Fit AP V200R010C00 Command Reference Issue 08 Date 2021-02-25 HUAWEI TECHNOLOGIES CO., LTD. Copyright © Huawei Technologies Co., Ltd. 2021. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: https://e.huawei.com Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. i Fit AP Command Reference About This Document About This Document Overview This document provides the configuration commands of each feature supported by the device, including the syntax, view, default level, description, parameters, usage guideline, related commands, and example of each command. This document together with the Configuration Guide provides intended readers with detailed usage of each command. Intended Audience This document is intended for network engineers responsible for WLAN configuration and management. You should be familiar with basic Ethernet knowledge and have extensive experience in network deployment and management. Symbol Conventions The symbols that may be found in this document are defined as follows. Symbol Description Indicates a potentially hazardous situation which, if not avoided, could result in equipment damage, data loss, performance deterioration, or unanticipated results. NOTICE is used to address practices not related to personal injury. Supplements the important information in the main text. NOTE is used to address information not related to personal injury, equipment damage, and environment deterioration. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. ii Fit AP Command Reference About This Document Command Conventions The command conventions that may be found in this document are defined as follows. Convention Description Boldface The keywords of a command line are in boldface. Italic Command arguments are in italics. [] Items (keywords or arguments) in brackets [ ] are optional. { x | y | ... } Optional items are grouped in braces and separated by vertical bars. One item is selected. [ x | y | ... ] Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected. { x | y | ... }* Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. [ x | y | ... ]* Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected. &<1-n> The parameter before the & sign can be repeated 1 to n times. # A line starting with the # sign is comments. NOTE The interface types, command outputs, and device models provided in this manual vary according to device configurations and may differ from the actual information. To obtain better user experience, you are advised to set the number of columns displayed on the command line editor to 132 or higher. Interface Numbering Conventions Interface numbers used in this manual are examples. In device configuration, use the existing interface numbers on devices. Security Conventions ● Issue 08 (2021-02-25) Password setting Copyright © Huawei Technologies Co., Ltd. iii Fit AP Command Reference About This Document When configuring a password, the cipher text is recommended. To ensure device security, do not disable password complexity check, and change the password periodically. When configuring a plaintext password, do not start and end it with %$%$, %^%#, %#%#, %@%@, or @%@%, which are considered valid ciphertext characters. The device can decrypt such as password and display the same plaintext password as that configured by the user in the configuration file. Ciphertext passwords starting and ending with %$%$, %^%#, %#%#, %@ %@, or @%@% are valid. However, ciphertext passwords for different features are not interchangeable. For example, the ciphertext password generated for Authentication, Authorization, Accounting (AAA) cannot be configured for other features. ● Encryption algorithm Currently, the device uses the following encryption algorithms: DES, 3DES, AES, RSA, SHA1, SHA-2, MD5 and SMS4. The encryption algorithm depends on the applicable scenario. Use the recommended encryption algorithm; otherwise, security defense requirements may be not met. ● – For the symmetrical encryption algorithm, use AES with the key of 128 bits or more. – For the asymmetrical encryption algorithm, use RSA with the key of 2048 bits or more. – For the hash algorithm, use SHA2 with the key of 256 bits or more. – For the HMAC algorithm, use HMAC-SHA2. – The encryption algorithms DES/3DES/RSA (RSA-1024 or lower)/MD5 (in digital signature scenarios and password encryption)/SHA1 (in digital signature scenarios) have a low security, which may bring security risks. If protocols allowed, using more secure encryption algorithms, such as AES/RSA (RSA-2048 or higher)/SHA2/HMAC-SHA2, is recommended. – SHA2 is irreversible encryption algorithm. The irreversible encryption algorithm must be used for the administrator password. Personal data Some personal data (such as the MAC or IP addresses of users) may be obtained or used during operation or fault location of your purchased products, services, features, so you have an obligation to make privacy policies and take measures according to the applicable law of the country to protect personal data. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. iv Fit AP Command Reference Contents Contents About This Document................................................................................................................ ii 1 How to Use Command Lines.................................................................................................1 1.1 Entering Command Views.................................................................................................................................................... 1 1.2 Editing Command Lines........................................................................................................................................................ 3 1.3 Using Command Line Online Help....................................................................................................................................4 1.4 Interpreting Command Line Error Messages................................................................................................................. 6 1.5 Using the undo Command Line......................................................................................................................................... 6 1.6 Displaying History Commands........................................................................................................................................... 7 1.7 Using Command Line Shortcut Keys................................................................................................................................ 8 2 Basic Configurations Commands....................................................................................... 11 2.1 CLI Overview Commands................................................................................................................................................... 11 2.1.1 cls............................................................................................................................................................................................ 11 2.1.2 diagnose............................................................................................................................................................................... 12 2.1.3 display history-command............................................................................................................................................... 13 2.1.4 display this........................................................................................................................................................................... 14 2.1.5 header................................................................................................................................................................................... 15 2.1.6 display hotkey..................................................................................................................................................................... 18 2.1.7 hotkey.................................................................................................................................................................................... 19 2.1.8 quit......................................................................................................................................................................................... 21 2.1.9 return..................................................................................................................................................................................... 22 2.1.10 system-view...................................................................................................................................................................... 23 2.2 UI Configuration Commands............................................................................................................................................ 24 2.2.1 acl (user interface view)................................................................................................................................................. 24 2.2.2 auto-execute command.................................................................................................................................................. 25 2.2.3 databits................................................................................................................................................................................. 27 2.2.4 display mib-index interface............................................................................................................................................ 28 2.2.5 display user-interface....................................................................................................................................................... 29 2.2.6 display user-interface maximum-vty.......................................................................................................................... 31 2.2.7 display users........................................................................................................................................................................ 32 2.2.8 display vty lines.................................................................................................................................................................. 34 2.2.9 display vty mode................................................................................................................................................................35 2.2.10 free user-interface........................................................................................................................................................... 35 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. v Fit AP Command Reference Contents 2.2.11 history-command max-size......................................................................................................................................... 37 2.2.12 idle-timeout...................................................................................................................................................................... 38 2.2.13 mmi-mode enable.......................................................................................................................................................... 39 2.2.14 parity................................................................................................................................................................................... 40 2.2.15 screen-length.................................................................................................................................................................... 41 2.2.16 screen-width..................................................................................................................................................................... 42 2.2.17 shell...................................................................................................................................................................................... 43 2.2.18 speed (user interface view)......................................................................................................................................... 44 2.2.19 stopbits............................................................................................................................................................................... 45 2.2.20 user-interface.................................................................................................................................................................... 46 2.2.21 user-interface current.................................................................................................................................................... 49 2.2.22 user-interface maximum-vty....................................................................................................................................... 49 2.3 User Login Configuration Commands........................................................................................................................... 50 2.3.1 display rsa local-key-pair public................................................................................................................................... 51 2.3.2 display rsa peer-public-key............................................................................................................................................. 52 2.3.3 display ssh server............................................................................................................................................................... 54 2.3.4 display ssh user-information..........................................................................................................................................56 2.3.5 display telnet server status............................................................................................................................................ 57 2.3.6 display telnet-client.......................................................................................................................................................... 58 2.3.7 display ecc local-key-pair public.................................................................................................................................. 59 2.3.8 display ecc peer-public-key............................................................................................................................................ 61 2.3.9 ecc local-key-pair create................................................................................................................................................. 63 2.3.10 ecc local-key-pair destroy............................................................................................................................................ 65 2.3.11 ecc peer-public-key......................................................................................................................................................... 66 2.3.12 lock....................................................................................................................................................................................... 68 2.3.13 matched upper-view...................................................................................................................................................... 69 2.3.14 peer-public-key end........................................................................................................................................................ 70 2.3.15 public-key-code begin................................................................................................................................................... 71 2.3.16 public-key-code end....................................................................................................................................................... 73 2.3.17 rsa local-key-pair create............................................................................................................................................... 74 2.3.18 rsa local-key-pair destroy............................................................................................................................................. 75 2.3.19 rsa peer-public-key......................................................................................................................................................... 76 2.3.20 send......................................................................................................................................................................................79 2.3.21 ssh client assign............................................................................................................................................................... 80 2.3.22 ssh client first-time enable.......................................................................................................................................... 81 2.3.23 ssh client key-exchange................................................................................................................................................ 82 2.3.24 ssh client secure-algorithms hmac............................................................................................................................83 2.3.25 ssh client secure-algorithms cipher.......................................................................................................................... 85 2.3.26 ssh server authentication-retries............................................................................................................................... 86 2.3.27 ssh server compatible-ssh1x enable......................................................................................................................... 87 2.3.28 ssh server key-exchange............................................................................................................................................... 89 2.3.29 ssh server permit interface.......................................................................................................................................... 90 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. vi Fit AP Command Reference Contents 2.3.30 ssh server port.................................................................................................................................................................. 91 2.3.31 ssh server rekey-interval............................................................................................................................................... 92 2.3.32 ssh server secure-algorithms hmac.......................................................................................................................... 94 2.3.33 ssh server secure-algorithms cipher......................................................................................................................... 95 2.3.34 ssh server timeout.......................................................................................................................................................... 96 2.3.35 ssh user assign................................................................................................................................................................. 97 2.3.36 ssh user authentication-type...................................................................................................................................... 99 2.3.37 stelnet............................................................................................................................................................................... 102 2.3.38 telnet................................................................................................................................................................................. 107 2.3.39 telnet client-source...................................................................................................................................................... 109 2.3.40 telnet server permit interface...................................................................................................................................110 2.4 File Management Commands........................................................................................................................................ 111 2.4.1 ascii...................................................................................................................................................................................... 111 2.4.2 binary.................................................................................................................................................................................. 112 2.4.3 bye........................................................................................................................................................................................ 113 2.4.4 cd (FTP client view)........................................................................................................................................................ 114 2.4.5 cd (SFTP client view)..................................................................................................................................................... 115 2.4.6 cd (user view)................................................................................................................................................................... 116 2.4.7 cdup (SFTP client view)................................................................................................................................................ 118 2.4.8 cdup (FTP client view)................................................................................................................................................... 119 2.4.9 close..................................................................................................................................................................................... 120 2.4.10 copy................................................................................................................................................................................... 121 2.4.11 debugging....................................................................................................................................................................... 124 2.4.12 delete (user view)......................................................................................................................................................... 124 2.4.13 dir (user view)................................................................................................................................................................126 2.4.14 delete (FTP client view).............................................................................................................................................. 129 2.4.15 dir/ls (FTP client view)................................................................................................................................................ 130 2.4.16 dir/ls (SFTP client view)..............................................................................................................................................132 2.4.17 disconnect....................................................................................................................................................................... 134 2.4.18 display ftp-client........................................................................................................................................................... 135 2.4.19 display sftp-client......................................................................................................................................................... 136 2.4.20 display tftp-client.......................................................................................................................................................... 137 2.4.21 file prompt...................................................................................................................................................................... 138 2.4.22 format............................................................................................................................................................................... 139 2.4.23 ftp....................................................................................................................................................................................... 141 2.4.24 ftp client-source............................................................................................................................................................ 143 2.4.25 get (FTP client view)................................................................................................................................................... 144 2.4.26 get (SFTP client view)................................................................................................................................................. 146 2.4.27 help (SFTP client view)............................................................................................................................................... 147 2.4.28 mkdir (FTP client view).............................................................................................................................................. 148 2.4.29 mkdir (SFTP client view)............................................................................................................................................ 149 2.4.30 mkdir (User view)......................................................................................................................................................... 150 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. vii Fit AP Command Reference Contents 2.4.31 lcd....................................................................................................................................................................................... 152 2.4.32 more.................................................................................................................................................................................. 153 2.4.33 mount............................................................................................................................................................................... 156 2.4.34 move................................................................................................................................................................................. 157 2.4.35 open.................................................................................................................................................................................. 159 2.4.36 passive.............................................................................................................................................................................. 161 2.4.37 put (FTP client view)................................................................................................................................................... 162 2.4.38 put (SFTP client view)................................................................................................................................................. 163 2.4.39 pwd (FTP client view)................................................................................................................................................. 165 2.4.40 pwd (SFTP client view)............................................................................................................................................... 166 2.4.41 pwd (user view)............................................................................................................................................................ 167 2.4.42 remotehelp...................................................................................................................................................................... 167 2.4.43 remove (SFTP client view)......................................................................................................................................... 168 2.4.44 rename (SFTP client view)........................................................................................................................................ 169 2.4.45 rename (user view)...................................................................................................................................................... 170 2.4.46 reset recycle-bin............................................................................................................................................................ 172 2.4.47 rmdir (FTP client view)............................................................................................................................................... 174 2.4.48 rmdir (SFTP client view)............................................................................................................................................. 175 2.4.49 rmdir (user view).......................................................................................................................................................... 176 2.4.50 sftp..................................................................................................................................................................................... 178 2.4.51 sftp client-source...........................................................................................................................................................183 2.4.52 tftp..................................................................................................................................................................................... 184 2.4.53 tftp client-source........................................................................................................................................................... 187 2.4.54 tftp-server acl................................................................................................................................................................. 188 2.4.55 umount............................................................................................................................................................................. 189 2.4.56 undelete........................................................................................................................................................................... 190 2.4.57 unzip..................................................................................................................................................................................192 2.4.58 user.................................................................................................................................................................................... 194 2.4.59 verbose............................................................................................................................................................................. 195 2.4.60 zip....................................................................................................................................................................................... 196 2.5 Configuring System Startup Commands.................................................................................................................... 198 2.5.1 display current-configuration..................................................................................................................................... 198 2.5.2 display reset-reason....................................................................................................................................................... 200 2.5.3 display startup.................................................................................................................................................................. 205 2.5.4 reboot.................................................................................................................................................................................. 206 2.5.5 reset factory-configuration.......................................................................................................................................... 207 2.5.6 startup patch.................................................................................................................................................................... 208 2.5.7 reset patch-configure.....................................................................................................................................................209 2.5.8 startup system-software............................................................................................................................................... 210 2.6 Upgrade Commands.......................................................................................................................................................... 211 2.6.1 ap-mode-switch............................................................................................................................................................... 211 2.6.2 ap-mode-switch check.................................................................................................................................................. 212 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. viii Fit AP Command Reference Contents 2.6.3 ap-mode-switch ftp........................................................................................................................................................ 213 2.6.4 ap-mode-switch prepare.............................................................................................................................................. 216 2.6.5 ap-mode-switch sftp...................................................................................................................................................... 217 2.6.6 ap-mode-switch tftp...................................................................................................................................................... 220 2.6.7 display paf......................................................................................................................................................................... 223 2.6.8 display patch-information............................................................................................................................................ 224 2.6.9 display upgrade failure-reason................................................................................................................................... 226 2.6.10 patch delete all.............................................................................................................................................................. 227 2.6.11 patch load....................................................................................................................................................................... 228 2.6.12 upgrade version check................................................................................................................................................ 230 2.6.13 upgrade version ftp...................................................................................................................................................... 231 2.6.14 upgrade version sftp.................................................................................................................................................... 233 2.6.15 upgrade version tftp.................................................................................................................................................... 235 3 Cloud-based Management Configuration Commands...............................................238 3.1 ap-mode-switch cloud...................................................................................................................................................... 238 3.2 cloud-mng register-center disable................................................................................................................................239 3.3 display cloud-mng register-center status...................................................................................................................240 4 Device Management Commands.....................................................................................242 4.1 Device Status Checking Commands............................................................................................................................. 242 4.1.1 display ap-address-info................................................................................................................................................. 242 4.1.2 display cpu-usage........................................................................................................................................................... 244 4.1.3 display cpu-usage configuration................................................................................................................................245 4.1.4 display cpu-usage history............................................................................................................................................. 246 4.1.5 display diagnostic-information................................................................................................................................... 247 4.1.6 display elabel.................................................................................................................................................................... 249 4.1.7 display esn......................................................................................................................................................................... 252 4.1.8 display sn........................................................................................................................................................................... 253 4.1.9 display fan......................................................................................................................................................................... 255 4.1.10 display health................................................................................................................................................................. 257 4.1.11 display memory-usage................................................................................................................................................259 4.1.12 display memory-usage threshold............................................................................................................................ 260 4.1.13 display power................................................................................................................................................................. 261 4.1.14 display resource occupancy message.................................................................................................................... 262 4.1.15 display system-information.......................................................................................................................................263 4.1.16 display temperature..................................................................................................................................................... 266 4.1.17 display transceiver........................................................................................................................................................ 267 4.1.18 display transceiver diagnosis interface..................................................................................................................270 4.1.19 display version............................................................................................................................................................... 272 4.1.20 reset cpu-usage record............................................................................................................................................... 274 4.2 Hardware Configuration Commands........................................................................................................................... 274 4.2.1 backup elabel................................................................................................................................................................... 275 4.2.2 set memory-usage threshold...................................................................................................................................... 276 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. ix Fit AP Command Reference Contents 4.3 Energy-saving Configuration Commands.................................................................................................................. 278 4.3.1 als enable........................................................................................................................................................................... 278 4.3.2 als restart........................................................................................................................................................................... 279 4.3.3 als restart mode manual.............................................................................................................................................. 280 4.3.4 als restart pulse-interval............................................................................................................................................... 281 4.3.5 als restart pulse-width...................................................................................................................................................282 4.3.6 display als configuration.............................................................................................................................................. 283 4.4 Information Center Configuration Commands........................................................................................................ 285 4.4.1 display binlog-buffer...................................................................................................................................................... 285 4.4.2 display binlog-buffer summary.................................................................................................................................. 286 4.4.3 display channel................................................................................................................................................................ 287 4.4.4 display debugging........................................................................................................................................................... 290 4.4.5 display info-center.......................................................................................................................................................... 292 4.4.6 display info-center filter-id.......................................................................................................................................... 295 4.4.7 display info-center logfile path.................................................................................................................................. 297 4.4.8 display info-center rate-limit record.........................................................................................................................297 4.4.9 display info-center rate-limit threshold.................................................................................................................. 299 4.4.10 display info-center statistics..................................................................................................................................... 300 4.4.11 display log....................................................................................................................................................................... 301 4.4.12 display log failure......................................................................................................................................................... 304 4.4.13 display logbuffer........................................................................................................................................................... 305 4.4.14 display logfile................................................................................................................................................................. 310 4.4.15 display trapbuffer......................................................................................................................................................... 312 4.4.16 info-center channel...................................................................................................................................................... 316 4.4.17 info-center channel name......................................................................................................................................... 318 4.4.18 info-center enable........................................................................................................................................................ 319 4.4.19 info-center filter-id....................................................................................................................................................... 321 4.4.20 info-center logbuffer................................................................................................................................................... 322 4.4.21 info-center logbuffer size...........................................................................................................................................324 4.4.22 info-center logfile path...............................................................................................................................................325 4.4.23 info-center logfile size................................................................................................................................................ 326 4.4.24 info-center loghost....................................................................................................................................................... 327 4.4.25 info-center loghost source.........................................................................................................................................329 4.4.26 info-center loghost source-port............................................................................................................................... 331 4.4.27 info-center max-logfile-number.............................................................................................................................. 331 4.4.28 info-center rate-limit except..................................................................................................................................... 333 4.4.29 info-center rate-limit global-threshold................................................................................................................. 334 4.4.30 info-center rate-limit monitor-period.................................................................................................................... 335 4.4.31 info-center rate-limit threshold............................................................................................................................... 336 4.4.32 info-center source channel........................................................................................................................................ 338 4.4.33 info-center statistic-suppress enable..................................................................................................................... 343 4.4.34 info-center timestamp................................................................................................................................................ 344 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. x Fit AP Command Reference Contents 4.4.35 info-center trapbuffer................................................................................................................................................. 346 4.4.36 info-center trapbuffer size.........................................................................................................................................348 4.4.37 reset info-center statistics..........................................................................................................................................349 4.4.38 reset logbuffer............................................................................................................................................................... 350 4.4.39 reset trapbuffer............................................................................................................................................................. 351 4.4.40 save logfile...................................................................................................................................................................... 351 4.4.41 terminal debugging..................................................................................................................................................... 353 4.4.42 terminal logging........................................................................................................................................................... 354 4.4.43 terminal monitor.......................................................................................................................................................... 355 4.4.44 terminal trapping.......................................................................................................................................................... 356 4.5 PoE Configuration Commands....................................................................................................................................... 357 4.5.1 display current power-workmode............................................................................................................................. 357 4.5.2 display poe device........................................................................................................................................................... 358 4.5.3 display poe information................................................................................................................................................ 359 4.5.4 display poe power........................................................................................................................................................... 360 4.5.5 display poe power-state................................................................................................................................................364 4.5.6 display poe-power.......................................................................................................................................................... 369 5 Interface Management Commands................................................................................ 372 5.1 Basic Interface Configuration Commands................................................................................................................. 372 5.1.1 bandwidth (Interface view)......................................................................................................................................... 372 5.1.2 description (interface view).........................................................................................................................................373 5.1.3 display default-parameter interface......................................................................................................................... 374 5.1.4 display interface.............................................................................................................................................................. 376 5.1.5 display interface brief.................................................................................................................................................... 382 5.1.6 display interface description....................................................................................................................................... 384 5.1.7 display ip interface......................................................................................................................................................... 386 5.1.8 display ip interface description...................................................................................................................................390 5.1.9 display this interface...................................................................................................................................................... 394 5.1.10 interface........................................................................................................................................................................... 398 5.1.11 reset counters if-mib interface.................................................................................................................................399 5.1.12 reset counters interface.............................................................................................................................................. 400 5.1.13 restart (interface view)............................................................................................................................................... 401 5.1.14 set flow-stat interval (interface view)................................................................................................................... 402 5.1.15 shutdown (interface view)........................................................................................................................................ 404 5.2 Ethernet Interface Configuration Commands.......................................................................................................... 405 5.2.1 cable-snr-test.................................................................................................................................................................... 405 5.2.2 display interface ethernet brief.................................................................................................................................. 406 5.2.3 interface (Ethernet interface)..................................................................................................................................... 408 5.2.4 log-threshold.................................................................................................................................................................... 409 5.2.5 loopback............................................................................................................................................................................. 411 5.2.6 virtual-cable-test............................................................................................................................................................. 412 5.3 Logical Interface Configuration Commands............................................................................................................. 414 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xi Fit AP Command Reference Contents 5.3.1 display interface null......................................................................................................................................................414 5.3.2 interface null.....................................................................................................................................................................416 6 Network Interconnection Configurations Commands............................................... 418 6.1 MAC Address Table Configuration Commands........................................................................................................ 418 6.1.1 display mac-address....................................................................................................................................................... 418 6.1.2 display mac-address aging-time................................................................................................................................ 421 6.1.3 display mac-address blackhole................................................................................................................................... 422 6.1.4 display mac-address dynamic..................................................................................................................................... 424 6.1.5 display mac-address static........................................................................................................................................... 426 6.1.6 display mac-address summary................................................................................................................................... 428 6.1.7 display mac-address total-number........................................................................................................................... 430 6.1.8 display mac-limit............................................................................................................................................................. 432 6.1.9 mac-address...................................................................................................................................................................... 434 6.1.10 mac-address aging-time.............................................................................................................................................437 6.1.11 mac-limit..........................................................................................................................................................................438 6.2 VLAN Configuration Commands................................................................................................................................... 440 6.2.1 management-vlan.......................................................................................................................................................... 441 6.2.2 description (VLANIF interface view).........................................................................................................................442 6.2.3 display interface vlanif.................................................................................................................................................. 443 6.2.4 display port vlan.............................................................................................................................................................. 445 6.2.5 display vlan....................................................................................................................................................................... 447 6.2.6 interface vlanif................................................................................................................................................................. 451 6.2.7 mtu (VLANIF interface view)...................................................................................................................................... 453 6.2.8 reset vlan statistics......................................................................................................................................................... 454 6.2.9 shutdown (VLANIF interface view)........................................................................................................................... 455 6.3 STP Configuration Commands....................................................................................................................................... 456 6.3.1 display stp.......................................................................................................................................................................... 456 6.3.2 display stp abnormal-interface.................................................................................................................................. 458 6.3.3 display stp active............................................................................................................................................................. 460 6.3.4 display stp bridge............................................................................................................................................................ 462 6.3.5 display stp error packet.................................................................................................................................................463 6.3.6 display stp global............................................................................................................................................................ 464 6.3.7 display stp tc-bpdu statistics....................................................................................................................................... 467 6.3.8 display stp topology-change....................................................................................................................................... 468 6.3.9 display stp vlan................................................................................................................................................................ 469 6.4 ARP Configuration Commands...................................................................................................................................... 470 6.4.1 arp detect-mode unicast.............................................................................................................................................. 470 6.4.2 arp detect-times.............................................................................................................................................................. 472 6.4.3 arp expire-time................................................................................................................................................................ 473 6.4.4 arp ip-conflict-detect enable.......................................................................................................................................474 6.4.5 arp static............................................................................................................................................................................ 475 6.4.6 arp topology-change disable...................................................................................................................................... 477 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xii Fit AP Command Reference Contents 6.4.7 arp-proxy enable............................................................................................................................................................. 478 6.4.8 arp-proxy inner-sub-vlan-proxy enable................................................................................................................... 479 6.4.9 arp-proxy inter-sub-vlan-proxy enable.................................................................................................................... 479 6.4.10 display arp....................................................................................................................................................................... 480 6.4.11 display arp dynamic..................................................................................................................................................... 483 6.4.12 display arp error packet............................................................................................................................................. 485 6.4.13 display arp interface.................................................................................................................................................... 487 6.4.14 display arp ip-conflict track.......................................................................................................................................489 6.4.15 display arp network..................................................................................................................................................... 490 6.4.16 display arp packet statistics...................................................................................................................................... 493 6.4.17 display arp static........................................................................................................................................................... 494 6.4.18 display arp statistics.....................................................................................................................................................496 6.4.19 display arp track............................................................................................................................................................ 497 6.4.20 l2-topology detect enable......................................................................................................................................... 498 6.4.21 reset arp........................................................................................................................................................................... 499 6.5 DHCP Configuration Commands...................................................................................................................................501 6.5.1 dhcp client request option-list.................................................................................................................................... 501 6.5.2 dhcp set ttl........................................................................................................................................................................ 502 6.5.3 display dhcp client.......................................................................................................................................................... 503 6.5.4 display dhcp client statistics........................................................................................................................................ 505 6.5.5 display dhcp configuration.......................................................................................................................................... 507 6.5.6 display dhcp statistics.................................................................................................................................................... 509 6.6 DHCPv6 Configuration Commands.............................................................................................................................. 514 6.6.1 dhcpv6 duid....................................................................................................................................................................... 514 6.6.2 display dhcpv6 client......................................................................................................................................................516 6.6.3 display dhcpv6 client statistics................................................................................................................................... 517 6.6.4 display dhcpv6 duid........................................................................................................................................................ 519 6.6.5 display dhcpv6 statistics............................................................................................................................................... 