Friday , April 26 2024

STP attack and Root Protection feature on Huawei switches

18 Apr, 2013 Ethernet 0

Spanning Tree protocol is a loop prevention mechanism in a bridged LAN. Every STP topology has its own root bridge, which determines how STP topology is calculated. The role of the root bridge is to act as a reference point in the network, so that all other switches can determine, how far each of their ports is from the root bridge. The port, which has the lowest path cost, is placed into a forwarding state. All other ports, that can lead to the root bridge, are blocked. Ports in the switching topology, which lead away from the Root Bridge, remain forwarding. You can recall STP operations reading the following article: “Multiple Spanning Tree Protocol on Huawei switch“.

How does the root bridge election process work?

The root bridge for each STP instance is determined by the bridge ID. The bridge ID consists of a configurable bridge priority and the MAC address of the bridge:

[Huawei]display stp
-------[CIST Global Info][Mode MSTP]-------
CIST Bridge         :32768.4c1f-ccd4-1c03

Read More »

Huawei eNSP – news

16 Apr, 2013 General 0

We have waited for a new version of Huawei eNSP simulator since February 1st, 2013.

And we have finally got it.

Quite new and fresh V100R002C00B110 version.

New look … new devices … new connections …

Read More »

from Huawei CLI – lock and send

10 Apr, 2013 Command Line 0

Today a few words about 2 simple but useful commands: lock and send.

LOCK – prevents unauthorized users from operating on the current terminal interface

SEND – enables the system to transfer messages between user interfaces

Let’s look how they work on Huawei S5700 switch.

LOCK
<labnario>lock
Enter Password:
Confirm Password:

 Info: The terminal is locked. 

Enter Password:

<labnario>

Read More »

how to upgrade stacked S5300 switches

5 Apr, 2013 How To 0

When a single switch is upgraded, services are interrupted about 3 minutes. This time increases when a stack is upgraded. Methods of upgrading the system software of S5300 and S6300 are the same. We can focus on Huawei S5300 switch as an example. Let’s assume we have 2 switches in the stack.

<labnario> display stack
Stack topology type: Ring
Stack system MAC: 80fb-06b1-69eb
MAC switch delay time: 10 min
Stack reserved vlanid : 100
Slot#     role        Mac address      Priority   Device type
------    ----        --------------   ------     -------
    0     Master      80fb-06b1-69eb   100        S5352C-EI
    1     Standby     80fb-06ab-f6e3   120        S5352C-EI

At first you have to check a space of flash memory of the switch. If there is no enough space in the flash to fit a new system software, just delete the old (current) system software, for both Master and Member switches:

Read More »

Huawei AR1200 NAT configuration

3 Apr, 2013 IP Services 0

A short NAT (Network Address Translation) description based on AR1200 documentation:

Huawei AR1200 supports the following NAT features: static NAT, port address translation (PAT), internal server, NAT Application Level Gateway (ALG), NAT filtering, NAT mapping, Easy IP, twice NAT, and NAT multi-instance.

Read More »
Design By: ThemeTen