: 01h21m00s  
 Direct Out-interface: GigabitEthernet0/0/1
 Original nexthop: 200.2.2.2
 Qos information : 0x0
 AS-path 200, origin igp, pref-val 0, valid, external, pre 255, not preferred for
 router ID
 Not advertised to any peer yet

As you can see from the output, there are 2 valid routes to 100.100.100.100. The route with the next hop 200.1.1.2 is the optimal route, because of a smaller router ID. A default value of MED is 0.

Now we can set MED attribute for routes advertised by Wroclaw router to Warsaw:

[Wroclaw]route-policy med permit node 10
Info: New Sequence of this List.
[Wroclaw-route-policy] apply cost 200

[Wroclaw]bgp 200
[Wroclaw-bgp]ipv4-family unicast
[Wroclaw-bgp-af-ipv4]peer 200.1.1.1 route-policy med export

Look at BGP routing table of Warsaw router once again:

[Warsaw]dis bgp routing-table 

 BGP Local router ID is 1.1.1.1 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 3
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   1.1.1.1/32         0.0.0.0         0                     0      i
 *>   100.100.100.100/32 200.2.2.2                             0      200i
 *                       200.1.1.2       200                   0      200i

[Warsaw]dis bgp routing-table 100.100.100.100

BGP local router ID : 1.1.1.1
Local AS number : 100
Paths: 2 available, 1 best, 1 select
BGP routing table entry information of 100.100.100.100/32:
From: 200.2.2.2 (3.3.3.3)
Route Duration: 01h30m40s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 200.2.2.2
Qos information : 0x0
AS-path 200, origin igp, pref-val 0, valid, external, best, select, active, pre
255
Advertised to such 2 peers:
200.1.1.2
200.2.2.2
BGP routing table entry information of 100.100.100.100/32:
From: 200.1.1.2 (2.2.2.2)
Route Duration: 00h00m29s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 200.1.1.2
Qos information : 0x0
AS-path 200, origin igp, MED 200, pref-val 0, valid, external, pre 255, not pref
erred for MED
Not advertised to any peer yet

As you can see, the router with the next hop 200.2.2.2 is the optimal route to 100.100.100.100. It was chosen because of MED attribute (smaller MED = best route).

To be sure just use tracert command on Warsaw router:

<Warsaw>tracert -a 1.1.1.1 100.100.100.100

traceroute to 100.100.100.100(100.100.100.100), max hops: 30 ,packet length: 40,press CTRL_C to break

1 200.2.2.2 60 ms 50 ms 30 ms

2 150.2.2.2 80 ms 60 ms 60 ms

Anyway, traffic from Lublin router to Warsaw still goes through Wroclaw router:

<Lublin>tracert -a 100.100.100.100 1.1.1.1

traceroute to 1.1.1.1(1.1.1.1), max hops: 30 ,packet length: 40,press CTRL_C to break

1 150.1.1.1 50 ms 50 ms 40 ms

2 200.1.1.1 70 ms 60 ms 40 ms

At the end I have a question for you. Is it possible to compare MED attributes of routes, received from different EBGP peers? If yes, how to do this? Waiting for your comments.

assigning multiple IP addresses to network interface

17 Feb, 2014 0

Why might we want to assign multiple IP addresses to the same interface? The following are the most common scenarios:

hosts in the network segment use IP addresses on different networks
there are not enough host addresses on a logical network segment, suppose a /24 address space and 300 hosts

How to configure multiple IP addresses on Huawei devices?

Let’s configure a pair of routers connected via a Gigabit Ethernet link and use four different logical networks.

[labnarioR1]int gi 0/0/0
[labnarioR1-GigabitEthernet0/0/0]ip add 192.168.12.1 255.255.255.0
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.12.1 255.255.255.0 sub
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.22.1 255.255.255.0 sub
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.32.1 255.255.255.0 sub

[labnarioR2]int gi 0/0/0
[labnarioR1-GigabitEthernet0/0/0]ip add 192.168.12.2 255.255.255.0
[labnarioR2-GigabitEthernet0/0/0]ip add 10.0.12.2 255.255.255.0 sub
[labnarioR2-GigabitEthernet0/0/0]ip add 10.0.22.2 255.255.255.0 sub
[labnarioR2-GigabitEthernet0/0/0]ip add 10.0.32.2 255.255.255.0 sub