520 6.6.6 reset dhcpv6 statistics....................................................................................................................................................525 6.6.7 reset dhcpv6 client statistics....................................................................................................................................... 526 6.7 DNS Configuration Commands..................................................................................................................................... 527 6.7.1 display dns configuration............................................................................................................................................. 527 6.7.2 display dns domain.........................................................................................................................................................528 6.7.3 display dns dynamic-host............................................................................................................................................. 529 6.7.4 display dns forward table............................................................................................................................................. 532 6.7.5 display dns server............................................................................................................................................................ 534 6.7.6 display dns statistics.......................................................................................................................................................535 6.7.7 display ip host.................................................................................................................................................................. 537 6.7.8 ip host................................................................................................................................................................................. 538 6.7.9 reset dns dynamic-host................................................................................................................................................. 539 6.7.10 reset dns statistics........................................................................................................................................................ 540 6.8 IP Performance Configuration Commands................................................................................................................ 541 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xiii Fit AP Command Reference Contents 6.8.1 clear ip df........................................................................................................................................................................... 541 6.8.2 discard ra............................................................................................................................................................................542 6.8.3 discard rr............................................................................................................................................................................ 543 6.8.4 discard srr.......................................................................................................................................................................... 544 6.8.5 discard ts............................................................................................................................................................................ 545 6.8.6 display icmp statistics.................................................................................................................................................... 545 6.8.7 display ip interface......................................................................................................................................................... 547 6.8.8 display ip socket register-port.....................................................................................................................................550 6.8.9 display ip statistics.......................................................................................................................................................... 551 6.8.10 display network status................................................................................................................................................ 554 6.8.11 display rawip statistics................................................................................................................................................ 555 6.8.12 display tcp statistics..................................................................................................................................................... 557 6.8.13 display tcp status.......................................................................................................................................................... 561 6.8.14 display udp statistics....................................................................................................................................................563 6.8.15 icmp blackhole unreachable send.......................................................................................................................... 565 6.8.16 icmp host-unreachable send (interface view).................................................................................................... 566 6.8.17 icmp port-unreachable send..................................................................................................................................... 567 6.8.18 icmp receive.................................................................................................................................................................... 568 6.8.19 icmp redirect send........................................................................................................................................................ 570 6.8.20 icmp ttl-exceeded send............................................................................................................................................... 571 6.8.21 ip forward-broadcast................................................................................................................................................... 572 6.8.22 ip soft-forward enhancement disable................................................................................................................... 573 6.8.23 ip verify source-address.............................................................................................................................................. 574 6.8.24 reset ip socket monitor............................................................................................................................................... 575 6.8.25 load-balance (system view)...................................................................................................................................... 576 6.8.26 reset ip socket pktsort................................................................................................................................................. 577 6.8.27 reset ip statistics............................................................................................................................................................578 6.8.28 reset rawip statistics.................................................................................................................................................... 579 6.8.29 reset tcp statistics......................................................................................................................................................... 579 6.8.30 reset udp statistics........................................................................................................................................................ 580 6.8.31 tcp max-mss................................................................................................................................................................... 581 6.8.32 tcp min-mss.................................................................................................................................................................... 582 6.8.33 tcp timer fin-timeout...................................................................................................................................................583 6.8.34 tcp timer syn-timeout................................................................................................................................................. 584 6.8.35 tcp window..................................................................................................................................................................... 585 6.9 Basic IPv6 Configuration Commands.......................................................................................................................... 586 6.9.1 display default-parameter tcp6.................................................................................................................................. 586 6.9.2 display ipv6 interface..................................................................................................................................................... 588 6.9.3 display ipv6 neighbors................................................................................................................................................... 589 6.9.4 display ipv6 socket.......................................................................................................................................................... 593 6.9.5 display rawip ipv6 statistics......................................................................................................................................... 596 6.9.6 display tcp ipv6 authentication-statistics............................................................................................................... 597 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xiv Fit AP Command Reference Contents 6.9.7 display tcp ipv6 statistics.............................................................................................................................................. 599 6.9.8 display tcp ipv6 status................................................................................................................................................... 604 6.9.9 display this ipv6 interface............................................................................................................................................ 607 6.9.10 display udp ipv6 statistics.......................................................................................................................................... 608 6.9.11 reset ipv6 socket pktsort............................................................................................................................................ 610 6.9.12 reset rawip ipv6 statistics........................................................................................................................................... 611 6.9.13 reset tcp ipv6 authentication-statistics................................................................................................................. 611 6.9.14 reset tcp ipv6 statistics................................................................................................................................................612 6.9.15 reset udp ipv6 statistics.............................................................................................................................................. 613 6.9.16 tcp ipv6 max-mss.......................................................................................................................................................... 614 6.9.17 tcp ipv6 min-mss.......................................................................................................................................................... 615 6.9.18 tcp ipv6 timer fin-timeout......................................................................................................................................... 617 6.9.19 tcp ipv6 timer syn-timeout........................................................................................................................................ 618 6.9.20 tcp ipv6 window............................................................................................................................................................ 619 6.10 IPv6 DNS Configuration Commands......................................................................................................................... 620 6.10.1 dns proxy ipv6 enable................................................................................................................................................. 620 6.10.2 display dns ipv6 dynamic-host................................................................................................................................. 621 6.10.3 reset dns ipv6 dynamic-host..................................................................................................................................... 622 6.11 IP Routing Basic Configuration Commands............................................................................................................ 623 6.11.1 display fib........................................................................................................................................................................ 623 6.11.2 display fib interface..................................................................................................................................................... 628 6.11.3 display fib ip-prefix...................................................................................................................................................... 629 6.11.4 display fib longer.......................................................................................................................................................... 631 6.11.5 display fib next-hop..................................................................................................................................................... 633 6.11.6 display fib statistics...................................................................................................................................................... 635 6.12 IGMP Snooping Configuration Commands............................................................................................................. 636 6.12.1 display l2-multicast forwarding-table................................................................................................................... 636 7 WLAN Service Configuration Commands......................................................................638 7.1 ap-address mode................................................................................................................................................................ 638 7.2 ap-address static ac-list.................................................................................................................................................... 640 7.3 ap-address static ac-list ipv6.......................................................................................................................................... 641 7.4 ap-address static ip-address........................................................................................................................................... 642 7.5 ap-address static ip-address ipv6.................................................................................................................................. 643 7.6 ap-group................................................................................................................................................................................ 644 7.7 ap-sysname...........................................................................................................................................................................646 7.8 cawpap dtls psk...................................................................................................................................................................647 7.9 capwap dtls psk-mandatory-match enable............................................................................................................... 648 7.10 display ac-list..................................................................................................................................................................... 649 7.11 display ap-sysname-info................................................................................................................................................ 650 7.12 display capwap configuration...................................................................................................................................... 651 7.13 display station................................................................................................................................................................... 652 7.14 display station online-track.......................................................................................................................................... 658 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xv Fit AP Command Reference Contents 7.15 display station offline-record....................................................................................................................................... 659 7.16 display station statistics................................................................................................................................................. 666 7.17 reset station statistics..................................................................................................................................................... 669 7.18 work-mode......................................................................................................................................................................... 670 8 AP Management Configuration Commands.................................................................672 8.1 access-user syslog-restrain enable............................................................................................................................... 672 8.2 access-user syslog-restrain period................................................................................................................................ 673 8.3 display ap led....................................................................................................................................................................... 674 8.4 led blink-time....................................................................................................................................................................... 675 9 WLAN Radio Resource Management Configuration Commands............................ 677 9.1 reset station steer-history................................................................................................................................................ 677 10 WLAN Roaming Commands .......................................................................................... 679 10.1 display station roam-statistics ................................................................................................................................... 679 10.2 display station roam-track............................................................................................................................................ 680 11 WLAN Security Configuration Commands..................................................................683 11.1 display references security-profile.............................................................................................................................. 683 11.2 display security-profile................................................................................................................................................... 684 11.3 display wlan ppsk-user................................................................................................................................................... 688 11.4 display wlan wapi certificate........................................................................................................................................691 12 WAN Authentication Escape Configuration Commands......................................... 694 12.1 authentication-scheme (branch AP group view).................................................................................................. 694 12.2 display local-eap-server certificate configuration................................................................................................ 695 12.3 display local-eap-server configuration..................................................................................................................... 697 13 Security Commands..........................................................................................................699 13.1 AAA Configuration Commands................................................................................................................................... 699 13.1.1 aaa..................................................................................................................................................................................... 699 13.1.2 aaa abnormal-offline-record.................................................................................................................................... 700 13.1.3 aaa offline-record......................................................................................................................................................... 701 13.1.4 aaa online-fail-record..................................................................................................................................................702 13.1.5 cut access-user...............................................................................................................................................................703 13.1.6 display aaa...................................................................................................................................................................... 706 13.1.7 display aaa configuration.......................................................................................................................................... 713 13.1.8 display aaa statistics access-type-authenreq...................................................................................................... 716 13.1.9 display aaa statistics offline-reason....................................................................................................................... 718 13.1.10 display access-user (All views).............................................................................................................................. 719 13.1.11 display authentication-scheme..............................................................................................................................726 13.1.12 display domain............................................................................................................................................................ 727 13.1.13 display local-user........................................................................................................................................................729 13.1.14 display remote-user authen-fail............................................................................................................................733 13.1.15 remote-user authen-fail unblock.......................................................................................................................... 736 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xvi Fit AP Command Reference Contents 13.1.16 reset aaa........................................................................................................................................................................ 737 13.1.17 reset aaa statistics access-type-authenreq........................................................................................................738 13.1.18 reset aaa statistics offline-reason.........................................................................................................................739 13.1.19 reset access-user statistics...................................................................................................................................... 739 13.2 RADIUS Configuration Commands............................................................................................................................ 740 13.2.1 display radius-attribute...............................................................................................................................................740 13.2.2 display radius-attribute check.................................................................................................................................. 743 13.2.3 display radius-attribute disable............................................................................................................................... 744 13.2.4 display radius-attribute translate............................................................................................................................ 746 13.2.5 display radius-server configuration........................................................................................................................ 747 13.2.6 display radius-server dead-interval dead-count detect-cycle....................................................................... 752 13.2.7 display radius-server session-manage configuration....................................................................................... 753 13.3 NAC Configuration Commands................................................................................................................................... 754 13.3.1 display access-user....................................................................................................................................................... 754 13.3.2 display authentication-profile configuration...................................................................................................... 757 13.3.3 display dot1x.................................................................................................................................................................. 763 13.3.4 display dot1x-access-profile configuration.......................................................................................................... 770 13.3.5 display dot1x quiet-user............................................................................................................................................. 772 13.3.6 display free-rule-template configuration............................................................................................................. 773 13.3.7 display mac-access-profile configuration.............................................................................................................775 13.3.8 display mac-authen quiet-user................................................................................................................................ 780 13.3.9 display portal................................................................................................................................................................. 781 13.3.10 display portal free-rule............................................................................................................................................. 783 13.3.11 display portal config..................................................................................................................................................784 13.3.12 display portal-access-profile configuration....................................................................................................... 786 13.3.13 display portal quiet-user.......................................................................................................................................... 788 13.3.14 display url-template.................................................................................................................................................. 790 13.3.15 display web-auth-server configuration...............................................................................................................792 13.3.16 reset dot1x statistics..................................................................................................................................................797 13.4 ACL Configuration Commands.................................................................................................................................... 798 13.4.1 display acl ipv6.............................................................................................................................................................. 798 13.4.2 display acl........................................................................................................................................................................ 799 13.4.3 display acl resource...................................................................................................................................................... 801 13.4.4 display time-range....................................................................................................................................................... 802 13.5 Local Attack Defense Configuration Commands.................................................................................................. 804 13.5.1 display cpu-defend configuration........................................................................................................................... 804 13.5.2 display cpu-defend statistics..................................................................................................................................... 806 13.5.3 reset cpu-defend statistics......................................................................................................................................... 807 13.6 Attack Defense Configuration Commands.............................................................................................................. 809 13.6.1 anti-attack abnormal enable.................................................................................................................................... 809 13.6.2 anti-attack enable........................................................................................................................................................ 810 13.6.3 anti-attack fragment enable.....................................................................................................................................811 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xvii Fit AP Command Reference Contents 13.6.4 anti-attack fragment car............................................................................................................................................ 812 13.6.5 anti-attack icmp-flood enable................................................................................................................................. 814 13.6.6 anti-attack icmp-flood car.........................................................................................................................................815 13.6.7 anti-attack tcp-syn enable.........................................................................................................................................816 13.6.8 anti-attack tcp-syn car................................................................................................................................................ 817 13.6.9 anti-attack udp-flood enable................................................................................................................................... 818 13.6.10 display anti-attack statistics................................................................................................................................... 819 13.6.11 reset anti-attack statistics....................................................................................................................................... 821 13.7 ARP Security Configuration Commands...................................................................................................................823 13.7.1 arp anti-attack log-trap-timer................................................................................................................................. 823 13.7.2 arp learning strict (interface view).........................................................................................................................824 13.7.3 arp learning strict (system view)............................................................................................................................ 825 13.7.4 arp validate..................................................................................................................................................................... 826 13.7.5 arp-fake expire-time.................................................................................................................................................... 828 13.7.6 arp-limit........................................................................................................................................................................... 829 13.7.7 display arp anti-attack configuration.................................................................................................................... 831 13.7.8 display arp learning strict.......................................................................................................................................... 835 13.7.9 display arp packet statistics...................................................................................................................................... 836 13.7.10 display arp-limit.......................................................................................................................................................... 837 13.7.11 reset arp anti-attack statistics rate-limit............................................................................................................839 13.7.12 reset arp packet statistics........................................................................................................................................ 840 13.8 DHCP Snooping Configuration Commands............................................................................................................ 841 13.8.1 display dhcp snooping................................................................................................................................................ 841 13.8.2 display dhcp snooping configuration.....................................................................................................................845 13.8.3 display dhcp snooping statistics.............................................................................................................................. 846 13.8.4 display dhcp snooping user-bind.............................................................................................................................848 13.8.5 display dhcpv6 snooping user-bind........................................................................................................................ 851 13.8.6 reset dhcp snooping statistics.................................................................................................................................. 854 13.9 ND Snooping Configuration Commands................................................................................................................. 855 13.9.1 display nd snooping prefix........................................................................................................................................ 855 13.9.2 display nd snooping statistics...................................................................................................................................857 13.9.3 display nd snooping user-bind................................................................................................................................. 859 13.9.4 reset nd snooping statistics....................................................................................................................................... 862 13.10 IP Source Guard Configuration Commands..........................................................................................................862 13.10.1 display dhcp static user-bind.................................................................................................................................. 862 13.10.2 display dhcpv6 static user-bind............................................................................................................................. 864 13.11 PKI Configuration Commands................................................................................................................................... 866 13.11.1 pki delete-certificate................................................................................................................................................. 866 13.11.2 pki import-certificate................................................................................................................................................ 867 13.11.3 pki rsa local-key-pair destroy................................................................................................................................. 869 13.11.4 pki validate-certificate.............................................................................................................................................. 870 13.11.5 pki import rsa-key-pair............................................................................................................................................ 871 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xviii Fit AP Command Reference Contents 13.11.6 display pki certificate................................................................................................................................................ 873 13.11.7 display pki certificate filename..............................................................................................................................881 13.11.8 display pki rsa local-key-pair................................................................................................................................. 883 13.12 SSL Configuration Commands.................................................................................................................................. 885 13.12.1 display ssl connection statistics............................................................................................................................. 885 13.12.2 display ssl policy......................................................................................................................................................... 886 13.12.3 reset ssl connection statistics................................................................................................................................. 888 13.13 URL Filtering Configuration Commands................................................................................................................889 13.13.1 display url-filter statistics........................................................................................................................................ 889 13.13.2 reset url-filter statistics............................................................................................................................................ 891 14 QoS Commands................................................................................................................. 893 14.1 ACL-based Simplified Traffic Policy Commands.................................................................................................... 893 14.1.1 display traffic-filter applied-record......................................................................................................................... 893 14.1.2 display traffic-filter statistics.................................................................................................................................... 894 14.1.3 reset traffic-filter statistics........................................................................................................................................ 896 14.2 WLAN QoS Configuration Commands..................................................................................................................... 897 14.2.1 display traffic-remark applied-record.................................................................................................................... 897 14.2.2 display video-aware-list..............................................................................................................................................898 14.2.3 display voice-aware-list.............................................................................................................................................. 900 15 Network Management and Monitoring Commands................................................ 902 15.1 SNMP Configuration Commands................................................................................................................................902 15.1.1 enable snmp trap updown........................................................................................................................................ 902 15.2 Mirroring Configuration Commands......................................................................................................................... 903 15.2.1 display mirror-port....................................................................................................................................................... 904 15.2.2 display observe-port.................................................................................................................................................... 905 15.2.3 mirror (interface view)............................................................................................................................................... 906 15.2.4 observe-port................................................................................................................................................................... 908 15.3 Ping and Tracert Configuration Commands........................................................................................................... 909 15.3.1 ping.................................................................................................................................................................................... 909 15.3.2 ping ipv6.......................................................................................................................................................................... 918 15.3.3 tracert............................................................................................................................................................................... 923 15.4 LLDP Configuration Commands..................................................................................................................................928 15.4.1 display lldp local........................................................................................................................................................... 928 15.4.2 display lldp neighbor................................................................................................................................................... 935 15.4.3 display lldp neighbor brief ....................................................................................................................................... 943 15.4.4 display lldp statistics .................................................................................................................................................. 944 15.4.5 display lldp tlv-config.................................................................................................................................................. 946 15.4.6 lldp clear neighbor....................................................................................................................................................... 949 15.4.7 reset lldp statistics........................................................................................................................................................ 950 15.5 Packet Capture Configuration Command................................................................................................................ 952 15.5.1 capture-packet............................................................................................................................................................... 952 15.6 Service Diagnosis Configuration Commands......................................................................................................... 955 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xix Fit AP Command Reference Contents 15.6.1 display trace information........................................................................................................................................... 955 15.6.2 display trace instance.................................................................................................................................................. 957 15.6.3 display trace object...................................................................................................................................................... 959 15.6.4 reset trace instance...................................................................................................................................................... 962 15.6.5 save trace information................................................................................................................................................ 963 15.6.6 trace enable.................................................................................................................................................................... 964 15.6.7 trace object..................................................................................................................................................................... 965 15.6.8 trace syslog source....................................................................................................................................................... 969 15.7 WMI Commands...............................................................................................................................................................970 15.7.1 display wmi status........................................................................................................................................................ 970 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. xx Fit AP Command Reference 1 How to Use Command Lines 1 How to Use Command Lines About This Chapter 1.1 Entering Command Views 1.2 Editing Command Lines 1.3 Using Command Line Online Help 1.4 Interpreting Command Line Error Messages 1.5 Using the undo Command Line 1.6 Displaying History Commands 1.7 Using Command Line Shortcut Keys 1.1 Entering Command Views The device has many functions; therefore various configuration commands and query commands are provided to facilitate device management and maintenance. Huawei wireless access point registers commands to different command views based on the functions of the commands, so users can easily use them. To use a function, enter the corresponding command view first and then run corresponding commands. Common Command Views Name How To Enter Function User view When a user logs in to the device, the user enters the user view and the following prompt is displayed on the screen: In the user view, you can view the running status and statistics of the device. <Huawei> Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 1 Fit AP Command Reference 1 How to Use Command Lines Name How To Enter Function System view Run the system-view command and press Enter in the user view. The system view is displayed. In the system view, you can set the system parameters of the device, and enter other function views from this view. Run the interface command and specify an interface type and number to enter an interface view. You can configure interface parameters in the interface view. The interface parameters include physical attributes, link layer protocols, and IP addresses. <Huawei> system-view Enter system view, return user view with Ctrl+Z. [Huawei] Interface view [Huawei] interface gigabitethernet X/Y/Z [Huawei-GigabitEthernetX/Y/Z] NOTE ● X/Y/Z indicates the number of an interface that needs to be specified. It is in the format of slot number/sub card number/ interface sequence number. ● The interface GigabitEthernet is only an example. NOTE ● The command line prompt Huawei is the default host name (sysname). The prompt indicates the current view. For example, <> indicates the user view and [] indicates all other views except user view. ● Some commands can be executed in multiple views, but they have different functions after being executed in different views. For example, you can run the lldp enable command in the system view to enable LLDP globally and in the interface view to enable LLDP on an interface. ● In the system view, you can run the diagnose command to enter the diagnostic view. Diagnostic commands are used for device fault diagnosis. If you run some commands in the diagnostic view, the device may run improperly or services may be interrupted. Contact technical support personnel and use these diagnostic commands with caution. Quitting Command Views You can run the quit command to return from the current view to an upper-level view. For example, return from the interface view to the system view and run the quit command to return to the user view. [Huawei-GigabitEthernet0/0/1] quit [Huawei]quit <Huawei> To return from the interface view directly to the user view, press Ctrl+Z or run the return command. # Press Ctrl+Z to return directly to the user view. [Huawei-GigabitEthernet0/0/1] <Huawei> Issue 08 (2021-02-25) #Press Ctrl+Z. Copyright © Huawei Technologies Co., Ltd. 2 Fit AP Command Reference 1 How to Use Command Lines # Run the return command to return directly to the user view. [Huawei-GigabitEthernet0/0/1] return <Huawei> 1.2 Editing Command Lines Editing Feature You can edit commands in a CLI that supports multi-line edition. Each command can contain a maximum of 512 characters. The keywords in the commands are case insensitive. Whether a command parameter is case sensitive or not depends on what the parameter is. Table 1-1 lists keys that are frequently used for command editing. Table 1-1 Keys for command editing Key Function Common key Inserts a character at the current location of the cursor if the editing buffer is not full, and the cursor moves to the right. Otherwise, an alarm is generated. Backspace Deletes the character on the left of the cursor and the cursor moves to the left. When the cursor reaches the head of the command, an alarm is generated. Left cursor key ← or Ctrl+B Moves the cursor to the left by the space of a character. When the cursor reaches the head of the command, an alarm is generated. Right cursor key → or Ctrl+F Moves the cursor to the right by the space of a character. When the cursor reaches the end of the command, an alarm is generated. Operating Techniques Incomplete Keyword You can enter incomplete keywords on the device. In the current view, you do not need to enter complete keywords if the entered characters can match a unique keyword. This function improves operating efficiency. For example, to execute the display current-configuration command, you can enter d cu, di cu, or dis cu, but you cannot enter d c or dis c because they do not match unique keywords. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 3 Fit AP Command Reference 1 How to Use Command Lines NOTE The maximum length of a command (including the incomplete command) to be entered is 512 characters. If a command in incomplete form is configured, the system saves the command to the configuration file in its complete form, which may cause the command to have more than 512 characters. In this case, the command in incomplete form cannot be restored after the system restarts. Therefore, when you configure a command in incomplete form, pay attention to the length of the command. Tab Enter an incomplete keyword and press Tab to complete the keyword. ● When a unique keyword matches the input, the system replaces the incomplete input with the unique keyword and displays it in a new line with the cursor leaving a space behind. For example: a. Enter an incomplete keyword. [Huawei] info- b. Press Tab. The system replaces the entered keyword and displays it in a new line with the complete keyword followed by a space. [Huawei] info-center ● When the input has multiple matches, press Tab repeatedly to display the keywords beginning with the incomplete input in a circle until the desired keyword is displayed. In this case, the cursor closely follows the end of the keyword. For example: a. Enter an incomplete keyword. [Huawei] info-center log b. Press Tab. The system displays the prefixes of all the matched keywords. In this example, the prefix is log. [Huawei] info-center logbuffer Press Tab to switch from one matched keyword to another. In this case, the cursor closely follows the end of a word. [Huawei] info-center logfile [Huawei] info-center loghost Stop pressing Tab when the desired keyword is displayed. ● When an incorrect keyword is entered, press Tab and it is displayed in a new line without being changed. For example: a. Enter an incorrect keyword. [Huawei] info-center loglog b. Press Tab. [Huawei] info-center loglog The system displays information in a new line, but the keyword loglog remains unchanged and there is no space between the cursor and the keyword, indicating that this keyword does not exist. 1.3 Using Command Line Online Help When entering command lines, you can enter a question mark (?) at any time to obtain online help. You can choose to obtain full help or partial help. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 4 Fit AP Command Reference 1 How to Use Command Lines Full Help When entering a command, you can use the full help function to obtain keywords and parameters for the command. Use any of the following methods to obtain full help from a command line. ● Enter a question mark (?) in any command view to obtain all the commands and their simple descriptions. For example: <Huawei> ? User view commands: backup Backup information cd Change current directory cls Clear screen copy Copy from one file to another debugging <Group>debugging command group delete Delete a file ... ● Enter some keywords of a command and a question mark (?) separated by a space. All keywords associated with this command, as well as simple descriptions, are displayed. For example: <Huawei> system-view [Huawei] user-interface vty 0 4 [Huawei-ui-vty0-4] authentication-mode ? aaa AAA authentication password Authentication through the password of a user terminal interface [Huawei-ui-vty0-4] authentication-mode aaa ? <cr> Please press ENTER to execute command [Huawei-ui-vty0-4] authentication-mode aaa ● – "aaa" and "password" are keywords. "AAA authentication" and "Authentication through the password of a user terminal interface" describe the keywords respectively. – <cr> indicates that there is no keyword or parameter in this position. You can press Enter to run this command. Enter some keywords of a command and a question mark (?) separated by a space. All parameters associated with this keyword, as well as simple descriptions, are listed. For example: <Huawei> system-view [Huawei] ftp timeout ? INTEGER<1-35791> The value of FTP timeout (in minute) [Huawei] ftp timeout 35 ? <cr> Please press ENTER to execute command [Huawei] ftp timeout 35 "INTEGER<1-35791>" describes the value range of the parameter. "The value of FTP timeout (in minutes)" briefly describes the function of this parameter. Partial Help If you enter only the first or first several characters of a command keyword, partial help provides keywords that begin with this character or character string. Use any of the following methods to obtain partial help from a command line. ● Enter a character string followed directly by a question mark (?) to display all keywords that begin with this character string. For example: <Huawei> d? debugging <Group> debugging command group delete Delete a file dir List files on a filesystem display Display information <Huawei>d Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 5 Fit AP Command Reference ● 1 How to Use Command Lines Enter a command and a string followed directly by a question mark (?) to display all the keywords that begin with this string. For example: <Huawei> display e? elabel Display manufacture information esn The machine ESN <Huawei> display e ● Enter the first several letters of a keyword in a command and press Tab to display a complete keyword. The first several letters, however, must uniquely identify the keyword. If they do not identify a specific keyword, press Tab continuously to display different keywords and you can select one as required. NOTE The command output obtained through the online help function is used for reference only. 1.4 Interpreting Command Line Error Messages Table 1-2 lists the common error messages. Table 1-2 Common error messages of the command line Error Message Cause of the Error Error: Unrecognized command found at '^' position. No command is found. Error: Wrong parameter found at '^' position. The parameter type is incorrect. Error: Incomplete command found at '^' position. The entered command is incomplete. Error: Too many parameters found at '^' position. Too many parameters are entered. Error: Ambiguous command found at '^' position. Indefinite command is entered. No keyword is found. The parameter value exceeds the limit. 1.5 Using the undo Command Line If a command line begins with the keyword undo, it is an undo command line. The undo command lines restore default settings of parameters, disable functions, or delete configurations. Almost each configuration command line has a corresponding undo command. Some examples of using the undo command are listed as follows: ● The undo command disables a specified function. The info-center enable command enables the information center function on the device. For example: <Huawei> system-view [Huawei] info-center enable Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 6 Fit AP Command Reference 1 How to Use Command Lines Info: Information center is enabled. [Huawei] undo info-center enable Info: Information center is disabled. ● The undo command deletes a specified configuration. The header command configures the header information displayed on terminals when users log in. For example: <Huawei> system-view [Huawei] header login information "Hello,Welcome to Huawei!" Log out of the terminal and re-log in. A message "Hello, Welcome to Huawei!" is displayed before authentication. Run the undo header login command. Hello,Welcome to Huawei! Login authentication Username:huawei Password: ----------------------------------------------------------------------------User last login information: ----------------------------------------------------------------------------Access Type: Telnet IP-Address : 192.168.40.1 Time : 2013-04-07 16:50:02+08:00 ----------------------------------------------------------------------------<Huawei> system-view [Huawei] undo header login Log out of the terminal and re-log in. No message is displayed before authentication. Login authentication Username:huawei Password: ----------------------------------------------------------------------------User last login information: ----------------------------------------------------------------------------Access Type: Telnet IP-Address : 192.168.254.204 Time : 2005-08-19 17:45:30+08:00 ----------------------------------------------------------------------------<Huawei> NOTE The command output provided here is used for reference only. The actual output information may differ from the preceding information. 1.6 Displaying History Commands By default, the system saves 10 history commands for each user. Run the historycommand max-size size-value command to reset the number of history commands that are allowed to be saved in a specified user interface view. The maximum number is 256. NOTE If the value is too large, it may take a long time to obtain a required history command. Therefore, a large value is not recommended. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 7 Fit AP Command Reference 1 How to Use Command Lines Table 1-3 shows operations of history commands. Table 1-3 Accessing history commands Action Command or Key Result Display history commands. display history-command Display history commands entered by the current user. Display the earlier history command. Up arrow key ↑ or Ctrl+P If there is an earlier history command, the earlier history command is displayed. Otherwise, an alarm is generated. Display the later history command. Down arrow key ↓ or Ctrl+N If there is a later history command, the later history command is displayed. Otherwise, the command is cleared and an alarm is generated. NOTE You cannot access history commands using the Up arrow key ↑ in HyperTerminal Windows 9X. The Up arrow key ↑ has a different function in Windows 9X and need to be replaced by the shortcut key Ctrl+P. When using history commands, note the following: ● The saved history commands are the same as that those entered by users. For example, if the user enters an incomplete command, the saved command also is incomplete. ● If the user runs the same command several times, only the latest command is saved. If the command is entered in different forms, they are considered as different commands. For example, if the display current-configuration command is run several times, only one history command is saved. If the display currentconfiguration command and the dis curr command are used, both of them are saved. 1.7 Using Command Line Shortcut Keys There are two types of shortcut keys: ● User-defined shortcut keys: include Ctrl+G, Ctrl+L, Ctrl+O, and Ctrl+U. You can associate these shortcut keys with any commands. When a shortcut key is pressed, the system runs the corresponding command. ● System-defined shortcut keys: shortcut keys defined in the system that have fixed functions. Users cannot define these shortcut keys. Table 1-4 lists the frequently used system-defined shortcut keys. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 8 Fit AP Command Reference 1 How to Use Command Lines NOTE The terminal in use may affect the functions of the shortcut keys. For example, if the shortcut keys defined by the terminal conflict with those defined in the system, the shortcut keys entered by the user are captured by the terminal program and the commands corresponding to the shortcut keys are not executed. User-defined Shortcut Keys When a user frequently uses a command or some commands, the user can use shortcut keys to define these commands. Only management-level users have the rights to define shortcut keys. The configurations are as follows: 1. Run the system-view command to enter the system view. 2. Run the hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } command-text command to configure a shortcut key corresponding to a command. The system supports four user-defined shortcut keys and the default values are as follows: ● Ctrl+G: display current-configuration ● Ctrl+L: undo idle-timeout ● Ctrl+O: undo debugging all ● Ctrl+U: Null NOTE ● When defining shortcut keys, use double quotation marks to define the command if this command contains several keywords separated by spaces. For example, hotkey ctrl_l "display tcp status". Do not use double quotation marks to define a command if the command contains only one keyword. ● Run the display hotkey command to view the status of the defined, undefined, and system-defined shortcut keys. ● Run the command to restore default values of the configured shortcut keys. ● Shortcut keys are executed in the same way as commands. The system can record commands in their original formats in the command buffer and logs to help query and locate the fault. ● The user-defined shortcut keys are available to all users. If a user does not have the rights to use the command defined by a shortcut key, the system displays an error message when this shortcut key is executed. System-defined Shortcut Keys Table 1-4 System-defined shortcut keys Key Function Ctrl+A Moves the cursor to the beginning of the current line. Ctrl+B Moves the cursor back one character. Ctrl+C Stops performing current functions. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 9 Fit AP Command Reference 1 How to Use Command Lines Key Function Ctrl+D Deletes the character where the cursor is located at. Ctrl+E Moves the cursor to the end of the last line. Ctrl+F Moves the cursor forward one character. Ctrl+H Deletes the character on the left side of the cursor. Ctrl+I Provides the same function as Tab. Ctrl+J Provides the same function as Enter. Ctrl+M Provides the same function as Enter. Ctrl+N Displays the next command in the history command buffer. Ctrl+P Displays the previous command in the history command buffer. Ctrl+T Provides the same function as a question mark. Ctrl+W Deletes a character string on the left side of the cursor. Ctrl+X Deletes all the characters on the left side of the cursor. Ctrl+Y Deletes all the characters on the right side of the cursor and the character where the cursor is located at. Ctrl+Z Returns to the user view. Ctrl+] Stops incoming connections or redirects the connections. Esc+B Moves the cursor back one word. Esc+D Deletes one word on the right side of the cursor. Esc+F Moves the cursor forward one word. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 10 Fit AP Command Reference 2 2 Basic Configurations Commands Basic Configurations Commands About This Chapter 2.1 CLI Overview Commands 2.2 UI Configuration Commands 2.3 User Login Configuration Commands 2.4 File Management Commands 2.5 Configuring System Startup Commands 2.6 Upgrade Commands 2.1 CLI Overview Commands 2.1.1 cls Function The cls command clears the current screen. Format cls Parameters None Views User view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 11 Fit AP Command Reference 2 Basic Configurations Commands Default Level 1: Monitoring level Usage Guidelines This command only clears the screen and does not clear the screen buffer. Example # Clear screen. <Huawei> cls Info: Current terminal monitor is off. Info: Current terminal debugging is off. 2.1.2 diagnose Function The diagnose command enters the diagnostic view from the system view. Format diagnose Parameters None Views System view Default Level 3: Management level Usage Guidelines Diagnostic commands are mainly used for fault diagnosis. However, running some commands may cause device faults or service interruptions. Therefore, use these commands under the instruction of technical support personnel. Example # Enter the diagnostic view. <Huawei> system-view [Huawei] diagnose [Huawei-diagnose] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 12 Fit AP Command Reference 2 Basic Configurations Commands 2.1.3 display history-command Function The display history-command command displays the historical commands stored on the current device. Format display history-command Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can run this command to check historical commands the user has executed recently. This command facilitates information search. Historical commands are stored in the circular mode and a maximum of 200 historical commands can be displayed. Precautions All the historical commands entered by a user are automatically saved on the terminal, that is, any input that ends with Enter is saved as a historical command. NOTE ● Historical commands are saved in the same format as that used in the input. If a command that is entered by a user is in an incomplete format, the saved historical command is also in the incomplete format. ● If a user runs a command several times, only the latest command is saved on the device. If the command is entered in different formats, they are considered as different commands. You can view historical commands using the following methods: ● To view the previous historical command, press the Up arrow key or Ctrl+P. If there is an earlier historical command, the earlier historical command is displayed. ● To view the next historical command, press the Down arrow key or Ctrl+N. If there is a new historical command, the new historical command is displayed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 13 Fit AP Command Reference 2 Basic Configurations Commands NOTE Access to historical commands using the Up arrow key does not apply to Windows 9X. The Up arrow key has different functions in Windows 9X and needs to be replaced by shortcut keys Ctrl+P. Example # Display the historical commands that have been executed on the current terminal. <Huawei> display history-command quit user privilege level 15 user-interface vty 0 4 system-view Related Topics 2.2.11 history-command max-size 2.1.4 display this Function The display this command displays the running configuration in the current view. Format display this Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario After the configurations are complete in a certain view, run the display this command to check the current configurations. Precautions If a configuration parameter uses the default value, this parameter is not displayed. Configurations of the functions that do not take effect are not displayed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 14 Fit AP Command Reference 2 Basic Configurations Commands If you run the display this command in an interface view, configuration of the interface view is displayed. If you run this command in a protocol view, configuration of the protocol view is displayed. Example # Display the running configuration in the current view. <Huawei> system-view [Huawei] user-interface vty 0 [Huawei-ui-vty0] display this # user-interface con 0 user-interface vty 0 4 idle-timeout 30 0 user-interface vty 16 20 # return 2.1.5 header Function The header command configures the header information displayed on a terminal when users log in to a connected device. The undo header command deletes the header information displayed on a terminal when users log in to a connected device. By default, no header information is displayed on terminals when users log in to a connected device. Format header { login | shell } { information text | file file-name } undo header { login | shell } Parameters Parameter Description login Indicates header information displayed on a terminal when a user logs in to the device and a connection between the terminal and the device is activated. shell Indicates the header displayed on a terminal when the session is set up after the user logs in to the connected device. Issue 08 (2021-02-25) Value Copyright © Huawei Technologies Co., Ltd. 15 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value information Specifies the header and content. The value is a string with spaces and carriage returns supported. The maximum length of the string that can be entered at one time is 480 characters, if a linefeed is contained in the first line. If no linefeed is contained in the first line, a maximum of 510 characters can be entered at one time, and the total string length ranges from 1 to 2038 characters. Specifies the file name that the header uses. The value is a string of 5 to 64 characters. The maximum header file size is 128 KB. If the file size is greater than 128 KB, only the first 128 KB file information can be displayed. text file file-name Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To provide some prompts or alarms to users, you can use the header command to configure a title on the device. If a user logs in to the device, the title is displayed. Procedure If information is specified, the header text starts and ends with the same character. You can set the header text in either of the following modes: ● Non-interactive: enter the header text behind the start character. Use the same character at the beginning and end of the header and press Enter. If the start and end characters are inconsistent, the system prompts an error message. ● Interactive: enter the start character and press Enter. The system displays a message prompting the correct header information. Then enter the required information and enter the same character at the beginning and end of the header, and press Enter. The system quits the interactive process. During interaction, you can press Enter at any time to enter information in the next line. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 16 Fit AP Command Reference 2 Basic Configurations Commands ● Before setting the login parameter, you must set login authentication parameters; otherwise, no header information about authentication is displayed. ● Before setting the file parameter, ensure that the file containing the header exists; otherwise, the file name cannot be obtained. ● If the file parameter is set, save the file containing the header in the root directory of the default storage media. To save the file to another directory, you must use a full path. ● If you use SSH1.X to log in to the device, the shell header rather than the login header is displayed. ● If you use SSH2.0 to log in to the device, both login and shell headers are displayed in the login process. ● If the header command is configured several times, only the latest configuration takes effect. ● After the login title is configured, any user that logs in to the system can view the title. ● The start and end characters in the header text can be double quotation marks (""). However, the header text content cannot contain double quotation marks (""). Example # Configure a shell header. (non-interactive process) <Huawei> system-view [Huawei] header shell information &Hello! Welcome to system!& # Enter the header text behind the start character '&' and enter '&' at the end of the header text, and press Enter. # Display the shell header if the login succeeds. Hello! Welcome to system! # Configure a shell header (interactive process). <Huawei> system-view [Huawei] header shell information % # Press Enter after entering the start character '%' to start the interactive process. Info: Input banner text, and quit with the character '%'. Hello! Welcome to system!% [Huawei] quit <Huawei> quit # Log off. # Press Enter. The shell header is displayed when the user logs in again. Hello! Welcome to system! <Huawei> # Specify the file that stores a login header. <Huawei> system-view [Huawei] header login file flash:/header-file.txt Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 17 Fit AP Command Reference 2 Basic Configurations Commands 2.1.6 display hotkey Function The display hotkey command displays the status of the defined, undefined, and system hotkeys. Format display hotkey Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines After you understand the defined, undefined, and system hotkeys in the system, you can use hotkeys to quickly enter commands. To redefine hotkeys for a command, run the hotkey command. The system allows hotkeys in places where commands can be entered, and displays the commands corresponding to hotkeys. You can run the display hotkey command to view the commands corresponding to hotkeys. Example # Display defined, undefined, and system hotkeys. <Huawei> display hotkey ----------------- HOTKEY ----------------=Defined hotkeys= Hotkeys Command CTRL_G display current-configuration CTRL_L undo idle-timeout CTRL_O undo debugging all =Undefined hotkeys= Hotkeys Command CTRL_U NULL =System hotkeys= Hotkeys Function CTRL_A Move the cursor to the beginning of the first line CTRL_B Move the cursor one character left CTRL_C Stop current command function CTRL_D Erase current character CTRL_E Move the cursor to the end of the Last line CTRL_F Move the cursor one character right Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 18 Fit AP Command Reference 2 Basic Configurations Commands CTRL_H Erase the character left of the cursor CTRL_I Perform the same fucntion as the "Tab" key CTRL_J Perform the same fucntion as the "Enter" key CTRL_K Kill outgoing connection when connecting CTRL_M Perform the same fucntion as the "Enter" key CTRL_N Display the next command from the history buffer CTRL_T Function as a question mark CTRL_P Display the previous command from the history buffer CTRL_W Delete the word left of the cursor CTRL_X Delete all characters up to the cursor CTRL_Y Delete all characters after the cursor CTRL_Z Return to the user view CTRL_] Kill incoming connection or redirect connection ESC_B Move the cursor one word back ESC_D Delete remainder of word ESC_F Move the cursor forward one word Table 2-1 Description of the display hotkey command output Item Description Defined hotkeys Defined hotkeys. Undefined hotkeys Undefined hotkeys. System hotkeys System hotkeys. Related Topics 2.1.7 hotkey 2.1.7 hotkey Function The hotkey command sets a shortcut key for a command. The undo hotkey restores the system shortcut keys to the default values. By default, the system sets the default values for three shortcut keys CTRL+G, CTRL+L, and CTRL+O, while does not set default value for CTRL+U. Format hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } command-text undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } Parameters Parameter Description Value CTRL_G Specifies the shortcut key Ctrl+G for a command. - CTRL_L Specifies the shortcut key Ctrl+L for a command. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 19 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value CTRL_O Specifies the shortcut key Ctrl+O for a command. - CTRL_U Specifies the shortcut key Ctrl+U for a command. - command-text Specifies the associated command line for The value is a string shortcut keys. of 1 to 240 characters. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can set a shortcut key for a command that is often used; you can also change the default value of the shortcut key that is defined by the system according to your requirements. Precautions Four shortcut keys are customized by users: CTRL+G, CTRL+L, CTRL+O, and CTRL +U. ● By default, the shortcut key CTRL+G corresponds to the display currentconfiguration command which displays current configuration. ● By default, the shortcut key CTRL+L corresponds to the undo idle-timeout command which restores the default timeout period. ● By default, the shortcut key CTRL+O corresponds to the undo debugging all command which stops the output of all debugging information. After you use the hotkey command to set a shortcut key for a command, you can run the command by pressing the shortcut key or entering a command. NOTE One shortcut key can be set for only one command. If you set a shortcut key for multiple commands, only the latest configuration takes effect. When assigning a command for a shortcut key, you need to mark the command with double quotation marks if the command consists of several words, that is, the command includes spaces. You do not need to mark the command with double quotation marks if the command consists of only one word. Example # Assign the display tcp status command for the shortcut key CTRL+L. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 20 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> system-view [Huawei] hotkey ctrl_l "display tcp status" [Huawei] display hotkey ----------------- HOTKEY ----------------=Defined hotkeys= Hotkeys Command CTRL_G display current-configuration CTRL_L display tcp status CTRL_O undo debugging all =Undefined hotkeys= Hotkeys Command CTRL_U NULL =System hotkeys= Hotkeys Function CTRL_A Move the cursor to the beginning of the first line CTRL_B Move the cursor one character left CTRL_C Stop current command function CTRL_D Erase current character CTRL_E Move the cursor to the end of the Last line CTRL_F Move the cursor one character right CTRL_H Erase the character left of the cursor CTRL_I Perform the same fucntion as the "Tab" key CTRL_J Perform the same fucntion as the "Enter" key CTRL_K Kill outgoing connection when connecting CTRL_M Perform the same fucntion as the "Enter" key CTRL_N Display the next command from the history buffer CTRL_T Function as a question mark CTRL_P Display the previous command from the history buffer CTRL_W Delete the word left of the cursor CTRL_X Delete all characters up to the cursor CTRL_Y Delete all characters after the cursor CTRL_Z Return to the user view CTRL_] Kill incoming connection or redirect connection ESC_B Move the cursor one word back ESC_D Delete remainder of word ESC_F Move the cursor forward one word Related Topics 2.1.6 display hotkey 2.1.8 quit Function The quit command returns from the current view to a lower-level view. If the current view is the user view, this command exits from the system. Format quit Parameters None Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 21 Fit AP Command Reference 2 Basic Configurations Commands Default Level 0: Visit level Usage Guidelines Usage Scenario Three types of views are available and they are listed as follows from a lower level to a higher level: ● User view ● System view ● Service view, such as route protocol view or interface view Run the quit command to return to a lower-level command view from the current view. If you are in the user view currently, after you run the quit command, you quit from the system. Example # Return to the system view from the AAA view, and then return to the user view. After this, quit the system. <Huawei> system-view [Huawei] aaa [Huawei-aaa] quit [Huawei] quit <Huawei> quit Related Topics 2.1.10 system-view 2.1.9 return 2.1.9 return Function The return command returns to the user view from other views except the user view. Format return Parameters None Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 22 Fit AP Command Reference 2 Basic Configurations Commands Default Level 1: Monitoring level Usage Guidelines In other views, you can use the return command to return to the user view. ● Run this command to return to the user view if the current view is another view except the user view. ● If the current view is the user view, no change occurs after running this command. ● The shortcut keys<Ctrl+Z> have the same function as the return command. Example # Return to the user view from the user interface view. <Huawei> system-view [Huawei] user-interface vty 0 [Huawei-ui-vty0] return <Huawei> Related Topics 2.1.10 system-view 2.1.10 system-view Function The system-view command enables you to enter the system view from the user view. Format system-view Parameters None Views User view Default Level 2: Configuration level Usage Guidelines You must configure the device in the system view. Run this command in the user view to enter the system view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 23 Fit AP Command Reference 2 Basic Configurations Commands Example # Enter the system view. <Huawei> system-view Enter system view, return user view with Ctrl+Z. [Huawei] Related Topics 2.1.8 quit 2.1.9 return 2.2 UI Configuration Commands 2.2.1 acl (user interface view) Function The acl command uses an ACL to restrict login rights of users on a terminal. The undo acl command cancels the configuration. By default, login rights are not restricted. Format acl [ ipv6 ] acl-number { inbound | outbound } undo acl [ ipv6 ] { inbound | outbound } Parameters Parameter Description Value ipv6 - Indicates an ACL6 number. acl-number Specifies the number of an ACL. The value is an integer ranging from 2000 to 3999. ● 2000-2999: restricts the source address using the basic ACL. ● 3000-3999: restricts the source and destination addresses using the advanced ACL. inbound Issue 08 (2021-02-25) Restricts users with an address or within an address segment to log in to the device. - Copyright © Huawei Technologies Co., Ltd. 24 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description outbound Value Restricts users that have logged in to the device from logging in to other devices. Views User interface view Default Level 3: Management level Usage Guidelines Usage Scenario This command restricts the login rights of a user interface based on the source IP address, destination IP address, source port, or destination port. You can use this command to permit or deny access to a destination or from a source. Precautions After the configurations of the ACL take effect, all users on the user interface are restricted by the ACL. You can configure all of the following ACL types: IPv4 inbound, IPv4 outbound, IPv6 inbound, and IPv6 outbound on a user interface. Only one ACL of each type can be configured on a user interface, and only the latest configuration of an ACL takes effect. Example # Restrict the Telnet login rights on user interface VTY 0. <Huawei> system-view [Huawei] user-interface vty 0 [Huawei-ui-vty0] acl 3001 outbound # Remove the restriction on the Telnet login rights on user interface VTY 0. <Huawei> system-view [Huawei] user-interface vty 0 [Huawei-ui-vty0] undo acl outbound Related Topics 2.2.20 user-interface 2.2.2 auto-execute command Function The auto-execute command command configures auto-run commands. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 25 Fit AP Command Reference 2 Basic Configurations Commands The undo auto-execute command command cancels auto-run commands. By default, the auto-run function is disabled. Format auto-execute command command undo auto-execute command Parameters Parameter Description Value command Specifies an auto-run command. - Views User interface view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the auto-execute command command to make the device run a command automatically on the corresponding interface. You can run the auto-execute command command to enable automatic execution for the Telnet command. Precautions ● The auto-execute command command is applicable to the VTY user interface. ● When you log in to the device, the device automatically runs the commands that are configured by the auto-execute command command. The user's terminal disconnects from the device. ● Before saving the configuration of the auto-execute command command, ensure that you can log in to the device in other ways so that you can cancel the command configuration. ● If you use the auto-execute command command, you cannot configure the device in the user interface view. Therefore, use this command with caution. Example # Configure the telnet 10.110.100.1 command to automatically run after a user logs in to the device using the VTY0 interface. <Huawei> system-view [Huawei] user-interface vty 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 26 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-ui-vty0] auto-execute command telnet 10.110.100.1 Warning: The system will not be configured through ui-vty0.Continue? [Y/N]: y 2.2.3 databits Function The databits command sets the number of data bits of the user interface. The undo databits command restores the default number of data bits. By default, the number of data bits of the user interface is 8. Format databits { 5 | 6 | 7 | 8 } undo databits Parameters Parameter Description Value 5 Indicates that the number of data bits is 5. - 6 Indicates that the number of data bits is 6. - 7 Indicates that the number of data bits is 7. - 8 Indicates that the number of data bits is 8. - Views User interface view Default Level 3: Management level Usage Guidelines Use this command only when necessary. If the number of data bits of a device's user interface is changed, ensure that the same number of data bits is set on the HyperTerminal used for login. This function takes effect for only serial interfaces. NOTE The data bit of the console user interface does not support 5 and 6. Example # Set the number of data bits to 7. <Huawei> system-view [Huawei] user-interface console 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 27 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-ui-console0] databits 7 2.2.4 display mib-index interface Function The display mib-index interface command displays the index value of an interface in the MIB. Format display mib-index interface [ interface-type [ interface-number ] ] Parameters Parameter Description interface-type Specifies the interface for which the index value is interfacedisplayed. number ● interface-type: specifies the interface type, for example, Ethernet. Value - If the interface type is not specified, the index values of all interfaces are displayed. ● interface-number: specifies the number of an interface. It is used with interface-type to specify an interface. If the interface number is not specified, the index values of all interfaces of the type are displayed. Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display mib-index interface command as an NMS user to view the index values of interfaces. Example # Display indexes of all interfaces. <Huawei> display mib-index interface IfName IfIndex PortIndex -------------------------------------------------GigabitEthernet0/0/0 8 0 NULL0 2 -Vlanif1 6 -- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 28 Fit AP Command Reference 2 Basic Configurations Commands Wlan-Capwap0 Wlan-Radio0/0/0 Wlan-Radio0/0/1 7 9 4 1 --- Table 2-2 Description of the display mib-index interface command output Item Description IfName Interface name. IfIndex Index value of an interface. PortIndex Index value of a port. 2.2.5 display user-interface Function The display user-interface command displays information about a user interface. Format display user-interface [ ui-type ui-number1 | ui-number ] [ summary ] Parameters Parameter Description Value ui-type The value can be Console or VTY. Displays information about a specified user interface. ui-number1 Displays information about a user interface with a specified relative number. The minimum value is 0. The maximum value is smaller by 1 than the number of user interfaces the system supports. ui-number Displays information about a user interface with a specified absolute number. The value is an integer ranging from 0 to 25. The value varies according to the device type. summary Displays the summary of a user interface. - Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 29 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Using the display user-interface command, you can view detailed configuration information about all user interfaces or a specified user interface. NOTE Lower-level users cannot gain access to a user interface information about users of higher levels. Example # Display detailed information about the user interface with the absolute number 0. <Huawei> display user-interface 0 Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int + 0 CON 0 9600 15 15 P + : Current UI is active. Idx : Absolute index of UIs. Type : Type and relative index of UIs. Privi: The privilege of UIs. ActualPrivi: The actual privilege of user-interface. Auth : The authentication mode of UIs. A: Authenticate use AAA. N: Current UI need not authentication. P: Authenticate use current UI's password. Int : The physical location of UIs. # Display detailed information about all user interfaces. <Huawei> display user-interface Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int + 0 CON 0 9600 15 15 P + 129 VTY 0 0 15 A 130 VTY 1 0 0 A 131 VTY 2 0 0 A 132 VTY 3 0 0 A 133 VTY 4 0 0 A 145 VTY 16 0 0 A 146 VTY 17 0 0 A 147 VTY 18 0 0 A 148 VTY 19 0 0 A 149 VTY 20 0 0 A 150 Web 0 15 0 A 151 Web 1 15 0 A 152 Web 2 15 0 A 153 Web 3 15 0 A 154 Web 4 15 0 A 155 XML 0 0 0 A 156 XML 1 0 0 A 157 XML 2 0 0 A + 168 XML 0 15 15 N UI(s) not in async mode -or- with no hardware support: 1-128 + : Current UI is active. Idx : Absolute index of UIs. Type : Type and relative index of UIs. Privi: The privilege of UIs. ActualPrivi: The actual privilege of user-interface. Auth : The authentication mode of UIs. A: Authenticate use AAA. N: Current UI need not authentication. P: Authenticate use current UI's password. Int : The physical location of UIs. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 30 Fit AP Command Reference 2 Basic Configurations Commands Table 2-3 Description of the display user-interface command output Parameter Description + Active user interface. Idx Absolute number of a user interface. Type Type and relative number of a user interface. ● CON: Login through the console port ● VTY: Login through Telnet or SSH. ● Web: Login through the web platform ● XML: Login through the upper-layer NMS, which communicates with the local device using NETCONF Tx/Rx Data transfer rate of the user interface. Modem Type of the modem. The value - indicates that the hardware does not support the modem. Privi Authority configured on a user interface. ActualPrivi Actual permission of a user interface. In the case of the AAA authentication mode, the level of a local user in AAA configuration is the actual permission. Auth Authentication mode on a user interface. ● A: AAA authentication. ● N: No authentication on the current user interface. ● P: Password authentication. Int User interface. UI(s) not in async mode or- with no hardware support: 1-128 Interfaces numbered from 1 to 128 are UI interfaces that are working in synchronous mode or are not supported by the hardware. Currently, the WLAN supports only the asynchronous mode. 2.2.6 display user-interface maximum-vty Function The display user-interface maximum-vty command displays the maximum number of VTY users. Format display user-interface maximum-vty Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 31 Fit AP Command Reference 2 Basic Configurations Commands Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display user-interface maximum-vty command to view the maximum number of users who connect to the device using Telnet or SSH. By default, the total number of Telnet users and SSH users is five maximum. Example # Display the maximum number of VTY users. <Huawei> display user-interface maximum-vty Maximum of VTY user : 5 Table 2-4 Description of the display user-interface maximum-vty command output Parameter Description Maximum of VTY user Maximum number of VTY users. The maximum number of VTY users can be configured using the user-interface maximumvty command. Related Topics 2.2.22 user-interface maximum-vty 2.2.7 display users Function The display users command displays login information for each user interface. Format display users [ all ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 32 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description all Value Displays information about all users who log in to the device through user interfaces, including information about user interfaces that are not used. If the all parameter is not used, the command displays only information about user interfaces that have been connected. Views All views Default Level 3: Management level Usage Guidelines You can run this command to view information about users who are connected to the device. The information includes the user name, IP address, and authentication and authorization information. NOTE Lower-level users cannot gain access to information about users of higher levels. Example # Run the display users command to view information about users who log in to the device through the user interface. <Huawei> display users User-Intf Delay Type Network Address + 5 VTY 0 00:00:00 TEL 192.168.40.1 Username : admin Network Address : 172.16.1.1 AuthenStatus pass AuthorcmdFlag Table 2-5 Description of the display users command output Item Description + Terminal line in use. User-Intf The number in the first column indicates the absolute number of the user interface, and the number in the second column indicates the relative number of the user interface. Delay Interval from the user's latest input to the current time, in seconds. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 33 Fit AP Command Reference 2 Basic Configurations Commands Item Description Type Connection type. ● Console ● Telnet ● SSH ● Web Network Address Indicates the initial connection location. Username User name for logging in to the device. If the user name is not specified, Unspecified is displayed. AuthenStatus Whether the authentication succeeds. AuthorcmdFlag Command line authorization status. 2.2.8 display vty lines Function The display vty lines command lists the number of rows displayed on the VTY screen. Format display vty lines Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # List the number of lines displayed on the VTY screen. <Huawei> display vty lines Current VTY lines is 24 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 34 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.2.15 screen-length 2.2.9 display vty mode Function The display vty mode command displays the current VTY mode. Format display vty mode Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines VTY modes are classified into the man-to-machine mode and machine-to-machine mode. You can run this command to check the current VTY mode. Example # Display the VTY mode. <Huawei> display vty mode Current user-interface mode is Human-Machine interface. 2.2.10 free user-interface Function The free user-interface command disconnects the device from a specified user interface. Format free user-interface { ui-number | ui-type ui-number1 } Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 35 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value ui-number Specifies the absolute The value is an integer ranging from 0 number of a user interface. to 25. The value varies according to the device type. ui-type Specifies the type of a user The value can be Console, or VTY. interface. ui-number1 Specifies the relative The minimum value is 0. The number of a user interface. maximum value is smaller by 1 than the number of user interfaces the system supports. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario If a user logs in to the device and does not perform an operation or you want to forbid a user from performing operations on the device, you can run the free user-interface command to disconnect a specified user's terminal from the device. After the command is executed, the device logs out the user. Precautions The free user-interface command cannot be executed on the current user interface. For example, if the current user interface is VTY 2, the free userinterface vty 2 command fails to be executed on VTY 2 and an error message is displayed. Example # Disconnect the device from user-interface 0. <Huawei> free user-interface 0 Warning: User interface Console0 will be freed. Continue? [Y/N]:y Related Topics 2.1.8 quit 2.2.12 idle-timeout Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 36 Fit AP Command Reference 2 Basic Configurations Commands 2.2.11 history-command max-size Function The history-command max-size command sets the size of the historical command buffer. The undo history-command max-size command restores the default size of the historical command buffer. By default, a maximum of 10 previously-used commands can be saved in the buffer. Format history-command max-size size-value undo history-command max-size Parameters Parameter Description size-value Value Specifies the size of the historical The value is an integer ranging command buffer. from 0 to 256. Views User interface view Default Level 3: Management level Usage Guidelines The CLI can automatically save the historical commands that you enter. This function is similar to that of Doskey. You can invoke and run the historical commands at any time. Example # Set the size of the historical command buffer to 20. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] history-command max-size 20 Related Topics 2.1.3 display history-command Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 37 Fit AP Command Reference 2 Basic Configurations Commands 2.2.12 idle-timeout Function The idle-timeout command sets the timeout duration for disconnection from a user interface. The undo idle-timeout command restores the default timeout duration. By default, the timeout duration is 5 minutes. Format idle-timeout minutes [ seconds ] undo idle-timeout Parameters Parameter Description Value minutes Specifies the idle timeout duration, in minutes. The value is an integer ranging from 0 to 35791, in minutes. seconds Specifies the idle timeout duration, in seconds. The value is an integer ranging from 0 to 59, in seconds. Views User interface view Default Level 3: Management level Usage Guidelines Usage Scenario If a user logs in to the device and does not perform an operation, the user interface is occupied unnecessarily. You can run the idle-timeout command to disconnect the user's terminal from the device. Precautions ● To disable the user interface disconnection function, run the idle-timeout 0 0 command. ● If the user interface disconnection function is not configured, user connection will never times out, bringing security risks, and other users may fail to log in to the device. ● You are advised to set the timeout duration to 10-15 minutes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 38 Fit AP Command Reference 2 Basic Configurations Commands Example # Set the timeout duration to 1 minute and 30 seconds. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] idle-timeout 1 30 Related Topics 2.2.10 free user-interface 2.2.13 mmi-mode enable Function The mmi-mode enable command enters the machine-to-machine mode. The undo mmi-mode enable command enters the man-to-machine mode. By default, a user is in man-to-machine mode. Format mmi-mode enable undo mmi-mode enable Parameters None Views User view, system view Default Level 0: Visit level Usage Guidelines Usage Scenario For example, to execute a series of commands that have been commissioned, you can switch the VTY mode to the machine-to-machine mode. Precautions After you enter the machine-to-machine mode using the mmi-mode enable command, commands that you need to use with caution can be used directly. Therefore, in man-to-machine mode, do not use this command unless necessary. Example # Enter the machine-to-machine mode. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 39 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> system-view [Huawei] mmi-mode enable Related Topics 2.2.9 display vty mode 2.2.14 parity Function The parity command sets the parity bit of a user interface. The undo parity command disables the parity check. By default, no parity check is configured. Format parity { even | none | odd } undo parity Parameters Parameter Description Value even Specifies even parity check. - none Specifies no parity check. - odd Specifies odd parity check. - Views User interface view Default Level 3: Management level Usage Guidelines This function takes effect for only serial interfaces. Example # Set the transmission parity bit on the console interface to odd parity. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] parity odd Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 40 Fit AP Command Reference 2 Basic Configurations Commands 2.2.15 screen-length Function The screen-length command sets the number of lines on each terminal screen after you run a command. The undo screen-length command restores the default configuration. By default, the number of lines to be displayed on a terminal screen is 24. Format screen-length screen-length [ temporary ] undo screen-length [ temporary ] Parameters Parameter Description screen-length Specifies the number of lines displayed on a terminal screen. temporary Value The value is an integer that ranges from 0 to 512. The value 0 indicates that all command output is displayed on one screen. Specifies the number of lines temporarily displayed on a terminal screen. In the user view, the temporary parameter is mandatory. Views User interface view, User view Default Level 3: Management level (user interface view) 0: Visit level (user view) Usage Guidelines If you run a command and its output is displayed in more lines than you can see on one screen, you can reduce the number of lines displayed on each screen. In general, you do not need to change the number of lines displayed on each screen. Setting the number of lines to 0 is not recommended. The configuration takes effect after you log in to the system again. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 41 Fit AP Command Reference 2 Basic Configurations Commands Example # Set the number of lines on each screen of the terminal to 30. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] screen-length 30 2.2.16 screen-width Function The screen-width command sets the number of columns displayed on a terminal screen. The undo screen-width command restores the default configuration. By default, 132 columns are displayed on a terminal screen. Format screen-width screen-width [ temporary ] undo screen-width [ temporary ] Parameters Parameter Description Value screen-width Specifies the width of a terminal screen. The value is an integer ranging from 60 to 512. temporary - Specifies the temporary width of a terminal screen. Views Console user interface view Default Level 3: Management level Usage Guidelines Usage Scenario When logging in to a device using the terminal tool, you can run this command to adjust the screen width on the device to the same as that specified by the terminal tool to prevent garbled lines. Precautions The configured number of columns displayed on a terminal screen takes effect only on users logging in through the console port but does not affect those logging in through VTY or other interfaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 42 Fit AP Command Reference 2 Basic Configurations Commands If you run the screen-width command multiple times, only the latest configuration takes effect. Example # Set the screen width to 100. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] screen-width 100 2.2.17 shell Function The shell command enables terminal services on a user interface. The undo shell command disables terminal services on a user interface. By default, terminal services are enabled on all user interfaces. Format shell undo shell Parameters None Views User interface view Default Level 3: Management level Usage Guidelines Usage Scenario To log in to a device through a console, or Virtual Type Terminal (VTY), you can use the shell command to enable terminal services on the user interface. Otherwise, you will fail in logging in to the device through the user interface. To configure or maintain the parameters of a user interface, the undo shell command can be used to disable terminal services on the user interface. During this period, you cannot log in to the device using the interface. After completing the configuration for the parameters of the user interface, the shell command must be used to enable terminal services on the user interface. Otherwise, authorized users may fail to log in to the device through the interface. Implementation Procedure Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 43 Fit AP Command Reference 2 Basic Configurations Commands When the undo shell command is executed, determine whether to disable terminal services on the user interface when the system displays a message like Warning: ui-vty0-4 will be disabled. Continue? [Y/N]:. Users may fail to log in to the device through the port after the terminal services are disabled. Exercise caution before disabling terminal interfaces on a user interface. Precautions After the undo shell command is executed in the VTY user interface view to disable terminal services on the VTY user interface, users cannot log in to the device using Telnet, STelnet, and SFTP through the VTY user interface. The undo shell command cannot be used in the interface view through which the user logs in. The console user interface does not support this command. Example # Disable terminal services on VTY 0 to VTY 4. <Huawei> system-view [Huawei] user-interface vty 0 4 [Huawei-ui-vty0-4] undo shell Warning: ui-vty0-4 will be disabled. Continue? [Y/N]:y 2.2.18 speed (user interface view) Function The speed command sets the data transfer rate of a user interface. The undo speed command restores the default data transfer rate of a user interface. By default, the data transfer rate is 9600 bit/s. Format speed speed-value undo speed Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 44 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value speed-value Specifies the data The value is expressed in bit/s. transfer rate of a user interface. The asynchronous serial interface supports the following data transfer rates: ● 600 bit/s ● 1200 bit/s ● 4800 bit/s ● 9600 bit/s ● 19200 bit/s ● 38400 bit/s ● 57600 bit/s ● 115200 bit/s NOTE The console user interface does not support 600 bit/s and 1200 bit/s. Views User interface view Default Level 3: Management level Usage Guidelines This function takes effect for only serial interfaces. Example # Set the data transfer rate of a user interface to 115200 bit/s. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] speed 115200 2.2.19 stopbits Function The stopbits command sets the stop bit of a user interface. The undo stopbits command restores the default stop bit of a user interface. By default, the stop bit is 1. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 45 Fit AP Command Reference 2 Basic Configurations Commands Format stopbits { 1.5 | 1 | 2 } undo stopbits Parameters Parameter Description Value 1.5 Sets the stop bit to 1.5. - 1 Sets the stop bit to 1. - 2 Sets the stop bit to 2. - Views User interface view Default Level 3: Management level Usage Guidelines If the stop bit is 1, the corresponding data bit is 7 or 8. If the stop bit is 1.5, the corresponding data bit is 5. If the stop bit is 2, the corresponding data bit is 6, 7, or 8. This function takes effect for only serial interfaces. NOTE On the console user interface, the stop bit 1.5 is not supported. Example # Set the stop bit of a user interface to 2. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] stopbits 2 2.2.20 user-interface Function The user-interface command displays one or multiple user interface views. Format user-interface [ ui-type ] first-ui-number [ last-ui-number ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 46 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value ui-type Specifies the type of a user interface. The value can be console or vty. ● If the user interface is specified, the relative number is used. ● If the user interface is not specified, the absolute number is used. first-uinumber Specifies the number of the first user ● If ui-type is set to interface. console, the first-uinumber value is 0. ● If ui-type is set to vty, the first-ui-number value ranges from 0 to the maximum number of VTY user interfaces. last-uinumber Specifies the number of the last user interface. When you select this parameter, you enter multiple user interface views at the same time. - This parameter is valid only when uitype is set to VTY. The last-ui-number value must be larger than the firstui-number number. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario When the network administrator logs in to the device using the console interface, Telnet, or SSH, the system manages and monitors the session between the user and the device on the corresponding user interface. Each user interface corresponds a user interface view. The network administrator can set parameters such as authentication and user level to manage sessions in a unified manner. Precautions The user interface varies according to the login mode. The user interface views can be numbered using absolute numbers or relative numbers. Table 2-6 describes absolute and relative numbers of user interfaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 47 Fit AP Command Reference 2 Basic Configurations Commands NOTE ● The relative numbering uniquely specifies a user interface or a group of user interfaces of the same type. ● The absolute numbering specifies a user interface or a group of user interfaces. Table 2-6 Absolute and relative numbers of user interfaces User Interface Description Absolute Number Relative Number Console user interface Manages and controls users that log in to the device using the console interface. 0 0 VTY user interface Manages and controls users that log in to the device using Telnet or SSH. 5 to 19 The first one is VTY 0, the second one is VTY 1, and so forth. Absolute numbers 5 to 19 map relative numbers VTY 0 to VTY 14. After you log in to the device, you can run the display user-interface command to view the supported user interfaces and the corresponding relative and absolute numbers. Example # Enter the Console 0 user interface. <Huawei> system-view [Huawei] user-interface console 0 [Huawei-ui-console0] # Enter the VTY 1 user interface. <Huawei> system-view [Huawei] user-interface vty 1 [Huawei-ui-vty1] # Enter the VTY 1 to VTY 3 user interfaces. <Huawei> system-view [Huawei] user-interface vty 1 3 [Huawei-ui-vty1-3] Related Topics 2.2.5 display user-interface Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 48 Fit AP Command Reference 2 Basic Configurations Commands 2.2.21 user-interface current Function The user-interface current command displays the current user interface view. Format user-interface current Parameters None Views System view Default Level 3: Management level Usage Guidelines To enter the current user interface view, run the display user-interface command without the user interface number. Example # Enter the current user view. <Huawei> system-view [Huawei] user-interface current [Huawei-ui-vty1] Related Topics 2.2.20 user-interface 2.2.5 display user-interface 2.2.22 user-interface maximum-vty Function The user-interface maximum-vty command configures the maximum number of login users. The undo user-interface maximum-vty command restores the default maximum number of login users. By default, the maximum number of Telnet and SSH users is 5. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 49 Fit AP Command Reference 2 Basic Configurations Commands Format user-interface maximum-vty number undo user-interface maximum-vty Parameters Parameter Description number Value Specifies the maximum number of The value is an integer ranging Telnet and SSH users. from 0 to 15. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario The user-interface maximum-vty command configures the maximum number of login users. Precautions ● If the maximum number that you set is smaller than the number of current online users, the system displays a configuration failure message. ● The maximum number of login users set by the user-interface maximum-vty command is the total number of Telnet and SSH users. ● If the maximum number of login users is set to 0, no user is allowed to log in to the device using Telnet or SSH. Example # Set the maximum number of Telnet users to 7. <Huawei> system-view [Huawei] user-interface maximum-vty 7 Related Topics 2.2.6 display user-interface maximum-vty 2.3 User Login Configuration Commands Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 50 Fit AP Command Reference 2 Basic Configurations Commands 2.3.1 display rsa local-key-pair public Function The display rsa local-key-pair public command displays the public key in the local key pair. Format display rsa local-key-pair public Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run this command on the client and configure the client public key in the command output to the SSH server, which ensures that the SSH client validity check by the SSH server is successful and enables the secure data exchange between the SSH server and client. Example # Display the public key in the local key pair. <Huawei> display rsa local-key-pair public ===================================================== Time of Key pair created: 2011-10-06 16:26:37+00:00 Key name: Host Key type: RSA encryption Key ===================================================== Key code: 3047 0240 D538B7FC 3AFE1F5B F6C921F9 3D8C5322 905F623A F0123161 3DA61EEB F5E897CF DC126060 546CC84E B2AB7424 3EFF5D71 D84C5FE2 3E2BF5B3 D82DD979 A22E4AA1 0203 010001 ===================================================== Time of Key pair created: 2011-10-06 16:26:53+00:00 Key name: Server Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 51 Fit AP Command Reference 2 Basic Configurations Commands Key type: RSA encryption Key ===================================================== Key code: 3067 0260 C51C2C01 56B06E6C EBF9055C F7AD9781 46B41A31 5FC87282 E53CFE30 8E6321D3 AC74E948 0A010339 E67C290E 2E0E8E40 BF5E1C97 F9C856EF 568DC159 1A6D28ED AFFB474B 43EFB632 CFB0875F 85420EEA 1919095B A5BC38D0 5FFF169E 0BDB3DC3 0203 010001 Table 2-7 Description of the display rsa local-key-pair public command output Item Description Time of Key pair created Time and date when the public key is created. Key name The value can be the host or server public key. The server public key is saved only when the key type is RSA. Key type Type of the public key. Key code Code of the public key. Related Topics 2.3.17 rsa local-key-pair create 2.3.2 display rsa peer-public-key Function The display rsa peer-public-key command displays the peer public key saved on the local host. If no parameter is specified, the command displays detailed information about all peer public keys. Format display rsa peer-public-key [ brief | name key-name ] Parameters Parameter Description Value brief Displays the brief information about all peer public keys. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 52 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value name key-name Specifies the key name. The value is a string of 1 to 30 case-insensitive characters without spaces. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can run this command to check detailed information about the RSA public key and whether the local and peer public keys are the same. Precautions You must complete the RSA public key configuration before running this command. Example # Display the brief information about all RSA public keys. <Huawei> display rsa peer-public-key brief Name Bits ------------------------------------rsakey001 780 Table 2-8 Description of the display rsa peer-public-key brief command output Item Description Bits Bits in the public key. Name Name of the public key. # Display the detailed information about the RSA public key named rsakey001. <Huawei> display rsa peer-public-key name rsakey001 ===================================== Key name: rsakey001 ===================================== Key Code: 3067 0260 A3158E6C F252C039 135FFC45 F1E4BA9B 4AED2D88 D99B2463 3E42E13A 92A95A37 45CDF037 1AF1A910 AAE3601C 2EB70589 91AF1BB5 BD66E31A A9150911 859CAB0E 1E10548C D70D000C 55A1A217 F4EA2F06 E44BD438 DA472F14 3FB7087B 45E77C05 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 53 Fit AP Command Reference 2 Basic Configurations Commands 0203 010001 Table 2-9 Description of the display rsa peer-public-key name command output Item Description Key name Name of the public key. Key Code Code of the public key. Related Topics 2.3.19 rsa peer-public-key 2.3.3 display ssh server Function The display ssh server command displays the SSH server information. Format display ssh server { status | session } Parameters Parameter Description Value status Displays the global configuration on the SSH server. - session Displays the current session connection information on the SSH server. - Views All views Default Level 1: Monitoring level Usage Guidelines After configuring the SSH attributes, you can run this command to view the configuration or session connection information on the SSH server to verify that the SSH connection has been established. Example # Display the global configuration on the SSH server. <Huawei> display ssh server status SSH version :2.0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 54 Fit AP Command Reference 2 Basic Configurations Commands SSH connection timeout :120 seconds SSH server key generating interval :0 hours SSH Authentication retries :3 times SFTP Server :Enable Stelnet server :Enable Table 2-10 Description of the display ssh server status command output Item Description SSH version SSH protocol version. The value can be 1.99 or 2.0. SSH connection timeout SSH connection timeout interval. The value ranges from 60 to 120. The default value is 60. The unit is second. Run the ssh server timeout command to set this item. SSH server key generating interval Key updating period of the SSH server. The default value is 0. The unit is hour. Run the ssh server rekey-interval command to set this item. SSH Authentication retries Number of times for retrying SSH authentication. The default value is 3. Run the ssh server authentication-retries command to set this item. SFTP Server Status of the SFTP server. By default, it is enabled. Stelnet server Status of the STelnet server. By default, it is enabled. # Display the current session connection information on the SSH server. <Huawei> display ssh server session -------------------------------------------------------------------Conn Ver Encry State Auth-type Username -------------------------------------------------------------------VTY 0 2.0 AES128_CBC run password john -------------------------------------------------------------------- Table 2-11 Description of the display ssh server session command output Item Description Conn VTY connection. Ver Version number. Encry Encryption mode: 3DES_CBC, AES128_CBC, AES256_CBC, AES128_CTR, and AES256_CTR State Session status on the SSH server. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 55 Fit AP Command Reference 2 Basic Configurations Commands Item Description Auth-type Authentication mode for an SSH user. The options are as follows: ● password ● rsa ● password-rsa (password and RSA) ● ecc ● password-ecc (password and ecc) ● all (password, ECC, or RSA) Run the ssh user authentication-type command to set this item. Username User name for SSH server authentication. Related Topics 2.3.30 ssh server port 2.3.4 display ssh user-information Function The display ssh user-information command displays the configuration of all SSH users. Format display ssh user-information [ username ] Parameters Parameter Description username Displays the SSH user name. Value The value is a string of 1 to 64 caseinsensitive characters without spaces. Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 56 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines This command displays the SSH user name, bound RSA public key name, and service type. Example # Display the configuration of all SSH users. <Huawei> display ssh user-information ------------------------------------------------------------------------------Username Auth-type User-public-key-name ------------------------------------------------------------------------------a password null ------------------------------------------------------------------------------- Table 2-12 Description of the display ssh user-information command output Item Description Username SSH user name. Auth-type Authentication mode for an SSH user. The options are as follows: ● password ● rsa ● password-rsa (password and RSA) ● all (password or RSA) Run the ssh user authentication-type command to set this item. User-public-key-name Peer RSA public key assigned to an SSH user. Run the rsa peer-public-key command to set this item. Related Topics 2.3.19 rsa peer-public-key 2.3.36 ssh user authentication-type 2.3.5 display telnet server status Function The display telnet server status command displays the status and configuration of the Telnet server. Format display telnet server status Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 57 Fit AP Command Reference 2 Basic Configurations Commands Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines ● You can run this command to check whether the device functions as a Telnet server. Example # Display the status and configuration of the Telnet server. <Huawei> display telnet server status TELNET IPV4 server :Enable TELNET IPV6 server :Enable TELNET server port :23 Table 2-13 Description of the display telnet server status command output Item Description TELNET IPV4 server IPv4 Telnet server. TELNET IPV6 server IPv6 Telnet server. TELNET server port Listening port number of the Telnet server. 2.3.6 display telnet-client Function The display telnet-client command displays the source parameters when the device works as a Telnet client. Format display telnet-client Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 58 Fit AP Command Reference 2 Basic Configurations Commands Views All views Default Level 1: Monitoring level Usage Guidelines After setting source parameters of the Telnet client, you can run this command to check the setting result. If you have not set telnet client-source, the default source IP address is 0.0.0.0. Example # Display the source parameters for the device that works as a Telnet client. <Huawei> display telnet-client The source address of telnet client is 1.1.1.1 Table 2-14 Description of the display telnet-client command output Item Description The source address of telnet client is 1.1.1.1 The source IP address of the Telnet client is 1.1.1.1. 2.3.7 display ecc local-key-pair public Function The display ecc local-key-pair public command displays information about the public key in the local Elliptic Curves Cryptography (ECC) key pair. Format display ecc local-key-pair public Parameters None Views All views Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 59 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario You can run the display ecc local-key-pair public command to check information about the public key in the local ECC key pair on a client and then copy the public key to the server. The public key enables a server to authenticate users and ensures the login of authorized users. Pre-configuration Tasks You must run the ecc local-key-pair create command to generate a local ECC host key pair before using the command. Example # Display information about the public key in the local ECC key pair on a client. <Huawei> display ecc local-key-pair public ===================================================== Time of Key pair created:2016-10-19 11:50:20+00:00 Key name : Huawei_Host_ECC Key modulus : 521 Key type : ECC encryption Key Key fingerprint: ===================================================== Key code: 0401CE1E 5EF3B843 CD917648 1D70EF8F CECE8518 5B32ED5F 529E9DC4 D16EDF1A 5F6E6389 10AAE2D4 74FD9DA7 F05AB123 9AF3EE64 9F0BAF99 A0CBF55B E319B2D1 8EDEBB01 7C63469B C62A2256 3EAEA0BD 486F9524 8559C7EF 24D969D1 11093BBF 27F770E7 03E28ABA BB357E5B 28EF04CC EA931C81 C7D7EBD8 5797B1CD 05D9B497 56D91126 E9 Host public key for PEM format code: ---- BEGIN SSH2 PUBLIC KEY ---AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHOHl7zuEPN kXZIHXDvj87OhRhbMu1fUp6dxNFu3xpfbmOJEKri1HT9nafwWrEjmvPuZJ8Lr5mg y/Vb4xmy0Y7euwF8Y0abxioiVj6uoL1Ib5UkhVnH7yTZadERCTu/J/dw5wPiirq7 NX5bKO8EzOqTHIHH1+vYV5exzQXZtJdW2REm6Q== ---- END SSH2 PUBLIC KEY ---Public key code for pasting into OpenSSH authorized_keys file : ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHOHl7z uEPNkXZIHXDvj87OhRhbMu1fUp6dxNFu3xpfbmOJEKri1HT9nafwWrEjmvPuZJ8Lr5mgy/Vb4xmy0Y7e uwF8Y0abxioiVj6uoL1Ib5UkhVnH7yTZadERCTu/J/dw5wPiirq7NX5bKO8EzOqTHIHH1+vYV5exzQXZ tJdW2REm6Q== ecdsa-key Table 2-15 Description of the display ecc local-key-pair public command output Item Description Time of Key pair created Time when the public key in the local ECC key pair is generated, in the format of YYYY-MM-DD HH:MM:SS. Key name Name of the public key in the local ECC key pair. Key modulus Length of the public key in the local ECC key pair on a client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 60 Fit AP Command Reference 2 Basic Configurations Commands Item Description Key type Type of the public key in the local ECC key pair. "ECC encryption Key" indicates an ECC public key. Key code Code of the public key in the local ECC key pair configured using the ecc localkey-pair create command. Host public key for PEM format code PEM code of the public key in the local ECC key pair on a client. Public key code for pasting into OpenSSH authorized_keys file Public key in the local ECC key pair on a client that is used for OpenSSH authorization. This information can be used after being copied to the OpenSSH authorized_keys file. Related Topics 2.3.9 ecc local-key-pair create 2.3.8 display ecc peer-public-key Function The display ecc peer-public-key command displays information about the Elliptic Curves Cryptography (ECC) public key configured on the remote end. Format display ecc peer-public-key [ brief | name key-name ] Parameters Parameter Description brief Displays the brief information about the ECC public key configured on the remote end. name key-name Displays information about an ECC public key with a specified name configured on the remote end. Value The value is a string of 1 to 30 case-sensitive characters, spaces not supported. Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 61 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario You can run the display ecc peer-public-key command on a client to check information about the public key configured on the remote end. The public key enables a server to authenticate users and ensures the login of authorized users. Example # Display the information about the ECC public keys of 127.0.0.1. <Huawei> display ecc peer-public-key ===================================== Key name: 127.0.0.1 Encoding type: DER ===================================== Key Code: 04013184 A3311697 89DF558B 7F67BF9D BD95DBD5 280D659F 0E29852C AEC2FFBA 1913AC2A 88247ADA 46BEBEBE 1829C0DA 3BABC8FC 8F6EAD28 2AE2C6A8 116BAA3A 540E6B00 34E033D8 9D84841B 0D33DAD8 DEDD1C09 2B70B3DB 5AF0FCB2 37DF1C82 C4C622A6 85B23698 195DA60F 06858ADB DD743937 B4A29C4C FB28B40B BCEEE036 1DE61BD2 24 # Display the brief information about all the ECC public keys. <Huawei> display ecc peer-public-key brief Bits Name ---------------------521 127.0.0.1 384 10.54.131.203 Table 2-16 Description of the display ecc peer-public-key command output Item Description Bits Length of the ECC public key configured on the remote end. Name Name of the ECC public key configured on the remote end. Key name Name of the ECC public key configured on the remote end. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 62 Fit AP Command Reference 2 Basic Configurations Commands Item Description Encoding type Encoding type of the ECC public key configured on the remote end. ● OPENSSH If OpenSSH is specified, data is Base64 encoded. OpenSSH is derived from PEM. ● PEM If PEM is specified, data is Base64 encoded. ● DER If DER is specified, data is Base16 encoded. Key Code Code of the public key in the local ECC key pair configured using the ecc localkey-pair create command. Related Topics 2.3.11 ecc peer-public-key 2.3.9 ecc local-key-pair create Function The ecc local-key-pair create command generates a local Elliptic Curves Cryptography (ECC) host key pair. By default, no local ECC host key pair exists in the system. Format ecc local-key-pair create Parameters None Views System view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 63 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario A local key pair is a prerequisite to a successful SSH login. Compared with the RSA algorithm used by the rsa local-key-pair create command, the ECC algorithm shortens the key length, accelerates the encryption, and improves the security. The length of the server key pair and the host key pair can be 256 bits, 384 bits and 521 bits. By default, the length of the key pair is 521 bits. Follow-up Procedure Perform other SSH configurations. Precautions ● The generated ECC host key pair is named in the format of wireless access point name_Host_ECC, such as Huawei_Host_ECC. ● The ecc local-key-pair create and ecc local-key-pair destroy commands are not saved in the configuration file. They only need to be run once and take effect even after the wireless access point restarts. ● Do not delete the ECC key file from the wireless access point. If the ECC key file is deleted, the ECC key pair cannot be restored after the wireless access point is restarted. Example # Generate a local ECC host key pair. <Huawei> system-view [Huawei] ecc local-key-pair create Info: The key name will be: Huawei_Host_ECC. Info: The ECC host key named Huawei_Host_ECC already exists. Warning: Do you want to replace it ? [Y/N]: Y Info: The key modulus can be any one of the following : 256, 384, 521. Info: If the key modulus is greater than 512, it may take a few minutes. Please input the modulus [default=521]:521 Info: Generating keys... Info: Succeeded in creating the ECC host keys. # Enter an incorrect key length and re-enters the key length for a maximum number of retry attempts. <Huawei> system-view [Huawei] ecc local-key-pair create Info: The key name will be: Huawei_Host_ECC. Info: The ECC host key named Huawei_Host_ECC already exists. Warning: Do you want to replace it ?[Y/N]: Y Info: The key modulus can be any one of the following : 256, 384, 521. Info: If the key modulus is greater than 512, it may take a few minutes. Please input the modulus [default=521]:123 Error: Invalid ECC key modulus. Please input the modulus [default=521]:1024 Error: Invalid ECC key modulus. Please input the modulus [default=521]:512 Error: Invalid ECC key modulus. Please input the modulus [default=521]:2048 Error: Invalid ECC key modulus. Please input the modulus [default=521]:4096 Error: Invalid ECC key modulus. Error: The maximum number of retries has reached, and the command has already been canceled. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 64 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.3.10 ecc local-key-pair destroy 2.3.7 display ecc local-key-pair public 2.3.10 ecc local-key-pair destroy Function The ecc local-key-pair destroy command deletes the local Elliptic Curves Cryptography (ECC) keys. Format ecc local-key-pair destroy Parameters None Views System view Default Level 3: Management level Usage Guidelines Usage Scenario If you no longer need the local ECC key pairs, run the ecc local-key-pair destroy command to delete them. Configuration Impact After the ecc local-key-pair destroy command is run, the ECC key files on the master and slave main control boards are cleared. Exercise caution when running the command. Precautions ● The ecc local-key-pair create and ecc local-key-pair destroy commands are not saved in the configuration file. They only need to be run once and take effect even after the wireless access point restarts. ● Do not delete the ECC key file from the wireless access point. If the ECC key file is deleted, the ECC key pair cannot be restored after the wireless access point is restarted. Example # Delete the local ECC host key pair and server key pair. <Huawei> system-view [Huawei] ecc local-key-pair destroy Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 65 Fit AP Command Reference 2 Basic Configurations Commands Info: The name of the key which will be destroyed is Huawei_Host_ECC. Warning: These keys will be destroyed. Continue? [Y/N]:Y Info: Succeeded in destroying the ECC host keys. Related Topics 2.3.9 ecc local-key-pair create 2.3.11 ecc peer-public-key Function The ecc peer-public-key command creates an ECC public key and enters the Elliptic Curves Cryptography (ECC) public key view. The undo ecc peer-public-key command deletes an ECC public key. By default, no ECC public key is created. Format ecc peer-public-key key-name encoding-type { der | openssh | pem } undo ecc peer-public-key key-name Parameters Parameter Description Value key-name Specifies an ECC public key name. The value is a string of 1 to 64 case-sensitive characters, spaces not supported. encodingtype Indicates the encoding type of an ECC public key. - der Specifies DER as the encoding type of an ECC public key. - If DER is specified, data is encoded in hexadecimal notation. openssh Specifies OpenSSH as the encoding type of an ECC public key. - If OpenSSH is specified, data is Base64 encoded. OpenSSH is derived from PEM. