There is a new Huawei website that describes clearly Huawei certification track. Maybe some of you have already found it. For those, who are still looking for such information I am giving a direct link to official Huawei certification track.
I think this is useful news for those, who are interested in passing Huawei certification exams. It was not easy to find such information a few months ago.
It seems that Huawei started to treat its certification seriously.
OSPF virtual link is a tunnel that extends backbone area through a non-backbone area. It is interpreted by the router as unnumbered point-to-point network. Virtual links must be configured between two Area Border Routers. These ABRs are considered neighbours, by establishing the virtual link between them, although they are not linked physically. The transit area (the area through which the virtual link is configured) must have full routing information and cannot be a stub area.
Virtual links add complexity to a network and should be avoided. Use them only as a temporary fix to OSPF topology problem.
Virtual links are used for the following purposes:
How to configure OSPF virtual link using Huawei CLI? Please see commands below:
# ospf 1 area 1 network 192.168.3.1 0.0.0.0 network 192.168.4.2 0.0.0.0 vlink-peer 4.4.4.4 #
Area1 is the transit area through which the virtual link is established. Remember that vlink-peer command points to the ABR’s OSPF router ID, not the IP address of the interface connecting this ABR to the transit area.
OK, so now the idea of a virtual link implementation should be clear. If so, please try to answer the following question:
How many virtual links should be implemented, to overcome Area0 partitioning, on the following OSPF topology?
An answer will be published soon.
Read More »A new version of Huawei Enterprise Network Simulator eNSP was launched few days ago.
What new can we find?
Besides, a few bugs have been solved.
All details you can find at Huawei Support.
Generic Routing Encapsulation (GRE) is introduced to encapsulate packets. Then these packets can be transmitted over an IPv4 network. GRE provides a mechanism to encapsulate packets of one protocol into packets of another protocol. This allows packets to be transmitted over heterogeneous networks. GRE also provides tunnels to transparently transmit VPN packets. When a device receives a packet that needs to be encapsulated and routed, it adds a GRE header to the packet and encapsulates it into another protocol such as IP. The packet is then forwarded by the IP protocol.
Let’s try to configure GRE tunnel between labnario_1 and labnario_3. All packets sent from PC_1 to PC_2, and vice versa, will be transmitted through the GRE tunnel.
Assure communication between routers in the network. It is omitted here.
Create a tunnel interface with tunnel-protocol as GRE on both labnario_1 and labnario_3 routers. Assign IP address of tunnel interface and IP addresses of tunnel’s source and destination:
[labnario_1]interface Tunnel 0/0/0 [labnario_1-Tunnel0/0/0]ip address 10.0.0.1 255.255.255.0 [labnario_1-Tunnel0/0/0] tunnel-protocol gre [labnario_1-Tunnel0/0/0] source 150.0.0.1 [labnario_1-Tunnel0/0/0] destination 160.0.0.1 [labnario_3]interface Tunnel 0/0/0 [labnario_3-Tunnel0/0/0]ip address 10.0.0.2 255.255.255.0 [labnario_3-Tunnel0/0/0] tunnel-protocol gre [labnario_3-Tunnel0/0/0] source 160.0.0.1 [labnario_3-Tunnel0/0/0] destination 150.0.0.1
Configure static routing on labnario_1 and labnario_3 to PC_2 and PC_1 respectively, with GRE tunnel as outbound interface. This ensures that all traffic directed to those PCs will be going through GRE tunnel interface.
[labnario_1]ip route-static 172.16.10.0 255.255.255.0 Tunnel0/0/0 [labnario_3]ip route-static 172.16.0.0 255.255.255.0 Tunnel0/0/0
Check routing tables of both routers:
Labnario Huawei From Scratch
[labnario_1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.0.0/24 Direct 0 0 D 10.0.0.1 Tunnel0/0/0
10.0.0.1/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
150.0.0.0/24 Direct 0 0 D 150.0.0.1 GigabitEthernet0/0/0
150.0.0.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
160.0.0.0/24 OSPF 10 2 D 150.0.0.2 GigabitEthernet0/0/0
172.16.0.0/24 Direct 0 0 D 172.16.0.2 Ethernet0/0/0
172.16.0.2/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/0
172.16.10.0/24 Static 60 0 D 10.0.0.1 Tunnel0/0/0
[labnario_3]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.0.0/24 Direct 0 0 D 10.0.0.2 Tunnel0/0/0
10.0.0.2/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
150.0.0.0/24 OSPF 10 2 D 160.0.0.2 GigabitEthernet0/0/1
160.0.0.0/24 Direct 0 0 D 160.0.0.1 GigabitEthernet0/0/1
160.0.0.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
