In my previous post I wrote about upgrade of Huawei S5300 switch. The question is, what to do if flash memory is too small to fit more than one software. As it was mentioned last time, you can format flash from bootrom menu and download a new software using FTP, from bootrom menu. In this post I will show you how to deal with this problem more smoothly. You can come up against this problem in Huawei S3328TP-SI switch, where flash capacity is 15MB. Let’s take it as an example.

<S3328>display version
Huawei Versatile Routing Platform Software
VRP (R) Software, Version 5.30 (S3328 V100R003C00SPC301)
Copyright (C) 2008-2009 Huawei Technologies Co., Ltd.
Quidway S3328TP-SI uptime is 0 day, 0 hour, 4 minutes

As you can see flash capacity is 15MB:

<S3328>dir
Directory of flash:/

   0   -rw-        61  Jan 01 2008 00:22:13   private-data.txt
   1   -rw-       660  Jan 01 2008 00:16:23   vrpcfg.zip
   2   -rw-       396  Jan 01 2008 00:12:06   hostkey
   3   -rw-   7068108  Jan 01 2008 00:20:12   s3328-v100r003c00spc301.cc
   4   -rw-       540  Jan 01 2008 00:12:11   serverkey
   5   -rw-    343712  Jan 01 2008 00:04:49   bootrom330.bin
   6  -rw-        60  Jan 01 2008 00:00:53   $_patchstate_a
   7  -rw-         4  Jan 01 2008 00:01:37   notilogindex.txt

14632 KB total (6268 KB free)

Now we want to upgrade the switch to S3328-V100R005C00SPC100 software version. Evidently the flash is too small to fit this software. So we are trying to delete the old software:

<S3328>delete /unreserved /s3328-v100r003c00spc301.cc
Error: Invalid operation, this is system startup file.

As we expected this is not possible to delete system startup file:

<S3328>display startup
[Unit 0]:
MainBoard:
  Configed startup system software:          flash:/s3328-v100r003c00spc301.cc
  Startup system software:                       flash:/s3328-v100r003c00spc301.cc
  Next startup system software:                flash:/s3328-v100r003c00spc301.cc
  Startup saved-configuration file:              flash:/vrpcfg.zip
  Next startup saved-configuration file:       flash:/vrpcfg.zip
  Startup license file:                               NULL
  Next startup license file:                        NULL
  Startup patch package:                         NULL
  Next startup patch package:                  NULL

How can we manage with it? Go to hidden mode of S3300 and type the following command:

[S3328]_hide
Password:
Now you enter a hidden command view for developer's testing, some commands may
affect operation by wrong use, please carefully use it with engineer's
direction.
[S3328-hidecmd]undo startup system-software

This command causes that system software file is not set as startup file, what then makes it possible to delete it from flash:

<S3328>display startup
[Unit 0]:
MainBoard:
  Configed startup system software:          NULL
  Startup system software:
  Next startup system software:                NULL
  Startup saved-configuration file:             flash:/vrpcfg.zip
  Next startup saved-configuration file:      flash:/vrpcfg.zip
  Startup license file:                               NULL
  Next startup license file:                        NULL
  Startup patch package:                         NULL
  Next startup patch package:                  NULL

<S3328>delete /unreserved s3328-v100r003c00spc301.cc
The contents cannot be recycled!!! Delete flash:/s3328-v100r003c00spc301.cc?[Y/N]:y
%Deleting file flash:/s3328-v100r003c00spc301.cc...
Jan  1 2008 00:28:14 Quidway %%01VFS/4/DEL_UNRSV(l): When deciding whether to permanently delete file flash:/s3328-v100r003c00spc301.cc, the user chose Y.
Deleting file permanently from flash will take a long time if needed...............................................Done!

Then follow upgrade procedure, described in my previous post to download the new software and upgrade the switch.

Any time you want to upgrade huawei’s device you have 2 methods to do this. The first of them is to use CLI (command line interface), the second is to use bootrom menu. Using CLI is the most popular method. You can configure FTP server on the device and use your PC as FTP client or install FTP server on your PC and treat the device as FTP client. Anyway, you can use TFTP or serial (slow connection) instead of FTP. Sometimes it is not possible to get CLI because there is a problem with software file. It is damaged or does not exist. In this case we can use bootrom menu to download a new software and upgrade the device. Let’s take S5300 as an example.