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 66 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value pem Specifies PEM as the encoding type of an ECC public key. - If PEM is specified, data is Base64 encoded. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario When ECC public key authentication is used, a client's public key must be specified on the server for an SSH user. When the client logs in to the server, the server performs authentication on the client based on the public key of the SSH user. After an ECC public key is created and the ECC public key view is displayed, run the public-key-code begin command, then you can manually copy the client's public key to the server. The client's public key is randomly generated by the client software. If an ECC public key has been assigned to an SSH client, delete the binding between the public key and the SSH client before deleting the ECC public key. Otherwise, the undo dsa peer-public-key command will fail to delete the ECC public key. Follow-up Procedure After copying the client's ECC public key to the server, run the following commands to quit the ECC public key view: 1. Run the public-key-code end command to return to the ECC public key view. 2. Run the peer-public-key end command to quit the ECC public key view and return to the system view. Precautions A maximum of 20 ECC public keys can be created. Example # Create an ECC public key and enter the ECC public key view. <Huawei> system-view [Huawei] ecc peer-public-key ecc-peer-key encoding-type pem Info: Enter (ECC public key) view, return system view with (peer-public-key end). [Huawei-ecc-public-key] public-key-code begin Info: Enter (ECC key code) view, return the last view with (public-key-code end). [Huawei-ecc-key-code] ---- BEGIN SSH2 PUBLIC KEY ---- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 67 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-ecc-key-code] AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACDBL5J4v3pqi5S [Huawei-ecc-key-code] ALI9lvLw4cdvtpD2AC6sEJXg9GDCD5vGBnkXlKmnOy6d1TyrXx57ZPNnrSdqVkHC [Huawei-ecc-key-code] sMBa63vSwg1XsVW2qZgx8H57+FJiTPY61b1Vfst9GUif1ymfpB7XrbdYZDownoh0 [Huawei-ecc-key-code] FZNadZtIf2CRc0OeiKXbCSPP25dfoT/DTcc= [Huawei-ecc-key-code] ---- END SSH2 PUBLIC KEY ---[Huawei-ecc-key-code] public-key-code end [Huawei-ecc-public-key] peer-public-key end # Delete an ECC public key. <Huawei> system-view [Huawei] undo ecc peer-public-key ecc-peer-key Warning: The public key named ecc-peer-key will be deleted. Continue? [Y/N]:Y Related Topics 2.3.15 public-key-code begin 2.3.16 public-key-code end 2.3.14 peer-public-key end 2.3.12 lock Function The lock command locks the current user interface to prevent unauthorized users from operating the interface. By default, the system does not automatically lock the current user interface. Format lock Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario Lock the current user interface using this command to prevent other users from operating the interface. The user interfaces consist of console ports, and Virtual Type Terminals (VTYs). After using the lock command, you are prompted to input the password twice. If you input the correct password for twice, the user interface is locked. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 68 Fit AP Command Reference ● 2 Basic Configurations Commands The passwords must meet the following requirements: – The password is a string of 8 to 128 case-sensitive characters. – The password must contain at least two of the following characters: upper-case character, lower-case character, digit, and special character. The special characters include spaces and the following: `~!@#$%^&*()-_=+\|[{}];:'",<.>/? ● Password entered in interactive mode is not displayed on the screen. ● When you run the lock command to lock the user interface and set a locking password, you can press CTRL_C to cancel the operation. ● To unlock the user interface, press Enter, and then input the correct password as prompted by the system. Example # Lock the current user interface after logging in through the console port. <Huawei> lock Info: A plain text password is a string of 8 to 128 case-sensitive characters and must be a combination of at least two of the follow ing: uppercase letters A to Z, lowercase letters a to z, digits, and special characters (including spaces and the following :`~!@#$% ^&*()-_=+|[{}];:'",<.>/?). Enter Password: Confirm Password: Info: The terminal is locked. # To log in to the system after the system is locked, you must press Enter. The following information is displayed: Enter Password: # Enter the correct password and return to the user view. <Huawei> 2.3.13 matched upper-view Function The matched upper-view command allows the system to search for the undo command in the upper view, and returns to the upper view. The undo matched upper-view command prohibits the system from searching for the undo command in the upper view. By default, the system does not search for the undo command in the upper view. Format matched upper-view undo matched upper-view Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 69 Fit AP Command Reference 2 Basic Configurations Commands Views System view Default Level 2: Configuration level Usage Guidelines When you run the undo command in a view, which is not registered in the current view, the system searches for the command in the upper view if the system is allowed to search for the undo command in the upper view. If the system finds the same undo command, the system executes this command in the upper view. If the system does not find the same undo command in the upper view, the system continues to search for this command in other upper views till the system view. Running this command brings security risks. For example, if you run the undo ospf command in the interface view, while this command is not registered in the interface view, the system automatically searches for it in the upper view, that is, the system view. In this manner, the system disables the OSPF feature globally. The matched upper-view command is valid only for current login users who run this command. Example # Allow the undo command to be searched for in the upper view. <Huawei> system-view [Huawei] matched upper-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] undo ftp client-source Info: The source address of FTP client is 0.0.0.0. [Huawei] # Prohibit the undo command from being searched for in the upper view. <Huawei> system-view [Huawei] undo matched upper-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] undo ftp client-source ^ Error: Unrecognized command found at '^' position. [Huawei-GigabitEthernet0/0/1] Related Topics 2.1.8 quit 2.3.14 peer-public-key end Function The peer-public-key end command returns to the system view from the public key view and saves the configured public keys. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 70 Fit AP Command Reference 2 Basic Configurations Commands Format peer-public-key end Parameters None Views Public key view Default Level 3: Management level Usage Guidelines You must save the public key generated on the remote host to the local host, which ensures that the validity check on the remote end is successful. After editing a public key in the public key view, you can run this command to return to the system view. Example # Return to the system view from the public key view. <Huawei> system-view [Huawei] rsa peer-public-key rsakey001 [Huawei-rsa-public-key] public-key-code begin [Huawei-rsa-key-code] 308188 [Huawei-rsa-key-code] 028180 [Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB [Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F [Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B [Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5 [Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931 [Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2 [Huawei-rsa-key-code] 171896FB 1FFC38CD [Huawei-rsa-key-code] 0203 [Huawei-rsa-key-code] 010001 [Huawei-rsa-key-code] public-key-code end [Huawei-rsa-public-key] peer-public-key end [Huawei] Related Topics 2.3.15 public-key-code begin 2.3.16 public-key-code end 2.3.19 rsa peer-public-key 2.3.15 public-key-code begin Function The public-key-code begin command displays the public key editing view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 71 Fit AP Command Reference 2 Basic Configurations Commands Format public-key-code begin Parameters None Views Public key view Default Level 3: Management level Usage Guidelines Usage Scenario You must save the public key generated on the remote host to the local host, which ensures that the validity check on the remote end is successful. Run the public-key-code begin command to display the public key editing view, and enter the key data. The key characters can contain spaces. You can press Enter to enter data in another line. Prerequisite A key name has been specified by running the rsa peer-public-key command. Precautions ● The public key must be a hexadecimal character string in the public key encoding format, and generated by the client or server that supports SSH. ● The public keys displayed by running the display rsa local-key-pair public command can be used as the key data to enter. ● You can successfully edit the public key in a public key pair by entering the public key in the server key pair or client key pair. In SSH application, only the public key in the client key pair can be entered as key data. If you enter the public key in the server key pair, authentication fails during SSH login. Example # Display the public key editing view and enter the key data. <Huawei> system-view [Huawei] rsa peer-public-key rsakey001 [Huawei-rsa-public-key] public-key-code begin [Huawei-rsa-key-code] 308188 [Huawei-rsa-key-code] 028180 [Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB [Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F [Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B [Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5 [Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931 [Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2 [Huawei-rsa-key-code] 171896FB 1FFC38CD [Huawei-rsa-key-code] 0203 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 72 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-rsa-key-code] 010001 [Huawei-rsa-key-code] public-key-code end [Huawei-rsa-public-key] peer-public-key end [Huawei] Related Topics 2.3.1 display rsa local-key-pair public 2.3.14 peer-public-key end 2.3.16 public-key-code end 2.3.19 rsa peer-public-key 2.3.16 public-key-code end Function The public-key-code end command returns to the public key view from the public key editing view and saves the configured public keys. Format public-key-code end Parameters None Views Public key editing view Default Level 3: Management level Usage Guidelines Usage Scenario After this command is run, the process of editing the public key ends. Before saving the public key, the system will check the validity of the key. ● If there are illegal characters in the public key character string configured by the user, the system will display a relevant error prompt. The public key previously configured by the user is discarded, thus the configuration fails. ● If the public key configured is valid, it is saved in the public key chain table of the client. Precautions ● Generally, in the public key view, only the public-key-code end command can be used to exit. Thus, in this instance the quit command cannot be used. ● If the legal key coding is not input, the key cannot be generated after the public-key-code end command is used. The system prompts that generating the incorrect key fails. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 73 Fit AP Command Reference ● 2 Basic Configurations Commands If the key is deleted in another window, the system prompts that the key does not exist and returns to the system view directly after you run the public-keycode end command. Example # Exit from the RSA public key editing view and saves the RSA key configuration. <Huawei> system-view [Huawei] rsa peer-public-key rsakey001 [Huawei-rsa-public-key] public-key-code begin [Huawei-rsa-key-code] 308188 [Huawei-rsa-key-code] 028180 [Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB [Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F [Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B [Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5 [Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931 [Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2 [Huawei-rsa-key-code] 171896FB 1FFC38CD [Huawei-rsa-key-code] 0203 [Huawei-rsa-key-code] 010001 [Huawei-rsa-key-code] public-key-code end [Huawei-rsa-public-key] peer-public-key end [Huawei] Related Topics 2.3.15 public-key-code begin 2.3.19 rsa peer-public-key 2.3.14 peer-public-key end 2.3.17 rsa local-key-pair create Function The rsa local-key-pair create command generates the local RSA host and server key pairs. By default, the local RSA host and server key pairs are not configured. Format rsa local-key-pair create Parameters None Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 74 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario To implement secure data exchange between the server and client, run this command to generate a local key pair. Precautions If the RSA key pair exists, the system prompts you to confirm whether to replace the original key pair. After you run this command, the system prompts you to enter the number of bits in the host key. The difference between the bits in the server and host key pairs must be at least 128 bits. For a server or host key pair, the minimum length is 512 bits, the maximum length is 2048 bits, and the default length is 2048 bits. NOTE The RSA key pair whose length is less than 1024 digits is insecure and therefore not recommended to use. To successfully log in to the SSH server, a local RSA key pair must be configured and generated. Before performing other SSH configurations, you must use the rsa local-key-pair create command to generate a local key pair. After you run this command, the generated key pair is saved in the device and will not be lost after the device restarts. Example # Generate the local RSA host and server key pairs. <Huawei> system-view [Huawei] rsa local-key-pair create The key name will be: Host The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Input the bits in the modulus[default = 2048]:2048 Generating keys... ......................++++++++ ........................................................++++++++ ........+++++++++ .....+++++++++ Related Topics 2.3.18 rsa local-key-pair destroy 2.3.18 rsa local-key-pair destroy Function The rsa local-key-pair destroy command deletes all local RSA host and server key pairs. Format rsa local-key-pair destroy Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 75 Fit AP Command Reference 2 Basic Configurations Commands Parameters None Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To delete the local key pair, run rsa local-key-pair destroy command. If the host key pair and the service key pair of an SSH server are deleted, run the rsa localkey-pair create command to create the new host key pair and service key pair for the SSH server. After you run this command, verify that all local RSA keys are deleted. This command is not saved in a configuration file. Prerequisite The local RSA keys that can be deleted exist. Example # Delete all RSA server keys. <Huawei> system-view [Huawei] rsa local-key-pair destroy The name for the keys which will be destroyed is Host. Confirm to destroy these keys? (y/n)[n]:y Related Topics 2.3.17 rsa local-key-pair create 2.3.19 rsa peer-public-key Function The rsa peer-public-key command displays the view of the RSA public key, and specifies an RSA public key name. The undo rsa peer-public-key command deletes a rsa public key. By default, no public key is configured. Format rsa peer-public-key key-name [ encoding-type { der | openssh | pem } ] undo rsa peer-public-key key-name Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 76 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value key-name Specifies the rsa public key name. The value is a string of 1 to 30 case-insensitive characters without spaces. encoding-type Specifies an encoding format for an RSA public key. - der - Specifies the DER format for an RSA public key. DER encodes data in hexadecimal format. openssh Specifies the OpenSSH format for an RSA public key. - OpenSSH encodes data in base-64 format. OpenSSH is an encoding format based on PEM. pem Specifies the PEM format for an RSA public key. - PEM encodes data in base-64 format. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario When you use an RSA public key for authentication, you must specify the public key of the corresponding client for an SSH user on the server. When the client logs in to the server, the server uses the specified public key to authenticate the client. You can also save the public key generated on the server to the client. Then the client can be successfully authenticated by the server when it logs in to the server for the first time. Huawei data communications devices support only the DER format for RSA keys. If you use an RSA key in non-DER format, use a third-party tool to convert the key into a key in DER format. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 77 Fit AP Command Reference 2 Basic Configurations Commands Because a third-party tool is not released with Huawei system software, RSA usability is unsatisfactory. In addition to DER, RSA keys need to support the privacy-enhanced mail (PEM) and OpenSSH formats to improve RSA usability. Third-party software, such as PuTTY, OpenSSH, and OpenSSL, can be used to generate RSA keys in different formats. The details are as follows: ● The PuTTY generates RSA keys in PEM format. ● The OpenSSH generates RSA keys in OpenSSH format. ● The OpenSSL generates RSA keys in DER format. OpenSSL is an open source software. You can download related documents at http://www.openssl.org/. After you configure an encoding format for an RSA public key, Huawei data communications device automatically generates an RSA public key in the configured encoding format and enters the RSA public key view. Then you can run the public-key-code begin command and manually copy the RSA public key generated on the peer device to the local device. Prerequisite The rsa public key in hexadecimal notation on the remote host has been obtained and recorded. Follow-up Procedure After you copy the RSA public key generated on the peer device to the local device, perform the following operations to exit the RSA public key view: 1. Run the public-key-code end command to return to the RSA public key view. 2. Run the peer-public-key end command to exit the RSA public key view and return to the system view. Precautions If an RSA public key has assigned to an SSH client, release the binding relationship between the public key and the SSH client. If you do not release the binding relationship between them, the undo rsa peer-public-key command will fail to delete the RSA public key. Example # Display the rsa public key view. <Huawei> system-view [Huawei] rsa peer-public-key rsakey001 [Huawei-rsa-public-key] # Configure an encoding format for an RSA public key and enter the RSA public key view. <Huawei> system-view [Huawei] rsa peer-public-key RsaKey001 encoding-type openssh [Huawei-rsa-public-key] Related Topics 2.3.2 display rsa peer-public-key 2.3.15 public-key-code begin Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 78 Fit AP Command Reference 2 Basic Configurations Commands 2.3.16 public-key-code end 2.3.14 peer-public-key end 2.3.20 send Function The send command sends messages to all user interfaces. Format send { all | ui-number | ui-type ui-number1 } Parameters Parameter Description Value all Specifies that the system sends messages to all user interfaces. - ui-number Specifies the absolute number of the The minimum value is 0. The user interface. maximum value is smaller by 1 than the number of the user interfaces that the system supports. ui-type Specifies the type of the user interface. ui-number1 Specifies the relative number of the user interface. - Views User view Default Level 1: Monitoring level Usage Guidelines After you run the send command, the system prompts you to enter the message to send. After you confirm to send this message, the user who logs in to the system from the specified user interface can receive this message. Example # Send a message to the user interface VTY 0. <Huawei> send vty 0 Enter message, end with CTRL+Z or Enter; abort with CTRL+C:Hello, good morning!^Z Warning: Send the message? [Y/N]: y Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 79 Fit AP Command Reference 2 Basic Configurations Commands # After you confirm to send the message, the user who logs in to the Huawei from VTY 0 can receive this message. <Huawei> Info: Receive a message from vty2:Hello, good morning! 2.3.21 ssh client assign Function The ssh client assign command specifies the host public key of the SSH server to connect on the SSH client. The undo ssh client assign command cancels the specified host public key of the SSH server to connect on the SSH client. By default, the host public key of the server to connect is not specified on the client. Format ssh client servername assign { rsa-key | ecc-key } keyname undo ssh client servername assign { rsa-key | ecc-key } Parameters Parameter Description Value servername Specifies the host name or IP address of the SSH server. The value is a string of 1 to 64 characters without spaces. rsa-key Specifies the RSA public key. - ecc-key Specifies the ECC public key. - keyname Specifies the SSH server public key name that has been configured on the SSH client. The value is a string of 1 to 64 case-insensitive characters without spaces. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario If the SSH client connects to the SSH server for the first time and the first authentication is not enabled on the SSH client using the ssh client first-time enable command, the SSH client rejects the access from unauthorized SSH servers. You need to specify the host public key of the SSH server and the Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 80 Fit AP Command Reference 2 Basic Configurations Commands mapping between the key and SSH server on the SSH client. After that, the client will determine whether the server is reliable using the correct public key based on the mapping. Precautions The name of the RSA or ECC public key to be assigned to the SSH server must be the same as that configured on the SSH client. This public key must have been configured on the SSH server using the rsa peer-public-key or ecc peer-publickey command. If either of the preceding conditions is not met, RSA or ECC public key authentication of the SSH server fails on the SSH client. Example # Assign the RSA public key to the SSH server. <Huawei> system-view [Huawei] ssh client 10.164.39.120 assign rsa-key sshrsakey01 # Delete the RSA public key of the SSH server. <Huawei> system-view [Huawei] undo ssh client 10.164.39.120 assign rsa-key Related Topics 2.3.22 ssh client first-time enable 2.3.22 ssh client first-time enable Function The ssh client first-time enable command enables the first authentication on the SSH client. The undo ssh client first-time enable command disables the first authentication on the SSH client. By default, first authentication is disabled on the SSH client. Format ssh client first-time enable undo ssh client first-time enable Parameters None Views System view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 81 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario When the SSH client accesses the SSH server for the first time and the public key of the SSH server is not configured on the SSH client, you can enable the first authentication for the SSH client to access the SSH server and save the public key on the SSH client. When the SSH client accesses the SSH server next time, the saved public key is used to authenticate the SSH server. Precautions You can run the ssh client assign command to pre-assign the RSA public key to the SSH server. In this manner, you can log in to the SSH server successfully at the first time. Example # Enable the first authentication on the SSH client. <Huawei> system-view [Huawei] ssh client first-time enable Related Topics 2.3.21 ssh client assign 2.3.23 ssh client key-exchange Function The ssh client key-exchange command configures a key exchange algorithm list on an SSH client. The undo ssh client key-exchange command restores the default configuration. By default, an SSH client supports the Diffie-hellman-group14-sha1 algorithm. Format ssh client key-exchange { dh_group_exchange_sha1 | dh_group14_sha1 | dh_group1_sha1 } * undo ssh client key-exchange Parameters Parameter Description dh_group_exchange_sha1 Specifies that the Diffie-hellman-groupexchange-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. Value - 82 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value dh_group14_sha1 Specifies that the Diffie-hellman-group14sha1 algorithm is contained in the key exchange algorithm list configured on the SSH client. - dh_group1_sha1 Specifies that the Diffie-hellman-group1-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH client. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario The client and server negotiate the key exchange algorithm used for packet transmission. You can run the ssh client key-exchange command to configure a key exchange algorithm list on the SSH client. The SSH server compares the configured key exchange algorithm list with the counterpart sent by the client and then selects the first matched key exchange algorithm for packet transmission. If the key exchange algorithm list sent by the client does not match any algorithm in the key exchange algorithm list configured on the server, the negotiation fails. Precautions The security levels of key exchange algorithms are as follows, from high to low: dh_group_exchange_sha1, dh_group14_sha1, and dh_group1_sha1. The dh_group_exchange_sha1 algorithm is recommended. Example # Configure key exchange algorithm lists dh_group_exchange_sha1 and dh_group14_sha1 on the SSH client. <Huawei> system-view [Huawei] ssh client key-exchange dh_group_exchange_sha1 dh_group14_sha1 Related Topics 2.3.28 ssh server key-exchange 2.3.24 ssh client secure-algorithms hmac Function The ssh client secure-algorithms hmac command configures an HMAC algorithm list for an SSH client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 83 Fit AP Command Reference 2 Basic Configurations Commands The undo ssh client secure-algorithms hmac command restores the default HMAC algorithm list of an SSH client. By default, an SSH client supports the SHA2_256 HMAC algorithm. Format ssh client secure-algorithms hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 } * undo ssh client secure-algorithms hmac Parameters Parameter Description Value md5 Specifies the HMAC MD5 algorithm. - md5_96 Specifies the HMAC MD5_96 algorithm. - sha1 Specifies the HMAC SHA1 algorithm. - sha1_96 Specifies the HMAC SHA1_96 algorithm. - sha2_256 Specifies the HMAC SHA2_256 algorithm. - sha2_256_96 Specifies the HMAC SHA2_256_96 algorithm. - Views System view Default Level 3: Management level Usage Guidelines Usage Scenario An SSH server and a client need to negotiate an HMAC algorithm for the packets exchanged between them. You can run the ssh client secure-algorithms hmac command to configure an HMAC algorithm list for the SSH client. After the list is configured, the server matches the list of a client against the local list after receiving a packet from the client and selects the first HMAC algorithm that matches the local list. If no HMAC algorithms in the list of the client match the local list, the negotiation fails. Precautions sha2_256 provides the highest security, followed by sha2_256_96, sha1, sha1_96, md5, and md5_96 in order. sha2_256_96, sha1, sha1_96, md5, and md5_96 provide weak security. Therefore, they are not recommended in the HMAC algorithm list. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 84 Fit AP Command Reference 2 Basic Configurations Commands Example # Configure the HMAC SHA2_256 algorithm for an SSH client. <Huawei> system-view [Huawei] ssh client secure-algorithms hmac sha2_256 Related Topics 2.3.32 ssh server secure-algorithms hmac 2.3.25 ssh client secure-algorithms cipher Function The ssh client secure-algorithms cipher command configures an encryption algorithm list for an SSH client. The undo ssh client secure-algorithms cipher command restores the default encryption algorithm list of an SSH client. By default, an SSH client supports two encryption algorithms: AES128_CTR and AES256_CTR. Format ssh client secure-algorithms cipher { 3des | aes128 | aes256_cbc | aes128_ctr | aes256_ctr } * undo ssh client secure-algorithms cipher Parameters Parameter Description Value 3des Specifies the CBC 3DES encryption algorithm. - aes128 Specifies the CBC AES128 encryption algorithm. - aes256_cbc Specifies the CBC AES256 encryption algorithm. - aes128_ctr Specifies the CTR AES128 encryption algorithm. - aes256_ctr Specifies the CTR AES256 encryption algorithm. - Views System view Default Level 3: Management level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 85 Fit AP Command Reference 2 Basic Configurations Commands An SSH server and a client need to negotiate an encryption algorithm for the packets exchanged between them. You can run the ssh client secure-algorithms cipher command to configure an encryption algorithm list for the SSH client. After the list is configured, the server matches the encryption algorithm list of a client against the local list after receiving a packet from the client and selects the first encryption algorithm that matches the local list. If no encryption algorithms in the list of the client match the local list, the negotiation fails. Precautions aes256_ctr provides the highest security, followed by aes128_ctr, aes256_cbc, aes128, and 3des in order. 3des provides weak security. Therefore, it is not recommended in the encryption algorithm list. Example # Configure CTR encryption algorithms for an SSH client. <Huawei> system-view [Huawei] ssh client secure-algorithms cipher aes128_ctr aes256_ctr Related Topics 2.3.33 ssh server secure-algorithms cipher 2.3.26 ssh server authentication-retries Function The ssh server authentication-retries command sets the maximum number of authentication retries for an SSH connection. The undo ssh server authentication-retries command restores the default maximum number of authentication retries for an SSH connection. The default maximum number of authentication retries for an SSH connection is 3. Format ssh server authentication-retries times undo ssh server authentication-retries Parameters Parameter Description Value times The value is an integer that ranges from 1 to 5. Issue 08 (2021-02-25) Specifies the maximum number of authentication retries for an SSH connection. Copyright © Huawei Technologies Co., Ltd. 86 Fit AP Command Reference 2 Basic Configurations Commands Views System view Default Level 3: Management level Usage Guidelines Usage Scenario You can run this command to configure the maximum number of authentication retries for an SSH connection, which prevents server overload due to malicious access. Precautions The configured number of retries takes effect upon the next login. The total number of RSA and password authentication retries on the SSH client cannot exceed the maximum number that is set using this command. Example # Set the maximum number of times for retrying login authentication to 4. <Huawei> system-view [Huawei] ssh server authentication-retries 4 Related Topics 2.3.3 display ssh server 2.3.27 ssh server compatible-ssh1x enable Function The ssh server compatible-ssh1x enable command enables the SSH server's compatibility with earlier versions. The undo ssh server compatible-ssh1x enable command disables the SSH server's compatibility with earlier versions. By default, the server's compatibility with earlier versions is disabled. Format ssh server compatible-ssh1x enable undo ssh server compatible-ssh1x enable Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 87 Fit AP Command Reference 2 Basic Configurations Commands Views System view Default Level 3: Management level Usage Guidelines Usage Scenario An SSH server needs to be configured with backward compatibility for the version negotiation between the client and the server. When a TCP connection is set up between the client and server, the client negotiates with the server on the version of which the client and the server can work together. The server compares the version of its own with that sent by the client, and determines whether it can work with the client. ● If the protocol version on the client is earlier than 1.3 or later than 2.0, version negotiation fails and the server disconnects from the client. ● If the protocol version on the client is equal to or later than 1.3 and earlier than 1.99, the SSH1.5 server module is invoked and the SSH1.X process is performed when the SSH1.X-compatible mode is configured. When the SSH1.X-incompatible mode is configured, version negotiation fails and the server disconnects from the client. ● If the protocol version on the client is 1.99 or 2.0, the SSH2.0 server module is invoked and the SSH2.0 process is performed. Precautions The configuration takes effect upon the next login. NOTE SSH2.0 has an extended structure and supports more authentication modes and key exchange methods than SSH1.X. SSH 2.0 can eliminate the security risks that SSH 1.X has. SSH 2.0 is more secure and therefore is recommended. Example # Enable the SSH server's compatibility with earlier versions. <Huawei> system-view [Huawei] ssh server compatible-ssh1x enable Related Topics 2.3.3 display ssh server Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 88 Fit AP Command Reference 2 Basic Configurations Commands 2.3.28 ssh server key-exchange Function The ssh server key-exchange command configures a key exchange algorithm list on an SSH server. The undo ssh server key-exchange command restores the default configuration. By default, an SSH server supports Diffie-hellman-group-exchange-sha1 and Diffie-hellman-group14-sha1 key exchange algorithms. Format ssh server key-exchange { dh_group_exchange_sha1 | dh_group14_sha1 | dh_group1_sha1 } * undo ssh server key-exchange Parameters Parameter Description Value dh_group_exchange_sha1 Specifies that the Diffie-hellman-groupexchange-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. - dh_group14_sha1 Specifies that the Diffie-hellman-group14sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. - dh_group1_sha1 Specifies that the Diffie-hellman-group1-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario An SSH server and a client need to negotiate a key exchange algorithm for the packets exchanged between them. You can run the ssh server key-exchange command to configure a key exchange algorithm list for the SSH server. After the list is configured, the server matches the key exchange algorithm list of a client against the local list after receiving a packet from the client and selects the first Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 89 Fit AP Command Reference 2 Basic Configurations Commands key exchange algorithm that matches the local list. If no key exchange algorithms in the list of the client match the local list, the negotiation fails. Precautions The security levels of key exchange algorithms are as follows, from high to low: dh_group_exchange_sha1, dh_group14_sha1, and dh_group1_sha1. The dh_group_exchange_sha1 algorithm is recommended. Example # Configure key exchange algorithm lists dh_group_exchange_sha1 and dh_group14_sha1 on the SSH server. <Huawei> system-view [Huawei] ssh server key-exchange dh_group_exchange_sha1 dh_group14_sha1 Related Topics 2.3.23 ssh client key-exchange 2.3.29 ssh server permit interface Function The ssh server permit interface command specifies physical interfaces on the SSH server to which clients can connect. The undo ssh server permit interface command restores the default physical interfaces on the SSH server to which clients can connect. By default, clients can connect to all the physical interfaces on the SSH server. Format ssh server permit interface { interface-type interface-number } &<1-5> undo ssh server permit interface Parameters Parameter Description Value interface-type interface-number interface-type: specifies the interface type. - interface-number: specifies the interface number. interface-number and interface-type specify an interface. Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 90 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario To prevent a client from connecting to the SSH server through an unauthorized physical interface or attacking the SSH server by sending a large number of SSH packets, you can run the ssh server permit interface command to specify physical interfaces on the SSH server to which the client can connect. Precautions ● By default, clients can connect to all the physical interfaces on the SSH server. Once a physical interface is specified using the ssh server permit interface command, a client cannot connect to the SSH server using other physical interfaces (excluding the MEth interface). ● This command can be used only on a Layer 2 physical interface but not on a Layer 3 physical interface, logical interface, or a non-Ethernet interface. Example # Specify physical interfaces on the SSH server to which clients can connect. <Huawei> system-view [Huawei] ssh server permit interface gigabitethernet 0/0/1 Info: Succeeded in setting ssh permit interface. # Restore the default physical interfaces on the SSH server to which clients can connect. <Huawei> system-view [Huawei] undo ssh server permit interface 2.3.30 ssh server port Function The ssh server port command changes the listening port number of the SSH server. The undo ssh server port command restores the default listening port number of the SSH server. The default listening port number of the SSH server is 22. Format ssh server port port-number undo ssh server port Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 91 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description port-number Specifies the listening port number of the SSH server. Value The value is 22 or an integer ranging from 1025 to 55535. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario Configure the listening port number of the SSH server to prevent from malicious access to the SSH service standard port and ensure security. Precautions The SSH client can log in successfully with no port specified only when the server is listening on port 22. If the server is listening on another port, the port number must be specified upon login. Before changing the current port number, disconnect all devices from the port. After the port number is changed, the server starts to listen on the new port. Example # Set the listening port number of the SSH server is 1025. <Huawei> system-view [Huawei] ssh server port 1025 Related Topics 2.3.3 display ssh server 2.4.50 sftp 2.3.37 stelnet 2.3.31 ssh server rekey-interval Function The ssh server rekey-interval command sets the interval for updating the SSH server key pair. The undo ssh server rekey-interval command restores the default interval for updating the SSH server key pair. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 92 Fit AP Command Reference 2 Basic Configurations Commands The default interval for updating the SSH server key pair is 0, indicating that the key pair is never updated. Format ssh server rekey-interval hours undo ssh server rekey-interval Parameters Parameter Description Value hours The value is an integer that ranges from 1 to 24, in hours. Specifies the interval for updating the server key pair. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario If the server key pair is not updated for a long time, the key is easy to decrypt and the server is insecure. After the interval for updating the SSH server key pair is set using this command, the system will automatically update the key pair at intervals. Precautions If the client is connected to the server, the server public key on the client is not updated immediately. This key is updated only when the client is reconnected to the server. Example # Set the interval for updating the SSH server key pair to 2 hours. <Huawei> system-view [Huawei] ssh server rekey-interval 2 Related Topics 2.3.3 display ssh server Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 93 Fit AP Command Reference 2 Basic Configurations Commands 2.3.32 ssh server secure-algorithms hmac Function The ssh server secure-algorithms hmac command configures an HMAC algorithm list for an SSH server. The undo ssh server secure-algorithms hmac command restores the default HMAC algorithm list of an SSH server. By default, an SSH server supports the SHA2_256 HMAC algorithm. By default, an SSH server supports the SHA2_256 HMAC algorithm. Format ssh server secure-algorithms hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 } * undo ssh server secure-algorithms hmac Parameters Parameter Description Value md5 Specifies the HMAC MD5 algorithm. - md5_96 Specifies the HMAC MD5_96 algorithm. - sha1 Specifies the HMAC SHA1 algorithm. - sha1_96 Specifies the HMAC SHA1_96 algorithm. - sha2_256 Specifies the HMAC SHA2_256 algorithm. - sha2_256_96 Specifies the HMAC SHA2_256_96 algorithm. - Views System view Default Level 3: Management level Usage Guidelines Usage Scenario An SSH server and a client need to negotiate an HMAC algorithm for the packets exchanged between them. You can run the ssh server secure-algorithms hmac command to configure an HMAC algorithm list for the SSH server. After the list is configured, the server matches the list of a client against the local list after receiving a packet from the client and selects the first HMAC algorithm that matches the local list. If no HMAC algorithms in the list of the client match the local list, the negotiation fails. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 94 Fit AP Command Reference 2 Basic Configurations Commands Precautions sha2_256 provides the highest security, followed by sha2_256_96, sha1, sha1_96, md5, and md5_96 in order. sha2_256_96, sha1, sha1_96, md5, and md5_96 provide weak security. Therefore, they are not recommended in the HMAC algorithm list. Example # Configure the HMAC SHA2_256 algorithm for an SSH server. <Huawei> system-view [Huawei] ssh server secure-algorithms hmac sha2_256 Related Topics 2.3.24 ssh client secure-algorithms hmac 2.3.33 ssh server secure-algorithms cipher Function The ssh server cipher command configures an encryption algorithm list for an SSH server. The undo ssh server cipher command restores the default encryption algorithm list of an SSH server. By default, an SSH server supports two encryption algorithms: AES128_CTR and AES256_CTR. Format ssh server secure-algorithms cipher { 3des | aes128 | aes256_cbc | aes128_ctr | aes256_ctr } * ssh server secure-algorithms cipher Parameters Parameter Description Value 3des Specifies the CBC 3DES encryption algorithm. - aes128 Specifies the CBC AES128 encryption algorithm. - aes256_cbc Specifies the CBC AES256 encryption algorithm. - aes128_ctr Specifies the CTR AES128 encryption algorithm. - aes256_ctr Specifies the CTR AES256 encryption algorithm. - Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 95 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario An SSH server and a client need to negotiate an encryption algorithm for the packets exchanged between them. You can run the ssh server secure-algorithms cipher command to configure an encryption algorithm list for the SSH server. After the list is configured, the server matches the encryption algorithm list of a client against the local list after receiving a packet from the client and selects the first encryption algorithm that matches the local list. If no encryption algorithms in the list of the client match the local list, the negotiation fails. Precautions aes256_ctr provides the highest security, followed by aes128_ctr, aes256_cbc, aes128, and 3des in order. 3des provides weak security. Therefore, it is not recommended in the encryption algorithm list. Example # Configure CTR encryption algorithms for an SSH server. <Huawei> system-view [Huawei] ssh server secure-algorithms cipher aes256_ctr aes128_ctr Related Topics 2.3.25 ssh client secure-algorithms cipher 2.3.34 ssh server timeout Function The ssh server timeout command sets the timeout interval for SSH connection authentication. The undo ssh server timeout restores the default timeout interval for SSH connection authentication. The default timeout interval for SSH connection authentication is 60 seconds. Format ssh server timeout seconds undo ssh server timeout Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 96 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description seconds Value Specifies the timeout interval for The value is an integer ranging SSH connection authentication. from 60 to 120, in seconds. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario If you have not logged in successfully at the timeout interval for SSH connection authentication, the current connection is terminated to ensure security. You can run the display ssh server command to query the current timeout interval. Precautions The setting for the timeout interval takes effect upon next login. If a very short timeout period is configured for SSH connection authentication, user login may fail due to a connection timeout. Using the default timeout period is recommended. Example # Set the SSH connection authentication timeout interval to 90 seconds. <Huawei> system-view [Huawei] ssh server timeout 90 Related Topics 2.3.3 display ssh server 2.3.35 ssh user assign Function The ssh user assign command assigns an existing public key to a user. The undo ssh user assign command deletes the mapping between the user and public key. By default, no public key is assigned to a user. Format ssh user user-name assign { rsa-key | ecc-key } key-name Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 97 Fit AP Command Reference 2 Basic Configurations Commands undo ssh user user-name assign { rsa-key | ecc-key } Parameters Parameter Description user-name Specifies the SSH user name. Value The value is a string of 1 to 64 case-insensitive characters without spaces. rsa-key Specifies the RSA public key. - ecc-key Specifies the ECC public key. - key-name Specifies the client public key name. The value is a string of 1 to 30 characters. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario When an SSH client needs to log in to the SSH server in RSA mode, run this command to assign a public key to the client. If the client has been assigned keys, the latest assigned key takes effect. Precautions The newly configured public key takes effect upon next login. When an authentication mode is configured for an SSH user but user-name of the user does not exist, run the display users command to check the user name and set user-name to the displayed user name. Example # Assign key1 to a user named John. <Huawei> system-view [Huawei] ssh user john assign rsa-key key1 Related Topics 2.3.4 display ssh user-information Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 98 Fit AP Command Reference 2 Basic Configurations Commands 2.3.36 ssh user authentication-type Function The ssh user authentication-type command configures the authentication mode for an SSH user. The undo ssh user authentication-type command restores the default authentication mode for an SSH user. By default, the password authentication mode is configured for an SSH user. Format ssh user user-name authentication-type { password | rsa | password-rsa | ecc | password-ecc | all } undo ssh user user-name authentication-type Parameters Parameter Description Value user-name Specifies the SSH user name. The value is a string of 1 to 64 case-insensitive characters without spaces. password Specifies the password authentication mode. - rsa Specifies the RSA authentication mode. - password-rsa Specifies the password and RSA authentication mode. - ecc - Specifies the ECC authentication mode. password-ecc Specifies the password and ECC authentication modes. - all - Specifies the password, ECC, or RSA authentication mode. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 99 Fit AP Command Reference 2 Basic Configurations Commands A new SSH user cannot log in unless being configured with an authentication mode. The newly configured authentication mode takes effect on the next login. When an authentication mode is configured for an SSH user but user-name of the user does not exist, run the display users command to check the user name and set user-name to the displayed user name. NOTE To improve security, it is recommended that you use ECC as the authentication algorithm to log in to the SSH server. Table 2-17 shows the application scenario of each authentication mode. Table 2-17 Application scenario of each authentication mode Authentication Mode Application Scenario RSA authentication It is a public key encryption architecture and an asymmetric encryption algorithm. Based on the problem of factoring large numbers, RSA is mainly used to transmit the keys of the symmetric encryption algorithm, which can improve encryption efficiency and simplify key management. The server must first check the validity of the SSH user and whether the public key and the numeric signature are valid. If all of them are consistent with those configured on the server, user authentication succeeds. If any of the three cannot pass authentication, the user access is denied. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 100 Fit AP Command Reference 2 Basic Configurations Commands Authentication Mode Application Scenario ECC authentication Like RSA authentication, the server first checks the validity of the SSH user and whether the public key and the numeric signature are valid. If all of them are consistent with those configured on the server, user authentication succeeds. If any of the three cannot pass authentication, the user access is denied. Compared with the RSA algorithm, the ECC authentication has the following advantages: ● Provides the same security with shorter key length. ● Features a shorter computing process and higher processing speed. ● Requires less storage space. ● Requires lower bandwidth. Password authentication On the server, the AAA module assigns each valid user a password for login. That is, the server has the mappings between user names and passwords. When a user wants to log in to the server, the server authenticates the user name and its password respectively. If either of them cannot pass authentication, the user access is denied. password-rsa or password-ecc authentication The server can authenticate the client by checking both the public key and the password, and the authentication succeeds only when both the public key and the password are consistent with those configured on the server. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 101 Fit AP Command Reference 2 Basic Configurations Commands Authentication Mode Application Scenario All authentication The server can authenticate the client by checking both the public key and the password, and the authentication succeeds when either of them is consistent with that configured on the server. NOTE In all authentication mode, the user priority depends on the authentication mode selected. ● If password authentication is selected, the user priority is the same as that specified on the AAA module. ● If RSA/ECC authentication is selected, the user priority depends on the priority of the VTY window used during user access. If all authentication is selected and an AAA user with the same name as the SSH user exists, user priorities may be different in password authentication and RSA/ECC authentication modes. Set relevant parameters as needed. Precautions A new SSH user cannot log in to the SSH server unless being configured with an authentication mode. The newly configured authentication mode takes effect upon next login. Only one login user can be configured on the AP. Therefore, user-name specifies only the current login user. Example # Configure the password authentication mode for an SSH user John. <Huawei> system-view [Huawei] ssh user john authentication-type password Related Topics 2.3.4 display ssh user-information 2.3.37 stelnet Function The stelnet command enables you to use the STelnet protocol to log in to another device from the current device. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 102 Fit AP Command Reference 2 Basic Configurations Commands Format # IPv4 address stelnet [ -a source-address ] host-ip [ port-number ] [ [ prefer_kex prefer_keyexchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ] # IPv6 address stelnet ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interfacenumber ] [ port-number ] [ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ] Parameters Parameter Description Value -a source-address Specifies the STelnet source IP address. IPv4: The value is in dotted decimal notation. host-ip Specifies the IP address or host name of the remote IPv4 STelnet server. The value is a string of 1 to 255 caseinsensitive characters without spaces. host-ipv6 Specifies the IPv6 address or host name of the remote IPv6 STelnet server. The value is a string of 1 to 255 caseinsensitive characters without spaces. -oi interface-type interface-number Specifies the If the IPv6 address of the remote host outbound interface is linked to a local address, the on the local device. outbound interface must be specified. port-number Specifies the port number that the SSH server is listening on. Issue 08 (2021-02-25) IPv6: The value is a 32-digit hexadecimal number, in the X:X:X:X:X:X:X:X format. The value is an integer that ranges from 1 to 65535. The default value 22 is the standard port number. Copyright © Huawei Technologies Co., Ltd. 103 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value identity-key Specifies the public The public key algorithm includes rsa key for server and ecc. authentication. NOTE To improve security, it is not recommended that you use RSA as the authentication algorithm. user-identity-key Specifies the public The public key algorithm includes rsa key algorithm for and ecc. the client NOTE authentication. To improve security, it is not recommended that you use RSA as the authentication algorithm. prefer_kex Specifies the prefer_key-exchange preferred key exchange algorithm. The dh_group1, dh_exchange_group, and dh_group14_sha1 algorithms are supported currently. The default key exchange algorithm is dh_group14_sha1. NOTE The dh_exchange_group algorithm is recommended. ● If a key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select a key exchange algorithm from the list. ● If no key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select one from dh_group1, dh_exchange_group, dh_group14_sha1. prefer_ctos_cipher prefer_ctos_cipher Specifies the preferred encryption algorithm from the client to the server. The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128. NOTE ● If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list. ● If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 104 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value prefer_stoc_cipher Specifies the preferred encryption algorithm from the server to the client. The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128. prefer_stoc_cipher NOTE ● If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list. ● If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr. prefer_ctos_hmac prefer_ctos_hmac Specifies the preferred HMAC algorithm from the client to the server. The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256. NOTE ● If an HMAC algorithm list has been configured using the ssh client securealgorithms hmac command for the SSH client, select an HMAC algorithm from the list. ● If no HMAC algorithm list has been configured using the ssh client securealgorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96. prefer_stoc_hmac prefer_stoc_hmac Specifies the preferred HMAC algorithm from the server to the client. The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256. NOTE ● If an HMAC algorithm list has been configured using the ssh client securealgorithms hmac command for the SSH client, select an HMAC algorithm from the list. ● If no HMAC algorithm list has been configured using the ssh client securealgorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 105 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value -ki aliveinterval Specifies the interval for sending keepalive packets when no packet is received. The value is an integer that ranges from 1 to 3600, in seconds. -kc alivecountmax Specifies the number of times for no reply of keepalive packets. The value is an integer that ranges from 3 to 10. The default value is 5. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario Logins through Telnet bring security risks because Telnet does not provide any authentication mechanism and data is transmitted using TCP in plain text. Compared with Telnet, SSH guarantees secure file transfer on a traditional insecure network by authenticating clients and encrypting data in bidirectional mode. The SSH protocol supports STelnet. You can run this command to use STelnet to log in to another device from the current device. STelnet is a secure Telnet service. SSH users can use the STelnet service in the same way as the Telnet service. When a fault occurs in the connection between the client and server, the client needs to detect the fault in real time and proactively release the connection. You need to set the interval for sending keepalive packets and the maximum number of times on the client that logs in to the server through STelnet. ● Interval for sending keepalive packets: If a client does not receive any packet within the specified interval, the client sends a keepalive packet to the server. ● Maximum number of times the server has no response: If the number of times that the server does not respond exceeds the specified value, the client proactively releases the connection. Precautions ● The SSH client can log in to the SSH server with no port specified only when the server is listening on port 22. If the server is listening on another port, the port number must be specified upon login. ● To improve data transmission security, AES128 or a more secure algorithm is recommended. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 106 Fit AP Command Reference 2 Basic Configurations Commands Example # Set keepalive parameters when the client logs in to the server through STelnet. <Huawei> system-view [Huawei] stelnet 10.164.39.209 -ki 10 -kc 4 # Remotely connect to the STelnet server that uses an IPv6 address. <Huawei> system-view [Huawei] stelnet ipv6 fe80::100 prefer_ctos_cipher aes128 Related Topics 2.3.30 ssh server port 2.3.38 telnet Function The telnet command enables you to use the Telnet protocol to log in to another device from the current device. Format # Log in to another device through Telnet based on IPv4. telnet [ -a source-ip-address ] host-ip [ port-number ] # Log in to another device through Telnet based on IPv6. telnet ipv6 [ -a source-ipv6-address ] host-ipv6 [ -oi interface-type interfacenumber ] [ port-number ] Parameters Parameter Description -a source-ip- The value is in dotted By specifying a source IP address, decimal notation. you can use this address to communicate with the server for high network security. If no source address is specified, the system will use the IP address of the local outbound interface to initiate a Telnet connection. address Value -a source-ipv6- By specifying a source IP address, The value is a 32-digit address hexadecimal number, in you can use this address to the X:X:X:X:X:X:X:X format. communicate with the server for high network security. If no source address is specified, the system will use the IP address of the local outbound interface to initiate a Telnet connection. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 107 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value host-ip Specifies the IPv4 address or host name of the remote device. The value is a string of 1 to 255 case-insensitive characters without spaces. host-ipv6 Specifies the IPv6 address or host name of the remote device. The value is a string of 1 to 255 case-insensitive characters without spaces. -oi interfacetype interfacenumber Specifies the outbound interface on If the IPv6 address of the the local device. remote host is linked to a local address, the outbound interface must be specified. port-number Specifies the number of the TCP The value is an integer port that is used by the remote that ranges from 1 to device to provide the Telnet service. 65535. The default value is 23. Views User view Default Level 0: Visit level Usage Guidelines Usage Scenario If one or multiple devices on the network need to be configured and managed, you do not need to connect each device to your terminal for local maintenance. If you have learned the IP address of the device, you can run this command to log in to the device from your terminal for remote device configuration. By doing this, you can use one terminal to maintain multiple devices on the network. You can press Ctrl_K to terminate an active connection between the local and remote devices. Precautions ● Before you run the telnet command to connect to the Telnet server, the Telnet client and server must be able to communicate through Layer 3 and the Telnet service must be enabled on the Telnet server. ● Logins through Telnet bring security risks because Telnet does not provide any authentication mechanism and data is transmitted using TCP in plain text. The STelnet mode is recommended for the network that has the high security requirement. Example # Connect to a remote device through Telnet. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 108 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> telnet 10.1.1.1 # Use the IPv6 address to connect to a remote device through Telnet. <Huawei> telnet ipv6 2607:f0d0:1002:11::158 2.3.39 telnet client-source Function The telnet client-source command specifies the source IP address and interface for a Telnet client. The undo telnet client-source command restores the default settings. The default source IP address of the Telnet client is 0.0.0.0. Format telnet client-source { -a source-ip-address | -i interface-type interface-number } undo telnet client-source Parameters Parameter Description Value -a source-ip-address Specifies the IPv4 address of the local wireless access point. - -i interface-type interfacenumber Specifies the outbound interface of the local wireless access point. - Views System view Default Level 3: Management level Usage Guidelines If the source IP address and interface are not specified in the telnet command, use the default settings specified by telnet client-source. If the source IP address and interface are specified in the telnet command, use the specified settings. Check the current Telnet connection on the server. The IP address displayed is the specified source IP address or the primary IP address of the specified interface. Example # Set the source IP address of the Telnet client to 1.1.1.1. <Huawei> system-view [Huawei] telnet client-source -a 1.1.1.1 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 109 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.3.38 telnet 2.3.40 telnet server permit interface Function The telnet server permit interface command specifies physical interfaces on the Telnet server to which clients can connect. The undo telnet permit interface command restores the default physical interfaces on the Telnet server to which clients can connect. By default, clients can connect to all the physical interfaces on the Telnet server. Format telnet server permit interface { interface-type interface-number } &<1-5> undo telnet server permit interface Parameters Parameter Description Value interface-type interface-number interface-type: specifies the interface type. - interface-number: specifies the interface number. interface-number and interface-type specify an interface. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario To prevent a client from connecting to the Telnet server through an unauthorized physical interface or attacking the Telnet server by sending a large number of Telnet packets, you can run the telnet server permit interface command to specify physical interfaces on the Telnet server to which the client can connect. Precautions ● Issue 08 (2021-02-25) By default, clients can connect to all the physical interfaces on the Telnet server. Once a physical interface is specified using the telnet server permit interface command, a client cannot connect to the Telnet server using other physical interfaces. Copyright © Huawei Technologies Co., Ltd. 110 Fit AP Command Reference ● 2 Basic Configurations Commands This command can be used only on a Layer 2 physical interface but not on a Layer 3 physical interface, logical interface, or a non-Ethernet interface. Example # Specify physical interfaces on the Telnet server to which clients can connect. <Huawei> system-view [Huawei] telnet server permit interface gigabitethernet 0/0/0 Info: Succeeded in setting telnet permit interface. # Restore the default physical interfaces on the Telnet server to which clients can connect. <Huawei> system-view [Huawei] undo telnet server permit interface 2.4 File Management Commands 2.4.1 ascii Function The ascii command sets the file transfer mode to ASCII on an FTP client. The default file transfer mode is ASCII. Format ascii Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines Files can be transferred in ASCII or binary modes. The ASCII mode is used to transfer plain text files, and the binary mode is used to transfer application files such as system software (files with name extension .cc, .bin, and .pat.), images, video files, compressed files, and database files. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 111 Fit AP Command Reference 2 Basic Configurations Commands Example # Set the file transfer mode to ASCII. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] ascii 200 Type set to A. Related Topics 2.4.2 binary 2.4.2 binary Function The binary command sets the file transmission mode to binary on an FTP client. The default file transfer mode is ASCII. Format binary Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines Files can be transferred in ASCII or binary modes. The ASCII mode is used to transfer plain text files, and the binary mode is used to transfer application files such as system software (files with name extension .cc, .bin, and .pat.), images, video files, compressed files, and database files. Example # Set the file transmission mode to binary. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 112 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] binary 200 Type set to I. Related Topics 2.4.1 ascii 2.4.3 bye Function The bye command terminates the connection with the remote FTP server and enters the user view. Format bye Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines This command is equivalent to the quit command. You can use the close and disconnect commands to terminate the connection with the remote FTP server and retain the FTP client view. Example # Terminate the connection with the remote FTP server and enter the user view. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 113 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-ftp] bye 221 server closing. <Huawei> Related Topics 2.4.9 close 2.4.17 disconnect 2.1.8 quit 2.4.4 cd (FTP client view) Function The cd command changes the working directory of the FTP server. Format cd remote-directory Parameters Parameter Description Value remotedirectory Specifies the name of a The value is a string of 1 to 64 working directory on the FTP case-insensitive characters server. without spaces. Views FTP client view Default Level 3: Management level Usage Guidelines The FTP server authorizes users to access files in certain directories and their subdirectories. NOTE If the new working directory of the FTP server is on the same file drive as the current working directory, you do not need to specify the name of the file drive in the command but only need to specify the differences between two working directories. For example: ● If the current working directory is flash:/ and you want to change it to flash:/temp/ subtemp, run the cd temp/subtemp command. ● If the current working directory is flash:/temp and you want to change it to flash:/temp/ subtemp, run the cd subtemp command. ● If the current working directory is flash:/temp/subtemp and you want to change it to flash:/temp, run the cd /temp command. ● If the current working directory is flash:/temp and you want to change it to flash:/, run the cd / command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 114 Fit AP Command Reference 2 Basic Configurations Commands Example # Change the working directory to d:/temp. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] cd d:/temp 250 "D:/temp" is current directory. Related Topics 2.4.15 dir/ls (FTP client view) 2.4.39 pwd (FTP client view) 2.4.5 cd (SFTP client view) Function The cd command changes the working directory of the SFTP server. Format cd [ remote-directory ] Parameters Parameter Description remotedirectory Specifies the name of a The value is a string of 1 to 64 directory on the SFTP server. case-insensitive characters without spaces. Value Views SFTP client view Default Level 3: Management level Usage Guidelines ● The SFTP server authorizes users to access files in certain directories and their subdirectories. ● The specified working directory must exist on the SFTP server. If the remotedirectory parameter is not included in the cd command, only the current working directory of an SSH user is displayed as the command output. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 115 Fit AP Command Reference 2 Basic Configurations Commands Example # Change the current working directory of the SFTP server to /bill. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> cd bill Current directory is: /bill Related Topics 2.4.16 dir/ls (SFTP client view) 2.4.6 cd (user view) Function The cd command changes the current working directory of a user. By default, the current working directory is flash:. Format cd directory Parameters Parameter Description directory Specifies the current working directory of a user. Value The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] path format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. For example, a directory name is flash:/selftest/ test/. Views User view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 116 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● The directory specified in the cd command must exist; otherwise, the error messages will be displayed. You can perform the following operations to rectify faults: a. Run the pwd command to view the current working directory. b. Run the dir command to view the current working directory and verify that the directory specified in the cd command exists. Example # Change the current working directory from flash:/temp to flash:. <Huawei> pwd flash:/temp <Huawei> cd flash: <Huawei> pwd flash: # Change the current working directory from flash: to flash:/t1/t2. <Huawei> pwd flash: <Huawei> cd flash:/t1/t2 <Huawei> pwd flash:/t1/t2 # Change the current working directory from flash:/selftest to flash:/logfile. <Huawei> pwd flash:/selftest <Huawei> cd /logfile/ <Huawei> pwd flash:/logfile # Change the current working directory from flash:/selftest to flash:/selftest/ test. <Huawei> pwd flash:/selftest <Huawei> cd test/ <Huawei> pwd flash:/selftest/test Related Topics 2.4.41 pwd (user view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 117 Fit AP Command Reference 2 Basic Configurations Commands 2.4.7 cdup (SFTP client view) Function The cdup command changes the current working directory of an SSH user to its parent directory. Format cdup Parameters None Views SFTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the cdup command to change the current working directory to its parent directory. Precautions If the current working directory is the SFTP authorization directory, the command cannot change the current working directory. Example # Change the current working directory to its parent directory. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> cd dhcp Current directory is: /dhcp sftp-client> cdup Current directory is: / sftp-client> cdup Error: Failed to change the current directory. sftp-client> Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 118 Fit AP Command Reference 2 Basic Configurations Commands 2.4.8 cdup (FTP client view) Function The cdup command enables you to return to the upper-level directory. Format cdup Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario To exit from the current directory and return to the upper-level directory, run the cdup command. Precautions The accessible directories for an FTP user are restricted by the authorized directory configured for the user. Example # Exit from the current directory and return to the upper-level directory. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] cd security 250 "D:\security" is current directory. [Huawei-ftp] cdup 250 "D:\" is current directory. Related Topics 2.4.15 dir/ls (FTP client view) 2.4.39 pwd (FTP client view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 119 Fit AP Command Reference 2 Basic Configurations Commands 2.4.9 close Function The close command terminates the connection with the remote FTP server and retains the FTP client view. Format close Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario This command is equivalent to the disconnect command. You can run the bye and quit commands to terminate the connection with the remote FTP server and enter the user view. Precautions To enter the user view from the FTP client view, you can run the bye or quit command. Example # Terminate the connection with the remote FTP server and enters the FTP client view. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] close 221 Server closing. [Huawei-ftp] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 120 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.4.3 bye 2.4.10 copy Function The copy command copies a file. Format copy source-filename destination-filename Parameters Parameter Description Settings source-filename Specifies the path and the name of a source file. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 121 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Settings destination-filename Specifies the path and the name of a destination file. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● Issue 08 (2021-02-25) If the destination file name is not specified, the designation file and the source file have the same name. If the source file and the destination file are in the same directory, you must specify the destination file name. If the destination file name is not specified, you cannot copy the source file successfully. Copyright © Huawei Technologies Co., Ltd. 122 Fit AP Command Reference ● 2 Basic Configurations Commands If the destination file name is the same as that of an existing file, the system prompts you whether to overwrite the existing file. The system prompt is displayed only when file prompt is set to alert. Example # Copy the file config.cfg from the root directory of the flash card to flash:/temp. The destination file name is temp.cfg. <Huawei> copy flash:/config.cfg flash:/temp/temp.cfg Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y 100% complete Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done # If the current directory is the root directory of the flash card, you can perform the preceding configuration using the relative path. <Huawei> pwd flash: <Huawei> dir Directory of flash:/ Idx Attr Size(Byte) Date Time(LMT) FileName 0 -rw6,721,804 Mar 19 2012 12:31:58 devicesoft.cc 1 -rw910 Mar 19 2012 12:32:58 config.cfg 2 drw- Mar 05 2012 09:54:34 temp ... 1,927,220 KB total (1,130,464 KB free) <Huawei> copy config.cfg temp/temp.cfg Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y 100% complete Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done # Copy the file config.cfg from the root directory of the flash card to flash:/temp. The destination file name is config.cfg. <Huawei> pwd flash: <Huawei> dir Directory of flash:/ Idx Attr Size(Byte) Date Time(LMT) FileName 0 -rw6,721,804 Mar 19 2012 12:31:58 devicesoft.cc 1 -rw910 Mar 19 2012 12:32:58 config.cfg 2 drw- Mar 05 2012 09:54:34 temp ... 1,927,220 KB total (1,130,464 KB free) <Huawei> copy config.cfg temp Copy flash:/config.cfg to flash:/temp/config.cfg?(y/n)[n]:y 100% complete Info: Copied file flash:/config.cfg to flash:/temp/config.cfg...Done # Copy the file backup.zip to backup1.zip in the test directory from the current working directory flash:/test/. <Huawei> pwd flash:/test <Huawei> copy backup.zip backup1.zip Copy flash:/test/backup.zip to flash:/test/backup1.zip?(y/n)[n]:y 100% complete Info: Copied file flash:/test/backup.zip to flash:/test/backup1.zip...Done Related Topics 2.4.34 move Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 123 Fit AP Command Reference 2 Basic Configurations Commands 2.4.11 debugging Function The debugging command enables the debugging function of the FTP client. The undo debugging command disables the debugging function of the FTP client. By default, the debugging function of the FTP client is disabled. Format debugging undo debugging Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines You can run the debugging command to check the session information sent by the FTP client to the FTP server. Example # Enable the debugging function of the FTP client. <Huawei> ftp 10.1.1.1 Trying 10.1.1.1 ... Press CTRL + K to abort Connected to 10.1.1.1. 220 FTP service ready. User(10.1.1.1:(none)):ftp 331 Password required for ftp. Enter password: 230 User logged in. [ftp] debugging 2.4.12 delete (user view) Function The delete command deletes a specified file in the storage device. Format delete [ /unreserved ] [ /force ] { filename | devicename } Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 124 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value /unreserved Deletes a specified file. The deleted file cannot be restored. - /force Deletes a file directly without any confirmation. - Specifies the name of a file to be deleted. The value is a string of 1 to 64 casesensitive characters without spaces in the [ drive ] [ path ] file name format. filename In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. devicename Deletes all the files in the storage device. - Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Like devicename, drive specifies the storage device name. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 125 Fit AP Command Reference 2 Basic Configurations Commands ● The wildcard (*) can be used in the delete command. ● If the parameter /unreserved is not included, the file is stored in the recycle bin. To display all files including deleted files that are displayed in square brackets ([ ]), run the dir /all command. To restore these files that are displayed in square brackets ([ ]), run the undelete command. To clear these files from the recycle bin, run the reset recycle-bin command. NOTICE If you delete a file using the /unreserved parameter, the file cannot be deleted. ● If you delete a specified storage device, all files are deleted from the root directory of the storage device. ● If you delete two files with the same name from different directories, the last file deleted is kept in the recycle bin. ● If you attempt to delete a protected file, such as a configuration file, patch file, or patch status file, a system prompt is displayed. ● You cannot delete a directory by running the delete command. To delete a directory, run the rmdir (user view) command. Example # Delete the file test.txt from the flash:/test/ directory. <Huawei> delete flash:/test/test.txt Delete flash:/test/test.txt?(y/n)[n]:y Info: Deleting file flash:/test/test.txt...succeed. # Delete the file test.txt from the current working directory flash:/selftest. <Huawei> delete test.txt Delete flash:/selftest/test.txt?(y/n)[n]:y Info: Deleting file flash:/selftest/test.txt...succeed. Related Topics 2.4.46 reset recycle-bin 2.4.56 undelete 2.4.13 dir (user view) Function The dir command displays information about files and directories stored on the storage device. Format dir [ /all ] [ filename | directory ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 126 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Settings /all Displays all files and directories stored in the current directory, including files and directories moved to the recycle bin from the current directory. - filename Specifies the file name. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. directory Specifies the file directory. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] path format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 127 Fit AP Command Reference 2 Basic Configurations Commands Views User view Default Level 3: Management level Usage Guidelines The wildcard (*) can be used in the dir command. If no parameter is specified, this command displays information about the files and directories in the current directory. The following describes the drive name: ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. You can use the dir /all command to view information about all files and directories of the storage device, including those stored in the recycle bin. The name of a file in the recycle bin is placed in square brackets ([]), for example, [test.txt]. Example # Display information about all files and directories stored in the current directory. <Huawei> dir /all Directory of flash:/ Idx 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Attr -rw-rw-rwdrw-rwdrw-rw-rw-rwdrw-rw-rw-rw-rw-rw-rw- Size(Byte) Date Time(LMT) FileName 889 Feb 25 2012 10:00:58 private-data.txt 6,311 Feb 17 2012 14:05:04 backup.cfg 836 Jan 01 2012 18:06:20 rr.dat - Jan 01 2012 18:08:20 syslogfile 836 Jan 01 2012 18:06:20 rr.bak - Feb 27 2012 00:00:54 security 523,240 Mar 16 2011 11:21:36 bootrom_53hib66.bin 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg 812 Dec 12 2011 15:43:10 hostkey - Jan 01 2012 18:05:48 compatible 25,841,428 Nov 17 2011 09:48:10 basicsoft.cc 540 Dec 12 2011 15:43:12 serverkey 26,101,692 Dec 21 2011 11:44:52 devicesoft.cc 6,292 Feb 14 2012 11:14:32 1.cfg 6,311 Feb 17 2012 10:22:56 1234.cfg 6,311 Feb 25 2012 17:22:30 [11.cfg] 1,927,220 KB total (1,130,464 KB free) # Display information about file vrpcfg.cfg in the current directory. <Huawei> dir vrpcfg.cfg Directory of flash:/ Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 128 Fit AP Command Reference Idx Attr 0 -rw- 2 Basic Configurations Commands Size(Byte) Date Time(LMT) FileName 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg 1,927,220 KB total (1,130,464 KB free) # Display information about all .txt files stored in the current directory. <Huawei> dir *.txt Directory of flash:/ Idx Attr 0 -rw- Size(Byte) Date Time(LMT) FileName 889 Feb 25 2012 10:00:58 private-data.txt 1,927,220 KB total (1,130,464 KB free) Table 2-18 Description of the dir command output Item Description d Indicates a directory. If there is no output for this parameter, the command output indicates a file. For example, devicesoft.cc is a file and security is a directory. r Indicates that the file or directory can be read. w Indicates that the file or directory is editable. [] Indicates a file stored in the recycle bin. 2.4.14 delete (FTP client view) Function The delete command deletes a file from the FTP server. Format delete remote-filename Parameters Parameter Description remotefilename Specifies the name of a file The value is a string of 1 to 64 to be deleted. case-insensitive characters without spaces. Value Views FTP client view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 129 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines A file deleted in the FTP client view cannot be restored. Example Delete the file temp.c. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] delete temp.c Warning: The contents of file temp.c cannot be recycled. Continue? (y/n)[n]:y 250 File deleted from remote host. Related Topics 2.4.15 dir/ls (FTP client view) 2.4.15 dir/ls (FTP client view) Function The dir and ls commands display all files or specified files that are stored on the FTP server, and save them to a local disk. Format dir [ remote-filename [ local-filename ] ] ls [ remote-filename [ local-filename ] ] Parameters Parameter Description remotefilename Specifies the name and The value is a string of 1 to 64 directory of a file stored on the case-insensitive characters FTP server. without spaces. local-filename Specifies the name of the local file that saves the FTP server file information. Value The value is a string of 1 to 64 case-insensitive characters without spaces. Views FTP client view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 130 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario The following describes differences between the dir and ls commands. ● After you run the dir command, detailed file information is displayed, including the file size, date when the file is created, whether the file is a directory, and whether the file is editable. After you run the ls command, only the file name is displayed. ● The dir command is used to save detailed file information, while the ls command is used to save only the file name even if the file is specified and saved in a local directory. Precautions The wildcard (*) can be used in commands dir and ls. Example # Display the name or detailed information about a file that is saved in the test directory. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] cd test 250 CWD command successfully. [Huawei-ftp] dir 200 Port command okay. 150 File Listing Follows in ASCII mode drwxrwxrwx 1 noone nogroup 0 Mar 24 10:48 . drwxrwxrwx 1 noone nogroup 0 Mar 26 15:52 .. drwxrwxrwx 1 noone nogroup 0 Mar 23 16:04 yourtest -rwxrwxrwx 1 noone nogroup 5736 Mar 24 10:38 backup.txt -rwxrwxrwx 1 noone nogroup 5736 Mar 24 10:38 backup1.txt 226 Transfer finished successfully. [Huawei-ftp] ls 200 Port command okay. 150 File Listing Follows in ASCII mode yourtest backup.txt backup1.txt 226 Transfer finished successfully. FTP: 10 byte(s) received in 0.110 second(s) 90.90byte(s)/sec. # Display the detailed information in file temp.c, and save the displayed information in file temp1. [Huawei-ftp] dir temp.c temp1 200 PORT command okay 150 File Listing Follows in ASCII mode \ 226 Transfer finished successfully. FTP: 62 byte(s) received in 0.050 second(s) 1.24Kbyte(s)/sec. [Huawei-ftp] quit Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 131 Fit AP Command Reference 2 Basic Configurations Commands 221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye <Huawei> more temp1 -rwxrwxrwx 1 noone nogroup 3929 Apr 27 18:13 temp.c # Display the name of file test.bat, and save the displayed information in file test. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] ls test.bat test 200 Port command okay. 150 Opening ASCII mode data connection for test.bat. 226 Transfer complete. [Huawei-ftp] quit 221 Server closing. <Huawei> more test test.bat Table 2-19 Description of the dir/Is command output Parameter Description d in the command output Indicates a directory. If there is no output for this parameter, the command output indicates a file. r in the command output Indicates that the file or directory can be read. w in the command output Indicates that the file or directory is editable. 2.4.16 dir/ls (SFTP client view) Function dir and ls commands display a list of specified files that are stored on the SFTP server. Format dir [ -l | -a ] [ remote-directory ] ls [ -l | -a ] [ remote-directory ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 132 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value -l Displays detailed information about all files and directories in a specified directory. - -a Displays names of all files and directories in a specified directory. - remote-directory Specifies the name of a directory on the SFTP server. The value is a string of 1 to 64 case-insensitive characters without spaces. Views SFTP client view Default Level 3: Management level Usage Guidelines The dir and ls commands are equivalent. ● If -l and -a parameters are not specified, detailed information about all files and directories in a specified directory is displayed after you run the dir or ls command. The effect is the same as the dir -l command output. ● By default, if the remote-directory parameter is not specified, the list of current directory files is displayed after you run the dir or ls command. Example # Displays a list of files in the test directory of the SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> dir test drwxrwxrwx 1 noone nogroup drwxrwxrwx 1 noone nogroup -rwxrwxrwx 1 noone nogroup -rwxrwxrwx 1 noone nogroup -rwxrwxrwx 1 noone nogroup sftp-client> dir -a test . .. yourtest backup.txt backup1.txt sftp-client> ls test drwxrwxrwx 1 noone nogroup drwxrwxrwx 1 noone nogroup -rwxrwxrwx 1 noone nogroup Issue 08 (2021-02-25) 0 Mar 24 18:48 . 0 Mar 29 14:52 .. 0 Mar 24 00:04 yourtest 5736 Mar 24 18:38 backup.txt 5736 Mar 24 18:38 backup1.txt 0 Mar 24 18:48 . 0 Mar 29 14:52 .. 0 Mar 24 00:04 yourtest Copyright © Huawei Technologies Co., Ltd. 133 Fit AP Command Reference 2 Basic Configurations Commands -rwxrwxrwx 1 noone -rwxrwxrwx 1 noone sftp-client> ls -a test . .. yourtest backup.txt backup1.txt nogroup nogroup 5736 Mar 24 18:38 backup.txt 5736 Mar 24 18:38 backup1.txt 2.4.17 disconnect Function The disconnect command terminates the connection with the remote FTP server and displays the FTP client view. Format disconnect Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines This command is equivalent to the close command. You can run the bye and quit commands to terminate the connection with the remote FTP server and enter the user view. To enter the user view from the FTP client view, you can run the bye or quit command. Example # Terminate the connection with the remote FTP server and enter the FTP client view. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] disconnect 221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 134 Fit AP Command Reference 2 Basic Configurations Commands [Huawei-ftp] Related Topics 2.4.3 bye 2.4.9 close 2.4.35 open 2.4.18 display ftp-client Function The display ftp-client command displays the source IP address configured for the FTP client. Format display ftp-client Parameters None Views All views Default Level 3: Management level Usage Guidelines The default source IP address is 0.0.0.0 if ftp client-source is not configured. Example # Display the source IP address of the FTP client. <Huawei> display ftp-client Info: The source IP address of FTP client is 10.1.1.1. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 135 Fit AP Command Reference 2 Basic Configurations Commands Table 2-20 Description of the display ftp-client command output Parameter Description Info: The source IP address of FTP client is 10.1.1.1. 10.1.1.1 is the source IP address of the FTP client. You can run the ftp client-source command to configure the source IP address. If the IP address is configured for the source port, the message "The source interface of FTP client is LoopBack0" is displayed. Related Topics 2.4.23 ftp 2.4.24 ftp client-source 2.4.19 display sftp-client Function The display sftp-client command displays the source IP address configured for the SFTP client. Format display sftp-client Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display sftp client command to display the source IP address of the SFTP client. By default, the source IP address is 0.0.0.0 if sftp client-source is not configured. Example # Display the source IP address configured for the SFTP client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 136 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> display sftp-client Info: The source address of SFTP client is 1.1.1.1 Table 2-21 Description of the display sftp-client command output Parameter Description Info: The source address of SFTP client is 1.1.1.1 1.1.1.1 is the source IP address of the SFTP client. You can run the sftp client-source command to configure the source IP address for the SFTP client. If the IP address is configured for the source port, the message "The source interface of SFTP client is LoopBack0" is displayed. Related Topics 2.4.50 sftp 2.4.51 sftp client-source 2.4.20 display tftp-client Function The display tftp-client command displays the source IP address configured for the TFTP client. Format display tftp-client Parameters None Views All views Default Level 3: Management level Usage Guidelines You can run the display tftp client command to query source IP address of the TFTP client. The default source IP address is 0.0.0.0 if tftp client-source is not configured. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 137 Fit AP Command Reference 2 Basic Configurations Commands Example # Display the source IP address configured for the TFTP client. <Huawei> display tftp-client Info: The source address of TFTP client is 1.1.1.1. Table 2-22 Description of the display tftp-client command output Parameter Description Info: The source address of TFTP client is 1.1.1.1. 1.1.1.1 is the source IP address of the TFTP client. You can run the tftp client-source command to configure the source IP address for the TFTP client. If the IP address is configured for the source port, the message "The source interface of TFTP client is LoopBack0" is displayed. Related Topics 2.4.52 tftp 2.4.53 tftp client-source 2.4.21 file prompt Function The file prompt command changes the prompt mode when you perform operations on files. The default prompt mode is alert. Format file prompt { alert | quiet } Parameters Parameter Description Value alert Display a prompt message before users perform an operation. - quiet Display no prompt message before users perform an operation. - Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 138 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines NOTICE If the prompt mode is set to quiet, the system does not provide prompt messages when data is lost because of misoperations such as the operation of deleting or overwriting files. Therefore, this prompt mode should be used with caution. Example # Set the prompt mode to quiet. When you rename a copied file test.txt using an existing file name test1.txt, no prompt message is displayed. <Huawei> system-view [Huawei] file prompt quiet [Huawei] quit <Huawei> copy test.txt test1.txt Deleting file permanently from flash will take a long time if needed...Done. 100% complete Info: Copied file flash:/test.txt to flash:/test1.txt...Done # Set the prompt mode to alert. <Huawei> system-view [Huawei] file prompt alert [Huawei] quit <Huawei> copy test.txt test1.txt Copy flash:/test.txt to flash:/test1.txt?(y/n)[n]:y The file flash:/test1.txt exists. Overwrite it?(y/n)[n]:y Deleting file permanently from flash will take a long time if needed...Done. 100% complete Info: Copied file flash:/test.txt to flash:/test1.txt...Done 2.4.22 format Function The format command formats a storage device. Format format drive Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 139 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description drive Value Specifies the name of the The enumerated values are: storage device to format. ● usb: ● sdcard: \ The value sdcard: is supported only by the AD9430DN-12. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario When the file system fault cannot be rectified or the data on the storage device is unnecessary, the storage device can be formatted. When you run the format command, all files and directories are cleared from the storage device. Currently, only the USB flash drive and micro SD card of the device can be formatted. Precautions NOTICE After the format command is run, files and directories are cleared from the specified storage device and cannot be restored. Therefore, this command should be used with caution. If the storage device is still unavailable after the format command is run, a physical exception may have occurred. Example # Format the storage device. <Huawei> format usb: All data(include configuration and system startup file) on usb: will be lost , proceed with format? (y/n)[n]:y %Format usb: completed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 140 Fit AP Command Reference 2 Basic Configurations Commands 2.4.23 ftp Function The ftp command connects the FTP client to the FTP server and enters the FTP client view. Format # Connect the FTP client to the FTP server based on the IPv4 address. ftp [ [ -a source-ip-address | -i interface-type interface-number ] host-ip [ portnumber ] ] # Connect the FTP client to the FTP server based on the IPv6 address. ftp ipv6 host-ipv6 [ port-number ] Parameters Parameter Description -a source-ipaddress Value Specifies the source IP address for The value is in dotted connecting to the FTP client. You are decimal notation. advised to use the loopback interface IP address. -i interface-type Specifies the source interface type interfaceand ID. You are advised to use the number loopback interface. - The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the FTP connection cannot be set up. host-ip Specifies the IP address or host name The value is a string of of the remote IPv4 FTP server. 1 to 255 case-insensitive characters without spaces. port-number Specifies the port number of the FTP The value is an integer that ranges from 1 to server. 65535. The default value is the standard port number 21. host-ipv6 Specifies the IP address or host name The value is a string of of the remote IPv6 FTP server. 1 to 46 case-insensitive characters without spaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 141 Fit AP Command Reference 2 Basic Configurations Commands Views User view Default Level 3: Management level Usage Guidelines Usage Scenario Before accessing the FTP server on the FTP client, you must first run the ftp command to connect the FTP client to the FTP server. Precautions ● You can set the source IP address to the source or destination IP address in the ACL rule when the -a or -i parameter is specified on the IPv4 network. This shields the IP address differences and interface status impact, and incoming and filters outgoing packets, and implements security authentication. ● If no parameter is set in the ftp command, only the FTP view is displayed, and no connection is set up between the FTP server and client. ● If the port number that the FTP server uses is non-standard, you must specify a standard port number; otherwise, the FTP server and client cannot be connected. ● When you run the ftp command, the system prompts you to enter the user name and password for logging in to the FTP server. You can log in to the FTP server if the user name and password are correct. ● If the number of login users exceeds the maximum value that the FTP server allows, other authorized users cannot log in to the FTP server. To allow news authorized users to log in to the FTP server, users who have performed FTP services must disconnect their clients from the FTP server. You can run the bye or quit command to disconnect the FTP client from the FTP server and return to the user view, or run the close or disconnect command to disconnect the FTP client from the FTP server and retain in the FTP client view. Example # Connect to the FTP server whose IP address is 10.137.217.201. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] # Connect to the remote IPv6 FTP server whose address is 1000::1. <Huawei> ftp ipv6 1000::1 Trying 1000::1 Press CTRL+K to abort Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 142 Fit AP Command Reference 2 Basic Configurations Commands Connected to ftp 1000::1. 220 FTP service ready. User(1000::1:(none)):huawei 331 Password required for huawei Enter Password: 230 User logged in. [Huawei-ftp] Related Topics 2.4.3 bye 2.4.17 disconnect 2.4.24 ftp client-source Function The ftp client-source command specifies the source IP address for the FTP client to send packets. The undo ftp client-source command restores the default source IP address for the FTP client to send packets. The default source IP address for the FTP client to send packets is 0.0.0.0. Format ftp client-source { -a source-ip-address | -i interface-type interface-number } undo ftp client-source Parameters Parameter -a source-ipaddress -i interface-type interface-number Description Value Specifies the source IP address. You are advised to use the loopback interface IP address. The value is in dotted decimal notation. Specifies the source interface. You are advised to use the loopback interface. - The IP address configured for the source interface is the source IP address for sending packets. If no IP address is configured for the source interface, the FTP connection cannot be set up. Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 143 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario If no source IP address is specified, the client uses the source IP address that the router specifies to send packets. The source IP address must be configured for an interface with stable performance. The loopback interface is recommended. Using the loopback interface as the source interface simplifies the ACL rule and security policy configuration. This shields the IP address differences and interface status impact, and incoming and filters outgoing packets, and implements security authentication. Precautions ● You can also run the ftp command to configure the source IP address whose priority is higher than that of the source IP address specified by the ftp clientsource command. If you specify the source IP addresses by running the ftp client-source and ftp commands, the source IP address specified by the ftp command is used for data communication and is available only for the current FTP connection, while the source IP address specified by the ftp client-source command is available for all FTP connections. ● The IP address that a user displays on the FTP server is the specified source IP address or source interface IP address. Example # Set the source IP address of the FTP client to 1.1.1.1. <Huawei> system-view [Huawei] ftp client-source -a 1.1.1.1 Info: Succeeded in setting the source address of the FTP client to 1.1.1.1. Related Topics 2.4.23 ftp 2.4.18 display ftp-client 2.4.25 get (FTP client view) Function The get command downloads a file from the FTP server and saves the file to the local device. Format get remote-filename [ local-filename ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 144 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value remotefilename Specifies the name of the file to be downloaded from the FTP server. The value is a string of 1 to 64 case-sensitive characters without spaces. local-filename Specifies the name of a downloaded file to be saved to the local device. The value is a string of 1 to 64 case-sensitive characters without spaces. Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the get command to download system software, backup configuration files, and patch files from the FTP server to upgrade devices. Precautions ● If the downloaded file name is not specified on the local device, the original file name is used. ● If the name of the downloaded file is the same as that of an existing local file, the system prompts you whether to overwrite the existing file. Example # Download the system software devicesoft.cc from the FTP server. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] get devicesoft.cc Related Topics 2.4.37 put (FTP client view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 145 Fit AP Command Reference 2 Basic Configurations Commands 2.4.26 get (SFTP client view) Function The get command downloads a file from the SFTP server and saves the file to the local device. Format get remote-filename [ local-filename ] Parameters Parameter Description Value remotefilename Specifies the name of the file to be downloaded from the SFTP server. The value is a string of 1 to 64 case-sensitive characters without spaces. local-filename Specifies the name of a downloaded file to be saved to the local device. The value is a string of 1 to 64 case-sensitive characters without spaces. Views SFTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the get command to download files from the FTP server to upgrade devices. Precautions ● If the local-filename is not specified on the local device, the original file name is used. ● If the name of the downloaded file is the same as that of an existing local file, the system prompts you whether to overwrite the existing file. Example # Download a file from the SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 146 Fit AP Command Reference 2 Basic Configurations Commands sftp-client> get test.txt Related Topics 2.4.38 put (SFTP client view) 2.4.27 help (SFTP client view) Function The help command displays the help information in the SFTP client view. Format help [ all | command-name ] Parameters Parameter Description Value all Displays all commands in the SFTP client view. - command-name Displays the format and parameters of a specified command in the SFTP client view. - Views SFTP client view Default Level 3: Management level Usage Guidelines Usage Scenario In the SFTP view, you can only enter the question mark (?) to obtain all commands in the SFTP client view. If you enter a command keyword and the question mark (?) to query command parameters, an error message is displayed, as shown in the following: sftp-client> dir ? Error: Failed to list files. You can run the help command to obtain the help information and display all commands or a command format in the SFTP client view. Precautions If you specify no parameter when running the help command, all commands in the SFTP client view is displayed. This has the same effect as the help all command or directly entering the question mark (?) in the SFTP client view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 147 Fit AP Command Reference 2 Basic Configurations Commands Example # Display the format of the command get. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> help get get Remote file name STRING<1-64> [Local file name STRING<1-64>] Download file Default local file name is the same with remote file. # Display all commands in the SFTP client view. sftp-client> help all cd cdup dir get help ls mkdir put pwd quit rename remove rmdir Related Topics 2.4.50 sftp 2.4.28 mkdir (FTP client view) Function The mkdir command creates a directory on the remote FTP server. Format mkdir remote-directory Parameters Parameter Description remotedirectory Specifies the directory The value is a string of case-sensitive to be created. characters without spaces. The absolute path length ranges from 1 to 64 Value Views FTP client view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 148 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines ● You can run the mkdir command to create a subdirectory in a specified directory, and the subdirectory name must be unique. ● If no path is specified when you create a subdirectory, the subdirectory is created in the current directory. ● The created directory is stored on the FTP server. Example # Create a directory test on the remote FTP server. <Huawei> ftp 172.16.104.110 Trying 172.16.104.110 ... Press CTRL+K to abort Connected to 172.16.104.110. 220 FTP service ready. User(172.16.104.110:(none)):huawei 331 Password required for huawei Enter password: 230 User logged in. [Huawei-ftp] mkdir test 257 "test" new directory created. Related Topics 2.4.15 dir/ls (FTP client view) 2.4.47 rmdir (FTP client view) 2.4.29 mkdir (SFTP client view) Function The mkdir command creates a directory on the remote SFTP server. Format mkdir remote-directory Parameters Parameter Description Value remotedirectory Specifies the directory to be created. The value is a string of case-sensitive characters without spaces. The absolute path length ranges from 1 to 64, while the directory name length ranges from 1 to 15. Views SFTP client view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 149 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines ● You can run the mkdir command to create a subdirectory in a specified directory, and the subdirectory name must be unique. ● If no path is specified when you create a subdirectory, the subdirectory is created in the current directory. ● The created directory is stored on the SFTP server. ● After a directory is created, you can run the dir/ls (SFTP client view) command to view the directory. Example # Create a directory on the SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> mkdir ssh Info: Succeeded in creating a directory. Related Topics 2.4.16 dir/ls (SFTP client view) 2.4.48 rmdir (SFTP client view) 2.4.30 mkdir (User view) Function The mkdir command creates a directory in the current storage device. Format mkdir directory Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 150 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Settings directory Specifies a directory or directory and its path. The value is a string of case-sensitive characters in the [ drive ] [ path ] directory format. The absolute path length ranges from 1 to 64, while the directory name length ranges from 1 to 15. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. Characters such as ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. If you only the subdirectory name is specified, a subdirectory is created in the current working directory. You can run the 2.4.41 pwd (user view) command to query the current working directory. If the subdirectory name and directory path are specified, the subdirectory is created in the specified directory. Precautions ● Issue 08 (2021-02-25) The subdirectory name must be unique in a directory; otherwise, the message "Error: Directory already exists" is displayed. Copyright © Huawei Technologies Co., Ltd. 151 Fit AP Command Reference ● 2 Basic Configurations Commands A maximum of four directory levels are supported when you create a directory. Example # Create the subdirectory new in the flash card. <Huawei> mkdir flash:/new Info: Create directory flash:/new......Done Related Topics 2.4.13 dir (user view) 2.4.31 lcd Function The lcd command displays and changes the local working directory of the FTP client in the FTP client view. Format lcd [ local-directory ] Parameters Parameter Description local-directory Specifies the local working directory of the FTP client. Value The value is a string of 1 to 64 case-sensitive characters without spaces. Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the lcd command to display the local working directory of the FTP client when uploading or downloading files, and set the upload or download path to the path of the local working directory. Precautions The lcd command displays the local working directory of the FTP client, while the pwd command displays the working directory of the FTP server. If you specify the parameter local-directory in the lcd command, you can directly change the local working directory in the FTP client view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 152 Fit AP Command Reference 2 Basic Configurations Commands Example # Change the local working directory to flash:/test. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] lcd The current local directory is flash:. [Huawei-ftp] lcd flash:/test The current local directory is flash:/test. Related Topics 2.4.39 pwd (FTP client view) 2.4.32 more Function The more command displays the content of a specified file. Format more [ /binary ] filename [ offset ] [ all ] Parameters Parameter Description Value /binary Displays the file content in the binary mode. - filename Specifies the file name. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. offset Issue 08 (2021-02-25) Specifies the file offset. The value is an integer that ranges from 0 to 2147483647, in bytes. Copyright © Huawei Technologies Co., Ltd. 153 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value all - Displays all the file content on one screen. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the more command to display the file content directly on a device. ● The following describes the drive name. – ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. – flash:/my/test/ is an absolute path. – selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● You are not advised to use this command to display non-text files; otherwise, the terminal is shut down or displays garbled characters, which is harmless to the system. ● Files are displayed in text format. ● You can display the file content flexibly by specifying parameters before running the more command: – You can run the more filename command to view a specified text file. The content of the specified text file is displayed on multiple screens. You can press the spacebar consecutively on the current session GUI to display all content of the file. To display the file content on multiple screens, you must ensure that: ▪ ▪ – Issue 08 (2021-02-25) The number of lines that can be displayed on a terminal screen is greater than 0. (The number of lines that can be displayed on a terminal screen is set by running the screen-length command.) The total number of file lines is greater than the number of lines that can be displayed on a terminal screen. (The number of lines that can be displayed on a terminal screen is set by running the screenlength command.) You can run the more filename offset command to view a specified file. The content of the specified text file starting from offset is displayed on Copyright © Huawei Technologies Co., Ltd. 154 Fit AP Command Reference 2 Basic Configurations Commands multiple screens. You can press the spacebar consecutively on the current session GUI to display all content of the file. To display the file content on multiple screens, you must ensure that: ▪ ▪ – The number of lines that can be displayed on a terminal screen is greater than 0. (The number of lines that can be displayed on a terminal screen is set by running the screen-length command.) The number of lines starting from offset in the file is greater than the number of lines that can be displayed on a terminal screen. (The number of lines that can be displayed on a terminal screen is set by running the screen-length command.) You can run the more file-name all command to view a specified file. The file content is displayed on one screen. Example # Display the content of the file test.bat. <Huawei> more test.bat rsa local-key-pair create user-interface vty 12 14 authentication-mode aaa protocol inbound ssh user privilege level 5 quit ssh user sftpuser authentication-type password sftp server enable # Display the content of the file log.txt and set the offset to 100. <Huawei> more log.txt 100 : CHINA HUAWEI TECHNOLOGY LIMITTED CO.,LTD # FILE NAME: Product Adapter File(PAF) # PURPOSE: MAKE VRPV5 SUITABLE FOR DIFFERENT PRODUCT IN LIB # SOFTWARE PLATFORM: V6R2C00 # DETAIL VERSION: B283 # DEVELOPING GROUP: 8090 SYSTEM MAINTAIN GROUP # HARDWARE PLATFORM: 8090 (512M Memory) # CREATED DATE: 2003/05/10 # AUTH: RAINBOW # Updation History: Kelvin dengqiulin update for 8090(2004.08.18) # lmg update for R3(2006.11.7) # fsr update for R5 (2008.1.18) # qj update for R6 (2008.08.08) # COPYRIGHT: 2003---2008 #---------------------------------------------------------------------------------- #BEGIN FOR RESOURCE DEFINATION [RESOURCE] FORMAT: SPECS RESOURCE NAME STRING = CONTROLLABLE(1 : ABLE , 0: NOT ABLE),DEFAUL T VALUE , MAX VALUE , MIN VALUE #BEGIN SPECS RESOURCE FOR TE tunnel Nto1 PS MODULE PAF_LCS_TUNNEL_SPECS_TE_PS_MAX_PROTECT_NUM = 1, 8, 16, 1 PAF_LCS_TUNNEL_SPECS_TE_PS_REBOOT_TIME = 1, 180000, 3600000, 60000 ---- More ---- # Display the content of the file paf.txt. <Huawei> more paf.txt all PAF_LCS_588_IFC_FIFO_DEPTH_ASE = 222 #IFC_FIFO_DEPTH_ASE EXPLAIN (222: NORMAL, 102: DEEP) PAF_LCS_588_IPE_FIFO_DEPTH_TCM = 659206 #IPE_FIFO_DEPTH_TCM EXPLAIN (659206: NORMAL, 655360: DEEP) PAF_LCS_588_IFC_FIFO_DEPTH_TCM = 222 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 155 Fit AP Command Reference 2 Basic Configurations Commands #IFC_FIFO_DEPTH_TCM EXPLAIN (222: NORMAL, 102: DEEP) #END OF SPECS RESOURCE FOR 588 MODULE #BEGIN 8090 MEM GATE AND ISSU MEM GATE PAF_LCS_8090_BOARD_RESET_MEMORY_GATE = 90 PAF_LCS_8090_512BOARD_RESET_MEMORY_GATE = 85 PAF_LCS_8090_BOARD_RESET_MEMORY_GATE_ISSU = 95 PAF_LCS_ISSU_CHECK_MEMORY_GATE = 40 #END 8090 MEM GATE AND ISSU MEM GATE [END CONFIGURE] 2.4.33 mount Function The mount command uploads a storage device. By default, after being installed on the device, the storage device is automatically uploaded to the device. NOTE Only the AD9431DN-24X, AD9430DN-24, AD9430DN-12, AP4030TN, AP4050DN-E, AP5050DN-S, AP6050DN, AP6150DN, AP7050DN-E, AP7050DE, AP4051TN, AP6052DN, AP7052DN, AP7152DN, AP7052DE, AP2050DN, AP2050DN-S, AP2050DN-E, AP2051DN, AP2051DN-S, AP2051DN-E, AP4051DN, AP4151DN, AP4051DN-S, AP4050DN, AP4050DN-S, AP4051DN-USA, AP1050DN-S, AP4050DN-HD, AP4030TN, AP7060DN, WA375DD-CE, R250D-E and R251D-E support this command. Format mount driver Parameters Parameter Description Value driver Specifies the driver that requires hot loading. The enumerated values are: ● usb: ● sdcard: The value sdcard: is supported only by the AD9430DN-12. Views User view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 156 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines After being installed on the device, the storage device is automatically uploaded to the device. Therefore, you do not need to run this command to upload the storage device. If you run the 2.4.55 umount command to unload the storage device and the storage device is not removed from the device, run the mount command to upload the storage device again. Example # Upload a USB flash drive. <Huawei> mount usb: Info: Mount USB device success! Related Topics 2.4.55 umount 2.4.34 move Function The move command moves the source file from a specified directory to a destination directory. Format move source-filename destination-filename Parameters Parameter Description Settings source-filename Specifies the directory and name of a source file. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 157 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Settings destination-filename Specifies the directory and name of a destination file. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● If the destination file has the same name as an existing file, the system prompts you whether to overwrite the existing file. The system prompt is displayed only when file prompt is set to alert. ● This command cannot be used to move files between storage devices. ● The move and copy commands have different effects: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 158 Fit AP Command Reference 2 Basic Configurations Commands – The move command moves the source file to the destination directory. – The copy command copies the source file to the destination directory. Example # Move a file from flash:/test/sample.txt to flash:/sample.txt. <Huawei> move flash:/test/sample.txt flash:/sample.txt Move flash:/test/sample.txt to flash:/sample.txt ?(y/n)[n]: y %Moved file flash:/test/sample.txt to flash:/sample.txt. Related Topics 2.4.10 copy 2.4.35 open Function The open command connects the FTP client and server. Format # Connect the FTP client to the FTP server based on the IPv4 address. open [ -a source-ip-address | -i interface-type interface-number ] host-ip [ portnumber ] # Connect the FTP client to the FTP server based on the IPv6 address. open ipv6 host-ipv6 [ port-number ] Parameters Parameter Description -a source-ipaddress Specifies the source IP address for connecting to the FTP client. You are advised to use the loopback interface IP address. -i interface-type interfacenumber Specifies the source interface type and ID. You are advised to use the loopback interface. Value - The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the FTP connection cannot be set up. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 159 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value host-ip Specifies the IP address or host name The value is a string of of the remote IPv4 FTP server. 1 to 255 caseinsensitive characters without spaces. port-number Specifies the port number of the FTP server. ipv6 host-ipv6 Specifies the IP address or host name The value is a string of of the remote IPv6 FTP server. 1 to 46 case-insensitive characters without spaces. The value is an integer that ranges from 1025 to 55535, or 21. The default value is the standard port number 21. Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the open command in the FTP client view to connect the FTP client to the server to transmit files and manage files and directories of the FTP server. Precautions ● You can run the ftp command in the user view to connect the FTP client and server and enter the FTP client view. ● You can set the source IP address to the source or destination IP address in the ACL rule when the -a or -i parameter is specified on the IPv4 network. This shields the IP address differences and interface status impact, and incoming and filters outgoing packets, and implements security authentication. ● If the port number that the FTP server uses is non-standard, you must specify a standard port number; otherwise, the FTP server and client cannot be connected. ● When you run the open command, the system prompts you to enter the user name and password for logging in to the FTP server. You can log in to the FTP client and enter the FTP client view if the user name and password are correct. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 160 Fit AP Command Reference 2 Basic Configurations Commands Example # Connect the FTP client with the FTP server whose IP address is 10.137.217.204. <Huawei> ftp [Huawei-ftp] open 10.137.217.204 Trying 10.137.217.204 ... Press CTRL+K to abort Connected to 10.137.217.204. 220 FTP service ready. User(10.137.217.204:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] # Connect the FTP client with the FTP server whose IP address is 1000::1. <Huawei> ftp [Huawei-ftp] open ipv6 1000::1 Trying 1000::1 ... Press CTRL+K to abort Connected to 1000::1 220 FTP service ready. User(1000::1:(none)):huawei 331 Password required for huawei Enter Password: 230 User logged in. [Huawei-ftp] Related Topics 2.4.23 ftp 2.4.17 disconnect 2.4.36 passive Function The passive command sets the data transmission mode to passive. The undo passive command sets the data transmission mode to active. By default, the data transmission mode is active. Format passive undo passive Parameters None Views FTP client view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 161 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines The device supports the active and passive data transmission modes. In active mode, the server initiates a connection request, and the client and server need to enable and monitor a port to establish a connection. In passive mode, the client initiates a connection request, and only the server needs to monitor the corresponding port. This command is used together with the firewall function. When the client is configured with the firewall function, FTP connections are restricted between internal clients and external FTP servers if the FTP transmission mode is active. If the FTP transmission mode is passive, FTP connections between internal clients and external FTP servers are not restricted. Example # Set the data transmission mode to passive. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] passive Info: Succeeded in switching passive on. 2.4.37 put (FTP client view) Function The put command uploads a local file to the remote FTP server. Format put local-filename [ remote-filename ] Parameters Parameter Description Value local-filename Specifies the local file name of the FTP client. The value is a string of 1 to 64 case-sensitive characters without spaces. remotefilename Specifies the name of the file The value is a string of 1 to 64 to be uploaded to the remote case-sensitive characters without FTP server. spaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 162 Fit AP Command Reference 2 Basic Configurations Commands Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the put command to upload a local file to the remote FTP server for further check and backup. For example, you can upload the local log file to the FTP server for other users to check, and upload the configuration file to the FTP server as a backup before upgrading the device. Precautions ● If the file name is not specified on the remote FTP server, the local file name is used. ● If the name of the uploaded file is the same as that of an existing file on the FTP server, the system overwrites the existing file. Example # Upload the configuration file vrpcfg.zip to the remote FTP server as a backup, and save it as backup.zip. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] put vrpcfg.zip backup.zip 200 Port command successful. 150 Opening BINARY mode data connection for file transfer. 226 Transfer complete FTP: 1098 byte(s) sent in 0.131 second(s) 8.38Kbyte(s)/sec. Related Topics 2.4.25 get (FTP client view) 2.4.38 put (SFTP client view) Function The put command uploads a local file to a remote SFTP server. Format put local-filename [ remote-filename ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 163 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value local-filename Specifies a local file The value is a case-sensitive character name on the SFTP client. string without spaces. The file name (including the absolute path) contains 1 to 64 characters. remotefilename Specifies the name of the The value is a case-sensitive character file uploaded to the string without spaces. The file name remote SFTP server. (including the absolute path) contains 1 to 64 characters. Views SFTP client view Default Level 3: Management level Usage Guidelines Usage Scenario This command enables you to upload files from the local device to a remote SFTP server to view the file contents or back up the files. For example, you can upload log files of a device to an SFTP server and view the logs in the server. During an upgrade, you can upload the configuration file of the device to the SFTP server for backup. Precautions ● If remote-filename is not specified, the uploaded file is saved on the remote SFTP server with the original file name. ● If the specified remote-filename is the same as an existing file name on the SFTP server, the uploaded file overwrites the existing file on the server. Example # Upload a file to the SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> put wm.cfg local file: wm.cfg ---> Remote file: /wm.cfg Info: Uploading file successfully ended. Related Topics 2.4.26 get (SFTP client view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 164 Fit AP Command Reference 2 Basic Configurations Commands 2.4.39 pwd (FTP client view) Function The pwd command displays the FTP client's working directory on the remote FTP server. Format pwd Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines After logging in to the FTP server, you can run the pwd command to display the FTP client's working directory on the remote FTP server. If the displayed working directory is incorrect, you can run the cd command to change the FTP client's working directory on the remote FTP server. Example # Display the FTP client's working directory on the remote FTP server. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] pwd 257 "/" is current directory. Related Topics 2.4.23 ftp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 165 Fit AP Command Reference 2 Basic Configurations Commands 2.4.40 pwd (SFTP client view) Function The pwd command displays the SFTP client's working directory on the remote FTP server. Format pwd Parameters None Views SFTP client view Default Level 3: Management level Usage Guidelines After logging in to the SFTP server, you can run the pwd command to display the SFTP client's working directory on the remote SFTP server. If the displayed working directory is incorrect, you can run the cd command to change the SFTP client's working directory on the remote SFTP server. Example # Display the SFTP client's working directory on the remote SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> pwd / sftp-client> cd test Current directory is: /test sftp-client> pwd /test Related Topics 2.4.5 cd (SFTP client view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 166 Fit AP Command Reference 2 Basic Configurations Commands 2.4.41 pwd (user view) Function The pwd command displays the current working directory. Format pwd Parameters None Views User view Default Level 3: Management level Usage Guidelines You can run the pwd command in any directory to display the current working directory. To change the current working directory, you can run the cd command. Example # Display the current working directory. <Huawei> pwd flash:/test Related Topics 2.4.13 dir (user view) 2.4.6 cd (user view) 2.4.42 remotehelp Function The remotehelp command displays the help information about an FTP command when the FTP client and server are connected. Format remotehelp [ command ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 167 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value command The value is a string of 1 to 16 characters. Specifies the FTP command. Views FTP client view Default Level 3: Management level Usage Guidelines You can run the remotehelp command to display the help information about an FTP command. ● The help information is provided by the remote server. Different remote servers may provide different help information for an FTP command. ● The help information can be displayed for FTP commands user, pass, cwd, cdup, quit, port, pasv, type, retr, stor, dele, rmd, mkd, pwd, list, nlst, syst, help, xcup, xcwd, xmkd, xpwd, and xrmd. Example # Display the syntax of the command cdup. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] remotehelp 214-The following commands are recogized(*=>'s unimplemented). USER PASS ACCT* CWD CDUP SMNT* QUIT REIN* PORT PASV TYPE STRU* MODE* RETR STOR STOU* APPE* ALLO* REST* RNFR* RNTO* ABOR* DELE RMD MKD PWD LIST NLST SITE* SYST STAT* HELP NOOP* XCUP XCWD XMKD XPWD XRMD 214 Direct comments to Huawei Tech. [Huawei-ftp] remotehelp cdup 214 Syntax: CDUP <change to parent directory>. 2.4.43 remove (SFTP client view) Function The remove command deletes specified files from the remote SFTP server. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 168 Fit AP Command Reference 2 Basic Configurations Commands Format remove remote-filename &<1-10> Parameters Parameter Description Value remotefilename Specifies the name of the file to be deleted from the remote SFTP server. The value is a string of 1 to 64 case-insensitive characters without spaces. Views SFTP client view Default Level 3: Management level Usage Guidelines ● You can configure a maximum of 10 file names in the command and separate them using spaces and delete them at one time. ● If the file to be deleted is not in the current directory, you must specify the file path. Example # Delete the file 3.txt from the server and backup1.txt from the test directory. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> remove 3.txt test/backup1.txt Warning: Make sure to remove these files? [y/n][n]:y Info: Succeeded in removing the file /3.txt. Info: Succeeded in removing the file /test/backup1.txt. Related Topics 2.4.16 dir/ls (SFTP client view) 2.4.44 rename (SFTP client view) Function The rename command renames a file or directory stored on the SFTP server. Format rename old-name new-name Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 169 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value old-name The value is a string of 1 to 64 caseinsensitive characters without spaces. Specifies the name of a file or directory. new-name Specifies the new name of the file or directory. The value is a string of 1 to 64 caseinsensitive characters without spaces. Views SFTP client view Default Level 3: Management level Usage Guidelines You can run the rename command to rename a file or directory. Example # Rename the directory yourtest on the SFTP server. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> rename test/yourtest test/test Warning: Rename /test/yourtest to /test/test? [y/n][n]:y Info: Succeeded in renaming file. sftp-client> cd test Current directory is: /test sftp-client> dir drwxrwxrwx 1 noone nogroup 0 Mar 29 22:44 . drwxrwxrwx 1 noone nogroup 0 Mar 29 22:39 .. drwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 test -rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt Related Topics 2.4.43 remove (SFTP client view) 2.4.45 rename (user view) Function The rename command renames a file or folder. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 170 Fit AP Command Reference 2 Basic Configurations Commands Format rename old-name new-name Parameters Parameter Description Settings old-name Specifies the name of a file or folder. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] filename format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. new-name Specifies the new name of the file or directory. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] filename format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 171 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name: ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● You must rename a file or directory in its source directory. ● If the renamed file or directory has the same name as an existing file or directory, an error message is displayed. ● If you specify old-name or new-name without specifying the file path, the file must be saved in your current working directory. Example # Rename the directory mytest to yourtest in the directory flash:/test/. <Huawei> pwd flash:/test <Huawei> rename mytest yourtest Rename flash:/test/mytest to flash:/test/yourtest ?(y/n)[n]:y Info: Rename file flash:/test/mytest to flash:/test/yourtest ......Done # Rename the file sample.txt to sample.bak. <Huawei> rename sample.txt sample.bak Rename flash:/sample.txt to flash:/sample.bak ?(y/n)[n] :y Info: Rename file flash:/sample.txt to flash:/sample.bak .......Done Related Topics 2.4.41 pwd (user view) 2.4.46 reset recycle-bin Function The reset recycle-bin command permanently deletes files from the recycle bin. Format reset recycle-bin [ filename | devicename ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 172 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value filename Specifies the name The value is a string of 1 to 64 case-sensitive of a file to be characters without spaces in the [ drive ] deleted. [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. The wildcard (*) is supported. devicename Specifies the storage device name. - Views User view Default Level 3: Management level Usage Guidelines Usage Scenario If you run the delete command without specifying the /unreserved parameter, the file is moved to the recycle bin and still occupies the memory. To free up the space, you can run the reset recycle-bin command to permanently delete the file from the recycle bin. The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Like devicename, drive specifies the storage device name. Precautions ● Issue 08 (2021-02-25) You can run the dir /all command to display all files that are moved to the recycle bin from the current directory, and file names are displayed in square brackets ([ ]). Copyright © Huawei Technologies Co., Ltd. 173 Fit AP Command Reference 2 Basic Configurations Commands ● If you delete a specified storage device, all files in the root directory of the storage device are deleted. ● If you run the reset recycle-bin command directly, all files that are moved to the recycle bin from the current directory are permanently deleted. Example # Delete the file test.txt that is moved to the recycle bin from the directory test. <Huawei> reset recycle-bin flash:/test/test.txt Squeeze flash:/test/test.txt?(y/n)[n]:y Clear file from flash will take a long time if needed...Done. %Cleared file flash:/test/test.txt. # Delete files that are moved to the recycle bin from the current directory. <Huawei> pwd flash:/test <Huawei> reset recycle-bin Squeeze flash:/test/backup.zip?(y/n)[n]:y Clear file from flash will take a long time if needed...Done. %Cleared file flash:/test/backup.zip. Squeeze flash:/test/backup1.zip?