When taking into consideration that default settings are invisible in a configuration file, it is a good information that Huawei’s S3700/S5700 switches have such possibility to display default settings for ethernet interfaces. The ‘display this include-default’ command displays the effective configurations in the current view, including the unchanged default configurations.

[labnario-Ethernet0/0/1]display this include-default 
#
interface Ethernet0/0/1
 portswitch
 undo shutdown
 enable snmp trap updown
 undo set flow-stat interval
 undo qinq vlan-translation enable
 undo mac-address learning disable
 port priority 0
 port link-type hybrid
 port hybrid pvid vlan 1
 port hybrid untagged vlan 1
 qinq protocol 8100
 undo loopback-detect enable
 stp enable
 undo stp config-digest-snoop
 undo stp no-agreement-check
 undo stp root-protection
 undo stp loop-protection
 stp transmit-limit 147
 stp point-to-point auto
 stp compliance auto

 stp instance 0 port priority 128
 undo port mux-vlan enable
 undo mac-vlan enable
 undo ip-subnet-vlan enable
 undo rmon-statistics
 undo smart-link flush receive
 undo smart-link vll-notify enable
 undo ntdp enable
 undo ndp enable
 bpdu enable
 undo portal local-server enable
 undo dot1x enable
 dot1x max-user 256
 dot1x port-control auto
 dot1x port-method mac
 undo dot1x reauthenticate
 undo authentication critical eapol-success
 authentication max-reauth-req 20
 undo mac-authen
 mac-authen max-user 256
 mac-authen reauthenticate
 undo authentication open
 undo port-auto-sleep enable
 undo port-security enable
 undo qinq vlan-translation miss-drop
 undo port discard tagged-packet
 mac-learning priority 0
 undo mac-address flapping trigger error-down
 undo mac-address flapping trigger quit-vlan
 jumboframe enable 9216
 undo set flow-statistics include-interframe
 trap-threshold input-rate 100 resume-rate 100
 trap-threshold output-rate 100 resume-rate 100
 log-threshold input-rate 100 resume-rate 100
 log-threshold output-rate 100 resume-rate 100
 trap-threshold error-statistics 3 interval 10
 carrier up-hold-time 2000
 carrier down-hold-time 0
 undo port link-flap protection enable
 qos wrr
 qos queue 0 wrr weight 1
 qos queue 1 wrr weight 1
 qos queue 2 wrr weight 1
 qos queue 3 wrr weight 1
 qos queue 4 wrr weight 1
 qos queue 5 wrr weight 1
 qos queue 6 wrr weight 1
 qos queue 7 wrr weight 1
 trust 8021p outer
 undo dei enable
 qos phb marking enable
 undo arp anti-attack rate-limit enable
 undo arp-miss anti-attack rate-limit enable
 undo arp anti-attack check user-bind enable
 undo ip source check user-bind enable
 unicast-suppression 100
 multicast-suppression 100
 broadcast-suppression 100
 storm-control interval 5
 port type nni
 undo nd snooping enable
 undo nd snooping trusted
 undo dhcpv6 remote-id insert enable
 undo dhcpv6 remote-id rebuild enable

This command is supported in V100R006C03 and V200R001 software versions.

Let’s add some configuration to the interface:

[labnario-Ethernet0/0/1]display this
#
interface Ethernet0/0/1
#
return
[labnario-Ethernet0/0/1]port link-type access 
[labnario-Ethernet0/0/1]port default vlan 100
[labnario-Ethernet0/0/1]display this
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 100
#
return

Now use ‘display this include-default‘ command again:

[labnario-Ethernet0/0/1]dis th include-default 
#
interface Ethernet0/0/1
 portswitch
 undo shutdown
 enable snmp trap updown
 undo set flow-stat interval
 undo qinq vlan-translation enable
 undo mac-address learning disable
 port priority 0
 port link-type access
 port default vlan 100
 qinq protocol 8100
 undo loopback-detect enable
 stp enable
 undo stp config-digest-snoop
 undo stp no-agreement-check
 undo stp root-protection
 undo stp loop-protection
 stp transmit-limit 147
 stp point-to-point auto
 stp compliance auto
 stp instance 0 port priority 128
 undo port mux-vlan enable
 undo mac-vlan enable
 undo ip-subnet-vlan enable
 undo rmon-statistics
 undo smart-link flush receive
 undo smart-link vll-notify enable
 undo ntdp enable
 undo ndp enable
 bpdu enable
 undo portal local-server enable
 undo dot1x enable
 dot1x max-user 256
 dot1x port-control auto
 dot1x port-method mac
 undo dot1x reauthenticate
 undo authentication critical eapol-success
 authentication max-reauth-req 20
 undo mac-authen
 mac-authen max-user 256
 mac-authen reauthenticate
 undo authentication open
 undo port-auto-sleep enable
 undo port-security enable
 undo qinq vlan-translation miss-drop
 undo port discard tagged-packet
 mac-learning priority 0
 undo mac-address flapping trigger error-down
 undo mac-address flapping trigger quit-vlan
 jumboframe enable 9216
 undo set flow-statistics include-interframe
 trap-threshold input-rate 100 resume-rate 100
 trap-threshold output-rate 100 resume-rate 100
 log-threshold input-rate 100 resume-rate 100
 log-threshold output-rate 100 resume-rate 100
 trap-threshold error-statistics 3 interval 10
 carrier up-hold-time 2000
 carrier down-hold-time 0
 undo port link-flap protection enable
 qos wrr
 qos queue 0 wrr weight 1
 qos queue 1 wrr weight 1
 qos queue 2 wrr weight 1
 qos queue 3 wrr weight 1
 qos queue 4 wrr weight 1
 qos queue 5 wrr weight 1
 qos queue 6 wrr weight 1
 qos queue 7 wrr weight 1
 trust 8021p outer
 undo dei enable
 qos phb marking enable
 undo arp anti-attack rate-limit enable
 undo arp-miss anti-attack rate-limit enable
 undo arp anti-attack check user-bind enable
 undo ip source check user-bind enable
 unicast-suppression 100
 multicast-suppression 100
 broadcast-suppression 100
 storm-control interval 5
 port type nni
 undo nd snooping enable
 undo nd snooping trusted
 undo dhcpv6 remote-id insert enable
 undo dhcpv6 remote-id rebuild enable
#
return

As you can see, the command shows both manually configured and default settings.

What if you want to come back to the previous settings (default):

• Delete configuration one by one:

[labnario-Ethernet0/0/1]undo port default vlan 
[labnario-Ethernet0/0/1]undo port link-type

• Perform one-touch configuration clearance on an interface:

[labnario]clear configuration interface Ethernet 0/0/1 
Warning: All configurations of the interface will be cleared, and its state will
 be shutdown. Continue? [Y/N] :y
Info: Total execute 2 command(s), 2 successful, 0 failed.

[labnario]dis cu int eth 0/0/1
#
interface Ethernet0/0/1
 shutdown
#
return

All configuration has been deleted. Note that interface went to ‘shutdown‘ state.

Network Time Protocol (NTP) is one of the oldest Internet protocols. It is used for clock synchronization between computer systems over packet-switched data networks.  Because it was designed to operate in variable-latency environment, NTP can achieve up to 1 millisecond accuracy in local area networks and tens of milliseconds when running over the Internet. NTP can be a very useful tool especially, when we want to correlate issues during network failures.

It is important to remember that NTP uses hierarchical system of levels of clock sources, which is called a stratum.

At the top of this hierarchy we have a stratum-0 devices, which act as a reference clocks. These are usually atomic clocks which has little or no delay associated with it. The reference clock typically synchronizes to the correct time (UTC) using GPS, Irig-B, etc.