Upgrade of Huawei S5300 switch from CLI

Huawei S5300 as FTP server:

#
FTP server enable
#
local-user labnario password simple labnario
local-user labnario privilege level 15
local-user labnario ftp-directory flash:
local-user labnario service-type ftp
#
interface MEth0/0/1
 ip address 192.168.0.20 255.255.255.0
#

S5300 as FTP client:

<Quidway>ftp 192.168.0.22
Trying 192.168.0.22 ...
Press CTRL+K to abort
Connected to 192.168.0.22.
220 3Com FTP Server Version 1.1
User(192.168.0.22:(none)):huawei
331 User name ok, need password
Enter password:
230 User logged in

[ftp]dir
200 PORT command successful.
150 File status OK ; about to open data connection
---------- 1 owner group    327968 Sep 21 10:40 bootrom104.bin
---------- 1 owner group  11050836 Sep 21 10:40 S5300EI-V100R005C00SPC100.cc
226 Closing data connection
FTP: 1000 byte(s) received in 1.280 second(s) 781.25byte(s)/sec.

[ftp]binary
200 Type set to I.

[ftp]get S5300EI-V100R005C00SPC100.cc

Display all files stored in S5300 flash:

<Quidway>dir
Directory of flash:/

  Idx  Attr     Size(Byte)  Date        Time       FileName
    0  -rw-        106,936  Oct 01 2008 00:08:11   matnlog.dat
    1  -rw-      5,169,809  Oct 01 2008 00:05:18   log.log
    2  -rw-            102  Oct 09 2008 16:27:17   $_patchstate_a
    3  -rw-      7,369,844  Oct 01 2008 00:01:06   SV100R002C02B093_for_5300.cc
    4  -rw-     11,050,836  Oct 01 2008 00:02:26   S5300EI-V100R005C00SPC100.cc
    5  -rw-        327,968  Oct 01 2008 00:50:21   bootrom104.bin
    6  -rw-          4,086  Oct 01 2008 00:51:42   vrpcfg.cfg
    7  -rw-             28  Oct 01 2008 00:07:04   private-data.txt

30,008 KB total (6,504 KB free)

Set the new software as startup software:

<Quidway>startup system-software S5300EI-V100R005C00SPC100.cc
Info: Succeeded in setting the software for booting system.
display startup
MainBoard:
  Configured startup system software:        flash:/SV100R002C02B093_for_5300.cc
  Startup system software:                   flash:/SV100R002C02B093_for_5300.cc
  Next startup system software:              flash:/s5300ei-v100r005c00spc100.cc
  Startup saved-configuration file:          flash:/vrpcfg.cfg
  Next startup saved-configuration file:     flash:/vrpcfg.cfg
  Startup paf file:                          NULL
  Next startup paf file:                     NULL
  Startup license file:                      NULL
  Next startup license file:                 NULL
  Startup patch package:                     NULL
  Next startup patch package:                NULL

The last task is to restart the switch:

<Quidway>reboot

Upgrade of S5300 from bootrom menu

Sometimes it is necessary to upgrade bootrom, before of software upgrade. You can do this directly from bootrom menu.

To enter bootrom menu power on or reboot the switch

Enter the bootrom menu by Ctrl+B, default bootrom password for S5300 is huawei.

BIOS LOADING ...
Copyright (c) 2008-2010 HUAWEI TECH CO., LTD.
(Ver104, Aug 17 2010, 16:50:12)

Press Ctrl+B to enter BOOTROM menu... 1
password:
          BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7): 2

          SERIAL  SUBMENU

    1. Update BOOTROM system
    2. Download file to Flash through serial interface
    3. Modify serial interface parameter
    4. Return to main menu

Enter your choice(1-4): 1

Please select file.
XMODEM downloading ...CC

After bootrom upgrade we can start upgrading software. The first task is to download necessary software from FTPserver. The whole procedure below:

BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7): 4

          ETHERNET  SUBMENU

    1. Download file to SDRAM through ethernet interface and reboot the system
    2. Download file to Flash through ethernet interface
    3. Modify ethernet interface boot parameter
    4. Return to main menu