172.16.0.0/24 Static 60 0 D 10.0.0.2 Tunnel0/0/0
172.16.10.0/24 Direct 0 0 D 172.16.10.2 Ethernet0/0/0
172.16.10.2/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/0
Let’s check if traffic is going through GRE tunnel:
PC_1>ping 172.16.10.1 -t
Ping 172.16.10.1: 32 data bytes, Press Ctrl_C to break
From 172.16.10.1: bytes=32 seq=1 ttl=126 time=31 ms
From 172.16.10.1: bytes=32 seq=2 ttl=126 time=78 ms
From 172.16.10.1: bytes=32 seq=3 ttl=126 time=78 ms
From 172.16.10.1: bytes=32 seq=4 ttl=126 time=63 ms
From 172.16.10.1: bytes=32 seq=5 ttl=126 time=94 ms
From 172.16.10.1: bytes=32 seq=6 ttl=126 time=78 ms
From 172.16.10.1: bytes=32 seq=7 ttl=126 time=62 ms
From 172.16.10.1: bytes=32 seq=8 ttl=126 time=32 ms
From 172.16.10.1: bytes=32 seq=9 ttl=126 time=93 ms
From 172.16.10.1: bytes=32 seq=10 ttl=126 time=78 ms
--- 172.16.10.1 ping statistics ---
10 packet(s) transmitted
10 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/67/94 ms
[labnario_1]display interface Tunnel 0/0/0
Tunnel0/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2013-01-28 13:22:16 UTC-08:00
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.0.0.1/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 150.0.0.1 (GigabitEthernet0/0/0), destination 160.0.0.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2013-01-28 13:22:59-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
49 seconds input rate 136 bits/sec, 0 packets/sec
49 seconds output rate 136 bits/sec, 0 packets/sec
10 packets input, 840 bytes
0 input error
10 packets output, 840 bytes
0 output error
Input:
Unicast: 0 packets, Multicast: 0 packets
Output:
Unicast: 10 packets, Multicast: 0 packets
Input bandwidth utilization : --
Output bandwidth utilization : --
Use debugging for GRE verification:
<labnario_1>debugging tunnel ? all All debugging functions control Control debugging function error Error debugging function keepalive GRE keepalive debugging function packet Packet debugging function timer Timer debugging function <labnario_3>debugging tunnel all <labnario_3>t m Info: Current terminal monitor is on. <labnario_3>t d Info: Current terminal debugging is on. Jan 28 2013 12:25:04.340.3-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: Tunnel0/0/0-Out:GRE/IP encapsulated 150.0.0.1->160.0.0.1(len = 84). Jan 28 2013 12:25:04.340.4-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: GRE Transmit: Transmit packets through IP output sucessfully. Jan 28 2013 12:25:04.400.1-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD:GRE-Input: Src(160.0.0.1)/dest(150.0.0.1), length = 84. Jan 28 2013 12:25:04.400.2-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: Get packet without checksum. Jan 28 2013 12:25:04.400.3-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: Tunnel0/0/0-In: GRE decapsulated IP source(172.16.10.1)/destination(172.16.0.1)(len = 60). Jan 28 2013 12:25:04.400.4-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: Put packets into IP queue sucessfully. Jan 28 2013 12:25:05.400.1-08:00 labnario_1 TUNNEL/7/debug:GRE_FWD: GRE-Encapsulation: Mbuf length = 60 from Tunnel0/0/0 out.
Packet capture output from interface GE0/0/0 of labnario_1:
Final configs:
sysname labnario_1 # interface Ethernet0/0/0 ip address 172.16.0.2 255.255.255.0 # interface GigabitEthernet0/0/0 ip address 150.0.0.1 255.255.255.0 # interface Tunnel0/0/0 ip address 10.0.0.1 255.255.255.0 tunnel-protocol gre source 150.0.0.1 destination 160.0.0.1 # ospf 1 area 0.0.0.0 network 150.0.0.0 0.0.0.255 # ip route-static 172.16.10.0 255.255.255.0 Tunnel0/0/0 sysname labnario_2 # interface GigabitEthernet0/0/0 ip address 150.0.0.2 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 160.0.0.2 255.255.255.0 # ospf 1 area 0.0.0.0 network 150.0.0.0 0.0.0.255 network 160.0.0.0 0.0.0.255 sysname labnario_3 # interface Ethernet0/0/0 ip address 172.16.10.2 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 160.0.0.1 255.255.255.0 # interface Tunnel0/0/0 ip address 10.0.0.2 255.255.255.0 tunnel-protocol gre source 160.0.0.1 destination 150.0.0.1 # ospf 1 area 0.0.0.0 network 160.0.0.0 0.0.0.255 # ip route-static 172.16.0.0 255.255.255.0 Tunnel0/0/0Read More »
When PCs are in a different subnet than a DHCP server installed, DHCP Relay Agent can be used to forward DHCP requests from PCs to DHCP server. How to configure DHCP Relay Agent using Huawei CLI?
Let’s assume that we have the following topology:
We want our PC to acquire its IP address from the DHCP server configured on the labnarioR1 router. To do so, labnarioR2 should be configured as a DHCP Relay Agent to forward DHCP Requests and Offers between server and clients.
First, DHCP server should be configured. LabnarioR1 router will be configured to offer DHCP service for PC.