Now ping test can be done to check connectivity:

[labnarioR1-GigabitEthernet0/0/0]ping 192.168.12.2
  PING 192.168.12.2: 56  data bytes, press CTRL_C to break
    Reply from 192.168.12.2: bytes=56 Sequence=1 ttl=255 time=50 ms

[labnarioR1-GigabitEthernet0/0/0]ping 10.0.12.2
  PING 10.0.12.2: 56  data bytes, press CTRL_C to break
    Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=50 ms

[labnarioR1-GigabitEthernet0/0/0]ping 10.0.22.2
  PING 10.0.22.2: 56  data bytes, press CTRL_C to break
    Reply from 10.0.22.2: bytes=56 Sequence=1 ttl=255 time=50 ms

[labnarioR1-GigabitEthernet0/0/0]ping 10.0.32.2
  PING 10.0.32.2: 56  data bytes, press CTRL_C to break
    Reply from 10.0.32.2: bytes=56 Sequence=1 ttl=255 time=50 ms

indoor and outdoor Huawei ATN905

7 Feb, 2014 2

As you know I try to avoid products descriptions here, on this blog. But last time I had possibility to see ATN905 boxes, available in the indoor and outdoor types. You can install them in various environment. The application scenarios of ATN905 are divided into the small-cell base station bearer scenario and the Ethernet demarcation device (EDD) scenario.

Let’s look at the pictures of the two types of this router:

Outdoor ATN905 can be wall and pole mounted. Indoor ATN905 can be installed in outside premises, street cabinets, indoor cabinets or just on a desk.

And the next interesting box:

The APM30H is an outdoor cabinet with heat exchangers. It supports AC power supply and DC power distribution, and can provide a 7 U installation space for user devices.

I allowed myself to place pictures from Huawei ATN905 documentation in this post.

from Huawei CLI – check …

4 Feb, 2014 0

Very useful command, especially when you are preparing and executing upgrade of a software of Huawei carrier class devices, like NE40E and CX600. Let’s look what can be checked by this command:

<labnario>check ?
  hardware-compatibility  hardware compatibility
  startup                 Check the version of the resource file
  system-software         system-software
  version                 check version

I personally use “check hardware-compatibility” before all planned upgrades. During a preparation phase of an upgrade, you have to read software release notes, to be sure that all software and hardware components will be compatible with the new software. You can check hardware compatibility by the command, instead of searching software documents.

Imagine that you’ve just uploaded a new software to CFcard of a router. The new software is v600r006c00spc300.

<labnario>check hardware-compatibility v600r006c00spc300.cc
Slot#    BoardType        Result           Detail
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3        CR57LAXFB00      Compatible       NA
4        CR57LAXFB00      Compatible       NA
5        CR57EMGFB20      Compatible       NA
6        CR57EMGFB20      Compatible       NA
9        CR57SRU200A5     Compatible       NA
10       CR57SRU200A5     Compatible       NA
11       CR57SFU200C0     Compatible       NA
12       FRA200A          Compatible       NA
13       FRA200A          Compatible       NA

It’s very simple, isn’t it?

A second useful command before upgrade:

<labnario>check startup next
Main board:
Check startup software.......ok
Check configuration file.....ok
Check PAF....................ok
Check License................ok
Check Patch..................ok
PAF is fitted with startup software
License is fitted with startup software
Patch is fitted with startup software
Slave board:
Check startup software.......ok
Check configuration file.....ok
Check PAF....................ok
Check License................ok
Check Patch..................ok
PAF is fitted with startup software
License is fitted with startup software
Patch is fitted with startup software
Startup software in slave board is fitted with main board.

By this command we can check whether the next startup software is set properly.

Let’s look at the remaining options:

<labnario>check system-software v600r006c00spc300.cc
Info: Prepare to check system software cfcard:/v600r006c00spc300.cc, please wait..........
Info: System software CRC check OK!

<labnario>check version cfcard:/v600r006c00spc300.cc
Info: Software version match Ok!

I think these options don’t need any explanation.

You have to remember that this command is available from “user-view“.

Page 11 of 34« First...«9 101112 13 »20 30...Last »