Home / Tag Archives: Huawei CLI (page 3)

Tag Archives: Huawei CLI

routing policy configuration

12 Jun, 2014 IP Routing 0

Some time ago I wrote about local PBR and interface PBR.

It’s time to talk about routing policy, that is a different mechanism. Routing policy is applied to routing information and it is combined with routing protocols to form policies. PBR mechanism is applied to data flows and and packets are forwarded according to the configured policy.

Routing policy is a tool which can be used to filter routes and set route attributes, when importing routing information into OSPF, RIP, ISIS or BGP protocols. BGP can use routing policy to filter advertising routes as well. Routing policy defines which of the routes from the specific routing protocol are allowed to be imported into the target routing protocol. It can be also used to match routes or certain route attributes and to change these attributes when the matching rules are met.

Routing policy command syntax:

route-policy route-policy-name { permit | deny } node node

A route-policy may consists of multiple nodes, for example:

route-policy LABNARIO-POLICY permit node 10
route-policy LABNARIO-POLICY deny node 20

from Huawei CLI – upgrade rollback …

19 Mar, 2014 Command Line 0

As I am in the process of upgrading Huawei ATN950B routers, I decided to describe very useful command, supported by carrier class routers like NE40E, CX600 and ATN950B – “upgrade rollback enable rollback-timer time”

When you are doing upgrade, there is always a small risk that something goes wrong and you will lose this router, I mean it will fall out of management. To minimize such risk, you can use the command in question.

Let’s look at the upgrade procedure:

<labnario>startup system-software v200r002c00spc300.cc
Info: Succeeded in setting the software for booting system.
<labnario>startup system-software v200r002c00spc300.cc slave-board
Info: Succeeded in setting the software for booting system.

<labnario>startup patch v200r002sph008.pat
Info: Succeeded in setting main board resource file for system.
<labnario>startup patch v200r002sph008.pat slave-board
Info: Succeeded in setting slave board resource file for system.

HWTACACS configuration on Huawei device

14 Mar, 2014 Security 0

Let’s look at a typical configuration of HWTACACS server on Huawei device:

#
hwtacacs-server template labnario
 hwtacacs-server authentication 172.16.10.1
 hwtacacs-server authorization 172.16.10.1
 hwtacacs-server accounting 172.16.10.1
 hwtacacs-server source-ip 172.16.10.10
 hwtacacs-server shared-key cipher %$%$;XioR#N`7=~][vLDTr2S(2.#%$%$
 undo hwtacacs-server user-name domain-included
#
aaa 
 authentication-scheme hwtacacs
  authentication-mode hwtacacs local
 authorization-scheme hwtacacs
  authorization-mode hwtacacs local
 accounting-scheme hwtacacs
  accounting-mode hwtacacs
 domain default_admin  
  authentication-scheme hwtacacs 
  accounting-scheme hwtacacs
  authorization-scheme hwtacacs
  hwtacacs-server labnario
 local-user labnario password cipher %$%$'3N&Y#>c>Ibb;f:!o4mW(7#h%$%$
 local-user labnario privilege level 15
 local-user labnario service-type telnet terminal ssh ftp
#
user-interface vty 0 4
 authentication-mode aaa

assigning multiple IP addresses to network interface

17 Feb, 2014 How To 0

Why might we want to assign multiple IP addresses to the same interface? The following are the most common scenarios:

hosts in the network segment use IP addresses on different networks
there are not enough host addresses on a logical network segment, suppose a /24 address space and 300 hosts

How to configure multiple IP addresses on Huawei devices?

Let’s configure a pair of routers connected via a Gigabit Ethernet link and use four different logical networks.

[labnarioR1]int gi 0/0/0
[labnarioR1-GigabitEthernet0/0/0]ip add 192.168.12.1 255.255.255.0
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.12.1 255.255.255.0 sub
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.22.1 255.255.255.0 sub
[labnarioR1-GigabitEthernet0/0/0]ip add 10.0.32.1 255.255.255.0 sub

from Huawei CLI – check …

4 Feb, 2014 Command Line 0

Very useful command, especially when you are preparing and executing upgrade of a software of Huawei carrier class devices, like NE40E and CX600. Let’s look what can be checked by this command:

<labnario>check ?
  hardware-compatibility  hardware compatibility
  startup                 Check the version of the resource file
  system-software         system-software
  version                 check version

I personally use “check hardware-compatibility” before all planned upgrades. During a preparation phase of an upgrade, you have to read software release notes, to be sure that all software and hardware components will be compatible with the new software. You can check hardware compatibility by the command, instead of searching software documents.

Imagine that you’ve just uploaded a new software to CFcard of a router. The new software is v600r006c00spc300.

<labnario>check hardware-compatibility v600r006c00spc300.cc
Slot#    BoardType        Result           Detail
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3        CR57LAXFB00      Compatible       NA
4        CR57LAXFB00      Compatible       NA
5        CR57EMGFB20      Compatible       NA
6        CR57EMGFB20      Compatible       NA
9        CR57SRU200A5     Compatible       NA
10       CR57SRU200A5     Compatible       NA
11       CR57SFU200C0     Compatible       NA
12       FRA200A          Compatible       NA
13       FRA200A          Compatible       NA

It’s very simple, isn’t it?

Page 3 of 11«1 234 5 » 10...Last »