Devices which are directly connected (usually via RS-232, not over a network path) to the stratum-0 servers are called stratum-1 servers. Stratum-2 server is connected to the stratum-1 server over a network path. Thus, a stratum-2 server gets its time via NTP protocol from a stratum-1 server. A stratum-3 server gets its time via NTP from stratum-2 server, and so on.

So the stratum level simply defines its distance from the reference clock.

How to configure NTP on Huawei devices?

Look at the lab topology:

We want to configure our devices:

• Labnario1 router to be the NTP Server with the stratum being 2.
• Labnario2 router to be the NTP Client of labnario1.
• Labnario3 router to be the NTP Client of labnario1. In case of the serial link failure, Labnario3 should synchronize its clock with labnario2.

Let’s start with labnario1:

[labnario1]display ntp-service status
 clock status: synchronized 
 clock stratum: 2 
 reference clock ID: LOCAL(0)
 nominal frequency: 64.0000 Hz 
 actual frequency: 64.0000 Hz 
 clock precision: 2^7
 clock offset: 0.0000 ms 
 root delay: 0.00 ms 
 root dispersion: 26.49 ms 
 peer dispersion: 10.00 ms 
 reference time: 19:09:07.422 UTC Nov 11 2012(D44A7653.6C189374)
 synchronization state: clock synchronized

Now we can configure labnario2 to be the NTP client of labnario1:

[labnario2]ntp-service unicast-server 192.168.0.1

[labnario2]display ntp-service status
 clock status: synchronized 
 clock stratum: 3 
 reference clock ID: 192.168.0.1
 nominal frequency: 64.0000 Hz 
 actual frequency: 64.0000 Hz 
 clock precision: 2^7
 clock offset: 7.6511 ms 
 root delay: 15.63 ms 
 root dispersion: 75.03 ms 
 peer dispersion: 34.30 ms 
 reference time: 19:11:28.156 UTC Nov 11 2012(D44A76E0.28189374)
 synchronization state: clock synchronized

As you can see, labnario2 treats labnario1 as a reference clock and has a clock stratum of 3. This means that it is one level below labnario1 in the NTP hierarchy. Let’s look how this association works.

This type of association is created upon arrival of a client request message and exists only in order to reply to the request, after which the association is dissolved. Labnario2 is in client mode in its association with labnario1.

Let’s configure labnario3:

[labnario3]ntp-service unicast-server 150.100.0.1
[labnario3]ntp-service unicast-peer 172.16.0.2

[labnario3]display ntp-service status
 clock status: synchronized 
 clock stratum: 3 
 reference clock ID: 150.100.0.1
 nominal frequency: 64.0000 Hz 
 actual frequency: 64.0000 Hz 
 clock precision: 2^7
 clock offset: 6.8659 ms 
 root delay: 15.63 ms 
 root dispersion: 62.00 ms 
 peer dispersion: 34.29 ms 
 reference time: 19:16:58.312 UTC Nov 11 2012(D44A782A.50189374)
 synchronization state: clock synchronized

Labnario3 is now synchronized with labnario1. Let’s check what happens when labnario3 looses its connectivity with labnario1. To do this, I want to remove IP address configuration from serial interface of labnario1.

[labnario1]int s0/0/0
[labnario1-Serial0/0/0]undo ip address
[labnario1-Serial0/0/0]

Let’s check clock synchronization on labnario3 again:

Nov 11 2012 20:28:42-08:00 labnario3 %%01NTP/4/SOURCE_LOST(l)[0]:System synchronization source lost. (SourceAddress=150.100.0.1, Reason=Clock selection failed - no selectable clock)

Nov 11 2012 20:29:27-08:00 labnario3 %%01NTP/4/PEER_SELE(l)[1]:The peer selected by the system is 172.16.0.2.

