Labnario Huawei From Scratch

SCP is a secure file transfer, based on SSH2.0, which supports downloading and uploading files between SCP client and server, in batches as well. If you would like to know more, just visit Huawei support website. I will focus on practice and show this feature, using simple lab:

Configure communication between loopback interfaces of the server and the client. Below the SCP_server as an example. As this is a simple topology, I used RIP protocol for communication (long unused by me):

#
sysname SCP_server
#
vlan batch 100
#
interface Vlanif100
 ip address 10.1.1.1 255.255.255.0
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
#
rip 1
 network 10.0.0.0
 network 1.0.0.0
#

How to filter advertised and received routes on Huawei router?

Let’s try to check it based on the following topology:

1. Configure basic OSPF functions on all routers.
2. Configure static routes on AR1 router and import them to OSPF.
3. Use filter-policy for advertised routes on AR1.
4. Use filter-policy for received routes on AR3.

A new version of Huawei simulator eNSP has been released. One of new features is AR CPU reduction. Besides that, reboot functionality of AR router has been provided. Also a few features have been modified. All information you can find in a release notes for this version.

Download, test and enjoy!

Let’s imagine you are an IP engineer and suddenly found increasing number of “TTL exceeded” packets on your router. Your first thought is “what the hell is it? How to find a source of these packets?”

Take it easy. You will know how to investigate such issue on Huawei router.

[labnario]display ip statistics
  Input:     sum               2783201      local               2321967
             bad protocol            0      bad format                0
             bad checksum            0      bad options               0
             discard srr             0      TTL exceeded         494196
  Output:    forwarding              0      local                886008
             dropped                 0      no route                  0
  Fragment:  input                   0      output                    0
             dropped                 0
             fragmented              0      couldn't fragment         0
  Reassembling:sum                   0      timeouts                  0

As you can see there are “TTL exceeded” packets. “Display ip statistics” command shows packets that are directed to CPU. Don’t mix it up with packets found on the interface. For example, you don’t have dropped packets on the interface but “display ip statistics” shows such packets.

I have come across link flapping protection feature recently. It is available on S5700 switches. It looks like it is a new feature on Huawei switches. I had not met it in older hardware versions. That’s why I decided to write a few words about it. Unfortunatelly, although this command is available in Huawei network simulator eNSP, it does not work properly. But maybe you will have possibility check it on your real devices.

Port flapping (port going UP and DOWN continually) can be caused by a faulty cable, link failure, active/standby switchover, port hardware failure, etc. Frequent status changes on an interface can lead to:

• STP topology recalculation and changes,
• ARP entries updates,
• dynamic routing instability and convergence problems.

All these issues can negatively affect switch performance and should be avoided.

Link Flapping Protection is a feature that can be implemented on an interface to solve problems caused by the flapping port or link. It checks the interface flapping frequency and link flapping detection interval. If the number of interface flapping times reaches the limit, in a specified period, the interface is shut down.