Be sure to select 3 to modify boot parameter before downloading!
Enter your choice(1-4): 3

          BOOTLINE  SUBMENU

    1. Set TFTP protocol parameters
    2. Set FTP protocol parameters
    3. Return to ethernet menu

Enter your choice(1-3): 2

'.' = clear field;  '-' = go to previous field;  ^D = quit
Load File name      : S5300EI-V100R005C00SPC100.cc S5300EI-V100R005C00SPC100.cc
Switch IP address   : 192.168.0.20
Server IP address   : 192.168.0.22
FTP User Name       : huawei
FTP User Password   : huawei

Starting to write BOOTLINE into flash ... done

          BOOTLINE  SUBMENU

    1. Set TFTP protocol parameters
    2. Set FTP protocol parameters
    3. Return to ethernet menu

Enter your choice(1-3): 3

          ETHERNET  SUBMENU

    1. Download file to SDRAM through ethernet interface and reboot the system
    2. Download file to Flash through ethernet interface
    3. Modify ethernet interface boot parameter
    4. Return to main menu

Enter your choice(1-4): 2

boot device          : mottsec
unit number          : 0
processor number     : 0
host name            : host
file name            : S5300EI-V100R005C00SPC100.cc
inet on ethernet (e) : 192.168.0.20
host inet (h)        : 192.168.0.22
user (u)             : huawei
ftp password (pw)    : huawei
flags (f)            : 0x0
target name (tn)     : V1R5SPC100.cc

Attached TCP/IP interface to mottsec0.
Warning: no netmask specified.
Attaching network interface lo0... done.
Loading...
Read file to sdram .............Done

After the new software is downloaded we can set the new software as startup software:

BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7): 3

       Startup Configuration Submenu

    1. Display startup configuration
    2. Modify startup configuration
    3. Return to main menu

Enter your choice(1-3): 1
Current startup configuration
  startup type      : Flash
  startup file      : s5300ei-v100r005c00spc100.cc
  configuration file: vrpcfg.cfg
  license file      :
  patch package     :

Last time startup state : Success
Latest successful startup configuration
  startup file      : S5300EI-V100R005C00SPC100.cc
  configuration file: vrpcfg.cfg
  license file      :
  patch package     :

       Startup Configuration Submenu

    1. Display startup configuration
    2. Modify startup configuration
    3. Return to main menu

Enter your choice(1-3): 2

Note: startup file field can not be cleared
'.'=clear field; '^D'=quit; Enter=use current configuration

startup type(1: Flash  2: Server)
  current: 1
  new    : 1

Flash startup file (can not be cleared)
  current: SV100R002C02B093_for_5300.cc
  new    : s5300ei-v100r005c00spc100.cc

saved-configuration file
  current: vrpcfg.cfg
  new    : vrpcfg.cfg

license file
  current:
  new    :

patch package
  current:
  new    :

       Startup Configuration Submenu

    1. Display startup configuration
    2. Modify startup configuration
    3. Return to main menu

Enter your choice(1-3): 3

          BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7): 7

If you choose 5 you will enter filesystem submenu. From this level you can display files stored in flash and execute some operation on these files. Sometimes it is very usefull if you do not have enough space in flash to download a new software. In this case you can format flash and then follow procedure of software downloading from bootrom menu. I had such case for example on S3300 switch where flash memory has not enough space to store 2 software versions.

 BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7): 5

         FILESYSTEM SUBMENU

    1. Erase Flash
    2. Format flash
    3. Delete file from Flash
    4. Rename file from Flash
    5. Display Flash files
    6. Update EPLD file
    7. Update FPGA file
    8. Update FansCard File
    9. Return to main menu

Enter your choice(1-9):

It is also possible to enter boot-up diag submenu by using Ctrl+E shortcut 😉

BOOTROM  MENU

    1. Boot with default mode
    2. Enter serial submenu
    3. Enter startup submenu
    4. Enter ethernet submenu
    5. Enter filesystem submenu
    6. Modify BOOTROM password
    7. Reboot

Enter your choice(1-7):

                     BOOT-UP DIAG MENU

   1. Sdram Test                 2. Flash Test
   3. Epld Test                  4. Temperature Test
   5. RTC Test                   6. Show system information
   7. Aging Test                 8. E-Label Barcode and MAC Test
   9. Reserved                  10. Reserved
  11. Reserved                  12. Return MainMenu
Enter your choice(1-12):

Please remember that in older bootrom versions it is necessary to use Ctrl+Z shortcut to make some additional functions visible in bootrom menu. The bootrom menu can be different on different devices but after reading this post you will deal with them.