<labnarioR1>system-view Enter system view, return user view with Ctrl+Z. [labnarioR1] dhcp enable [labnarioR1] ip pool 1 [labnarioR1-ip-pool-1] gateway-list 172.16.1.1 [labnarioR1-ip-pool-1] network 172.16.1.0 mask 255.255.255.0 [labnarioR1-ip-pool-1] dns-list 150.100.15.1 150.100.15.2 [labnarioR1-ip-pool-1] domain-name labnario.com [labnarioR1-ip-pool-1] quit [labnarioR1]interface Ethernet0/0/0 [labnarioR1-Ethernet0/0/0]dhcp select global
If we want our labnarioR1 router to be able to forward DHCP packets to the PC, static route pointing labnarioR2 should be added:
[labnarioR1] ip route-static 172.16.1.0 255.255.255.0 150.100.12.2
Now labnarioR2 router can be configured to act as a DHCP Relay Agent for 172.16.1.0/24 subnet. Do not forget to enable DHCP service! This step is required on both DHCP Server and Relay.
[labnarioR2]dhcp enable [labnarioR2-dhcp-server-group-1]quit [labnarioR2]interface Ethernet0/0/1 [labnarioR2-Ethernet0/0/1] dhcp select relay [labnarioR2-Ethernet0/0/1] dhcp relay server-ip 150.100.12.1
Let’s check if our PC can acquire IP address:
PC>ipconfig -r
Discover...
Request...
IP: 172.16.1.254
Subnet Mask: 255.255.255.0
Gateway: 172.16.1.1
PC>ipconfig
IPv4 address......................: 172.16.1.254
Subnet mask.......................: 255.255.255.0
Gateway...........................: 172.16.1.1
Physical address..................: 00-0B-09-CF-EB-58
DNS server........................: 150.100.15.1
150.100.15.2
As you see, our DHCP Relay Agent works fine.
How to verify DHCP Relay Agent operation?
[labnarioR2]display dhcp statistics Input: total 687 packets, discarded 0 packets Bootp request : 0, Bootp reply : 0 Discover : 678, Offer : 3 Request : 3, Ack : 3 Release : 0, Nak : 0 Decline : 0, Inform : 0 Output: total 12 packets, discarded 0 packets
As you see above, there are DHCP Request and Offer counters, which can be helpful during DHCP troubleshooting.
Below DHCP Relay configuration summary command:
[labnarioR2]display dhcp relay all DHCP relay agent running information of interface Ethernet0/0/1 : Server IP address [01] : 150.100.12.1 Gateway address in use : 172.16.1.1
For debugging use the following commands:
<labnarioR2>debugging dhcp relay packet <labnarioR2>debugging dhcp relay event <labnarioR2>terminal debugging <labnarioR2>terminal monitor
Look at the debugging output. It shows packet exchange between DHCP client and server. Great commands when troubleshooting DHCP Relay Agent.
<labnarioR2> Jan 24 2013 15:45:52.710.1-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Receives DH CP DISCOVER message from interface Ethernet0/0/1.(sip:0.0.0.0, dip:255.255.255.2 55, vpn:0) Jan 24 2013 15:45:52.710.2-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Relay packe t to server 150.100.12.1. Jan 24 2013 15:45:52.740.2-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Receives DH CP OFFER message from interface Ethernet0/0/0.(sip:150.100.12.1, dip:172.16.1.1, vpn:0) Jan 24 2013 15:45:52.740.3-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Unicast DHC P OFFER to client. (Chaddr=000b-09cf-eb58, Ciaddr=172.16.1.254) Jan 24 2013 15:45:55.200.1-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Receives DH CP REQUEST message from interface Ethernet0/0/1.(sip:0.0.0.0, dip:255.255.255.25 5, vpn:0) Jan 24 2013 15:45:55.200.2-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Relay packe t to server 150.100.12.1. Jan 24 2013 15:45:55.210.3-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Receives DH CP ACK message from interface Ethernet0/0/0.(sip:150.100.12.1, dip:172.16.1.1, v pn:0) Jan 24 2013 15:45:55.210.4-08:00 labnarioR2 DHCP/7/DEBUG:[dhcpr-pkt]:Unicast DHC P ACK to client. (Chaddr=000b-09cf-eb58, Ciaddr=172.16.1.254)
Some time ago I wrote about DHCP configuration. Just go to Huawei AR19/29/49 router DHCP configuration to read more.
Final configuration:
sysname labnarioR1 # dhcp enable # ip pool 1 gateway-list 172.16.1.1 network 172.16.1.0 mask 255.255.255.0 dns-list 150.100.15.1 150.100.15.2 domain-name labnario.com # interface Ethernet0/0/0 ip address 150.100.12.1 255.255.255.0 dhcp select global # ip route-static 172.16.1.0 255.255.255.0 150.100.12.2 # return sysname labnarioR2 # dhcp enable # interface Ethernet0/0/1 ip address 172.16.1.1 255.255.255.0 dhcp select relay dhcp relay server-ip 150.100.12.1 # returnRead More »