Nov 11 2012 20:29:27-08:00 labnario3 %%01NTP/4/STRATUM_CHANGE(l)[3]:System stratum changes from 16 to 4. (SourceAddress=172.16.0.2)

[labnario3]display ntp-service status
 clock status: synchronized 
 clock stratum: 4 
 reference clock ID: 172.16.0.2
 nominal frequency: 64.0000 Hz 
 actual frequency: 64.0000 Hz 
 clock precision: 2^7
 clock offset: 0.0000 ms 
 root delay: 15.63 ms 
 root dispersion: 107.43 ms 
 peer dispersion: 80.96 ms 
 reference time: 19:34:48.922 UTC Nov 11 2012(D44A7C58.EC189374)
 synchronization state: clock synchronized

Now labnario3 takes its time from labnario2. As a result, clock stratum has changed to 4. This is because now we have one hop count more to labnario1 after topology change.

Let’s look at the association between labnario3 and labnario2 a little bit closer. Labnario3 is now configured in symmetric active mode and labnario2 acts as a symmetric passive. Command ntp-service unicast-peer can be entered on either side of this association (but not on both sides). This is because Huawei devices are in NTP symmetric passive mode by default. Look at the packet capture how labnario3 exchanges NTP packets with labnario2:

Let’s bring serial connectivity between labnario1 and labnario3 back up and check labnario3 again:

Nov 11 2012 20:43:52-08:00 labnario3 %%01NTP/4/PEER_SELE(l)[4]:The peer selected by the system is 150.100.0.1.
Nov 11 2012 20:43:52-08:00 labnario3 %%01NTP/4/STRATUM_CHANGE(l)[5]:System stratum changes from 4 to 3. (SourceAddress=150.100.0.1)

[labnario3]display ntp-service status 
 clock status: synchronized 
 clock stratum: 3 
 reference clock ID: 150.100.0.1
 nominal frequency: 64.0000 Hz 
 actual frequency: 64.0000 Hz 
 clock precision: 2^7
 clock offset: 7.7026 ms 
 root delay: 15.63 ms 
 root dispersion: 55.84 ms 
 peer dispersion: 34.30 ms 
 reference time: 19:44:58.859 UTC Nov 11 2012(D44A7EBA.DC189374)
 synchronization state: clock synchronized

Labnario3 now synchronizes its clock with labnario1 again with a clock stratum of 3.

For NTP troubleshooting use the following commands:

<labnario3>debugging ntp-service ?
  access           Access control debugging functions
  adjustment       Clock adjustment debugging functions
  all              All debugging functions
  authentication   Identity authentication debugging functions
  event            Event debugging functions
  filter           Loop filtering information debugging functions
  packet           Packet debugging functions
  parameter        Clock parameter debugging functions
  refclock         Reference clock debugging functions
  selection        Clock selection information debugging functions
  synchronization  Clock synchronization information debugging functions
  validity         Validity test debugging functions

Just to inform you.

A new version of eNSP has been released.

Besides some features have been modified, new devices have been added to Huawei Network Simulation Platform (eNSP):

• Frame Relay switch
• Cloud device
• Hub.

To enable system debugging functions on Huawei’s device:

<labnario>debugging ?
  acl4                    ACL4 module
  acl6                    ACL6 module
  anti-attack             Specify anti-attack configurations
  application-apperceive  Set application-apperceive information
  arp                     ARP module
  arp-ping                ARP-ping
  arp-proxy               Arp proxy debugging functions
  atm                     ATM module
  bfd                     BFD module
  bgp                     BGP protocol
  bridge                  Bridge
  ce-ping                 Enable ce-ping debugging
  cfm                     CFM module
  cluster                 Cluster module
  ...

<labnario>debugging ip icmp

To send debugging information to terminal:

<labnario>terminal monitor
Info: Current terminal monitor is on.
<labnario>terminal debugging
Info: Current terminal debugging is on.

To display which debugging functions are enabled:

<labnario>display debugging
IP icmp debugging is on