Any questions, anything is not clear for you, do not hesitate to ask me. Please be invited to write your comments.

How to log into Huawei S3300 switch? It is very simple. Which method you will chose depends on what you want to do on this device. If you want to upload file to or download it from the switch, use FTP or SFTP. If you want to configure the switch, use telnet, SSH or HTTP methods. Each time you can access the switch using console port,  locally or remotely, in case a console server is configured.

telnet S3300

#
telnet server enable
#
aaa
local-user labnario password cipher &EU15O"Q3/;Q=^Q`MAF4
local-user labnario privilege level 15
local-user labnario service-type telnet
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

By default telnet server is enabled on S3300 switch. As this is default setting, it is not displayed in switch’s configuration. VTY lines use local user configured, to let you access the switch. Protocol inbound all command informs you that you can use both protocols, telnet and SSH.

The second method of using telnet is to configure authentication-mode for VTY as none or password. None means access without login and password, authentication-mode as password means you have to know password to access the switch. Additionally you should configure privilege level and password for VTY lines. By default user privilege level is set to 0.

#
user-interface vty 0 4
 authentication-mode none
 user privilege level 15
 protocol inbound all
#
user-interface vty 0 4
 authentication-mode password
 user privilege level 15
 set authentication password cipher &EU15O"Q3/;Q=^Q`MAF4
 protocol inbound all
#

 ssh S3300

#
aaa
local-user labnario password cipher &EU15O"Q3/;Q=^Q`MAF4
local-user labnario privilege level 15
local-user labnario service-type ssh
#
stelnet server enable
ssh user labnario
ssh user labnario authentication-type password
ssh user labnario service-type all
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

In this case, SSH uses aaa settings, to access the device. For proper SSH configuration it is required to create RSA key. You can do this using the following command:

[labnario] rsa local-key-pair create
The key name will be: labnario_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
       It will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
.............++++++++++++
..........++++++++++++
................++++++++
....................................++++++++

You can display RSA key by display rsa local-key-pair public command. Besides password, it is also possible to use RSA key or both RSA key and password, for SSH connection.

S3300 as FTP server

#
FTP server enable
#
aaa
 local-user labnario password cipher &EU15O"Q3/;Q=^Q`MAF4
 local-user labnario privilege level 15
 local-user labnario ftp-directory flash:
 local-user labnario service-type ftp
#

You can also configure secure FTP (sFTP) adding the following command:

#
sftp server enable
#

Access S3300 by HTTP

For Huawei S3300 switch there is also possible to use HTTP to access it. To do this, you have to load necessary file, delivered together with software. You can display all files, stored in flash, using dir command:

<labnario> dir
Directory of flash:/

Idx  Attr   Size(Byte)  Date        Time      FileName
0  -rw-    8,124,916  Jan 01 2008 02:14:24  S3328-V100R005C00SPC100.cc
1  -rw-          869  Jan 01 2008 00:01:21  private-data.txt
2  -rw-          396  Jan 01 2008 00:12:06  hostkey
3  -rw-          120  Aug 04 2011 08:49:23  vrpcfg.zip
4  -rw-          540  Jan 01 2008 00:12:11  serverkey
5  -rw-    1,087,883  Jan 01 2008 00:36:13  s3328-v100r005.001.web.zip

14,632 KB total (5,580 KB free)

HTTP access configuration:

[labnario] http server load s3328-v100r005.001.web.zip
Info: Load web file successfully.
[labnario] http server enable
Info: Starting the HTTP server successfully.

[labnario] aaa
[labnario-aaa] local-user labnario password cipher &EU15O"Q3/;Q=^Q`MAF4
[labnario-aaa] local-user labnario privilege level 15
[labnario-aaa] local-user labnario service-type http

Finally use IP address configured on the switch for HTTP access:

#
vlan 100
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 100
#
interface Vlanif100
 ip address 172.16.1.2 255.255.0.0
#

To start working with Huawei devices, it is necessary to look at CLI (Command Line Interface). All Huawei datacom devices use the same OS called VRP (Versatile Routing Platform). As an example we can take NE40E router with V600R001C00SPC900 software installed. When you establish connection with the router, it does not matter it is telnet, ssh or console, you enter the user view with the prompt of <Quidway>. The prompt < > indicates user view and the prompt [ ] indicates other views. To start configuring the router you should move from user view to system view. You can do this by using “system-view” command.

<Quidway> system-view
[Quidway]

From system view you are able to configure all functions available in VRP software. Let’s assume that you want to configure MPLS, both globally and on Ethernet interface.

[Quidway]
[Quidway]mpls
[Quidway-mpls]quit
[Quidway]interface GigabitEthernet 1/0/5
[Quidway-GigabitEthernet1/0/5]mpls

Besides command line views the system adopts a hierarchical protection mode that has 16 command levels. The default command levels are as follows:

• Level 0 – visit
• Level 1 – monitoring
• Level 2 – configuration
• Level 3 – management

You can change default to 16 command levels by “command-privilege level rearrange” command.

[Quidway]command-privilege level rearrange

You will be asked about super password for level 15, so be careful and follow instructions displayed. Otherwise you will have problem, after this change, to log into the router.

If you don’t adjust a command level separately, after the command level is updated, all originally registered command lines adjust automatically according to the following rules:

• Level 0 and Level 1 – unchanged
• Level 2 – Level 10
• Level 3 – Level 15

You can adjust the command lines to remaining levels separately to refine the management of privilege.

You can enter “?” in any command line views to display all available commands with a short description.

[Quidway]mpls ?
l2vpn        Operate on MPLS L2 VPN
ldp          Label Distribution Protocol(LDP)
lsr-id       Specify LSR(Label Switched Router) identifier
oam          Specify OAM(Operation, Administration and Maintenance)
             configuration information
switch-l2vc  Specifying switch-l2vc configuration information
<cr>

You can enter a character string with a “?” closely following it to display all commands that begin with this character string.

[Quidway]d?
 dhcp            diffserv
 display         dns
 dustproof

Common error massages of the command line:

System-defined shortcut keys:

You can also define shortcut keys using the following command:

[Quidway]hotkey CTRL_U "display ip interface brief"

By default three shortcut keys are defined:

• CTRL_G – display current-configuration
• CTRL_L – display ip routing-table
• CTRL_O – undo debugging all

There are also two hidden modes available for Huawei R&D:

[Quidway]_h
Now you enter a hidden command view for developer's testing, some
commands may affect operation by wrong use, please carefully use it
with HUAWEI engineer's direction.
[Quidway-hidecmd]
[Quidway]_d
Now you enter diagnose command view.
[Quidway-diagnose]

There are many commands but using them by normal engineer is not safe 😉

I wanted to show you the basic structure of Huawei VRP CLI. Next time I will show you a basic system configuration. If you have any additional questions, anything is not clear for you, would like to know more, do not hesitate to ask.

For sure all network engineers know the word Cisco… Some of them know the word Juniper… Has anyone heard about Huawei?

Probably some of you have but it is still not so popular like its competitors. It seems to be a niche in IP networks worldwide. What is a reason of it? I’ll leave this question without any answer. Maybe you can answer it. Please let me know your opinion.

Datacom devices are small part of Huawei’s portfolio, which let you build end-to-end solution, both for telecom and enterprise networks. Besides Datacom Technology, in Huawei’s portfolio, we can find Radio Access, Fixed Access, Transport Network, Core Network and Software.

As Huawei is getting more and more popular it is time to show you that it is really an alternative for other vendors. This blog is just to popularize Huawei’s datacom devices throughout the world. What I want to do in this blog is to show you potential of this equipment, configuration tricks and technologies used by this equipment. I wouldn’t like to talk about Huawei as a company but about technical aspects of working in Huawei.

I hope this blog will be helpful for you and become the first knowledge base, for Huawei Datacom devices, on the internet.

Enjoy!