(y/n)[n]:y Clear file from flash will take a long time if needed...Done. %Cleared file flash:/test/backup1.zip. Related Topics 2.4.12 delete (user view) 2.4.13 dir (user view) 2.4.47 rmdir (FTP client view) Function The rmdir command deletes a specified directory from the remote FTP server. Format rmdir remote-directory Parameters Parameter Description Value remotedirectory Specifies a directory or path on the FTP server. The value is a string of 1 to 64 case-insensitive characters without spaces. Views FTP client view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 174 Fit AP Command Reference 2 Basic Configurations Commands Usage Guidelines Usage Scenario You can run the rmdir command to delete a specified directory from the remote FTP server. Precautions ● Before running the rmdir command to delete a directory, you must delete all files and subdirectories from the directory. ● If no path is specified when you delete a subdirectory, the subdirectory is deleted from the current directory. ● The directory is deleted from the FTP server rather than the FTP client. Example # Delete the directory d:/temp1 from the remote FTP server. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] rmdir d:/temp1 250 'D:\temp1': directory removed. Related Topics 2.4.15 dir/ls (FTP client view) 2.4.28 mkdir (FTP client view) 2.4.48 rmdir (SFTP client view) Function The rmdir command deletes a specified directory from the remote SFTP server. Format rmdir remote-directory &<1-10> Parameters Parameter Description Value remotedirectory Specifies the name of a file on the SFTP server. The value is a string of 1 to 64 case-insensitive characters without spaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 175 Fit AP Command Reference 2 Basic Configurations Commands Views SFTP client view Default Level 3: Management level Usage Guidelines ● You can configure a maximum of 10 file names in the command and separate them using spaces and delete them at one time. ● Before running the rmdir command to delete a directory, you must delete all files and subdirectories from the directory. ● If the directory to be deleted is not in the current directory, you must specify the file path. Example # Delete the directory 1 from the current directory, and the directory 2 from the test directory. <Huawei> system-view [Huawei] sftp 10.137.217.201 Please input the username:admin Trying 10.137.217.201 ... Press CTRL+K to abort Enter password: sftp-client> rmdir 1 test/2 Warning: Make sure to remove these directories? [Y/N]:y Info: Succeeded in removing the directory /test/1. Info: Succeeded in removing the directory /test/test/2. Related Topics 2.4.43 remove (SFTP client view) 2.4.49 rmdir (user view) Function The rmdir command deletes a specified directory from the storage device. Format rmdir directory Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 176 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description directory Specifies a directory or directory and its path. Value The value is a string of case-sensitive characters in the [ drive ] [ path ] directory format. The absolute path length ranges from 1 to 64, while the directory name length ranges from 1 to 15. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. Characters such as ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● Before running the rmdir command to delete a directory, you must delete all files and subdirectories from the directory. ● A deleted directory and its files cannot be restored from the recycle bin. Example # Delete the directory test from the current directory. <Huawei> rmdir test Remove directory flash:/test?(y/n)[n]:y %Removing directory flash:/test....Done! Related Topics 2.4.30 mkdir (User view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 177 Fit AP Command Reference 2 Basic Configurations Commands 2.4.50 sftp Function The sftp command connects the device to the SSH server so that you can manage files that are stored on the SFTP server. Format # Connect the SFTP client to the SFTP server based on IPv4. sftp [ -a source-address | -i interface-type interface-number ] host-ip [ port ] [ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ] # Connect the SFTP client to the SFTP server based on IPv6. sftp ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interface-number ] [ port ] [ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ] Parameters Parameter Description Value -a source-address Specifies the source IP address for connecting to the SFTP client. You are advised to use the loopback interface IP address. ● IPv4 address: dotted decimal notation. Issue 08 (2021-02-25) ● IPv6 address: 32-digit hexadecimal number in X:X:X:X:X:X:X:X format. Copyright © Huawei Technologies Co., Ltd. 178 Fit AP Command Reference 2 Basic Configurations Commands Parameter -i interface-type interface-number Description Value Specifies the source interface type and ID. You are advised to use the loopback interface. - The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the SFTP connection cannot be set up. host-ip Specifies the IP address or host name of the remote IPv4 SFTP server. The value is a string of 1 to 255 caseinsensitive characters without spaces. host-ipv6 Specifies the IPv6 address or host name of the remote IPv6 SFTP server. The value is a string of 1 to 255 caseinsensitive characters without spaces. -oi interface-type interface-number Specifies an outbound interface on the local device. If the remote host uses an IPv6 linklocal address, you must specify the outbound interface on the local device. port Issue 08 (2021-02-25) The value is an integer that ranges Specifies the port from 1 to 65535. The default port number of the SSH number is 22. server. Copyright © Huawei Technologies Co., Ltd. 179 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description prefer_kex Specifies the prefer_key-exchange preferred key exchange algorithm. Value The dh_group1, dh_exchange_group, and dh_group14_sha1 algorithms are supported currently. The default key exchange algorithm is dh_group14_sha1. NOTE The dh_exchange_group algorithm is recommended. ● If a key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select a key exchange algorithm from the list. ● If no key exchange algorithm list has been configured using the ssh client key-exchange command for the SSH client, select one from dh_group1, dh_exchange_group, dh_group14_sha1. prefer_ctos_cipher prefer_ctos_cipher Specifies the preferred encryption algorithm from the client to the server. The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128. NOTE ● If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list. ● If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 180 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value prefer_stoc_cipher Specifies the preferred encryption algorithm from the server to the client. The 3des, aes256_cbc, aes128_ctr, aes256_ctr, and aes128 algorithms are supported currently. The default algorithm are aes256_ctr and aes128. prefer_stoc_cipher NOTE ● If an encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select an encryption algorithm from the list. ● If no encryption algorithm list has been configured using the ssh client secure-algorithms cipher command for the SSH client, select one from 3des, aes128, aes256_cbc, aes128_ctr, and aes256_ctr. prefer_ctos_hmac prefer_ctos_hmac Specifies the preferred HMAC algorithm from the client to the server. The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256. NOTE ● If an HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select an HMAC algorithm from the list. ● If no HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96. prefer_stoc_hmac prefer_stoc_hmac Specifies the preferred HMAC algorithm from the server to the client. The sha1, sha1_96, md5, sha2_256, sha2_256_96, and md5_96 algorithms are supported currently. The default algorithm is sha2_256. NOTE ● If an HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select an HMAC algorithm from the list. ● If no HMAC algorithm list has been configured using the ssh client secure-algorithms hmac command for the SSH client, select one from sha1, sha1_96, md5, md5_96, sha2_256, and sha2_256_96. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 181 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value -ki aliveinterval Specifies the interval for sending keepalive packets when no packet is received in reply. The value is an integer that ranges from 1 to 3600, in seconds. -kc alivecountmax Specifies the times The value is an integer that ranges for sending from 3 to 10. The default value is 5. keepalive packets when no packet is received in reply. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario SFTP is short for SSH FTP that is a secure FTP protocol. SFTP is on the basis of SSH. It ensures that users can log in to a remote device securely for file management and transmission, and enhances the security in data transmission. In addition, you can log in to a remote SSH server from the device that functions as an SFTP client. When the connection between the SFTP server and client fails, the SFTP client must detect the fault in time and disconnect from the SFTP server. To ensure this, before being connected to the server in SFTP mode, the client must be configured with the interval and times for sending the keepalive packet when no packet is received in reply. If the client receives no packet in reply within the specified interval, the client sends the keepalive packet to the server again. If the maximum number of times that the client sends keepalive packets exceeds the specified value, the client releases the connection. By default, when no packet is received, the function for sending keepalive packets is not enabled. Precautions ● You can set the source IP address to the source or destination IP address in the ACL rule when the -a or -i parameter is specified. This shields the IP address differences and interface status impact, and incoming and filters outgoing packets, and implements security authentication. ● If the current listening port number is not 22, you must specify a listening port number for logging in to the SFTP client. ● If you cannot run the sftp command successfully when you configured the ACL on the SFTP client, or when the TCP connection fails, an error message is displayed indicating that the SFTP client cannot be connected to the server. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 182 Fit AP Command Reference 2 Basic Configurations Commands Example # Set keepalive parameters when the client is connected to the server in SFTP mode. <Huawei> system-view [Huawei] sftp 10.164.39.223 -ki 10 -kc 4 Please input the username: client001 Trying 10.164.39.223 ... Press CTRL+K to abort Enter password: sftp-client> Related Topics 2.3.30 ssh server port 2.4.51 sftp client-source Function The sftp client-source command specifies the source IP address for the SFTP client to send packets. The undo sftp client-source command restores the default source IP address for the SFTP client to send packets. The default source IP address for the SFTP client to send packets is 0.0.0.0. Format sftp client-source { -a source-ip-address | -i interface-type interface-number } undo sftp client-source Parameters Parameter -a source-ipaddress -i interface-type interface-number Description Value Specifies the source IP address. You are advised to use the loopback interface IP address. The value is in dotted decimal notation. Specifies the source interface. You are advised to use the loopback interface. - The IP address configured for the source interface is the source IP address for sending packets. If no IP address is configured for the source interface, the FTP connection cannot be set up. Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 183 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario If no source IP address is specified, the client uses the source IP address that the router specifies to send packets. The source IP address must be configured for an interface with stable performance. The loopback interface is recommended. Using the loopback interface as the source interface simplifies the ACL rule and security policy configuration. This shields the IP address differences and interface status impact, and incoming and filters outgoing packets, and implements security authentication. Precautions ● You can query the source IP address or primary IP address of the source interface for the SFTP connection on the SFTP server. ● The sftp command also configures the source IP address whose priority is higher than that of the source IP address specified in the sftp client-source command. If you specify source addresses in the sftp client-source and sftp commands, the source IP address specified in the sftp command is used for data communication. The source address specified in the sftp client-source command applies to all SFTP connections. The source address specified in the sftp command applies only to the current SFTP connection. Example # Set the source IP address of the SFTP client to 1.1.1.1. <Huawei> system-view [Huawei] sftp client-source -a 1.1.1.1 Info: Succeeded in setting the source address of the SFTP client to 1.1.1.1 Related Topics 2.4.50 sftp 2.4.19 display sftp-client 2.4.52 tftp Function The tftp command uploads a file to the TFTP server or downloads a file to the local device. Format # Upload a file to the TFTP server or download a file to the local device based on the IPv4 address tftp [ -a source-ip-address | -i interface-type interface-number ] tftp-server { get | put } source-filename [ destination-filename ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 184 Fit AP Command Reference 2 Basic Configurations Commands # Upload a file to the TFTP server or download a file to the local device based on the IPv6 address tftp ipv6 [ -a source-ipv6-address ] tftp-server-ipv6 [ -oi interface-type interfacenumber ] { get | put } source-filename [ destination-filename ] Parameters Parameter Description -a source-ipaddress Specifies the source IP address The value is in dotted for connecting to the TFTP client. decimal notation. You are advised to use the loopback interface IP address. -a source-ipv6- Specifies the source IP address The value is a 32-digit for connecting to the TFTP client. hexadecimal number, in the You are advised to use the X:X:X:X:X:X:X:X format. loopback interface IP address. address -i interface-type interfacenumber Specifies the source interface used by the TFTP client to set up connections. It consists of the interface type and number. It is recommended that you specify a loopback interface. Value - The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the TFTP connection cannot be set up. -oi interfacetype interfacenumber Specifies an outbound interface on the local device. If the remote host uses an IPv6 address, you must specify the outbound interface on the local device. tftp-server Specifies the IPv4 address or host The value is a string of 1 to name for the TFTP server. 255 case-insensitive characters without spaces. tftp-server-ipv6 Specifies the IPv6 address or host The value is a string of 1 to name for the TFTP server. 255 case-insensitive characters without spaces. get Download a file. - put Upload a file. - source-filename Specifies the source file name. The value is a string of 1 to 64 case-sensitive characters without spaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 185 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value destinationfilename Specifies the destination file name. The value is a string of 1 to 64 case-sensitive characters without spaces. By default, source and destination file names are the same. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario When upgrading the system, you can run the tftp command to upload an important file to the TFTP server or download a system software to the local device. Precautions ● When you run the tftp command to upload a file to the TFTP server in TFTP mode, files are transferred in binary mode by default. The tftp does not support the ASCII mode for file transfer. ● After specifying a source IP address, you can use this IP address to communicate with the server and implement packet filtering to ensure data security. Example # Download file vrpcfg.txt from the root directory of the TFTP server to the local device. The IP address of the TFTP server is 10.1.1.1. Save the downloaded file to the local device as file vrpcfg.bak. <Huawei> tftp 10.1.1.1 get vrpcfg.txt flash:/vrpcfg.bak # Upload file vrpcfg.txt from the root directory of the storage device to the default directory of the TFTP server. The IP address of the TFTP server is 10.1.1.1. Save file vrpcfg.txt on the TFTP server as file vrpcfg.bak. <Huawei> tftp 10.1.1.1 put flash:/vrpcfg.txt vrpcfg.bak # Obtain the link local IP address and interface name from the TFTP server. <Huawei> tftp ipv6 fe80::250:daff:fe91:e058 -oi gigabitethernet 0/0/1 get file1 file2 Related Topics 2.4.54 tftp-server acl Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 186 Fit AP Command Reference 2 Basic Configurations Commands 2.4.53 tftp client-source Function The tftp client-source command specifies the source IP address for the TFTP client to send packets. The undo tftp client-source command restores the default source IP address for the TFTP client to send packets. The default source IP address for the TFTP client to send packets is 0.0.0.0. Format tftp client-source { -a source-ip-address | -i interface-type interface-number } undo tftp client-source Parameters Parameter -a source-ipaddress -i interface-type interface-number Description Value Specifies the source IP address of the TFTP client. You are advised to use the loopback interface IP address. The value is in dotted decimal notation. Source interface type and ID. You are advised to use the loopback interface. - The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the TFTP connection cannot be set up. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario If no source IP address is specified, the client uses the source IP address that the router specifies to send packets. The source IP address must be configured for an interface with stable performance. The loopback interface is recommended. Using the loopback interface as the source interface simplifies the ACL rule and security policy configuration. This shields the IP address differences and interface status Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 187 Fit AP Command Reference 2 Basic Configurations Commands impact, and incoming and filters outgoing packets, and implements security authentication. Precautions ● The tftp command also configures the source IP address whose priority is higher than that of the source IP address specified in the tftp client-source command. If you specify source addresses in the tftp client-source and tftp commands, the source IP address specified in the tftp command is used for data communication. The source address specified in the tftp client-source command applies to all TFTP connections. The source address specified in the tftp command applies only to the current TFTP connection. ● You can query the source IP address or source interface IP address specified in the TFTP connection on the TFTP server. Example # Set the source IP address of the TFTP client to 1.1.1.1. <Huawei> system-view [Huawei] tftp client-source -a 1.1.1.1 Info: Succeeded in setting the source address of the TFTP client to 1.1.1.1. Related Topics 2.4.52 tftp 2.4.20 display tftp-client 2.4.54 tftp-server acl Function The tftp-server acl command specifies the ACL number for the local device so that the device can access TFTP servers with the same ACL number. The undo tftp-server acl command deletes the ACL number from the local device. By default, no ACL number is specified on the local client. Format tftp-server acl acl-number undo tftp-server acl Parameters Parameter Description Value acl-number Specifies the number of the basic ACL. The value is an integer that ranges from 2000 to 2999. Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 188 Fit AP Command Reference 2 Basic Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario To ensure the security of the local device, you need to run the tftp-server acl command to specify an ACL to specify TFTP servers that the local device can access. Precautions The TFTP supports only the basic ACL whose number ranges from 2000 to 2999. Example # Allow the local device to the access the TFTP server whose ACL number is 2000. [Huawei] tftp-server acl 2000 Related Topics 2.4.52 tftp 2.4.55 umount Function The umount command unloads a storage device. NOTE Only the AD9431DN-24X, AD9430DN-24, AD9430DN-12, AP4030TN, AP4050DN-E, AP5050DN-S, AP6050DN, AP6150DN, AP7050DN-E, AP7050DE, AP4051TN, AP6052DN, AP7052DN, AP7152DN, AP7052DE, AP2050DN, AP2050DN-S, AP2050DN-E, AP2051DN, AP2051DN-S, AP2051DN-E, AP4051DN, AP4151DN, AP4051DN-S, AP4050DN, AP4050DN-S, AP4051DN-USA, AP1050DN-S, AP4050DN-HD, AP4030TN, AP7060DN, WA375DD-CE, R250D-E and R251D-E support this command. Format umount driver Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 189 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value driver Specifies the driver that requires unloading. The enumerated values are: ● usb: ● sdcard: The value sdcard: is supported only by the AD9430DN-12. Views User view Default Level 3: Management level Usage Guidelines Run this command to unload the storage device before you remove the storage device from the device. Otherwise, the storage device may be damaged. Example # Unload a USB flash drive. <Huawei> umount usb: Info: Umount USB device success! Related Topics 2.4.33 mount 2.4.56 undelete Function The undelete command restores a file that has been temporally deleted and moved to the recycle bin. Format undelete { filename | devicename } Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 190 Fit AP Command Reference 2 Basic Configurations Commands Parameters Parameter Description Value filename Specifies the name of a file to be restored. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. devicename Specifies the storage device name. - Views User view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the undelete command to restore a file that has been temporally deleted and moved to the recycle bin. However, files that are permanently deleted by running the delete or reset recycle-bin command with the /unreserved parameter cannot be restored. The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Like devicename, drive specifies the storage device name. Precautions ● To display information about a temporally deleted file, run the dir /all command. The file name is displayed in square brackets ([ ]). ● If the name of a file is the same as an existing directory, the file cannot be restored. If the destination file has the same name as an existing file, the Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 191 Fit AP Command Reference 2 Basic Configurations Commands system prompts you whether to overwrite the existing file. The system prompt is displayed only when file prompt is set to alert. Example # Restore file sample.bak from the recycle bin. <Huawei> undelete sample.bak Undelete flash:/sample.bak ?(y/n)[n]:y Undeleted file flash:/sample.bak. # Restore a file that has been moved from the root directory to the recycle bin. <Huawei> undelete flash: Undelete flash:/test.txt?(y/n)[n]:y Undeleted file flash:/test.txt. Undelete flash:/rr.bak?(y/n)[n]:y Undeleted file flash:/rr.bak. Related Topics 2.4.12 delete (user view) 2.4.13 dir (user view) 2.4.21 file prompt 2.4.46 reset recycle-bin 2.4.57 unzip Function The unzip command decompresses a file. Format unzip source-filename destination-filename Parameters Parameter Description Value sourcefilename Specifies the name of a source file to be decompressed. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 192 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value destinationfilename Specifies the name The value is a string of 1 to 64 case-sensitive of a destination file characters without spaces in the [ drive ] that is [ path ] file name format. decompressed. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario You can decompress files, especially log files that are stored on the storage device and run the more command to query the file. The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● If the destination file path is specified while the file name is not specified, the designation file name is the same as the source file name. ● The source file persists after being decompressed. ● The compressed file must be a .zip file. If a file to be decompressed is not a zip file, the system displays an error message during decompression. ● The source file must be a single file. If you attempt to decompress a directory or multiple files, the decompression cannot succeed. Example # Decompress log file syslogfile-2012-02-27-17-47-50.zip that are stored in the syslogfile directory and save it to the root directory as file log.txt. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 193 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> pwd flash:/syslogfile <Huawei> unzip syslogfile-2012-02-27-17-47-50.zip flash:/log.txt Extract flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip to flash:/log.txt?(y/n)[n]:y 100% complete Decompressed file flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip flash :/log.txt. Related Topics 2.4.13 dir (user view) 2.4.41 pwd (user view) 2.4.58 user Function The user command changes the current FTP user when the local device is connected to the FTP server. Format user user-name [ password ] Parameters Parameter Description Value user-name Specifies the login password. The value is a string of 1 to 64 caseinsensitive characters without space. password The value is a string of 1 to 16 case-sensitive characters without space, single quotation mark, or question mark. Specifies the login password. Views FTP client view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the user command to change the current user on the FTP server. Precautions After you run the user command to change the current user, a new FTP connection is set up, which is the same as that you specify in the ftp command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 194 Fit AP Command Reference 2 Basic Configurations Commands Example # Log in to the FTP server using the user name tom. <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] user tom 331 Password required for tom. Enter password: 230 User logged in. Related Topics 2.4.23 ftp 2.4.59 verbose Function The verbose command enables the verbose function on the FTP client. The undo verbose command disables the verbose function. By default, the verbose function is enabled. Format verbose undo verbose Parameters None Views FTP client view Default Level 3: Management level Usage Guidelines After the verbose function is enabled, all FTP response messages are displayed on the FTP client. Example # Enable the verbose function. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 195 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> ftp 10.137.217.201 Trying 10.137.217.201 ... Press CTRL+K to abort Connected to 10.137.217.201. 220 FTP service ready. User(10.137.217.201:(none)):huawei 331 Password required for huawei. Enter password: 230 User logged in. [Huawei-ftp] verbose Info: Succeeded in switching verbose on. [Huawei-ftp] get h1.txt 200 Port command okay. 150 Opening ASCII mode data connection for h1.txt. 226 Transfer complete. FTP: 69 byte(s) received in 0.160 second(s) 431.25byte(s)/sec. # Disable the verbose function. [Huawei-ftp] undo verbose Info: Succeeded in switching verbose off. [Huawei-ftp] get h1.txt FTP: 69 byte(s) received in 0.150 second(s) 460.00byte(s)/sec. Related Topics 2.4.25 get (FTP client view) 2.4.37 put (FTP client view) 2.4.60 zip Function The zip command compresses a file. Format zip source-filename destination-filename Parameters Parameter Description sourcefilename Specifies the The value is a string of 1 to 64 case-sensitive name of a source characters without spaces in the [ drive ] file to be [ path ] file name format. compressed. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. Value You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 196 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value destinationfilename Specifies the name of a destination file that is compressed. The value is a string of 1 to 64 case-sensitive characters without spaces in the [ drive ] [ path ] file name format. In the preceding parameter, drive specifies the storage device name, and path specifies the directory and subdirectory. You are advised to add : and / between the storage device name and directory. Characters ~, *, /, \, :, ', " cannot be used in the directory name. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario The following describes the drive name. ● drive is the storage device and is named flash:. The path can be an absolute path or relative path. ● flash:/my/test/ is an absolute path. ● selftest/ is related to the current working directory and indicates the selftest directory in the current working directory. Precautions ● If the destination file path is specified while the file name is not specified, the designation file name is the same as the source file name. ● The source file persists after being compressed. ● Directories cannot be compressed. Example # Compress file log.txt that is stored in the root directory and save it to the test directory as file log.zip. <Huawei> dir Directory of flash:/ Idx 0 1 2 Issue 08 (2021-02-25) Attr -rw-rwdrw- Size(Byte) Date Time(LMT) FileName 155 Dec 02 2011 01:28:48 log.txt 9,870 Oct 01 2011 00:22:46 patch.pat - Mar 22 2012 00:00:48 test Copyright © Huawei Technologies Co., Ltd. 197 Fit AP Command Reference ... 2 Basic Configurations Commands 3 -rw- 836 Dec 22 2011 16:55:46 rr.dat 1,927,220 KB total (1,130,464 KB free) <Huawei> zip log.txt flash:/test/log.zip <Huawei> cd test Zip flash:/log.txt flash:/test/log.zip? (y/n)[n]:y 100% complete Compressed file flash:/log.txt flash:/test/log.zip. <Huawei> dir Directory of flash:/test/ Idx 0 1 2 3 Attr -rw-rw-rw-rw- Size(Byte) Date Time(LMT) 836 Mar 20 2012 19:49:14 239 Mar 22 2012 20:57:38 1,056 Dec 02 2011 01:28:48 240 Mar 22 2012 21:23:46 FileName test test.txt log.txt log.zip 1,927,220 KB total (1,130,463 KB free) Related Topics 2.4.13 dir (user view) 2.5 Configuring System Startup Commands 2.5.1 display current-configuration Function The display current-configuration command displays the currently running configuration. This command does not display parameters that use default settings. Format display current-configuration [ configuration [ configuration-type [ configuration-instance ] ] | interface [ interface-name | interface-type [ interface-number ] ] ] [ feature feature-name [ filter filter-expression ] | filter filter-expression ] display current-configuration [ all | inactive | [ simple ] [ section section ] ] Parameters Parameter Description Value configuration Specifies the configuration type. The value is determined by the current system configurations. configuration-type configuration-instance Specifies a configuration instance. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. The value is a string of 1 to 80 case-insensitive characters without spaces. 198 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value interface [ interface- Specifies an interface name name | interface-type or an interface type. [ interface-number ] ] feature feature-name Specifies a feature name. filter filter-expression Displays the configuration The value is a string of 1 to information that matches a 255 case-insensitive regular expression. characters without spaces. all Displays all the configuration information. - inactive Displays the offline configuration information. - simple Displays the current simple configuration. section section Specifies the configurations The value is a string of 1 to to be obtained based on 79 case-insensitive types. characters without spaces. - Views All views Default Level 3: Management level Usage Guidelines To check whether the configured parameters take effect, run the display currentconfiguration command. The parameters that do not take effect are not displayed. The command output is relevant to user configuration. The command does not display the default configuration. You can use a regular expression to filter the command output. If the configuration is in the offline state. The offline configuration is marked with * in the display current-configuration all and display current-configuration inactive command output. Example # Display all configurations that include vlan. <Huawei> display current-configuration | include vlan vlan batch 10 77 88 port trunk allow-pass vlan 10 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 199 Fit AP Command Reference 2 Basic Configurations Commands 2.5.2 display reset-reason Function The display reset-reason command displays device reset reasons. Format display reset-reason Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines If the device resets unexpectedly, you can run this command to view the device reset reason to locate the fault. Example # Display device reset reasons. <Huawei> display reset-reason The MPU frame[0] board[0]'s reset total 1, detailed information: -- 1. 2014-09-01 00:00:06, Reset No.: 1 Reason: Reset for power off Table 2-23 Description of the display reset-reason command output Item Description frame Frame ID of a board. board Slot ID of a board. reset total Number of times a board was reset. detailed information Detailed information about board resetting. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 200 Fit AP Command Reference 2 Basic Configurations Commands Item Description 2014-09-01 00:00:06 Reset time point. NOTE When the reset reason is displayed as Reset for power off and Reset for others, the displayed time is the system startup time rather than the reset time point. Reset No. Number of a reset. Reason Reason for a reset. For details, see Table 2-24. MPU Main Processing Unit. Table 2-24 Device reset reasons Reason Description Reset for power off The device is powered off. Reset for kernel panic A kernel panic occurs. Reset for switch zone after update version An active/standby zone switchover occurs after an AP upgrade. Reset for update version success The AP automatic upgrade is successful. Reset for update version failed The AP automatic upgrade fails. Reset for exception A VOS exception occurs. Reset for mfpi detect fwd abnormal The MSC module detects a PKO module exception. Reset for watchdog The watchdog resets. Reset for cpld Data is written into the CPLD register. Reset for reset-key The default key is pressed. Reset for canbus The CANBUS resets. Reset for ap disturbed APs are too close to each other, causing interference. Reset for the radio type is different from that specified by the configuration file The radio type is different from that in the configuration file. Reset for the radio type is changed The radio type is changed. Reset for firmware abnormal An exception occurs on the Wi-Fi chip firmware. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 201 Fit AP Command Reference 2 Basic Configurations Commands Reason Description Reset for tx dma stop The Tx DMA process stops. Reset for MFPI detect MSC module abnormal The MFPI module detects an MSC module exception. Reset for MFPI detect MSU module abnormal The MFPI module detects an MSU module exception. Reset for MFPI detect KAP module abnormal The MFPI module detects a KAP module exception. Reset for MFPI detect CAP pbuf use out Resources in the forwarding pbuf pool are exhausted. Reset for disable defence engine The security engine is disabled. Reset for configuration synchronization command The configuration synchronization command is executed. In configuration synchronization scenarios, when public configurations on the master and master backup ACs are different, you can synchronize the configurations manually. Restart the ACs as prompted. Reset for auto configuration synchronization The configuration synchronization command is executed. In configuration synchronization scenarios, when public configurations on the master and master backup ACs are different, the configurations can be synchronized automatically. Restart the ACs as prompted. Reset for a country code change The country code is changed. Reset for an AP MAC or SN change The AP authentication mode is changed. Reset for an AP upgrade The AP online upgrade is complete. Reset for the undo ap command The AP is deleted using the undo ap command. Reset for license expiration The license expires. Reset for the AP added to the blacklist The AP is added to the blacklist. Reset for the CAPWAP link and AP status mismatch The CAPWAP link and AP status are inconsistent. Reset for a DTLS configuration change The DTLS configuration changes. Reset for a CAPWAP link fault The CAPWAP link status is abnormal. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 202 Fit AP Command Reference 2 Basic Configurations Commands Reason Description Reset for restoration to factory defaults (by command) The factory settings are restored using commands. Reset for restoration to factory defaults (by button) The factory settings are restored by pressing the reset button. Reset for a dual-link backup switch change An active/standby link switchover occurs. Reset for the ap-rename command The AP name is changed using the aprename command. Reset for the ap-regroup command The AP group to which the AP belongs is changed using the ap-regroup command. Reset for an AP conflict state change The AP conflict state is changed. Reset for an AP management VLAN change The AP's management VLAN is changed. Reset for commands in the provisionap view Commands configured in the AP provisioning view are delivered. Reset for a country code mismatch The country code does not match. Reset for an AC wideband status change The AC bandwidth status is changed. Reset for a central AP type change The central AP type is changed. Reset for AP deleted by controller The AP is deleted from the Agile Controller. Reset for abnormal network port selfhealing The faulty network port is self-healing. Reset for the radio type mismatch between the AP and AC The radio types do not match on the AP and AC. Reset for batch delete APs are deleted in a batch in HSB scenarios. Reset for the DTLS configuration change of the data link The DTLS configuration of the data link is changed. Reset for the AC IP address list change The IP address list is changed on the AC. Reset for the address mode change The address mode is changed. Reset for the IP address change The IP address is changed. Reset for the forcible AP disconnection in specific scenarios The AP is forcibly disconnected in specific scenarios. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 203 Fit AP Command Reference 2 Basic Configurations Commands Reason Description Reset for AP self-healing (The AP is not online on the AC for consecutive 24 hours) The AP does not go online on the AC for consecutive 24 hours. Reset for the version rollback because the AP does not go online 30 minutes after the online upgrade The AP does not go online after the online upgrade. Reset for the online configuration switching The AP's online startup configuration is switched. When the AP fails to go online due to incorrect configurations of the management VLAN, working mode of the wired interface, and IP address allocation mode, the device periodically checks the configurations. If the configurations are inconsistent with the last time, the online configurations are switched to the configurations used when the AP starts last time, and the AP restarts. If the AP still fails to go online, the online configurations are switched to the default configurations, and the AP restarts. Reset for a channel set switching The channel set used by the AP is switched. Reset due to different Ethernet interface configurations on the AP and AC When the Ethernet port configuration of an AP is different from that on the AC after going online, the AP uses the configuration on the AC and restarts. Reset for slow task switching Task switchover is slow. Reset for a smart upgrade A smart upgrade of the AP succeeds. Reset by user command A user command is executed. Reset for the proxy scanning mode switching The proxy scanning mode of the radio is switched. Reset for others The device restarts due to other reasons. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 204 Fit AP Command Reference 2 Basic Configurations Commands 2.5.3 display startup Function The display startup command displays the patch file for the current and next startup. Format display startup Parameters None Views All views Default Level 3: Management level Example # Display the names of system software for current and next startup. <Huawei> display startup Current startup system software: Backup startup system software: Next startup system software: Startup patch package: Next startup patch package: V200R010C00SPC100(AP6510DN-AGN FIT) V200R010C00(AP6510DN-AGN FIT) V200R010C00SPC100(AP6510DN-AGN FIT) NULL NULL Table 2-25 Description of the display startup command output Item Description Current startup system software System software for the current startup Backup startup system software Backup system software. Next startup system software System software for the next startup Startup patch package Patch file for current startup. "Null" indicates that no patch file is specified. Next startup patch package Patch file for next startup. "Null" indicates that no patch file is specified for next startup. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 205 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.5.6 startup patch 2.5.4 reboot Function The reboot command restarts the device. Format reboot [ fast ] Parameters Parameter Description Value fast - Fast restarts the device. In fast restart mode, the configuration file is not saved. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario This command functions in the same way as a power recycle operation (power off and then restart the device). The command enables you to restart the device remotely. ● After the reboot command is run, if the current configuration is modified, the system displays a message asking you whether to save the configuration before a restart. Info: The system is comparing the configuration, please wait................ Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]: Y ● After the reboot fast command is run, the system restarts quickly without displaying any message and the configuration is lost. ● After the reboot fast command is run, the system displays the following message: Info: system is sync data now, please wait ... The message indicates that the system is synchronizing internal data. Precautions ● Issue 08 (2021-02-25) If you do not respond to the displayed message within the timeout period after running this command, the system will return to the user view and the device will not be restarted. Copyright © Huawei Technologies Co., Ltd. 206 Fit AP Command Reference 2 Basic Configurations Commands ● This command interrupts services on the entire device. Therefore, do not use this command when the device is running properly. ● Before restarting the device, ensure that the configuration file has been saved. Example # Restart the device. <Huawei> reboot # Restart the device quickly. <Huawei> reboot fast System will reboot! Continue ? [y/n]: Y 2.5.5 reset factory-configuration Function The reset factory-configuration command restarts a device and restores the factory settings of the device. Format reset factory-configuration Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario If the device cannot work properly due to incorrect configurations, you can run the reset factory-configuration command to restart the device and restore the factory settings. Precautions When an upstream device is connected to a central AP or an AP with two network ports through an Eth-Trunk, you need to enable one member interface of the EthTrunk and disable other member interfaces before restoring the factory settings of the AP by holding down Default, or running the reset factory-configuration command in the AC's WLAN view. Otherwise, loops and MAC address flapping occur, and the network connection fails. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 207 Fit AP Command Reference 2 Basic Configurations Commands Example # Restore the factory settings of the device. <Huawei> reset factory-configuration Warning: All of configurations will restore to factory and restart, Are you sure to continue? [y/n]: y 2.5.6 startup patch Function The startup patch command specifies the patch file for next startup. Format startup patch patch-name Parameters Parameter Description patch-name Specifies the name of the patch file for next startup. Value The value is a string of 4 to 64 case-sensitive characters without spaces. It is in the format of [ drive-name ] [ path ] [ file-name ]. If drive-name is not specified, the name of the default storage device is used. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario To make the patch file take effect after the device restarts, run this command to specify the patch file for next startup. Follow-up Procedure Run the reboot command to restart the device. Precautions ● A patch file uses .pat as the file name extension and must be saved in the root directory. ● If you use this command to specify another patch for next startup, the previous patch will be overridden. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 208 Fit AP Command Reference ● 2 Basic Configurations Commands After the patch file is specified for next startup, run the display startup command to view the patch file. – If the patch file for next startup is not empty, the device load the patch automatically after next startup. – If the patch file for next startup is empty, the device cannot load the patch after next startup. Example # Specify the patch file for next startup. <Huawei> startup patch patch.pat Related Topics 2.5.3 display startup 2.5.4 reboot 2.5.7 reset patch-configure Function The reset patch-configure command clears the patch settings. Format reset patch-configure next-startup Parameters Parameter Description next-startup Clears the patch status and settings for the next startup. Value - Views User view Default Level 3: Management level Usage Guidelines If you run the reset patch-configure next-startup command, the system clears the settings for the next startup patch and sets the patch status to idle. Example # Clear the patch status and settings for the next startup. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 209 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> reset patch-configure next-startup The patch will be deleted. Continue? (y/n)[n]:y Info: Succeeded in resetting the next-startup patch state. 2.5.8 startup system-software Function The startup system-software command specifies the system software for next startup. Format startup system-software { backup | current } Parameters Parameter Description Value backup Specifies the backup system software as the system software for next startup. - current Specifies the current system software as the system software for next startup. - Views User view Default Level 3: Management level Usage Guidelines Usage Scenario When the system needs to roll back to the backup system software, you can run the startup system-software backup command to specify the backup system software as the next startup system software and restart the device to complete the rollback. Follow-up Procedure Run the reboot command to restart the device. Precautions Example # Specify the backup system software as the system software for next startup. <Huawei> startup system-software backup Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 210 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.5.3 display startup 2.5.4 reboot 2.6 Upgrade Commands 2.6.1 ap-mode-switch Function The ap-mode-switch command obtains the system software file from the AP backup area to switch AP running mode. Format ap-mode-switch { fat | cloud } NOTE Only the AP5050DN-S, AP2051DN, AP2051DN-S, AP2051DN-E, AP1050DN-S, AP2050DN, AP2050DN-S, AP2050DN-E, AP4050DN-HD, AP4050DN-E, AP7050DN-E, AP7050DE, AD9430DN-12, AD9430DN-24, AP6150DN, AP6050DN, AP8130DN, AP8030DN, AP4050DN, AP4051DN, AP4151DN, AP4050DN-S, AP8050DN, AP8150DN, AP8050DN-S, AP4051TN, AP6052DN, AP7052DN, AP7152DN, AP7052DE, AP8050TN-HD, AP8082DN, AP8182DN, AP4050DE-M, AP4050DE-M-S, AP4050DE-B-S, AP3050DE, AP7060DN, AP2051DN-L-S, AP5510-W-GP support the ap-mode-switch { fat | cloud } command. The AP4030TN do not support the cloud. Parameters Parameter Description Value fat Switches a Fit AP to Fat AP. - cloud Switches a Fit AP to cloud AP. - Views System view Default Level 3: Management level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 211 Fit AP Command Reference 2 Basic Configurations Commands To switch a Fit AP to Fat AP or cloud AP, run the ap-mode-switch command to switch the AP system software file. Example # Switch the AP6050DN running mode from Fit AP to Fat AP. <Huawei> system-view [Huawei] ap-mode-switch fat Warning: The system will reboot and start in fat mode of V200R010C00SPC100. All of configurations will restore to factory. Continue? (y/n)[n]:y Related Topics 2.6.2 ap-mode-switch check 2.6.3 ap-mode-switch ftp 2.6.5 ap-mode-switch sftp 2.6.2 ap-mode-switch check Function The ap-mode-switch check command checks whether the file system on an AP allows switching between a fit AP and a fat AP. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DN-AGN support this command. Format ap-mode-switch check Parameters None Views System view Default Level 3: Management level Usage Guidelines Before switching a fat AP to a fit AP or a fit AP to a fat AP, run this command to check whether the file system on the AP allows switching between the fit AP and fat AP. System software can be changed or upgraded only when the file system on the device allows switching between the fit AP and fat AP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 212 Fit AP Command Reference 2 Basic Configurations Commands NOTE If the file system does not allow switching from a fit AP to a fat AP, run the 2.6.4 ap-modeswitch prepare command to configure the file system to allow switching from a fit AP to a fat AP. Example # Check whether the file system on a fat AP allows switching to a fit AP. <Huawei> system-view [Huawei] ap-mode-switch check Info: Ap-mode-switch check ok. Related Topics 2.6.4 ap-mode-switch prepare 2.6.3 ap-mode-switch ftp Function The ap-mode-switch command connects an AP to an FTP server to download the system software file for switching AP running mode. Format ap-mode-switch ftp filename server-ip-address user-name password [ port ] ap-mode-switch { fat | cloud } ftpfilename server-ip-address user-name password [ port ] Table 2-26 Command support of APs AP Model Whether the ap-modeswitch ftp Command Is Supported Whether the ap-modeswitch { fat | cloud } ftp Command Is Supported AP5030DN/AP5130DN/ AP4030DN/AP4130DN/ AP5030DN-S/ AP3030DN/AP9131DN/ AP9132DN/AP4030DNE/AP3010DN-V2 Yes No Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 213 Fit AP Command Reference 2 Basic Configurations Commands AP Model Whether the ap-modeswitch ftp Command Is Supported Whether the ap-modeswitch { fat | cloud } ftp Command Is Supported AP2051DN/AP2051DNS/AP2051DN-E/ AP5050DN-S/AP4030TN/ AP6050DN/AP6150DN/ AP2050DN/AP2050DNS/AP2050DN-E/ AP4050DN-E/ AP4050DN-HD/ AP7050DN-E/AP7050DE/ AP8050DN/AP8150DN/ AP8050DN-S/ AP4050DN/AP4051DN/ AP4151DN/AP4050DNS/AP4051DN-S/ AP8030DN/AP8130DN/ AD9430DN-24/ AD9430DN-12/ AP1050DN-S/ AD9431DN-24X/ AP4050DE-M/AP4050DEM-S/AP4050DE-B-S/ AP3050DE/AP7060DN/ AP2051DN-L-S/AP5510W-GP No Yes Other AP models do not support the preceding commands. Parameters Parameter Description Value fat Switches a Fit AP to Fat AP. - cloud Switches a Fit AP to cloud AP. - filename Specifies the name of the system software file on an FTP server. The value is a string of 1 to 127 characters without spaces. The system software file has an extension name of .bin. server-ip-address Specifies the IP address of an FTP server. The value is in dotted decimal notation. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 214 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value port Specifies the number of the FTP server port to which the AP connects. The value is an integer that ranges from 0 to 65535. The default value is 21. user-name Specifies the user name for logging in to an FTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. password Specifies the password for logging in to an FTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario To use the FTP server to switch a Fit AP to Fat AP or cloud AP, run the ap-modeswitch ftp command to switch the system software file of the AP. Prerequisites The system software file has been uploaded to the FTP server. It has been confirmed that the file system allows switching between a Fit AP and a Fat AP using the 2.6.2 ap-mode-switch check command. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DN-AGN support this command. Example # Use the FTP server (192.168.1.1) to switch the AP5030DN running mode from Fat AP to Fit AP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 215 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> system-view [Huawei] ap-mode-switch ftp AP5030DN_V200R010C00.bin 192.168.1.1 admin admin Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]: y # Use the FTP server (192.168.1.1) to switch the AP6050DN running mode from Fit AP to Fat AP. <Huawei> system-view [Huawei] ap-mode-switch fat ftp AP6050DN_V200R010C00.bin 192.168.1.1 admin admin Warning: The system will reboot and start in fat mode of V200R010C00. Continue ? [y/n]: y Related Topics 2.6.2 ap-mode-switch check 2.6.6 ap-mode-switch tftp 2.6.5 ap-mode-switch sftp 2.6.4 ap-mode-switch prepare Function The ap-mode-switch prepare command configures the file system on a fit AP to allow the fit AP to switch to a fat AP. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DNAGN support this command. Format ap-mode-switch prepare Parameters None Views System view Default Level 3: Management level Usage Guidelines Before switching a fit AP to a fat AP, run the ap-mode-switch check command to check whether the file system on the fit AP allows the fit AP to switch to a fat AP. If not, run the ap-mode-switch prepare command to configure the file system to allow the fit AP to switch to a fat AP. Then connect the device to an FTP, TFTP, or SFTP server and download the fat AP system software file from the server so that the fit AP can switch to a fat AP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 216 Fit AP Command Reference 2 Basic Configurations Commands NOTE After the ap-mode-switch prepare command is executed, run the ap-mode-switch check command again to ensure that the file system on the fit AP allows the fit AP to switch to a fat AP. Example # Configure the file system on a fit AP to allow the fit AP to switch to a fat AP. <Huawei> system-view [Huawei] ap-mode-switch prepare Info: Prepare is ok, Use ap-mode-switch command to switch to fat ap. Related Topics 2.6.2 ap-mode-switch check 2.6.6 ap-mode-switch tftp 2.6.3 ap-mode-switch ftp 2.6.5 ap-mode-switch sftp Function The ap-mode-switch sftp command connects an AP to an SFTP server to download the system software file for switching AP running mode. Format ap-mode-switch { fat | cloud } sftp filename server-ip-address user-name password [ port ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 217 Fit AP Command Reference 2 Basic Configurations Commands Table 2-27 Command support of APs AP Model Whether the ap-modeswitch sftp Command Is Supported Whether the ap-modeswitch { fat | cloud } sftp Command Is Supported AD9430DN-24/ AD9430DN-12/ AD9431DN-24X/ AP2051DN/AP2051DNS/AP2051DN-E/ AP5050DN-S/ AP4050DN/AP4051DN/ AP4151DN/AP4050DNS/AP4051DN-S/ AP1050DN-S/AP4030TN/ AP6050DN/AP6150DN/ AP2050DN/AP2050DNS/AP2050DN-E/ AP4050DN-E/ AP4050DN-HD/ AP7050DN-E/AP7050DE/ AP4051TN/AP6052DN/ AP7052DN/AP7152DN/ AP7052DE/AP8050DN/ AP8150DN/AP8050DNS/AP8030DN/ AP8130DN/AP8050TNHD/AP8082DN/ AP8182DN/AP4050DEM/AP4050DE-M-S/ AP4050DE-B-S/ AP3050DE/AP7060DN/ AP2051DN-L-S/AP5510W-GP No Yes Other AP models do not support the preceding commands. Parameters Parameter Description Value fat Switches a Fit AP to Fat AP. - cloud Switches a Fit AP to cloud AP. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 218 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value filename Specifies the name of the system software file on an SFTP server. The value is a string of 1 to 127 characters without spaces. The system software file has an extension name of .bin. server-ip-address Specifies the IP address of an SFTP server. The value is in dotted decimal notation. port Specifies the number of the SFTP server port to which the AP connects. The value is an integer that ranges from 0 to 65535. The default value is 22. user-name Specifies the user name for logging in to an SFTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. password Specifies the password for logging in to an SFTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario To use the SFTP server to switch a Fit AP to Fat AP or cloud AP, run the ap-modeswitch sftp command to switch the system software file of the AP. Prerequisites The system software file has been uploaded to the SFTP server. It has been confirmed that the file system allows switching between a Fit AP and a Fat AP using the 2.6.2 ap-mode-switch check command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 219 Fit AP Command Reference 2 Basic Configurations Commands NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DN-AGN support this command. Example # Use the SFTP server (192.168.1.1) to switch the AP5030DN running mode from Fat AP to Fit AP. <Huawei> system-view [Huawei]ap-mode-switch sftp AP5030DN_V200R010C00.bin 192.168.1.1 admin admin Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]: y # Use the SFTP server (192.168.1.1) to switch the AP6050DN running mode from Fit AP to Fat AP. <Huawei> system-view [Huawei] ap-mode-switch fat sftp AP6050DN_V200R010C00.bin 192.168.1.1 admin admin Warning: The system will reboot and start in fat mode of V200R010C00. Continue ? [y/n]: y Related Topics 2.6.2 ap-mode-switch check 2.6.6 ap-mode-switch tftp 2.6.3 ap-mode-switch ftp 2.6.6 ap-mode-switch tftp Function The ap-mode-switch tftp command connects an AP to a TFTP server to download the system software file for switching AP running mode. Format ap-mode-switch { fat | cloud } tftp filename server-ip-address Table 2-28 Command support of APs AP Model Whether the ap-modeswitch tftp Command Is Supported Whether the ap-modeswitch { fat | cloud } tftp Command Is Supported AP5030DN/AP5130DN/ AP4030DN/AP4130DN/ AP5030DN-S/ AP3030DN/AP9131DN/ AP9132DN/AP4030DNE/AP3010DN-V2 Yes No Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 220 Fit AP Command Reference 2 Basic Configurations Commands AP Model Whether the ap-modeswitch tftp Command Is Supported Whether the ap-modeswitch { fat | cloud } tftp Command Is Supported AP8050DN/AP8150DN/ AP8050DN-S/ AP4050DN/AP4051DN/ AP4151DN/AP4050DNS/AP4051DN-S// AP1050DN-S/ AD9431DN-24X/ AP8030DN/AP8130DN/ AD9430DN-24/ AD9430DN-12/ AP8050TN-HD/ AP8082DN/AP8182DN/ AP2051DN/AP2051DNS/AP2051DN-E/ AP5050DN-S/AP4030TN/ AP6050DN/AP6150DN/ AP2050DN/AP2050DNS/AP2050DN-E/ AP4050DN-E/ AP4050DN-HD/ AP7050DN-E/AP7050DE/ AP4051TN/AP6052DN/ AP7052DN/AP7152DN/ AP7052DE/AP4050DE-M/ AP4050DE-M-S/ AP4050DE-B-S/ AP3050DE/AP7060DN/ AP2051DN-L-S/AP5510W-GP No Yes Other AP models do not support the preceding commands. Parameters Parameter Description Value fat Switches a Fit AP to Fat AP. - cloud Switches a Fit AP to cloud AP. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 221 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value filename Specifies the name of the system software file on a TFTP server. The value is a string of 1 to 127 characters without spaces. The system software file has an extension name of .bin. server-ip-address Specifies the IP address of a TFTP server. The value is in dotted decimal notation. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario To use the TFTP server to switch a Fit AP to Fat AP or cloud AP, run the ap-modeswitch tftp command to switch the system software file of the AP. Prerequisites The system software file has been uploaded to the TFTP server. It has been confirmed that the file system allows switching between a Fit AP and a Fat AP using the 2.6.2 ap-mode-switch check command. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DN-AGN support this command. Example # Use the TFTP server (192.168.1.1) to switch the AP5030DN running mode from Fat AP to Fit AP. <Huawei> system-view [Huawei] ap-mode-switch tftp AP5030DN_V200R010C00.bin 192.168.1.1 Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]: y # Use the TFTP server (192.168.1.1) to switch the AP6050DN running mode from Fit AP to Fat AP. <Huawei> system-view [Huawei] ap-mode-switch fat tftp AP6050DN_V200R010C00.bin 192.168.1.1 Warning: The system will reboot and start in fat mode of V200R010C00. Continue ? [y/n]: y Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 222 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.6.2 ap-mode-switch check 2.6.3 ap-mode-switch ftp 2.6.5 ap-mode-switch sftp 2.6.7 display paf Function The display paf command displays information about the product adapter file (PAF) in the system. Format display paf { all | { resource | service } item-name } Parameters Parameter Description Value all Displays all information about the PAF file. - resource Specifies the value set for a resource item in the PAF file. - service Specifies the value set for a service item in the PAF file. - item-name Specifies the name of a resource item or a service item. The value is a string of 1 to 64 characters. Views All views Default Level 3: Management level Usage Guidelines A PAF file provides only required resources and features. This command can display all the specification information about the PAF file. Example # Display the value set for a resource item in the PAF file. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 223 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> display paf resource PAF_LCS_NQA_SPECS_NUM_ENTRY PAF_LCS_NQA_SPECS_NUM_ENTRY = 0, 32, 32, 0 # Display the value set for a service item in the PAF file. <Huawei> display paf service PAF_LCS_BFD_BASIC_SPECS_ENABLED PAF_LCS_BFD_BASIC_SPECS_ENABLED = 0, 1 Table 2-29 Description of the display paf resource command output Item Description PAF_LCS_NQA_SPECS_NUM_ENTRY Resource item name in the PAF file. 0 Whether a resource item is controlled by a license. ● 1: yes ● 0: no 32 Default value of the resource item in the PAF file. 32 Maximum value of the resource item in the PAF file. 0 Minimum value of the resource item in the PAF file. Table 2-30 Description of the display paf service command output Item Description PAF_LCS_BFD_BASIC_SPECS_ENABLED Service item name in the PAF file. 0 Whether a service item is controlled by a license. ● 1: yes ● 0: no 1 Service status. ● 1: enabled ● 0: disabled 2.6.8 display patch-information Function The display patch-information command displays information about the current patch package in the system. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 224 Fit AP Command Reference 2 Basic Configurations Commands Format display patch-information Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines After a patch is loaded or deleted, run this command to view information about the patch package, including its version, name. Example # Display information about the current patch package. <Huawei> display patch-information Patch Package Name : flash:/patch.pat Patch Package Version : V200R010C00SPH The current state is:Running ****************************************************************** * The patch information, as follows * ****************************************************************** Type State Count Time(YYYY-MM-DD HH:MM:SS) -----------------------------------------------------------------VRP Running 1 2020-07-04 18:51:04+00:00 Table 2-31 Description of the display patch-information command output Item Description Patch Package Name Name of the running patch package. Patch Package Version Version of the running patch package. The current state is State of the running patch package. Type Patch type. State Running status of the patch. (Running: The patch is running.) Count Number of patches of each type in the system. Time Activation time of patches of each type in the system. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 225 Fit AP Command Reference 2 Basic Configurations Commands Related Topics 2.6.10 patch delete all 2.6.11 patch load 2.6.9 display upgrade failure-reason Function The display upgrade failure-reason command displays the reasons for the latest upgrade failure. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DNAGN support this command. Format display upgrade failure-reason Parameters None Views System view Default Level 1: Monitoring level Usage Guidelines Run the display upgrade failure-reason command to check causes of upgrade failures so that you can take corresponding measures to fix the error. Table 2-32 Causes of upgrade failures Message Description Error: Upgrade failed by getting data. Failure in obtaining the upgrade data. Error: Upgrade failed by decrypting password. Failure in decrypting the password. Error: Upgrade failed by configuring ip address. Failure in configuring the IP address for the AP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 226 Fit AP Command Reference 2 Basic Configurations Commands Message Description Error: Upgrade failed by downloading version file. Failure in downloading the upgrade file. If this error message is displayed, check network connections and ensure that the fat AP can communicate with the server. Error: Upgrade failed by version mismatched. Unmatched versions. If this error message is displayed, check whether the version file name is modified. Error: Upgrade failed by invalid version filename. Invalid file name. If this error message is displayed, check whether the version file name is modified. Error: Upgrade failed by type mismatched. Unmatch between the upgrade file and AP type. If this error message is displayed, check whether the upgrade file is correct. Error: Upgrade failed by md5 or crc check. CRC error. If this message is displayed, check whether data is modified or lost during transmission. Error: Upgrade failed by writing flash. Failure in writing the upgrade file into the flash memory. Error: Upgrade failed by resetting factory configuration. Failure in restoring the factory settings. Error: Upgrade failed by other reasons. Other causes. Info: Upgrade successfully. Successful upgrade. Example # Display the reasons for the latest upgrade failure. <Huawei> system-view [Huawei] display upgrade failure-reason Info: Connecting to remote server failed! 2.6.10 patch delete all Function The patch delete all command deletes patches on the current system. Format patch delete all Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 227 Fit AP Command Reference 2 Basic Configurations Commands Parameters None Views User view Default Level 3: Management level Usage Guidelines ● If you find errors in patches that have been loaded to the system, run this command to delete the patches to prevent patch errors from affecting system operating. ● Before loading a non-incremental patch, run this command to delete the existing patches (if any). Otherwise, the non-incremental patch cannot be loaded. Example # Delete all patches. <Huawei> patch delete all The patch will be deleted. Continue? (y/n)[n]:y Related Topics 2.6.8 display patch-information 2.6.11 patch load Function The patch load command loads the patches to the patch areas in the system. Format patch load filename all run Parameters Parameter Description Value filename Specifies the path and file name of a patch package. The path can be an absolute path or a relative path. The value is a string of 4 to 64 case-sensitive characters without spaces. The file name must have an extension of .pat. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 228 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value all Loads the patches of all boards. - run Runs loaded patches of all boards. - Views User view Default Level 3: Management level Usage Guidelines Usage Scenario When you load a patch to the current system, the system searches the patch package for a matching patch file according to the attributes of the patch file. ● If a matching patch file is found in the patch package, the system loads the patch. ● If no matching patch file is found in the patch package, the system does not load any patch. Prerequisites The patch package has been uploaded to the root directory of the storage device. Before loading a patch, the system must resolve the patch package, check the validity of the patch files in the patch package, and obtain the attributes such as the patch type and version of the patch file. Precautions The patch file cannot be reloaded. When you reload a patch, the system displays an error message. Example # Load the patches to the patch area of the device and run the patches directly. <Huawei> patch load patch.pat all run Related Topics 2.6.10 patch delete all 2.5.6 startup patch 2.6.8 display patch-information Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 229 Fit AP Command Reference 2 Basic Configurations Commands 2.6.12 upgrade version check Function The upgrade version check command checks whether the upgrade assistant package is available before a device upgrade. NOTE Only AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP9132DN, AP5010DNAGN support this command. Format upgrade version check Parameters None Views System view Default Level 3: Management level Usage Guidelines Before you upgrade a fat AP or fit AP (not by the AC), run this command to check whether the upgrade assistant package is available. You can upgrade a fat AP or fit AP using the available upgrade assistant package. NOTE If the upgrade assistant package is not available, contact technical support personnel and update the upgrade assistant package under their guidance. Example # Check whether the upgrade assistant package is available. <Huawei> system-view [Huawei] upgrade version check Info: Upgrade version check ok. Related Topics 2.6.15 upgrade version tftp 2.6.13 upgrade version ftp 2.6.14 upgrade version sftp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 230 Fit AP Command Reference 2 Basic Configurations Commands 2.6.13 upgrade version ftp Function The upgrade version ftp command connects a device to an FTP server to download the upgrade assistant package. Format upgrade version ftp filename server-ip-address user-name password [ port ] [ signature signature-name ] upgrade version ftp filename ipv6 server-ipv6-address user-name password [ port ] [ signature signature-name ] Parameters Parameter Description Value filename Specifies the name of the upgrade assistant package on an FTP server. The value is a string of 1 to 127 characters without spaces. The upgrade assistant package has an extension name of .bin. server-ip-address Specifies the IP address of an FTP server. The value is in dotted decimal notation. ipv6 server-ipv6-address Specifies the IPv6 address of the FTP server. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. port Specifies the number of the FTP server port to which the AP connects. The value is an integer that ranges from 0 to 65535, The default value is 21. user-name Specifies the user name for logging in to an FTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 231 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value password Specifies the password for logging in to an FTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. signature signaturename Checks the validity of the digital signature file of the system software. The value is a string of 1 to 63 case-sensitive characters without spaces. The file name extension must be .asc. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario You can run this command to upgrade a Fit AP (not by the AC) using the upgrade assistant package on an FTP server. Prerequisites The upgrade assistant package has been uploaded to the FTP server. It has been confirmed that the upgrade assistant package can be used using the 2.6.12 upgrade version check command. NOTE You need to run the command to check whether the upgrade assistant package can be used for the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP6010DN-AGN, AP5010SN-GN and AP9132DN. Example # Upgrade the AP using the upgrade assistant package on the FTP server 192.168.1.1. <Huawei> system-view [Huawei] upgrade version ftp AP5030DN_V200R006C10.bin 192.168.1.1 admin admin Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y # Upgrade the AP using the FTP server with the IPv6 address 1000::1. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 232 Fit AP Command Reference 2 Basic Configurations Commands <Huawei> system-view [Huawei] upgrade version ftp AP6010DN_V200R006C10.bin ipv6 1000::1 admin admin Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y Related Topics 2.6.12 upgrade version check 2.6.15 upgrade version tftp 2.6.14 upgrade version sftp 2.6.14 upgrade version sftp Function The upgrade version sftp command connects a device to an SFTP server to download the upgrade assistant package. Format upgrade version sftp filename server-ip-address user-name password [ port ] [ signature signature-name ] upgrade version sftp filename ipv6 server-ipv6-address user-name password [ port ] [ signature signature-name ] Parameters Parameter Description Value filename Specifies the name of the upgrade assistant package on an SFTP server. The value is a string of 1 to 127 characters without spaces. The upgrade assistant package has an extension name of .bin. server-ip-address Specifies the IP address of an SFTP server. The value is in dotted decimal notation. ipv6 server-ipv6-address Specifies the IPv6 address of the SFTP server. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. port Specifies the number of the SFTP server port to which the AP connects. The value is an integer that ranges from 0 to 65535, The default value is 22. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 233 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value user-name Specifies the user name for logging in to an SFTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. password Specifies the password for logging in to an SFTP server. The value is a string of 1 to 31 characters without spaces. The value cannot be keywords in the command lines, such as ftp, tftp, or sftp. signature signaturename Checks the validity of the digital signature file of the system software. The value is a string of 1 to 63 case-sensitive characters without spaces. The file name extension must be .asc. Views System view Default Level 3: Management level Usage Guidelines Usage Scenario You can run this command to upgrade a Fit AP (not by the AC) using the upgrade assistant package on an SFTP server. Prerequisites The upgrade assistant package has been uploaded to the SFTP server. It has been confirmed that the upgrade assistant package can be used using the 2.6.12 upgrade version check command. NOTE You need to run the command to check whether the upgrade assistant package can be used for the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP6010DN-AGN, AP5010SN-GN and AP9132DN. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 234 Fit AP Command Reference 2 Basic Configurations Commands Example # Upgrade the AP using the upgrade assistant package on the SFTP server 192.168.1.1. <Huawei> system-view [Huawei] upgrade version sftp AP8030DN_V200R006C10.bin 192.168.1.1 admin admin Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y # Upgrade the AP using the SFTP server with the IPv6 address 1000::1. <Huawei> system-view [Huawei] upgrade version sftp AP6010DN_V200R006C10.bin ipv6 1000::1 admin admin Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y Related Topics 2.6.12 upgrade version check 2.6.13 upgrade version ftp 2.6.15 upgrade version tftp 2.6.15 upgrade version tftp Function The upgrade version tftp command connects a device to a TFTP server to download the upgrade assistant package. Format upgrade version tftp filename server-ip-address [ signature signature-name ] upgrade version tftp filename ipv6 server-ipv6-address [ signature signaturename ] Parameters Parameter Description Value filename Specifies the name of the upgrade assistant package on a TFTP server. The value is a string of 1 to 127 characters without spaces. The upgrade assistant package has an extension name of .bin. server-ip-address Specifies the IP address of a TFTP server. The value is in dotted decimal notation. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 235 Fit AP Command Reference 2 Basic Configurations Commands Parameter Description Value ipv6 server-ipv6-address Specifies the IPv6 address of the TFTP server. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. signature signature- Checks the validity of the digital signature file of the system software. The value is a string of 1 to 63 case-sensitive characters without spaces. The file name extension must be .asc. name Views System view Default Level 3: Management level Usage Guidelines Usage Scenario You can run this command to upgrade a Fit AP (not by the AC) using the upgrade assistant package on a TFTP server. Prerequisites The upgrade assistant package has been uploaded to the TFTP server. It has been confirmed that the upgrade assistant package can be used using the 2.6.12 upgrade version check command. NOTE You need to run the command to check whether the upgrade assistant package can be used for the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP9131DN, AP6010DN-AGN, AP5010SN-GN and AP9132DN. Example # Upgrade the AP using the upgrade assistant package on the TFTP server 192.168.1.1. <Huawei> system-view [Huawei] upgrade version tftp AP5030DN_V200R006C10.bin 192.168.1.1 Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y # Upgrade the AP using the TFTP server with the IPv6 address 1000::1. <Huawei> system-view [Huawei] upgrade version tftp AP6010DN_V200R006C10.bin ipv6 1000::1 Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 236 Fit AP Command Reference 2 Basic Configurations Commands Warning: System will reboot, if you want to switch to upgrade-assistant-package. Are you sure to execute these operations ? [Y/N]:y Related Topics 2.6.12 upgrade version check 2.6.13 upgrade version ftp 2.6.14 upgrade version sftp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 237 Fit AP Command Reference 3 3 Cloud-based Management Configuration Commands Cloud-based Management Configuration Commands About This Chapter 3.1 ap-mode-switch cloud 3.2 cloud-mng register-center disable 3.3 display cloud-mng register-center status 3.1 ap-mode-switch cloud Function The ap-mode-switch cloud cloud-configuration command specifies a configuration file for an AP to switch to a cloud AP. Format ap-mode-switch cloud cloud-configuration config-file-name Parameters Parameter Description Value cloud-configuration Specifies the configuration file for a cloud AP to start. The value is a string of 4 to 64 characters. config-file-name Views System view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 238 Fit AP Command Reference 3 Cloud-based Management Configuration Commands Default Level 3: Management level Usage Guidelines Usage Scenario Scenario 1: Using the CLI to perform deployment configurations for an AP. For a Fit AP, you can run this command to switch it to a cloud AP and complete its deployment configurations, without the need to manually perform AP deployment configurations after it switches to a cloud AP. Scenario 2: Using a mobile app to perform deployment configurations for an AP. A configuration file is generated based on configurations you perform on the app. Use a STA with the mobile app installed to associate with the AP's management SSID and log in to the AP. Upload the configuration file and deliver the ap-modeswitch cloud cloud-configuration command to the AP. After the AP restarts, it loads the configuration file and switches to a cloud AP. Example # Switch a Fit AP to a cloud AP and specify a configuration file for its startup. <Huawei> system-view [Huawei] ap-mode-switch cloud cloud-configuration vrpcfg_cloud.cfg Info: Succeeded in setting the configuration for booting system. Warning: The system will reboot and start in cloud mode of V200R010C00. Continue? (y/n)[n]:y Info: system is rebooting ,please wait... Related Topics 2.6.1 ap-mode-switch 3.2 cloud-mng register-center disable Function The cloud-mng register-center disable command disables the device from proactively querying the registration center. The undo cloud-mng register-center disable command enables the device to proactively query the registration center. By default, the device proactively sends query packets to the registration center. Format cloud-mng register-center disable undo cloud-mng register-center disable Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 239 Fit AP Command Reference 3 Cloud-based Management Configuration Commands Views System view Default Level 3: Management level Usage Guidelines In cloud mode, the device sends query packets to the registration center to obtain plug-and-play information such as the IP address and port number of the Agile Controller-Campus. If the plug-and-play function through the registration center is not needed, run the cloud-mng register-center disable command. Example # Disable the device from proactively querying the registration center. <Huawei> system-view [Huawei] cloud-mng register-center disable 3.3 display cloud-mng register-center status Function The display cloud-mng register-center status command displays the status of the registration center. Format display cloud-mng register-center status Parameters None Views All views Default Level 2: Configuration level Usage Guidelines You can run this command to view the address, port, and status of the registration center. Example # Display the status of the registration center in the user view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 240 Fit AP Command Reference 3 Cloud-based Management Configuration Commands <Huawei> display cloud-mng register-center status -----------------------------------------------------------------Register center URL : register.naas.huawei.com Register center IP : Register center port: 10020 Current status : sleeping ------------------------------------------------------------------ Table 3-1 Description of the display cloud-mng register-center status command output Item Description Register center URL URL of the registration center. Register center IP IP address of the registration center. Register center port Port number of the registration center. Current status Current status of the query to the registration center. ● disabled: The function of querying the registration center is disabled. ● success: The query succeeds. ● connecting: querying. ● sleeping: sleeping. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 241 Fit AP Command Reference 4 4 Device Management Commands Device Management Commands About This Chapter 4.1 Device Status Checking Commands 4.2 Hardware Configuration Commands 4.3 Energy-saving Configuration Commands 4.4 Information Center Configuration Commands 4.5 PoE Configuration Commands 4.1 Device Status Checking Commands 4.1.1 display ap-address-info Function The display ap-address-info command displays the AP IP address. Format display ap-address-info Parameters None Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 242 Fit AP Command Reference 4 Device Management Commands Usage Guidelines You can run this command to view the AP IP address. Example # Display the AP IP address. <Huawei> display ap-address-info ============================================================== Active AP Address Info AP Mode : dhcp Ip Address : Ip Version : Mask :Gateway :AC 0 ip :AC 1 ip :AC 2 ip :AC 3 ip :-------------------------------------------------------------Reboot Active AP Address Info AP Mode : static Ip Address : 2001:db8:2002::10 Ip Version : 6 Mask : 64 Gateway : 2001:db8:2002::1 AC 0 ip : 2001:db8:1002::1 AC 1 ip :AC 2 ip :AC 3 ip :============================================================== Table 4-1 Description of the display ap-address-info command output Item Description Active AP Address Info Currently-valid AP addresses. Reboot Active AP Address Info AP addresses that become valid after AP restart. AP Mode AP mode. Ip Version Version of the TCP/IP protocol. Ip Address IP address. Mask Subnet mask. Gateway Default gateway. AC 0 ip IP address of AC0. AC 1 ip IP address of AC1. AC 2 ip IP address of AC2. AC 3 ip IP address of AC3. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 243 Fit AP Command Reference 4 Device Management Commands 4.1.2 display cpu-usage Function The display cpu-usage command displays CPU usage statistics. Format display cpu-usage Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines CPU usage is an important index to evaluate device performance. A high CPU usage will cause service faults. You can use the display cpu-usage command to view CPU usage to check whether devices are working properly. Example # Display the CPU usage on the device. <Huawei> display cpu-usage CPU Usage Stat. Cycle: 30 (Second) CPU Usage: 2.4% Max: 90.2% CPU Usage Stat. Time : 2014-01-08 05:29:48 CPU Usage Max. Time : 2014-01-07 15:26:41 Table 4-2 Description of the display cpu-usage command output Item Description CPU Usage Stat. Cycle Interval for collecting CPU usage statistics. The default interval is 30 seconds. CPU Usage Stat. Time Time when the latest CPU usage statistics are collected. CPU Usage Current CPU usage Max Maximum CPU usage within 30 minutes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 244 Fit AP Command Reference 4 Device Management Commands Item Description CPU Usage Max. Time Time when the CPU usage reaches the maximum. 4.1.3 display cpu-usage configuration Function The display cpu-usage configuration command displays CPU usage configuration. Format display cpu-usage configuration Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines This command displays the alarm threshold and recovery threshold. ● When CPU usage reaches the alarm threshold, the system generates a CPU usage alarm. ● When CPU usage falls within the recovery threshold, the system generates a clear alarm. Example # Display CPU usage configuration of the main control board. <Huawei> display cpu-usage configuration The CPU usage monitor is turned on. The current monitor cycle is 10 seconds. The current monitor warning threshold is 80%. The current monitor restore threshold is 75%. The CPU threshold set by the AC is 0%. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 245 Fit AP Command Reference 4 Device Management Commands Table 4-3 Description of the display cpu-usage configuration command output Item Description The CPU usage monitor Whether the function of the CPU usage monitor is enabled or disabled. The current monitor cycle Cycle for monitoring the CPU. The current monitor warning threshold Alarm threshold. To set the CPU usage alarm threshold, use the command. The current monitor restore threshold Alarm recovery threshold. To set the CPU usage alarm recovery threshold, use the command. The CPU threshold set by the AC CPU usage threshold delivered by the AC. 4.1.4 display cpu-usage history Function The display cpu-usage history command displays historical CPU usages on a device. Format display cpu-usage history [ 24hour | 72hour ] Parameters Parameter Description Value 24hour Displays the CPU usages on a device during the last 24 hours. - 72hour Displays the CPU usages on a device during the last 72 hours. - Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 246 Fit AP Command Reference 4 Device Management Commands Usage Guidelines CPU usage is an important indicator to evaluate device performance. A high CPU usage will cause service faults. You can use this command to view historical CPU usages on a device, which help you local service faults. This command displays CPU usages in the latest 8640 monitoring cycles. You can run the set cpu-usage cycle command in the diagnostic view to set the CPU usage monitoring cycle. When the parameter [ 24hour | 72hour ] is not specified, the CPU usages during the last 1 hour is displayed. Example # Display historical CPU usages. <Huawei> display cpu-usage history 100%| 95%| 90%| 85%| 80%| 75%| 70%| 65%| 60%| 55%| 50%| 45%| 40%| 35%| 30%| 25%| 20%| 15%| 10%| * * 5%|*** ******************************* ************************************************************************************ -------------------------------------------------------------------------------------------------------------------------0 15 30 45 60 (minutes) 4.1.5 display diagnostic-information Function The display diagnostic-information command displays diagnostic information on the device, or stores diagnostic information to a specified file. Format display diagnostic-information [ ap | sta mac-address sta-mac ] [ saved-file [ file-name ] ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 247 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value ap Displays diagnostic information on AP. - sta Displays diagnostic information on STA. - saved-file Stores diagnostic information into a file. - Specifies the name of the file where diagnostic information is stored. The value is a string of 5 to 64 characters. The file name extension must be .txt. The default directory where files are stored is flash:/. Specifies the MAC address of a STA. The value is in H-H-H format. An H is a hexadecimal number of 4 digits. file-name mac-address sta-mac Views All views Default Level 3: Management level Usage Guidelines Usage Scenario When a fault occurs in the system, you can use the display diagnosticinformation command to collect diagnostic information for fault location. The display diagnostic-information command output includes the output for multiple display commands. Running the display diagnostic-information command is like running these display commands in batches. If the saved-file parameter is not specified, diagnostic information is only displayed on the screen. If the saved-file parameter is specified, diagnostic information is only stored into a specified file but not displayed on the screen. If the saved-file parameter is specified but file-name is not, the system automatically stores diagnostic information into the diagnostic-information.txt file. If you do not specify the parameters ap, and sta, the command displays diagnostic information about all devices. If you specify a parameter (ap, or sta), the command displays diagnostic information about the specified parameter. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 248 Fit AP Command Reference 4 Device Management Commands Precautions ● If this command displays a long output, press Ctrl+C to abort this command. ● This command displays diagnostic information, which helps locate faults but may affect system performance. For example, CPU usage may become high. Therefore, do not use this command when the system is running properly. ● Running the display diagnostic-information command simultaneously on multiple terminals connected to the device is prohibited. This is because CPU usage of the device may obviously increase and the device performance may be degraded. ● When you run this command, the device obtains or uses some personal data of users, such as the STA MAC address. Delete the personal data immediately after the command is executed to ensure user data security. ● The command output does not support split-screen display. Example # Display diagnostic information about the device. <Huawei> display diagnostic-information =================================================== ===============display version=============== =================================================== Huawei Versatile Routing Platform Software VRP (R) software, Version 5.160 (AP5030DN V200R010C00) Copyright (C) 2011-2017 HUAWEI TECH CO., LTD Huawei AP5030DN Router uptime is 0 week, 2 days, 22 hours, 31 minutes MPU 0(Master) : uptime is 0 week, 2 days, 22 hours, 31 minutes SDRAM Memory Size : 256 M bytes Flash Memory Size : 32 M bytes MPU version information : 1. PCB Version : H87D2TT1D200 VER.C 2. MAB Version : 0 3. Board Type : AP5030DN 4. BootROM Version : 55 ...... 4.1.6 display elabel Function The display elabel command displays the electronic label of the device. Format display elabel [ slot-id ] [ brief ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 249 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value slot-id Displays the electronic label of the specified board. If this parameter is not specified, all electronic labels of the device are displayed. The value is an integer and must be set according to the device configuration. brief Indicates that the electronic label of a board does not include optical module information. - Views All views Default Level 1: Monitoring level Usage Guidelines Electronic labels identify the hardware. You can use the display elabel command to view the electronic label information. Example # Display brief information about the electronic label of the board in slot 0. <Huawei> display elabel 0 brief It is executing, please wait... [Slot_0] /$[Board Integration Version] /$BoardIntegrationVersion=3.0 [Main_Board] /$[ArchivesInfo Version] /$ArchivesInfoVersion=3.0 [Board Properties] BoardType=AP5030DN BarCode=210235419610CB000473 Item=02354196 Description=Assembling Components,AP5030DN,AP5030DN Mainframe(11ac,General AP In door,3x3 Double Frequency,Built-in Antenna,No AC/DC adapter) Manufactured=2014-03-08 VendorName=Huawei IssueNumber=00 CLEICode= BOM= Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 250 Fit AP Command Reference 4 Device Management Commands # Display detailed information about electronic labels of the device. <Huawei> display elabel It is executing, please wait... /$[System Integration Version] /$SystemIntegrationVersion=3.3 [Rack_1] [SubRack_0] [Slot_0] /$[Board Integration Version] /$BoardIntegrationVersion=3.0 [Main_Board] /$[ArchivesInfo Version] /$ArchivesInfoVersion=3.0 [Board Properties] BoardType=AP5030DN BarCode=210235419610CB000473 Item=02354196 Description=Assembling Components,AP5030DN,AP5030DN Mainframe(11ac,General AP In door,3x3 Double Frequency,Built-in Antenna,No AC/DC adapter) Manufactured=2014-03-08 VendorName=Huawei IssueNumber=00 CLEICode= BOM= Table 4-4 Description of the display elabel command output Item Description BoardType Board model of the specified component. BarCode Bar code of the specified component. Item BOM code of the specified component. For details, see the part number of the component in Installation > Appendix > Power Adaptation Solution of the product documentation. Description English description of the specified component. Manufactured Production date of the specified component. VendorName Vendor name of the specified component. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 251 Fit AP Command Reference 4 Device Management Commands Item Description IssueNumber Issuing number of the specified component. CLEICode CLEI code of the specified component. BOM Sales BOM code of the specified component. Model External model of the specified component. Supported only by the AP8130DN-W, AP8030DN, AP8130DN, AP8050TNHD, AP8082DN, AP8182DN, AP8050DN, AP8050DN-S, AP8150DN, AP9131DN, AP9132DN, AP4050DN, AP4050DN-S, AP4051DN, AP4151DN, AP4050DN-S, and AP4051DN-S. ElabelVersion Electronic label version of the specified component. Supported only by the AP8130DN-W, AP8030DN, AP8130DN, AP8050TNHD, AP8082DN, AP8182DN, AP8050DN, AP8050DN-S, AP8150DN, AP9131DN, AP9132DN, AP4050DN, AP4050DN-S, AP4051DN, AP4151DN, AP4050DN-S, and AP4051DN-S. Related Topics 4.2.1 backup elabel 4.1.7 display esn Function The display esn command displays the Equipment Serial Number (ESN) of a device. Format display esn Parameters None Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 252 Fit AP Command Reference 4 Device Management Commands Default Level 1: Monitoring level Usage Guidelines An ESN uniquely identifies a device. Example # Display the ESN of the device. <Huawei> display esn ESN of device: 2102113374P0B4000046 4.1.8 display sn Function The display sn command displays serial number (SN) information of components on a device. Format display sn [ license | all | interface [ interface-type interface-number ] | [ interface ] abnormal ] Parameters Parameter Description Value license Displays the SN for applying for a license. - all Displays all SN information. - interface [ interfacetype interface-number ] Displays the SN of the optical module on a specified interface: - ● interface-type specifies the interface type. ● interface-number specifies the interface number. abnormal Issue 08 (2021-02-25) Displays the SN of an abnormal module. Copyright © Huawei Technologies Co., Ltd. - 253 Fit AP Command Reference 4 Device Management Commands Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display sn command to view the SNs of the device, optical module, and device components, which facilitates device management. Example # Display the SNs of all components on a device. <Huawei> display sn all Equipment SN(ESN): 210235396810D2000038 License ESN: 210235396810D2000038 Slot Sub Type SN P/N --------------------------------------0 - AC6605-26-PWR 210235396810D2000038 02353968 4 POWER 21021309838NCB000175 02130983 Port Type SN P/N Description -------------------------------------------Gi0/0/22 RTXM139-400 EX0921030690 155Mbps-1310nm--30000m # Display the SN of an abnormal subcard. <Huawei> display sn abnormal Slot Sub Type SN P/N State --------------------------------------4 POWER 21021309838NCB000175 02130983 ERROR # Display the SN of an abnormal interface. <Huawei> display sn interface abnormal Port Type SN P/N State Description -------------------------------------------Gi0/0/22 RTXM139-400 EX0921030690 ERROR 155Mbps-1310nm--30000m Table 4-5 Description of the display sn command output Item Description Equipment SN(ESN) Equipment serial number. License ESN License SN. Slot Slot ID of a component. Sub Subcard ID. Type Type of a component. SN SN of a component. P/N SBOM of a card. Port Interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 254 Fit AP Command Reference 4 Device Management Commands Item Description Description Interface description. State Subcard status. ● ABNORMAL: The card status is abnormal. ● ERROR: A registration error occurs. ● REMOVED: A card is removed. Optical module status. ● ERROR: The optical module cannot be identified. ● REMOVED: The optical module is removed. ● UNAUTHORIZED: A non-Huaweicertified optical module is used. 4.1.9 display fan Function The display fan command displays the fan status. NOTE Only the AD9431DN-24X and AD9430DN-24 support this command. Format display fan [ slot slot-id | verbose ] Parameters Parameter Description Value slot slot-id Specifies the slot ID of the device. The value of slot-id depends on the running fan. verbose Displays detailed status information about the fan. - Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 255 Fit AP Command Reference 4 Device Management Commands Default Level 2: Configuration level Usage Guidelines Devices can run properly when fans are working properly. If proper heat dissipation cannot be ensured for devices, devices may overheat, damaging the hardware. You can use the display fan command to view the fan status. Example # Display the fan status of the device. <Huawei> display fan Slot 0: Fan 1 is normal. NOTE If no fan is installed, the following information is displayed: Slot 0: Fan 0 is absent. # Display detailed status information about the fan. <Huawei> display fan verbose Airflow Direction Slot # FAN # Status Speed Rate Mode ------------------------------------------------------------------------0 0 Normal 70 % AUTO Back-to-Side Table 4-6 Description of the display fan verbose command output Item Description Slot Slot ID of the device. FAN Fan ID. Status Fan status. The value can be Normal or Abnormal. Speed Rate Ratio of the current fan speed to the full speed. Mode Working mode of a fan. ● AUTO ● MANUAL Airflow Direction Airflow direction of the fan. ● Back-to-Side: The fan is blowing air from the rear to the sides. ● Side-to-Back: The fan is blowing air from the sides to rear. ● Side-to-Side: The fan is blowing air from one side to another side. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 256 Fit AP Command Reference 4 Device Management Commands 4.1.10 display health Function The display health command displays the health status of the device. Format display health Parameters None Views All views Default Level 3: Management level Usage Guidelines You can run this command to learn about the device temperature, CPU usage, memory usage, and storage medium usage. Example # Display the health status of the device. <Huawei> display health -------------------------------------------------------------------------------Slot Card Sensor No. SensorName Status Upper Lower Temperature.(C) -------------------------------------------------------------------------------0 1 AP6510DN TEMP NORMAL 60 -10 31 -------------------------------------------------------------------------PowerNo Present Mode State Current(A) Voltage(V) Power(W) -------------------------------------------------------------------------Info:The device does not support power display! System CPU Usage Information: System cpu usage at 2013-04-10 16:44:43 120 ms ------------------------------------------------------------------------------SlotID CPU Usage Upper Limit ------------------------------------------------------------------------------0 10% 80% System Memory Usage Information: System memory usage at 2013-04-10 16:44:43 150 ms ------------------------------------------------------------------------------SlotID Total Memory(MB) Used Memory(MB) Used Percentage Upper Limit ------------------------------------------------------------------------------0 91 30 33% 90% System Disk Usage Information: System disk usage at 2013-04-10 16:44:43 160 ms ------------------------------------------------------------------------------SlotID Device Total Memory(MB) Used Memory(MB) Used Percentage ------------------------------------------------------------------------------flash: 6 0 12% 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 257 Fit AP Command Reference 4 Device Management Commands Table 4-7 Description of the display health command output Item Description Slot ID of the slot where the temperature sensor resides. The value is fixed as 0, indicating the MPU slot. Card Subcard. The device does not support any subcard. Sensor No. Temperature sensor number. SensorName Temperature sensor name. Status Device temperature status. ● NORMAL: The device temperature is normal. ● ABNORMAL: The device temperature is beyond the allowed range. Upper Upper threshold of the device temperature. Lower Lower threshold of the device temperature. Temperature.(C) Current device temperature. PowerNo, Present, Mode, State, Current(A), Voltage(V), and Power(W) Power module parameters. NOTE The AP has no power module and must connect to an external power supply or use PoE power supply. These parameters are not supported. System CPU Usage Information CPU usage statistics. SlotID Slot ID of the card where the CPU resides. The value is fixed as 0, indicating the MPU slot. CPU Usage CPU usage. Upper Limit Alarm threshold of the CPU usage. You can set the alarm threshold of the CPU usage using the thresholdvalue command. System Memory Usage Information Memory usage statistics. SlotID Slot ID of the card where the memory resides. The value is fixed as 0, indicating the MPU slot. Total Memory(MB) Total memory. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 258 Fit AP Command Reference 4 Device Management Commands Item Description Used Memory(MB) Used memory. Used Percentage Memory usage. Upper Limit Alarm threshold of the memory usage. You can set the alarm threshold of the memory usage using the set memory-usage threshold threshold-value command. System Disk Usage Information Storage medium usage statistics. SlotID Slot ID of the card where the storage medium resides. The value is fixed as 0, indicating the MPU slot. Device Storage medium name. Total Memory(MB) Total memory of the storage medium. Used Memory(MB) Used memory of the storage medium. Used Percentage Storage medium usage. 4.1.11 display memory-usage Function The display memory-usage command displays the memory usage of the device. Format display memory-usage Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Memory usage is an important index to evaluate device performance. A high memory usage will cause service faults. You can use the display memory-usage command to view memory usage to check whether devices are working properly. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 259 Fit AP Command Reference 4 Device Management Commands Example # Display the memory usage of the current main control board. <Huawei> display memory-usage Memory utilization statistics at 2013-02-26 11:03:59 413 ms System Total Memory Is: 14749912 kbytes Total Memory Used Is: 649924 kbytes Memory Using Percentage Is: 4% Table 4-8 Description of the display memory-usage command output Item Description Memory utilization statistics Statistics of the memory usage. System Total Memory Total memory of the system. Total Memory Used Total used memory. Memory Using Percentage Memory usage. 4.1.12 display memory-usage threshold Function The display memory-usage threshold command displays the memory usage threshold on the device. Format display memory-usage threshold Parameters None Views All views Default Level 2: Configuration level Usage Guidelines You can view the memory usage alarm threshold to learn about the conditions for triggering alarms. ● Issue 08 (2021-02-25) When memory usage reaches the alarm threshold, the system generates an alarm. Copyright © Huawei Technologies Co., Ltd. 260 Fit AP Command Reference ● 4 Device Management Commands When memory usage falls within the alarm threshold, the system generates a clear alarm. Example # Display the memory usage threshold of the device. <Huawei> display memory-usage threshold Current memory threshold of the main board is 83%. The memory threshold set by the AC is 0%. Table 4-9 Description of the display memory-usage threshold command output Item Description Current memory threshold of the main board is 83%. The memory usage threshold of the main control board is 83%. To set the memory usage threshold of the main control board, use the set memory-usage threshold threshold-value command. The memory threshold set by the AC is 0%. Memory usage threshold delivered by the AC. Related Topics 4.2.2 set memory-usage threshold 4.1.13 display power Function The display power command displays the power supply status of the device. Only the AD9431DN-24X and AD9430DN-24 support this command. Format display power Parameters None Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 261 Fit AP Command Reference 4 Device Management Commands Usage Guidelines You can use this command to check the status of all power supply units and their voltage and current. Example # Display the power module status of the device. <Huawei> display power -------------------------------------------------------------------------PowerNo Present Mode State Current(A) Voltage(V) Power(W) -------------------------------------------------------------------------PWRI YES AC Normal N/A 12 500 Table 4-10 Description of the display power command output Item Description PowerNo Number of a power supply. Present Whether a power supply is working: ● YES: The power supply is working. ● NO: The power supply is not working. Mode Power mode: ● DC ● AC State Power supply status: Current(A) Current of the power supply, in Ampere. It is displayed as N/A. Voltage(V) Rated voltage, in V. Power(W) Rated power, in wattage. 4.1.14 display resource occupancy message Function The display resource occupancy message command displays average usage of the Dopra message unit within the latest 10 minutes. Format display resource occupancy message Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 262 Fit AP Command Reference 4 Device Management Commands Views All views Default Level 2: Configuration level Usage Guidelines None Example # Display average usage of the Dopra message unit within the latest 10 minutes. <Huawei> display resource occupancy message Average usage rate of system message in 10 minutes: 0% 4.1.15 display system-information Function The display system-information command displays AP system information. Format display system-information Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Users can run this command to view AP system information. Example # Display AP system information. <Huawei> display system-information System Information =============================================== Serial Number : 210235554710CA000020 System Time : 2019-07-01 11:11:42 System Up time : 18hour 11min 20sec Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 263 Fit AP Command Reference 4 Device Management Commands System Name : ap-2 Country Code : CN MAC Address : 10:47:80:07:6f:80 Radio 0 MAC Address : 10:47:80:07:6f:80 Radio 1 MAC Address : 10:47:80:07:6f:90 IP Address : 192.168.105.254 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.105.1 IPv6 IP Address : IPv6 Default Gateway : Management VLAN ID(AP) : 1 IP MODE : dhcp Slot Status : Dual band(802.11b/g/n;802.11a/n/ac) AP Type : AP5030DN Board Type : AP5030DN Board Serial Number : 021THJ10CA000040 Board Bom Version :0 Boot Rom Version : 102 Software Version : V200R010C00 Hardware Version : H85D2TD1D200 VER.B Telnet Access : Enable User Name : admin LED Switch : ON Branch group : huawei =============================================== Table 4-11 Description of the display system-information command output Item Description Serial Number Serial number of the device. System Time System time when the command is run. System Up time System running time. System Name System name. Country Code Country code of the device. MAC Address MAC address of the device. Radio x MAC Address MAC address of the radio. IP Address IPv4 address of the device. Subnet Mask Subnet mask of the device. Default Gateway Default IPv4 gateway of the device. IPv6 IP Address IPv6 address of the device. IPv6 Default Gateway Default IPv6 gateway of the device. Management VLAN ID(AP) ID of the management VLAN. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 264 Fit AP Command Reference 4 Device Management Commands Item Description IP MODE Mode in which the device obtains an IP address. The value can be any of the following: ● dhcp: The device obtains an IP address in DHCP mode. The AP functions as the DHCP client and obtains an IP address from the DHCP server. ● slaac: The device obtains an IPv6 address through stateless address autoconfiguration. ● static: The device obtains an IP address in static mode. You need to configure a static IP address for the AP. Slot Status Frequency band supported by the device. The value can be either of the following: ● Single band: The device supports only the 2.4 GHz frequency band. ● Dual band: The device supports two frequency bands of 2.4 GHz and 5 GHz frequency bands. ● Triple band: The device supports three frequency bands of 2.4 GHz and 5 GHz. AP Type AP type. Board Type Card type. Board Serial Number Serial number of the card. Board Bom Version BOM version of the card. Boot Rom Version BootROM version. Software Version Version of the system software running on the device. Hardware Version Hardware version of the device. Telnet Access Whether Telnet services are enabled. User Name Current login user. LED Switch Switch status of the LED indicator. Branch group Name of the branch AP group when the AP works in a WAN authentication escape scenario. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 265 Fit AP Command Reference 4 Device Management Commands 4.1.16 display temperature Function The display temperature command displays the device temperature. Format display temperature { all | slot slot-id } Parameters Parameter Description Value all - Displays the temperature of all boards. slot slot-id Displays the temperature of the The value is an integer and must specified board. be set according to the device configuration. Views All views Default Level 1: Monitoring level Usage Guidelines A high or low device temperature may damage the hardware. This command displays the current device temperature. When the device temperature exceeds the upper threshold or falls below the lower threshold, the device generates an alarm to alert you that the device temperature is abnormal. NOTE The AP1010SN, AP2010DN, AP3010DN-AGN, AP5010DN-AGN, AP5010SN-GN, AP6010DN-AGN, AP6010SN-GN, AP6310SN-GN, AP430-E, R250D, AP1050DN-S, R450D, AP2030DN, AP3010DNV2, AP3030DN, AP4030DN, AP4130DN, AP4050DN, AP4050DN-S, AP4051DN, AP4051DN-S, AP4151DN, AP2030DN-S, AP2051DN-L-S, WA375DD-CE, R230D, and R240D do not support query of the current device temperature. Example # Display the temperature of the device. <Huawei> display temperature all -------------------------------------------------------------------------------Slot Card Sensor No. Sensor Name Status Upper Lower Temperature.(C) -------------------------------------------------------------------------------0 1 AP5030DN TEMP NORMAL 102 -13 38 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 266 Fit AP Command Reference 4 Device Management Commands Table 4-12 Description of the display temperature command output Item Description Slot Slot ID of the board. Card Subcard number. Sensor No. Number of the sensor on the board. Sensor Name Name of the sensor on the board. Status Board temperature: ● NORMAL: The board temperature is within the allowed range. ● ABNORMAL: The board temperature is out of the allowed range. Upper Upper threshold of the temperature. Lower Lower threshold of the temperature. Temperature.(C) Current temperature of the board, in the centigrade scale (C). 4.1.17 display transceiver Function The display transceiver command displays information about the optical module on an interface. NOTE The command displays only information on optical interfaces. Format display transceiver [ interface interface-type interface-number ] [ verbose ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 267 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value interface interface-type interface-number Specifies the type and number of an interface. The supported interface type depends on the device. ● interface-type specifies the interface type. ● interface-number specifies the interface number. verbose Displays detailed information about the optical module on an interface, including the basic information, manufacture information, alarm information, and diagnostic information. - Views System view Default Level 2: Configuration level Usage Guidelines You can run this command to view general information, manufacture information, and alarm information about an optical module. If you specify the verbose keyword, the detailed information is displayed. Example # Display the general information, manufacture information, and alarm information about the optical module on a specified interface. <Huawei> display transceiver interface gigabitethernet 0/0/1 GigabitEthernet0/0/1 transceiver information: ------------------------------------------------------------Common information: Transceiver Type :1000_BASE_SX_SFP Connector Type :LC Nominal bit rate(MBits/sec) :1200 Wavelength(nm) :850 Transfer Distance(m) :0(9um),300(50um),150(62.5um) Digital Diagnostic Monitoring :YES Vendor Name :SumitomoElectric Ordering Name : ------------------------------------------------------------- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 268 Fit AP Command Reference 4 Device Management Commands Manufacture information: Manu. Serial Number :79K056C05802 Manufacturing Date :2007-09-14 Vendor Name :SumitomoElectric ------------------------------------------------------------- # Display general information, manufacture information, alarm information and diagnostic information about the optical module on a specified interface. <Huawei> display transceiver interface gigabitethernet 0/0/1 verbose GigabitEthernet0/0/1 transceiver information: ------------------------------------------------------------Common information: Transceiver Type :OC3_INTER_REACH_SFP Connector Type :LC Nominal bit rate(MBits/sec) :1200 Wavelength(nm) :1310 Transfer Distance(m) :15000(9um) Digital Diagnostic Monitoring :YES Vendor Name :HUAWEI Vendor Part Number :34060358 Ordering Name : ------------------------------------------------------------Manufacture information: Manu. Serial Number :EH1048220807 Manufacturing Date :2010-12-06 Vendor Name :HUAWEI ------------------------------------------------------------Alarm information: RX loss of signal RX power low ------------------------------------------------------------Diagnostic information: Temperature(¡ãC) :26.00 Temp High Threshold(¡ãC) :85.00 Temp Low Threshold(¡ãC) :-40.00 Voltage(V) :3.29 Volt High Threshold(V) :3.64 Volt Low Threshold(V) :2.95 Bias Current(mA) :4.57 Bias High Threshold(mA) :9.00 Bias Low Threshold(mA) :2.00 RX Power(dBM) :-40.00 RX Power High Threshold(dBM) :0.00 RX Power Low Threshold(dBM) :-16.99 TX Power(dBM) :-5.03 TX Power High Threshold(dBM) :-2.22 TX Power Low Threshold(dBM) :-6.99 ------------------------------------------------------------- Table 4-13 Description of the display transceiver command output Item Description Transceiver Type Type of the optical module. Connector Type Interface type. Nominal bit rate Bit rate of the optical module, in Mbit/s. Wavelength(nm) Optical wavelength. Transfer Distance(m) Transmission distance. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 269 Fit AP Command Reference 4 Device Management Commands Item Description Digital Diagnostic Monitoring Whether diagnostic information about the optical module is monitored. Vendor Name Vendor name of the optical module. Ordering Name External name of the optical module. Manu. Serial Number Vendor sequence number of the optical module. Manufacturing Date Manufacturing date of the optical module. RX loss of signal Loss of receiving signals. RX power low Low receive power. Temperature(°C) Current temperature of the optical module. Voltage(V) Current voltage of the optical module. Bias Current(mA) Bias current of the optical module. Bias High Threshold(mA) Upper threshold for the bias current of the optical module. Bias Low Threshold(mA) Lower threshold for the bias current of the optical module. RX Power Receive power of the optical module. RX Power High Threshold Upper receive power threshold for the optical module. RX Power Low Threshold Lower receive power threshold for the optical module. TX Power Transmit power of the optical module. TX Power High Threshold Upper transmit power threshold for the optical module. TX Power Low Threshold Lower transmit power threshold for the optical module. 4.1.18 display transceiver diagnosis interface Function Using the display transceiver diagnosis interface command, you can view the diagnosis parameters of an optical transceiver. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 270 Fit AP Command Reference 4 Device Management Commands Format display transceiver diagnosis interface [ interface-type interface-number ] Parameters Parameter Description Value interface-type interfacenumber Specifies the type and number of an interface. The supported interface type depends on the device. ● interface-type specifies the interface type. ● interface-number specifies the interface number. Views All views Default Level 2: Configuration level Usage Guidelines Before viewing the diagnosis parameters of an optical transceiver, make sure that the optical transceiver is an enhanced optical transceiver and has been installed on the device. Example # Display the diagnosis parameters of the optical transceiver installed in GigabitEthernet0/0/1. <Huawei> display transceiver diagnosis interface gigabitethernet0/0/1 Port GigabitEthernet0/0/1 transceiver diagnostic information: Parameter Current Low Alarm High Alarm Type Value Threshold Threshold Status ------------- --------- --------- ---------- -------TxPower(dBm) -4.64 0.00 0.00 abnormal RxPower(dBm) -4.37 33.00 0.00 abnormal Current(mA) 7.42 0.00 0.00 abnormal Temp.(C) 30.00 0.00 0.00 abnormal Voltage(V) 3.28 0.00 8.19 normal Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 271 Fit AP Command Reference 4 Device Management Commands Table 4-14 Description of the display transceiver diagnosis interface command output Item Description Parameter Type Parameter type. ● TxPower(dBm): indicates the transmission power of the optical transceiver, in dBm. ● RxPower(dBm): indicates the receiving power of the optical transceiver, in dBm. ● Current(mA): indicates the current of the optical transceiver, in mA. ● Temp.(C): indicates the temperature of the optical transceiver, in degree Celsius. ● Voltage(V): indicates the voltage of the optical transceiver, in V. Current Value Current value of a parameter. Low Alarm Threshold Lower alarm threshold of a parameter. High Alarm Threshold Upper alarm threshold of a parameter. Status Status of the optical transceiver, which can be normal or abnormal. 4.1.19 display version Function The display version command displays the version of the device. Format display version [ slot slot-id ] Parameters Parameter Description Value slot slot-id Displays the version of the specified board. The value is an integer and must be set according to the device configuration. Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 272 Fit AP Command Reference 4 Device Management Commands Default Level 1: Monitoring level Usage Guidelines You can use the display version command to view the version of the device to determine whether the device needs to be upgraded. Example # Display the version of the device. <Huawei> display version Huawei Versatile Routing Platform Software VRP (R) software, Version 5.130 (AP5030DN FIT V200R010C00) Copyright (C) 2015-2017 HUAWEI TECH CO., LTD Huawei AP5030DN Router uptime is 0 week, 1 day, 0 hour, 52 minutes MPU 0(Master) : uptime is 0 week, 1 day, 0 hour, 52 minutes SDRAM Memory Size : 128 M bytes Flash Memory Size : 32 M bytes MPU version information : 1. PCB Version : H86D2TD1D200 VER.C 2. MAB Version : 0 3. Board Type : AP5030DN 4. BootROM Version : 52 Table 4-15 Description of the display version command output Item Description Huawei Versatile Routing Platform Software Version of the Huawei Versatile Routing Platform software. VRP (R) software, Version Versions of the VRP and the software of the device. Copyright (C) 2015-2017 HUAWEI TECH CO., LTD Copyright information. uptime System power-on time. SDRAM Memory Size Total system memory size. Flash Memory Size Total flash memory size. MPU version information MPU version. PCB Version PCB version. MAB Version MAB version. Board Type Card type. CPLD0 Version CPLD0 version. BootROM Version BootROM version. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 273 Fit AP Command Reference 4 Device Management Commands Item Description BlueTooth Version Bluetooth version. The previous is the main version number, and the latter is the sub-version number. This item is displayed only on the AP7052DE, AP4050DN-E, and AP7050DE. RPS Version Version of the RPS power supply. This item is supported only by the AD9431DN-24X. 4.1.20 reset cpu-usage record Function The reset cpu-usage record command clears the maximum CPU usage. Format reset cpu-usage record Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Clear the maximum CPU usage. <Huawei> reset cpu-usage record Info: Succeeding in clear task CPU usage record. 4.2 Hardware Configuration Commands Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 274 Fit AP Command Reference 4 Device Management Commands 4.2.1 backup elabel Function The backup elabel command backs up electronic labels of the device to the storage media. The backup elabel ftp command backs up electronic labels of the device to a specified FTP server. The backup elabel tftp command backs up electronic labels of the device to a specified TFTP server. Format backup elabel file-name filename backup elabel ftp { ip-address ftp-server-address | ipv6-address ftp-serveripv6address } [ port-num ] file-name filename username password backup elabel tftp { ip-address tftp-server-address | ipv6-address tftp-serveripv6address } file-name filename Parameters Parameter Description Value file-name Specifies the name of the file that stores electronic labels. The value is a string of 5 to 28 case-sensitive characters without spaces. filename The default file path is flash:/. ip-address ftpserver-address Specifies the IP address of the FTP server that stores electronic labels. ipv6-address ftp- Specifies the IPv6 address serverof the FTP server that ipv6address stores electronic labels. port-num username password Issue 08 (2021-02-25) The value is in dotted decimal notation. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. Specifies the port number. The value is an integer that ranges from 1 to 65535. Specifies the user name used to log in to the FTP server. The value is a string of 1 to 20 case-sensitive characters without spaces. Specifies the password used The value is a string of 1 to 20 to log in to the FTP server. case-sensitive characters without spaces. Copyright © Huawei Technologies Co., Ltd. 275 Fit AP Command Reference 4 Device Management Commands Parameter ip-address tftpserver-address ipv6-address tftp-serveripv6address Description Value Specifies the IP address of the TFTP server that stores electronic labels. The value is in dotted decimal notation. Specifies the IPv6 address of the TFTP server that stores electronic labels. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. Views All views Default Level 1: Monitoring level Usage Guidelines When electronic labels are stored on a board, use the backup elabel command to save electronic labels to a file. This file can be saved to the storage media of the device, to the FTP server using FTP, or to the TFTP server using TFTP. Example # Save electronic labels of the device to the elabel.fls file in the flash memory. <Huawei> backup elabel file-name flash:/elabel.fls # Save electronic labels of the device to FTP server 10.23.12.91. Set the FTP user name to user and password to 123. Save electronic labels in the elabel.fls file. <Huawei> backup elabel ftp ip-address 10.23.12.91 file-name elabel.fls user 123 # Save electronic labels of the device to the elabel.fls file on TFTP server 10.23.12.91. <Huawei> backup elabel tftp ip-address 10.23.12.91 elabel.fls Related Topics 4.1.6 display elabel 4.2.2 set memory-usage threshold Function The set memory-usage threshold command sets the memory usage threshold. The undo set memory-usage threshold command restores the default memory usage threshold. By default: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 276 Fit AP Command Reference 4 Device Management Commands ● If the device memory is less than or equal to 128 MB, the memory usage alarm threshold is 84%. ● If the device memory is larger than 128 MB, the memory usage alarm threshold is 90%. Format set memory-usage threshold threshold-value undo set memory-usage threshold Parameters Parameter Description threshold threshold-value Specifies the memory usage threshold. Value Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can use the set memory-usage threshold command to set the memory usage threshold. When memory usage exceeds the threshold, the system logs the event and generates an alarm. By viewing log information, you can learn about memory usage. Precautions You are advised to use the default threshold. If the memory usage threshold is set too low, the system frequently generates alarms. If the memory usage threshold is set too high, you cannot learn about memory usage in a timely manner. When the memory usage reaches threshold-value, the level 1 alarm ENTITYTRAP_1.3.6.1.4.1.2011.5.25.219.2.15.1 hwMemUtilizationRising is generated. When the memory usage restores to (threshold-value - 3), the ENTITYTRAP_1.3.6.1.4.1.2011.5.25.219.2.15.2 hwMemUtilizationResume alarm is generated. Example # Set the memory usage threshold of the device to 85%. <Huawei> system-view [Huawei] set memory-usage threshold 85 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 277 Fit AP Command Reference 4 Device Management Commands Related Topics 4.1.12 display memory-usage threshold 4.3 Energy-saving Configuration Commands NOTE Only optical ports and combo ports working in optical mode support the ALS function. Electrical ports and combo ports working in electrical mode do not support the ALS function. In addition. For ports supported on a device, see Hardware Structure in the corresponding Product Description. 4.3.1 als enable Function The als enable command enables ALS on an interface. The undo als enable command disables ALS on an interface. By default, ALS is disabled on an interface. Format als enable undo als enable Parameters None Views XGE interface view, port group view Default Level 2: Configuration level Usage Guidelines The constraints on ALS are as follows: ● Only optical interfaces support ALS. Electrical interfaces do not support ALS. Example # Enable ALS on interfaces XGigabitEthernet0/0/1. <Huawei> system-view [Huawei] interface xgigabitethernet 0/0/1 [Huawei-XGigabitEthernet0/0/1] als enable Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 278 Fit AP Command Reference 4 Device Management Commands Related Topics 4.3.6 display als configuration 4.3.2 als restart Function The als restart command manually restarts the laser of an interface. Format als restart Parameters None Views XGE interface view, port group view Default Level 3: Management level Usage Guidelines Usage Scenario You can run this command to manually restart the laser of an optical module. After the optical link recovers, the laser is started after a certain interval if the restart mode is automatic restart. To start the laser immediately after the optical link recovers, set the restart mode of the laser to manual restart and run the als restart command. If this command is not executed, the laser automatically sends a pulse after receiving a pulse from the remote end. Prerequisites ALS has been enabled on the interface using the 4.3.1 als enable command and the restart mode of the laser has been set to manual restart mode using the 4.3.3 als restart mode manual command. Precautions This command cannot be executed on an interface if the interface has been added to an interface protection group and is in Protect state. Example # Restart lasers on interfaces XGigabitEthernet0/0/1 manually. <Huawei> system-view [Huawei] interface xgigabitethernet 0/0/1 [Huawei-XGigabitEthernet0/0/1] als enable [Huawei-XGigabitEthernet0/0/1] als restart mode manual [Huawei-XGigabitEthernet0/0/1] als restart Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 279 Fit AP Command Reference 4 Device Management Commands Related Topics 4.3.1 als enable 4.3.3 als restart mode manual 4.3.3 als restart mode manual Function The als restart mode manual command sets the mode of restarting the laser of the optical module to manual. The undo als restart mode manual command restores the mode of restarting the laser of the optical module to automatic. By default, a laser works in automatic restart mode. Format als restart mode manual undo als restart mode manual Parameters None Views XGE interface view, port group view Default Level 2: Configuration level Usage Guidelines The laser of an optical module works in automatic restart mode or manual restart mode. ● In automatic restart mode, the laser sends pulses at the interval set using the 4.3.4 als restart pulse-interval command to detect whether the link is recovered. The pulse width is set through the 4.3.5 als restart pulse-width command. ● In manual restart mode, you must manually start the laser using the 4.3.2 als restart command so that the laser can send a pulse. The ALS pulse width is set using the 4.3.5 als restart pulse-width command. If the fiber link recovery is detected in time, you can use the manual restart mode so that the laser can send pulses immediately. Therefore, data communication can be recovered rapidly. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 280 Fit AP Command Reference 4 Device Management Commands Example # Configure lasers on interfaces XGigabitEthernet0/0/1 to work in manual restart mode. <Huawei> system-view [Huawei] interface xgigabitethernet 0/0/1 [Huawei-XGigabitEthernet0/0/1] als restart mode manual Related Topics 4.3.1 4.3.2 4.3.4 4.3.5 4.3.6 als enable als restart als restart pulse-interval als restart pulse-width display als configuration 4.3.4 als restart pulse-interval Function The als restart pulse-interval command sets the ALS pulse interval for the laser of an optical module. The undo als restart pulse-interval command restores the default ALS pulse interval of the laser of an optical module. By default, the ALS pulse interval of the laser is 100s. Format als restart pulse-interval pulse-interval undo als restart pulse-interval Parameters Parameter Description pulse-interval Specifies the ALS pulse interval of the laser. Value The value is an integer that ranges from 100 to 20000, in seconds. Views XGE interface view, port group view Default Level 2: Configuration level Usage Guidelines In automatic restart mode, the ALS pulse interval affects the frequency of detecting the LOS on the interface. A long ALS pulse interval is beneficial for Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 281 Fit AP Command Reference 4 Device Management Commands energy saving, but the fiber link recovery cannot be detected in a timely manner. In contrary, a short ALS pulse interval wastes power but the fiber link recovery can be detected immediately. Example # Set the ALS pulse interval of lasers on XGigabitEthernet0/0/1 to 150s. <Huawei> system-view [Huawei] interface xgigabitethernet 0/0/1 [Huawei-XGigabitEthernet0/0/1] als restart pulse-interval 150 Related Topics 4.3.1 als enable 4.3.6 display als configuration 4.3.5 als restart pulse-width Function The als restart pulse-width command sets the ALS pulse width for the laser of an optical module. The undo als restart pulse-width command restores the default ALS pulse width for the laser of an optical module. By default, the ALS pulse width of the laser is 2s. Format als restart pulse-width pulse-width undo als restart pulse-width Parameters Parameter Description Value pulse-width Specifies the ALS pulse width of the laser. The value is an integer that ranges from 2 to 200, in seconds. Views XGE interface view, port group view Default Level 2: Configuration level Usage Guidelines The ALS pulse width refers to the period between rising edges of pulses. A short ALS pulse width is beneficial for energy saving, but the fiber link recovery cannot Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 282 Fit AP Command Reference 4 Device Management Commands be detected immediately. In contrary, a long ALS pulse width consumes more power but the fiber link recovery can be detected immediately. Example # Set the ALS pulse width on interfaces XGigabitEthernet0/0/1 to 3s. <Huawei> system-view [Huawei] interface xgigabitethernet 0/0/1 [Huawei-XGigabitEthernet0/0/1] als restart pulse-width 3 Related Topics 4.3.1 als enable 4.3.6 display als configuration 4.3.6 display als configuration Function The display als configuration command displays ALS configuration. Format display als configuration slot slot-id display als configuration interface interface-type interface-number Parameters Parameter slot slot-id interface interfacetype interfacenumber Description Value Displays ALS configuration in a slot with a specified slot ID. The value is 0. Displays ALS configuration on a specified interface. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 283 Fit AP Command Reference 4 Device Management Commands Usage Guidelines None Example # Display ALS configuration on interfaces XGigabitEthernet0/0/1. <Huawei> display als configuration interface xgigabitethernet 0/0/1 ------------------------------------------------------------------------------Interface ALS Laser Restart Interval(s) Width(s) Status Status Mode ------------------------------------------------------------------------------XGigabitEthernet0/0/1 Disable On Auto 100 2 Table 4-16 Description of the display als configuration command output Item Description Interface Interface type and number. ALS Status Whether ALS is enabled. ● Enable: ALS is enabled. ● Disable: ALS is disabled. ALS is enabled using the 4.3.1 als enable command. Laser Status Whether the laser is On. ● Off: The laser is Off. ● On: The laser is On. Restart Mode ALS restart mode. ● Auto: automatic restart mode. ● Manual: manual restart mode. The ALS restart mode is set to manual using the 4.3.3 als restart mode manual command. Interval(s) ALS pulse interval, expressed in seconds. The ALS pulse interval is set using the 4.3.4 als restart pulseinterval command. Width(s) ALS pulse width, expressed in seconds. The ALS pulse width is set using the 4.3.5 als restart pulse-width command. Related Topics 4.3.1 als enable 4.3.3 als restart mode manual 4.3.4 als restart pulse-interval Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 284 Fit AP Command Reference 4 Device Management Commands 4.3.5 als restart pulse-width 4.4 Information Center Configuration Commands 4.4.1 display binlog-buffer Function The display binlog-buffer command displays logs recorded in the binlog buffer. Format display binlog-buffer [ level { emergency | error | info | warning } | module module ] Parameters Parameter Description Value level Specifies the level of logs to be displayed. - emergency Displays logs of the emergency level. - error Displays logs of the error level. - info Displays logs of the info level. - warning Displays logs of the warning level. - module module Specifies the module of logs to be displayed. Select a module based on the actual situation. Views All views Default Level 3: Management level Usage Guidelines If [ level { emergency | error | info | warning } | module module ] are not specified, all logs in the binlog buffer are displayed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 285 Fit AP Command Reference 4 Device Management Commands Example # Display logs of the info level in the binlog buffer. <Huawei> display binlog-buffer level info 2018:01:01 11:09:04/informational/0/BSP BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 0 char : A 2018:01:01 11:09:04/informational/3/WIFI BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 3425 233 233 char : C 2018:01:01 11:09:04/informational/0/BSP BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 1 char : A 2018:01:01 11:09:04/informational/3/WIFI BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 3424 233 234 char : C Table 4-17 Description of the display binlog-buffer command output Item Description 2018:01:01 11:09:04/ informational/0/BSP BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 0 char : A Log generation time/Log level/Service flow ID/Module name/Function name: log description. Related Topics 4.4.40 save logfile 4.4.2 display binlog-buffer summary Function The display binlog-buffer summary command displays the usage of the binlog memory buffer. Format display binlog-buffer summary Parameters None Views All views Default Level 3: Management level Usage Guidelines None. Example # Display the usage of the binlog memory buffer. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 286 Fit AP Command Reference 4 Device Management Commands <Huawei> display binlog-buffer summary ----------------------------------------------------------------------Buffer Id Buffer Size(KB) Used Size(KB) Free Size(KB) Log Count 1 204 0 204 0 2 204 0 204 0 3 204 0 204 0 4 204 0 204 0 5 204 0 204 0 ---------------------------------------------------------------------- Table 4-18 Description of the display binlog-buffer summary command output Item Description Buffer Id Buffer ID. Buffer Size(KB) Buffer size, in KB. Used Size(KB) Used buffer size, in KB. Free Size(KB) Remaining buffer size, in KB. Log Count Number of logs recorded in the buffer. Related Topics 4.4.40 save logfile 4.4.3 display channel Function The display channel command displays the channel configuration. Format display channel [ channel-number | channel-name ] Parameters Parameter channelnumber Description Value Specifies the number of a channel. The value is an integer than ranges from 0 to 9. That is, the system has 10 channels. Channels 0 to 5 have default names and the six channels map to six different output directions. Table 4-19 shows the relationship between channels and output directions. channelname Issue 08 (2021-02-25) The value is a string of 1 to 30 case-sensitive Specifies the name characters. The value consists of letters or of a channel. numbers and must start with a letter. Copyright © Huawei Technologies Co., Ltd. 287 Fit AP Command Reference 4 Device Management Commands Table 4-19 Relationship between channel and output directions Chan nel Numb er Default Channel Name Output Direction Description 0 console console Console that can receive logs, traps, and debugging messages. 1 monitor monitor VTY terminal that can receive logs, traps, and debugging messages, which facilitates remote maintenance. 2 loghost loghost Log host that can receive logs, traps, and debugging messages. By default, information is saved on the log host in file format for easy reference. 3 trapbuffer trapbuffer Trap buffer that can receive traps. 4 logbuffer logbuffer Log buffer that can receive logs. 5 snmpagent snmpagent SNMP agent that can receive traps. 6 channel6 Unspecified Reserved. You can specify to which destination this channel can output information. 7 channel7 Unspecified Reserved. You can specify to which destination this channel can output information. 8 channel8 Unspecified Reserved. You can specify to which destination this channel can output information. 9 channel9 logfile Log file that can receive logs, traps, and debugging messages. Information is saved to the USB flash drive or SD card in file format. Views All views Default Level 1: Monitoring level Usage Guidelines The display channel command displays the channel configuration. When using this command, note the following points: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 288 Fit AP Command Reference 4 Device Management Commands ● When channel-number or channel-name is specified, the display channel command displays the specified channel that information passes through and information severity. ● When channel-number or channel-name is not specified, the display channel command displays all the channels that information passes through and information severity. Example # Display the configuration of channel 0. <Huawei> display channel 0 channel number: 0, channel name: console MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y warning Y debugging Y debugging # Display the configuration of all channels. <Huawei> display channel channel number: 0, channel name: console MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y warning Y debugging Y debugging channel number: 1, channel name: monitor MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y warning Y debugging Y debugging channel number: 2, channel name: loghost MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y informational Y debugging N debugging channel number: 3, channel name: trapbuffer MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default N informational Y debugging N debugging channel number: 4, channel name: logbuffer MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y warning N debugging N debugging channel number: 5, channel name: snmpagent MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default N debugging Y debugging N debugging channel number: 6, channel name: channel6 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y debugging Y debugging N debugging channel number: 7, channel name: channel7 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y debugging Y debugging N debugging channel number: 8, channel name: channel8 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y debugging Y debugging N debugging channel number: 9, channel name: channel9 MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL ffff0000 default Y debugging Y debugging N debugging Table 4-20 Description of the display channel command output Item Description channel number Channel number, which ranges from 0 to 9. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 289 Fit AP Command Reference 4 Device Management Commands Item Description channel name Channel name. Table 4-19 lists default channel names. To set the channel name, run the 4.4.17 info-center channel name command. MODU_ID Module ID. The default value is ffff0000. NAME Module name. The default value is default. To set the module name, run the 4.4.32 info-center source channel command. ENABLE Whether logs/traps/debugging messages are allowed to pass through a channel: ● Y ● N To specify the channel, run the 4.4.32 info-center source channel command. LOG_LEVEL/ TRAP_LEVEL/ DEBUG_LEVEL Lowest severity of output logs/traps/debugging messages. The following severities are listed in descending order of priority: ● emergencies ● alert ● critical ● error ● warning ● notification ● informational ● debugging To set the lowest severity of output logs, run the 4.4.32 info-center source channel command. Related Topics 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.4 display debugging Function The display debugging command displays debugging messages allowed to be sent by the device. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 290 Fit AP Command Reference 4 Device Management Commands Format display debugging [ interface interface-type interface-number ] [ modulename ] Parameters Parameter Description Value interface Specifies the interface type and number. - module-name Displays debugging messages sent by a specified module such as the DHCP module. If this parameter is not specified, all debugging messages allowed to be sent are displayed. interface-type interface-number Enumerated type. The value depends on the registered module. Views All views Default Level 3: Management level Usage Guidelines Usage Scenario Debugging affects device performance. The display debugging command displays debugging messages allowed to be sent by the AP. Prerequisites By default, sending debugging messages is prohibited. The debugging of a specified module has been enabled. Example # Display debugging messages allowed to be sent by the AP. <Huawei> debugging acl4 all <Huawei> display debugging ACL4 event debugging switch is on ACL4 packet debugging switch is on # Display debugging messages allowed by the ARP module. <Huawei> display debugging arp slot[0]:ARP packet debugging is on Related Topics 4.4.18 info-center enable 4.4.32 info-center source channel Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 291 Fit AP Command Reference 4 Device Management Commands 4.4.41 terminal debugging 4.4.43 terminal monitor 4.4.5 display info-center Function The display info-center command displays the output configuration of the information center. Format display info-center Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display output configuration of the information center. <Huawei> display info-center Information Center: enabled Log host: 10.1.1.1, channel number: 2, channel name: loghost language: english, host facility: local7 Console: channel number: 0, channel name: console Monitor: channel number: 1, channel name: monitor SNMP Agent: channel number: 5, channel name: snmpagent Log buffer: enabled max buffer size: 1024, current buffer size: 512 current messages: 6, channel number: 4, channel name: logbuffer dropped messages: 0, overwritten messages: 0 Trap buffer: enabled max buffer size: 1024, current buffer size: 256 current messages: 0, channel number: 3, channel name: trapbuffer dropped messages: 0, overwritten messages: 0 Logfile: channel number: 9, channel name: channel9, language: English Information timestamp setting: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 292 Fit AP Command Reference 4 Device Management Commands log - date, trap - date, debug - date Sent messages = 25, Received messages = 25 Table 4-21 Description of the display info-center command output Item Description Information Center Information center status: ● enabled ● disabled To enable the information center, run the 4.4.18 infocenter enable command. Log host Log host configuration. 10.1.1.1 Log host IP address. To set the log host IP address, run the 4.4.24 info-center loghost command. channel number Number of a channel used to output information. To set the number of a channel used to output information, run the 4.4.16 info-center channel command. channel name Name of a channel used to output information. To set the name of a channel used to output information, run the 4.4.17 info-center channel name command. language Language mode in which information is output to a log host. host facility Logging tool. To configure the logging tool, run the 4.4.24 info-center loghost command. Console Console configuration. Monitor Remote terminal configuration. SNMP Agent SNMP agent configuration. Log buffer Log buffer configuration. enabled Whether the AP is enabled to send logs/traps to the log/ trap buffer. ● enabled ● disabled To enable the AP to send logs/traps to the log/trap buffer, run the 4.4.20 info-center logbuffer or 4.4.35 infocenter trapbuffer command. max buffer size Issue 08 (2021-02-25) Maximum number of logs/traps in the log/trap buffer. Copyright © Huawei Technologies Co., Ltd. 293 Fit AP Command Reference 4 Device Management Commands Item Description current buffer size Maximum number of logs/traps in the current log/trap buffer. To set the maximum number of logs/traps in the current log/trap buffer, run the 4.4.21 info-center logbuffer size or 4.4.36 info-center trapbuffer size command. current messages Number of messages recorded in the log/trap buffer. dropped messages Number of messages discarded by the log/trap buffer. overwritten messages Number of overwritten messages in the log/trap buffer. Trap buffer Trap buffer configuration. logfile Log file configuration. Information timestamp setting Timestamp format of logs, traps, and debugging messages: ● boot: indicates that the timestamp is expressed in the format of relative time, a period of time since system start. ● date: indicates the current system date and time. It is expressed in mm dd yyyy hh:mm:ss format. ● short-date: indicates the short date. This timestamp differs from date is that the year is not displayed. ● format-date: indicates that the timestamp is expressed in YYYY-MM-DD hh:mm:ss format. ● none: indicates that the output information does not contain the timestamp. To configure the timestamp format, run the 4.4.34 infocenter timestamp command. Sent messages Number of sent messages output by information center modules. Received messages Number of messages sent to information center modules. Related Topics 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.20 info-center logbuffer 4.4.21 info-center logbuffer size 4.4.24 info-center loghost 4.4.34 info-center timestamp 4.4.35 info-center trapbuffer Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 294 Fit AP Command Reference 4 Device Management Commands 4.4.36 info-center trapbuffer size 4.4.6 display info-center filter-id Function The display info-center filter-id command displays information filtered by the information center. Format display info-center filter-id [ id | bymodule-alias modname alias ] Parameters Parameter Description Value id Displays filtered information with the specified ID. The value is an integer that ranges from 0 to 4294967295. bymodule-alias Displays filtered information Enumerated type. Set the with the specified module name value according to the and mnemonic symbol. device configuration. ● modname: specifies the module name. modname alias ● alias specifies the mnemonic symbol. Views All views Default Level 2: Configuration level Usage Guidelines ID identifies each function module for log registration. An ID filter list is the aggregation of the shielded IDs. If id or bymodule-alias is not specified, all information is filtered. To prevent output of specified information, run the 4.4.19 info-center filter-id command to add the ID to the filtering list, and then run the display info-center filter-id command to check whether information with this ID is filtered. Example # Display filtered information with ID 3246215177. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 295 Fit AP Command Reference 4 Device Management Commands <Huawei> display info-center filter-id 3246215177 ID : 3246215177 Module : 6OVER4 Alias : DEL_UPTUNN_FAIL Content : Failed to delete the UPTUNNEL entry when processing ([STRING]) . (Interface=[STRING]) Filtered Number : 0 # Display all the IDs in the filter list. <Huawei> display info-center filter-id ID : 3221442627 Module : HA Alias : DISCARDINBATCH Content : The message was discarded because module batch doesn't begin. (SourceModuleId=[ULONG], SourceModuleSubId=[ULONG], DestinationModuleId=[ULONG], DestinationModuleSubId=[ULONG]) Filtered Number : 0 ID : 3246215177 Module : 6OVER4 Alias : DEL_UPTUNN_FAIL Content : Failed to delete the UPTUNNEL entry when processing ([STRING]) . (Interface=[STRING]) Filtered Number : 0 ID : 3491254537 Module : BGP Alias : ADD_DELETED_ROUTE Content : Add the route [STRING] that have other flags besides deleted f lag [USHORT] Filtered Number : 0 Table 4-22 Description of the display info-center filter-id command output Item Description ID Identifier to which each log corresponds. To configure the AP to filter a log or trap with a specified ID, run the 4.4.19 info-center filter-id id command. Module Module name. To configure the AP to filter a log or trap with a specified module name or alias name, run the 4.4.19 info-center filter-id bymodule-alias modname alias command. Alias Alias name. To configure the AP to filter a log or trap with a specified module name or alias name, run the 4.4.19 info-center filter-id bymodule-alias modname alias command. Content Log message to which each log ID corresponds. Filtered Number Number of times that the log to which the log ID corresponds is filtered. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 296 Fit AP Command Reference 4 Device Management Commands Related Topics 4.4.19 info-center filter-id 4.4.7 display info-center logfile path Function The display info-center logfile path command displays the path where log files are saved. Format display info-center logfile path Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The display info-center logfile path command displays the path where log files are saved. This command is used in the following scenarios: ● The information is output to the log file. ● The save logfile command is executed to save log files to the specified path. Example # Display the path where log files are saved. <Huawei> display info-center logfile path Info: Logfile save path is flash:/logfile Related Topics 4.4.22 info-center logfile path 4.4.40 save logfile 4.4.8 display info-center rate-limit record Function The display info-center rate-limit record command displays the suppression of the log processing rate in the information center. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 297 Fit AP Command Reference 4 Device Management Commands Format display info-center rate-limit record Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display info-center rate-limit record command to view the realtime suppression of the log processing rate in the information center. Example # Display the suppression of the log processing rate in the information center. <Huawei> display info-center rate-limit record Record No.1 InfoID : 417d5000 Module : 6OVER4 Alias : DESTFAIL Rate limit threshold : 50 Total receive number : 1872 Total drop number : 922 Total send number : 950 Begin timestamp : 2009-12-21 11:41:28 Table 4-23 Description of the display info-center rate-limit record command output Item Description InfoID Indicates the ID of a log. Module Indicates the name of a module. Alias Indicates the mnemonic of a log. Rate limit threshold Indicates the maximum number of logs set for the information center to process every second. Total receive number Indicates the total number of logs that are generated during the latest suppression period. Total drop number Indicates the total number of logs that are discarded during the latest suppression period. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 298 Fit AP Command Reference 4 Device Management Commands Item Description Total send number Indicates the total number of logs that the information center process during the latest suppression period. Begin timestamp Indicates the timestamp signifying when the suppression function is enabled for the last time. Related Topics 4.4.31 info-center rate-limit threshold 4.4.9 display info-center rate-limit threshold Function The display info-center rate-limit threshold command displays the threshold of the log processing rate (maximum number of logs that the information center can process every second). Format display info-center rate-limit threshold Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display info-center rate-limit threshold command to view the threshold of the log processing rate. The threshold information includes the default threshold contained in the released version, the default threshold for the specified log ID, and the threshold set through the command lines after the system startup. Example # Display the threshold of the log processing rate set for the information center. <Huawei> display info-center rate-limit threshold Rate limit threshold(per second): Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 299 Fit AP Command Reference Module default 4 Device Management Commands Alias 50 Default Config 50 Table 4-24 Description of the display info-center rate-limit threshold command output Item Description Module Indicates the name of a module. Alias Indicates the mnemonic of a log. Default Indicates the default threshold of the log processing rate. Config Indicates the threshold of the log processing rate set for the information center. Related Topics 4.4.31 info-center rate-limit threshold 4.4.10 display info-center statistics Function The display info-center statistics command displays statistics on the information center. Format display info-center statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display info-center statistics command to view statistics on the information center, including logs, traps, and debugging messages of each module. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 300 Fit AP Command Reference 4 Device Management Commands Example # Display statistics on the information center. <Huawei> display info-center statistics Information statistics data: ModuleID ModuleName LogNumber DiagLogNumber TrapNumber DebugNumber c17d0000 6OVER4 0 0 0 0 c1500000 AAA 0 0 0 0 c06c0000 ACL 0 0 0 0 c0ef0000 ACL6 0 0 0 0 ff1e0000 ACLE 0 0 0 0 c0e70000 ADDR 0 0 0 0 ff120000 ADP_MSTP 0 0 0 0 ff2b0000 ADPIPV4 0 0 0 0 c1a80000 ANTIATTACK 0 0 0 0 c16e0000 ARP 0 0 0 0 c19d0000 ARPLINK 0 0 0 0 Table 4-25 Description of the display info-center statistics command output Item Description ModuleID Registered module ID. ModuleName Name of the module that generates logs. LogNumber Number of generated logs. DiagLogNumbe r Number of diagnostic logs. TrapNumber Number of generated traps. DebugNumber Number of generated debugging messages. Related Topics 4.4.5 display info-center 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.11 display log Function Using the display log command, you can query all the logs or a specified log. Format display log [ cli | snmp ] index index1 [ index2 ] display log [ cli | snmp ] { all | name username } [ start-date [ start-time ] [ – end-date [ end-time ] ] ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 301 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value cli Queries specified logs. - snmp Queries network management logs. - index index1 [ index2 ] Indicates the index of the log to be queried. index1 is the start index of the logs and index2 is the end index of the logs. That is, the logs with the index starting from index1 and ending with index2 are displayed. Numeral type. Range: 1-64. name username Queries logs by user name. It is a string of 1-15 characters. all Queries logs of all users. - [ start-date [ start-time ] [ – end-date [ endtime ] ] ] Sets the date and time when you query logs by user name or query logs of all users. start-date: The real start date. Date format: yyyy-mmdd. start-time: The real start time. Time format: hh:mm:ss. end-date: The real end date. Date format: yyyy-mmdd. end-time: The real end time. Time format: hh:mm:ss. Views User view Default Level 1: Monitoring level Usage Guidelines ● When querying logs by name or by all, you can also query these logs by period. ● This command can be used to query logs of the user with the level the same as yours or lower than yours. ● Use parameters to display operation information about different users in different periods, for example, enter all to display the logs of all users. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 302 Fit AP Command Reference ● 4 Device Management Commands When a configuration is incorrect, a fault will occur. To locate the fault, run this command to query logs to learn about basic information, such as the name of the user who operates the system, the IP address of the user, the specific time when the user performs an operation, and the detailed operations. Example # Query logs with indexes from 1 to 10. <Huawei> display log index 1 10 --------------------------------------------------------------------------No. UserName Domain IP-Address 4 huawei123 -192.168.254.225 Time: 2014-05-20 04:55:34+00:00 Cmd: system-view --------------------------------------------------------------------------No. UserName Domain IP-Address 3 huawei123 -192.168.254.225 Time: 2014-05-20 04:55:32+00:00 Cmd: log on --------------------------------------------------------------------------No. UserName Domain IP-Address 2 huawei123 -192.168.254.216 Time: 2014-05-20 04:55:19+00:00 Cmd: log on --------------------------------------------------------------------------No. UserName Domain IP-Address 1 huawei123 -192.168.254.224 Time: 2014-05-20 04:54:28+00:00 Cmd: log on --------------------------------------------------------------------------- # Query logs of all users within the period starting at 15:10:10 on 2013-07-31 and ending at 20:20:10 on 2013-07-31. <Huawei> display log all 2013-07-31 15:10:10 - 2013-07-31 20:20:10 --------------------------------------------------------------------------No. UserName Domain IP-Address 4 admin -192.168.40.1 Time: 2013-07-31 17:10:06+08:00 Cmd: log off --------------------------------------------------------------------------No. UserName Domain IP-Address 3 admin -192.168.40.1 Time: 2013-07-31 16:40:13+08:00 Cmd: diagnose --------------------------------------------------------------------------No. UserName Domain IP-Address 2 admin -192.168.40.1 Time: 2013-07-31 16:40:12+08:00 Cmd: system-view --------------------------------------------------------------------------No. UserName Domain IP-Address 1 admin -192.168.40.1 Time: 2013-07-31 16:40:10+08:00 Cmd: log on --------------------------------------------------------------------------- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 303 Fit AP Command Reference 4 Device Management Commands Table 4-26 Description of the display log command output Item Description No. Serial number of each log. The serial number is generated automatically by the system. UserName User name of the log Time Detailed operation time of the user IP-Address IP address of the user Cmd Detailed operations of the user Domain Domain name of the log Related Topics 4.4.12 display log failure 4.4.12 display log failure Function Using the display log failure command, you can query logs about configuration failure. Format display log failure Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines ● When a configuration fails, or you maintain the system, run this command to query logs about configuration failure. After this command is executed successfully, the system displays all the logs about configuration failure on the command line interface (CLI). ● You can query configuration failure logs of the user with the level the same as yours or lower than yours. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 304 Fit AP Command Reference 4 Device Management Commands Example # Query a log about configuration failure in the system. <Huawei> display log failure --------------------------------------------------------------------------No. UserName Domain IP-Address 56 -10.138.78.128 Time: 2007-08-25 16:42:10+00:00 Failure Cmd: info-center filter-id 3246215177 --------------------------------------------------------------------------No. UserName Domain IP-Address 53 -10.138.78.128 Time: 2007-08-25 16:41:04+00:00 Failure Cmd: info-center filter-id 1098731530 --------------------------------------------------------------------------No. UserName Domain IP-Address 52 -10.138.78.128 Time: 2007-08-25 16:40:51+00:00 Failure Cmd: undo info-center filter-id 1098731530 --------------------------------------------------------------------------- Table 4-27 Description of the display log failure command output Item Description No. Index of the log that records a configuration failure UserName User name Domain Name of the domain where the user is located IP-Address IP address of the user Time Time of the configuration failure recorded by the log Failure Cmd Operation that causes the configuration failure recorded by the log Related Topics 4.4.11 display log 4.4.13 display logbuffer Function The display logbuffer command displays information recorded in the log buffer. Format display logbuffer [ size value | module module-name | level severity | security ] * display logbuffer summary [ level severity ] display logbuffer log-offset offset-value size value Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 305 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value size value Displays the specified number of logs recently generated in the log buffer. The value is an integer that ranges from 1 to 1024. module module-name Displays logs of a specified module in the log buffer. Enumerated type. The value depends on the registered module. level severity Displays logs of specified severity in the log buffer. Enumerated type. The value ranges from 0 to 7. ● 0: emergencies ● 1: alert ● 2: critical ● 3: error ● 4: warning ● 5: notification ● 6: informational ● 7: debugging summary Displays the summary of logs in the log buffer. - log-offset offset-value Specifies logs of the specified offset in the log buffer. The value is an integer that ranges from 0 to 1024. security Displays the security logs. - Views All views Default Level 3: Management level Usage Guidelines Usage Scenario ● Issue 08 (2021-02-25) You can use the display logbuffer log-offset offset-value size size-value command to view specified logs in the log buffer. For example, the log buffer has 100 logs. To view the 20th to 50th logs in the log buffer, run the display logbuffer log-offset 20 size 30 command. Copyright © Huawei Technologies Co., Ltd. 306 Fit AP Command Reference 4 Device Management Commands ● Run the display logbuffer [ size value | module module-name | level severity ] * command to view logs of specified number, module, or severity in the log buffer. If size, module, or level is not specified, this command displays all logs in the log buffer. ● You can run the display logbuffer summary command to view logs of different severities in the log buffer. Precautions ● When the number of logs in the log buffer is smaller than value, logs of the actual number are displayed. ● When the number of logs in the log buffer is smaller than offset-value, the system displays an error message. ● When the number of logs in the log buffer is larger than offset-value, the system displays logs starting from offset-value plus one. The log quantity is specified by size-value. If the log quantity is less than size-value, the system displays all the logs starting from offset-value plus one. Example # Display all the logs in the log buffer. <Huawei> display logbuffer Logging buffer configuration and contents: enabled Allowed max buffer size: 1024 Actual buffer size: 512 Channel number: 4, Channel name: logbuffer Dropped messages: 0 Overwritten messages: 167 Current messages: 512 May 10 2012 13:42:59+00:00 huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=912) May 10 2012 13:32:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[1]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 13:22:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[2]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 13:12:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[3]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=912) May 10 2012 13:02:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[4]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 12:52:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[5]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 12:42:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[6]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=912) May 10 2012 12:32:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[7]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 12:22:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[8]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 12:12:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[9]:Some packets a re dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=912) May 10 2012 12:02:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[10]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 307 Fit AP Command Reference 4 Device Management Commands Count=684) May 10 2012 11:52:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[11]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 11:42:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[12]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=912) May 10 2012 11:32:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[13]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 11:22:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[14]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 11:12:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[15]:Some packet s are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 11:08:37+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[16]:Interface Ethern et5/0/2 has turned into UP state. May 10 2012 11:08:37+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[17]:Interface Ethern et5/0/1 has turned into UP state. May 10 2012 11:08:37+00:00 Huawei %%01IFNET/4/LINK_STATE(l)[18]:The line proto col IP on the interface Vlanif20 has entered the UP state. May 10 2012 11:08:37+00:00 Huawei %%01IFNET/4/IF_STATE(l)[19]:Interface Vlanif 20 has turned into UP state. May 10 2012 11:08:37+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[20]:Interface Ether net5/0/0 has turned into UP state. May 10 2012 11:08:34+00:00 Huawei %%01IFNET/4/IF_ENABLE(l)[21]:Interface Gigab itEthernet5/0/0 has been available. May 10 2012 11:08:34+00:00 Huawei %%01IFNET/4/IF_ENABLE(l)[22]:Interface Ether net5/0/7 has been available. May 10 2012 11:08:34+00:00 Huawei %%01IFNET/4/IF_ENABLE(l)[23]:Interface Ether net5/0/6 has been available. Table 4-28 Description of the display logbuffer command output Item Description Logging buffer configuration and contents Whether the AP is enabled to output logs to the log buffer: ● enabled ● disabled To configure the AP to output logs to the log buffer, run the 4.4.20 infocenter logbuffer command. Allowed max buffer size Maximum size of the log buffer. Actual buffer size Actual size of the log buffer. To set the log buffer size, run the 4.4.21 info-center logbuffer size command. Channel number Number of the channel used to send logs to the log buffer. To configure the number of a channel used to send logs to the log buffer, run the 4.4.16 info-center channel command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 308 Fit AP Command Reference 4 Device Management Commands Item Description Channel name Name of the channel used to send logs to the log buffer. To configure the name of a channel used to send logs to the log buffer, run the 4.4.17 info-center channel name command. Dropped messages Number of dropped messages. Overwritten messages Number of overwritten messages. Current messages Number of current messages. # Display the summary of information in the log buffer. <Huawei> display logbuffer summary EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG 0 0 0 14 498 0 0 0 Table 4-29 Description of the display logbuffer summary command output Item Description EMERG Number of logs of emergency. ALERT Number of logs of alert. CRIT Number of logs of critical. ERROR Number of logs of error. WARN Number of logs of warning. NOTIF Number of logs of notification. INFO Number of logs of informational. DEBUG Number of logs of debugging. # Display 10 logs starting from log 16. <Huawei> display logbuffer log-offset 15 size 10 Logging buffer configuration and contents: enabled Allowed max buffer size: 1024 Actual buffer size: 512 Channel number: 4, Channel name: logbuffer Dropped messages: 0 Overwritten messages: 168 Current messages: 512 May 10 2012 11:12:59+00:00 Huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Some packets are dropped by cpcar on the MPU. (Packet-type=arp-request, DropCount=684) May 10 2012 11:08:37+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[1]:Interface Ethernet5/0/2 has turned into UP state. May 10 2012 11:08:37+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[2]:Interface Ethernet5/0/1 has turned into Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 309 Fit AP Command Reference 4 Device Management Commands UP state. May 10 2012 11:08:37+00:00 Huawei Vlanif20 has entered the UP state. May 10 2012 11:08:37+00:00 Huawei state. May 10 2012 11:08:37+00:00 Huawei UP state. May 10 2012 11:08:34+00:00 Huawei been available. May 10 2012 11:08:34+00:00 Huawei available. May 10 2012 11:08:34+00:00 Huawei available. May 10 2012 11:08:34+00:00 Huawei available. %%01IFNET/4/LINK_STATE(l)[3]:The line protocol IP on the interface %%01IFNET/4/IF_STATE(l)[4]:Interface Vlanif20 has turned into UP %%01IFPDT/4/IF_STATE(l)[5]:Interface Ethernet5/0/0 has turned into %%01IFNET/4/IF_ENABLE(l)[6]:Interface GigabitEthernet5/0/0 has %%01IFNET/4/IF_ENABLE(l)[7]:Interface Ethernet5/0/7 has been %%01IFNET/4/IF_ENABLE(l)[8]:Interface Ethernet5/0/6 has been %%01IFNET/4/IF_ENABLE(l)[9]:Interface Ethernet5/0/5 has been Related Topics 4.4.5 display info-center 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.20 info-center logbuffer 4.4.21 info-center logbuffer size 4.4.38 reset logbuffer 4.4.14 display logfile Function The display logfile command displays information about a log file. Format display logfile file-name [ offset | hex ] * Parameters Parameter Description Value file-name Specifies the log file name, which can The value is a string of 1 to contain the drive and path. 64 case-insensitive characters without spaces. offset Displays the log file with the specified The value is an integer that offset or byte. ranges from 0 to 2147483647. hex Displays the log file in hexadecimal notation. If the parameter is not specified, the log file is displayed in text format. Issue 08 (2021-02-25) - Copyright © Huawei Technologies Co., Ltd. 310 Fit AP Command Reference 4 Device Management Commands Views All views Default Level 3: Management level Usage Guidelines Usage Scenario When encountering problems, you can query log information to know about what happened during device operation. This is helpful for fault location. If the version saved in a log file and the version generated by the system are different, the log file is displayed in hexadecimal notation. The file name is generated automatically by the system. The file name extension of the log file is *.log or *.dblg. Generally, a log file name consists of a device name and log. For example, if the device name is HW, the log file name is HWlog.log or HW-log.dblg. If the size of the current log file reaches the upper limit, the system automatically saves the current log file as a compressed file with the extension *.log.zip or *.dblg.zip, and names the compressed log file with the device name and current system time. When the log file exceeds the specified size, excessive information is stored in a new log file. For example, if the last log is recorded at 06:39:58 on May 2, 2018, the log file name is HW-2018-05 -02.06-39-58.log.zip or HW-2018-05 -02.06-39-58.dblg.zip, except in the following cases: 1. The AP restarts. 2. The system time changes. The name of an AP can be configured on and delivered by the AC, or configured using the ap-sysname ap-sysname command on the AP. Precautions If the device name contains more than 100 characters, the log file name consists of only the first 100 characters and the time when the last log is recorded. If the device name contains special characters (including spaces), replace the device name with capital letter X in the log file name. - and _ are not regarded as special characters. Example # Display log information saved in the log file in a specified path. <Huawei> display logfile flash:/logfile/Huawei-log.log ################################################################ # This logfile is generated at slot 0 ################################################################ Apr 23 2018 11:06:51+00:00 Huawei IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 311 Fit AP Command Reference 4 Device Management Commands et0/0/1) Apr 23 2018 11:06:51+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[3487]:Interface Ethern et0/0/1 has turned into DOWN state. Apr 23 2018 11:06:53+00:00 Huawei IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/ 0/1) Apr 23 2018 11:06:53+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[3488]:Interface Ethern et0/0/1 has turned into UP state. Apr 23 2018 11:06:53+00:00 Huawei IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern et0/0/1) Apr 23 2018 11:06:53+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[3489]:Interface Ethern et0/0/1 has turned into DOWN state. Apr 23 2018 11:06:55+00:00 Huawei IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/ 0/1) Apr 23 2018 11:06:55+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[3490]:Interface Ethern et0/0/1 has turned into UP state. Apr 23 2018 11:06:56+00:00 Huawei IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern et0/0/1) Apr 23 2018 11:06:56+00:00 Huawei %%01IFPDT/4/IF_STATE(l)[3491]:Interface Ethern et0/0/1 has turned into DOWN state. Apr 23 2018 11:06:58+00:00 Huawei IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/ 0/1) # Display log information saved in the log file in hexadecimal notation. <Huawei> display logfile flash:/logfile/Huawei-log.log hex 0d 0a 0d 0a 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 0d 0a 23 20 20 20 20 20 54 68 69 73 20 6c 6f 67 66 69 6c 65 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 61 74 20 73 6c 6f 74 20 30 0d 0a 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 0d 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Related Topics 4.4.18 info-center enable 4.4.22 info-center logfile path 4.4.23 info-center logfile size 4.4.27 info-center max-logfile-number 4.4.40 save logfile 4.4.15 display trapbuffer Function The display trapbuffer command displays information recorded in the trap buffer. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 312 Fit AP Command Reference 4 Device Management Commands Format display trapbuffer [ size value ] Parameters Parameter Description size value Value Displays the specified number of traps The value is an integer recently generated in the trap buffer. If this that ranges from 1 to parameter is not specified, all traps are 1024. displayed. Views All views Default Level 1: Monitoring level Usage Guidelines If the number of traps in the trap buffer is smaller than value, traps of the actual number are displayed. Example # Display all traps in the trap buffer. <Huawei> display trapbuffer Trapping buffer configuration and contents: enabled Allowed max buffer size: 1024 Actual buffer size: 256 Channel number: 3, Channel name: trapbuffer Dropped messages: 0 Overwritten messages: 0 Current messages: 29 #Sep 17 2012 17:09:47+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 17 2012 17:06:50+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=0, LldpStatsRemTables Deletes=1, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 20:03:40+00:00 huawei ENTITYTRAP/4/CPUUSAGERESUME:OID 1.3.6.1.4.1.2 011.5.25.219.2.14.2 CPU utilization resumed from exceeding the pre-alarm thresho ld.(Index=9, HwEntityThresholdIndex=0, HwEntityPhysicalIndex=9, PhysicalName="SR U Board 0", EntityThresholdType=1, EntityThresholdWarning=80, EntityThresholdCur rent=23, EntityTrapFaultID=144896) #Sep 14 2012 18:15:27+00:00 huawei LLDP/4/ADDCHGTRAP:OID: 1.3.6.1.4.1.2011.5.25. 134.2.5 Local management address is changed. (LocManIPAddr=10.1.1.9) #Sep 14 2012 18:13:40+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 18:13:23+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=0, LldpStatsRemTables Deletes=1, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 17:16:05+00:00 huawei ENTITYTRAP/4/CPUUSAGERESUME:OID 1.3.6.1.4.1.2 011.5.25.219.2.14.2 CPU utilization resumed from exceeding the pre-alarm thresho Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 313 Fit AP Command Reference 4 Device Management Commands ld.(Index=9, HwEntityThresholdIndex=0, HwEntityPhysicalIndex=9, PhysicalName="SR U Board 0", EntityThresholdType=1, EntityThresholdWarning=80, EntityThresholdCur rent=9, EntityTrapFaultID=144896) #Sep 14 2012 17:15:37+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 17:15:37+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 17:15:34+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 17:15:33+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) #Sep 14 2012 17:15:33+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0) # Display the first 10 records in the trap buffer. <Huawei> display trapbuffer size 10 Trapping buffer configuration and contents: enabled Allowed max buffer size: 1024 Actual buffer size: 256 Channel number: 3, Channel name: trapbuffer Dropped messages: 0 Overwritten messages: 600 Current messages: 256 #May 7 2012 15:12:40+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 15:07:35+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 15:02:19+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.217.150 exc eeds the speed-limit value 5. #May 7 2012 14:56:55+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 14:51:40+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 14:46:35+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 14:41:06+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.217.62 exce eds the speed-limit value 5. #May 7 2012 14:35:54+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 14:29:54+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. #May 7 2012 14:24:39+00:00 Huawei SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4 .1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee ds the speed-limit value 5. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 314 Fit AP Command Reference 4 Device Management Commands Table 4-30 Description of the display trapbuffer command output Item Description Trapping buffer configuration and contents Whether the AP is enabled to output traps to the trap buffer: ● enabled ● disabled To enable the AP to output traps to the trap buffer, run the 4.4.35 infocenter trapbuffer command. Allowed max buffer size Maximum size of the trap buffer. Actual buffer size Actual size of the trap buffer. To set the size of the trap buffer, run the 4.4.36 info-center trapbuffer size command. Channel number Number of the channel used to send traps to the trap buffer. To set the channel number, run the 4.4.16 info-center channel command. Channel name Name of the channel used to send traps to the trap buffer. To set the channel name, run the 4.4.17 info-center channel name command. Dropped messages Number of discarded messages. Overwritten messages Number of overwritten messages. Current messages Number of current messages. Related Topics 4.4.5 display info-center 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.35 info-center trapbuffer 4.4.36 info-center trapbuffer size 4.4.39 reset trapbuffer Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 315 Fit AP Command Reference 4 Device Management Commands 4.4.16 info-center channel Function The info-center channel command configures channels for outputting information in various directions. The undo info-center channel command restores the default settings. By default, the system outputs information in various directions through channels listed in the table below. Table 4-31 Default association between the channel number, channel name, and output direction of information channels Channel Number Channel Name Output Direction 0 console Console 1 monitor User terminal 2 loghost Log host 3 trapbuffer Trap buffer 4 logbuffer Log buffer 5 channel5 Unspecified 6 channel6 Unspecified 7 channel7 Unspecified 8 channel8 Unspecified 9 channel9 Log file Format info-center { console | logbuffer | logfile | monitor | trapbuffer } channel { channel-number | channel-name } undo info-center { console | logbuffer | logfile | monitor | trapbuffer } channel Parameters Parameter Description Value console Specifies the channel used to output information to the console. - logbuffer Specifies the channel used to output information to the log buffer. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 316 Fit AP Command Reference 4 Device Management Commands Parameter Description Value logfile Specifies the channel used to output information to the log file. - monitor Specifies the channel used to output information to the user terminal. - trapbuffer Specifies the channel used to output information to the trap buffer. - channelnumber Specifies the channel number. The value is an integer ranging from 0 to 9. channel-name Specifies the name of a channel, which can be the default channel name or a user-defined name. The value is a string of 1 to 30 case-sensitive characters. The value consists of letters or numbers and must start with a letter. Views System view Default Level 2: Configuration level Usage Guidelines You can run the info-center channel command in the following scenarios: The same information is sent to different directions. NOTE For details on how to configure a channel for outputting information to a log host, see 4.4.24 info-center loghost. Example # Configure the channel used to output information to a console. <Huawei> system-view [Huawei] info-center console channel console # Configure the channel used to output information to the log buffer. <Huawei> system-view [Huawei] info-center logbuffer channel logbuffer # Configure the channel used to output information to the log file. <Huawei> system-view [Huawei] info-center logfile channel 9 # Configure the channel used to output information to the user terminal. <Huawei> system-view [Huawei] info-center monitor channel monitor Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 317 Fit AP Command Reference 4 Device Management Commands # Configure the channel used to output information to the trap buffer. <Huawei> system-view [Huawei] info-center trapbuffer channel trapbuffer Related Topics 4.4.5 display info-center 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.20 info-center logbuffer 4.4.24 info-center loghost 4.4.32 info-center source channel 4.4.35 info-center trapbuffer 4.4.17 info-center channel name Function The info-center channel name command names a channel with a specified number. The undo info-center channel command restores the default channel name. The following lists default channel names. Table 4-32 Default channel names Channel Number Default Channel Name 0 console 1 monitor 2 loghost 3 trapbuffer 4 logbuffer 5 snmpagent 6 channel6 7 channel7 8 channel8 9 channel9 Format info-center channel channel-number name channel-name undo info-center channel channel-number Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 318 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value channelnumber Specifies the number The value is an integer than ranges from of a channel. 0 to 9. That is, the system has 10 channels. channel-name Specifies the name of The value is a string of 1 to 30 casea channel. sensitive characters. The value consists of letters or numbers and must start with a letter. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can rename channels, which facilitates memorization and usage. Precautions Channel names must be unique. It is recommended that channel names represent channel functions. Example # Name channel 0 execconsole. <Huawei> system-view [Huawei] info-center channel 0 name execconsole Related Topics 4.4.3 display channel 4.4.5 display info-center 4.4.18 info-center enable Function The info-center enable command enables the information center. The undo info-center enable command disables the information center. By default, the information center is enabled. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 319 Fit AP Command Reference 4 Device Management Commands Format info-center enable undo info-center enable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario During device running, the information center records device operation. The system outputs system information to destinations such as the log host and the console only after the information center is enabled. Network administrators can store and query output information to monitor device running and locate faults. Precautions After the undo info-center enable command is executed, logs, traps, and debugging messages are not recorded. The log about running the undo infocenter enable command is not recorded. Follow-up Procedure Configure a rule for outputting information to the terminal or remote server. Example # Enable the information center. <Huawei> system-view [Huawei] info-center enable Info: Information center is enabled. Related Topics 4.4.5 display info-center 4.4.13 display logbuffer 4.4.14 display logfile 4.4.15 display trapbuffer 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.20 info-center logbuffer 4.4.32 info-center source channel Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 320 Fit AP Command Reference 4 Device Management Commands 4.4.35 info-center trapbuffer 4.4.19 info-center filter-id Function The info-center filter-id command configures the AP to filter a specified log or trap. The undo info-center filter-id command disables the AP from filtering a specified log or trap. By default, no log or trap is filtered. Format info-center filter-id { id | bymodule-alias modname alias } * &<1-50> undo info-center filter-id { all | { id | bymodule-alias modname alias } &<1-50> } * Parameters Parameter Description Value id Specifies the ID of the log or trap to be filtered. The value is an integer that ranges from 0 to 4294967295. NOTE This parameter indicates the ID of a log. If this parameter fails to be configured, the log specified by this ID does not exist. bymoduleSpecifies the module name and alias alias modname name corresponding to the log or alias trap to be filtered. The value is an enumerated value and must be set as prompted by the device. all - Filters all logs or traps. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario If some logs or traps are unnecessary, configure the AP not to output the logs and traps. When the filtering function is enabled, the information center does not send Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 321 Fit AP Command Reference 4 Device Management Commands the traps with a specified ID that satisfy the filtering condition to any channel. As a result, the trap buffer, log file, console, terminal, or SNMP agent cannot receive the traps with the specified ID. An ID filter list is the aggregation of the shielded IDs and is arranged in a specified order. Precautions ● To add multiple IDs at a time, use a space to separate IDs. The result of each ID is displayed. ● Currently, the AP can filter traps with a maximum of 50 IDs. If there are more than 50 log IDs, the system displays a message indicating that the filtering table is full. To configure the filtering function, run the undo info-center filter-id { all | { id | bymodule-alias modname alias } * &<1-50> } command to delete original IDs and reconfigure the log ID. ● You cannot add the same ID or alias name repeatedly. ● When you add an unregistered or nonexistent ID or alias name, the system displays a message indicating that the system fails to filter the trap with the specified ID or alias name. ● You are advised to use the module name and alias to filter specified log information. The id parameter can be obtained by running the display infocenter register-info [ module module-name ] log command, and the modname and alias parameters can be obtained through the command association function. Example # Filter the log with the ID of 1098731530. <Huawei> system-view [Huawei] info-center filter-id 1098731530 Info: Succeeded in appending log ID 1098731530. # Filter information by module names and alias names. <Huawei> system-view [Huawei] info-center filter-id bymodule-alias CMD CLKCHGREBOOTCANCELED Info: Succeeded in appending log ID 3225948163. # Cancel filtering for all logs. <Huawei> system-view [Huawei] undo info-center filter-id all Info: Succeeded in deleting all IDs. Related Topics 4.4.18 info-center enable 4.4.6 display info-center filter-id 4.4.20 info-center logbuffer Function The info-center logbuffer command enables the AP to send logs to the log buffer. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 322 Fit AP Command Reference 4 Device Management Commands The undo info-center logbuffer command disables the AP from sending logs to the log buffer. By default, the AP is enabled to send logs to the log buffer. Format info-center logbuffer [ channel { channel-number |channel-name } | size buffersize ] * undo info-center logbuffer [ channel | size ] Parameters Parameter Description Value channel channelnumber Specifies the number of the channel outputting logs to the log buffer. The value is an integer ranging from 0 to 9, which indicates that the system has ten channels to output logs to the log buffer. channel channel-name Specifies the name of the channel outputting logs to the log buffer. The name is a string of 1 to 30 case-insensitive characters, spaces not supported. size buffer-size Sets the size of the log buffer. buffer-size specifies the number of messages stored in the log buffer. The value is an integer that ranges from 0 to 1024. The default value is 512. Views System view Default Level 2: Configuration level Usage Guidelines To view logs in the log buffer, run the info-center logbuffer command to enable the AP to send logs to the log buffer. Example # Enable the AP to send logs to the log buffer. <Huawei> system-view [Huawei] info-center logbuffer Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 323 Fit AP Command Reference 4 Device Management Commands Related Topics 4.4.5 display info-center 4.4.13 display logbuffer 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.21 info-center logbuffer size 4.4.38 reset logbuffer 4.4.21 info-center logbuffer size Function The info-center logbuffer size command sets the maximum number of logs in the log buffer. The undo info-center logbuffer size command restores the default maximum number of logs in the log buffer. By default, a log buffer can store a maximum of 512 logs. Format info-center logbuffer size logbuffer-size undo info-center logbuffer size Parameters Parameter Description logbuffer-size Specifies the maximum number of logs in the log buffer. Value The value is an integer that ranges from 0 to 1024. If logbuffer-size is 0, logs are not displayed. Views System view Default Level 2: Configuration level Usage Guidelines Precautions When you run the info-center logbuffer size command multiple times, only the latest configuration takes effect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 324 Fit AP Command Reference 4 Device Management Commands Example # Set the maximum number of logs in the log buffer to 50. <Huawei> system-view [Huawei] info-center logbuffer size 50 Related Topics 4.4.5 display info-center 4.4.13 display logbuffer 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.20 info-center logbuffer 4.4.38 reset logbuffer 4.4.22 info-center logfile path Function The info-center logfile path command configures the path where log files are saved. Format info-center logfile path path Parameters Parameter Description path Specifies the path where log files are saved, which is in the format of storage medium name:/logfile, for example, flash:/logfile. Value Select the path according to device configuration. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can run the info-center logfile path command to set the path where log files are saved. Then log files are saved into the path and the file name is log.log. To Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 325 Fit AP Command Reference 4 Device Management Commands view logs generated by the AP, run the save logfile command to save logs into a specified file or configure the AP to export information into a specified log file. Then run the display logfile command to view the log file. Prerequisites The information center has been enabled by using the 4.4.18 info-center enable command. Example # Configure the flash drive as the path where log files will be saved. <Huawei> system-view [Huawei] info-center logfile path flash:/logfile Related Topics 4.4.5 display info-center 4.4.7 display info-center logfile path 4.4.14 display logfile 4.4.23 info-center logfile size 4.4.40 save logfile 4.4.23 info-center logfile size Function The info-center logfile size command sets the log file size. The undo info-center logfile size command restores the default log file size. Format info-center logfile size size undo info-center logfile size Parameters Parameter Description Value size The value is an integer that is 1 or 2, in MB. The default value is 1 MB. Specifies the log file size. Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 326 Fit AP Command Reference 4 Device Management Commands Usage Guidelines Usage Scenario To configure the AP to export information to a log file, run the info-center logfile size command to set the log file size. Precautions If you configure the device to export information to a log file, exported information is saved in the log.log file. When the log.log file exceeds the specified size, the system compresses the file in to a zip package. When the storage space on the AP is smaller than 1 MB, the information center deletes the earliest log file. When the remaining storage space of the device is smaller than the log file size, log information is saved in the log buffer to replace the existing logs but is not saved to the device's storage space. Beside, you will fail to run the 4.4.40 save logfile command. Example # Set the log file size to 2 MB. <Huawei> system-view [Huawei] info-center logfile size 2 Related Topics 4.4.5 display info-center 4.4.7 display info-center logfile path 4.4.14 display logfile 4.4.22 info-center logfile path 4.4.40 save logfile 4.4.24 info-center loghost Function The info-center loghost command configures the device to output information to a log host. The undo info-center loghost command disables the device from outputting information to a log host. By default, no information is output to the log host. Format info-center loghost ip-address [ channel { channel-number | channel-name } | facility local-number | language language-name | port port ] * info-center loghost ipv6 ipv6-address [ channel { channel-number | channelname } | facility local-number | { language language-name | binary [ port ] } ] * info-center loghost domain domain-name [ channel { channel-number | channel-name } | facility local-number | language language-name | port port ] * Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 327 Fit AP Command Reference 4 Device Management Commands undo info-center loghost ip-address undo info-center loghost ipv6 ipv6-address undo info-center loghost domain domain-name Parameters Parameter Description Value ip-address Specifies the IPv4 address of the log host. The value is in dotted decimal notation. channel { channelnumber | Specifies the channel used to send information to a log host. The value of channel-number is an integer that ranges from 0 to 9. channel-name } ● channel-number: specifies the number of a channel. ● channel-name: specifies the name of a channel. The name can be the default or user-defined channel name. facility localnumber The value of channel-name is a string of 1 to 30 casesensitive characters. The value consists of letters or numbers and must start with a letter. Specifies a syslog server facility The value ranges from local0 that is used to identify the log to local7. The default value is information source. You can use local7. this parameter to plan a local value for the log information of a specified device, so that the syslog server can handle received log information based on the parameter. language Displays the language in which language-name logs are recorded. By the default, the language mode is English. port Specifies the number of the port that sends logs. The value is an integer that ranges from 1 to 65535. The default value is 514. ipv6 ipv6- Specifies the IPv6 address of the log host. The value is a 32-digit hexadecimal number. domain Specifies a DNS domain name of a log host. The value is a string of 1 to 255 case-sensitive characters, spaces not supported. address domain-name Views System view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 328 Fit AP Command Reference 4 Device Management Commands Usage Guidelines Usage Scenario To query information generated on the AP deployed remotely, configure the AP to export information to a log host so that you can view device information on the log host. Run the info-center loghost command to configure the AP to export information to a log host. To configure the AP to output information to different log hosts using different channels, specify the channels used to send information to the log hosts. For example, you can configure the AP to output information to log hosts at 192.168.0.1 and 192.168.0.2 using channels 7 and 8 respectively. Prerequisites The information center has been enabled using the 4.4.18 info-center enable command and the log host IP address has been obtained. Precautions The AP supports a maximum of eight log hosts including IPv4 and IPv6 hosts to implement backup among log hosts. Example # Configure a device to use channel 6 to output information to the log host at 10.1.1.1. <Huawei> system-view [Huawei] info-center loghost 10.1.1.1 channel channel6 # Configure the AP to send information to the log host at 2001:db8:1::1/64. <Huawei> system-view [Huawei] info-center loghost ipv6 2001:db8:1::1 Related Topics 4.4.5 display info-center 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.25 info-center loghost source 4.4.25 info-center loghost source Function The info-center loghost source command configures the source interface used by the AP to send information to a log host. The undo info-center loghost source command restores the default source interface used by the AP to send information to a log host. By default, the source interface is the interface that sends logs. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 329 Fit AP Command Reference 4 Device Management Commands Format info-center loghost source interface-type interface-number undo info-center loghost source Parameters Parameter Description Value interface-type interfacenumber Specifies the type and number of an interface. - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario If multiple devices send log messages to the same log host, you can identify the devices by setting different source interfaces so as to index the received log messages. Prerequisites There is a reachable route between the source interface and the log host. Example # Specify VLANIF 1 IP address as the source interface address to send information to a log host. <Huawei> system-view [Huawei] info-center loghost source vlanif 1 Related Topics 4.4.5 display info-center 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.24 info-center loghost Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 330 Fit AP Command Reference 4 Device Management Commands 4.4.26 info-center loghost source-port Function The info-center loghost source-port command configures a source interface through which the device sends information to the log host. The undo info-center loghost source-port command deletes the configuration of the source interface through which the device sends information to the log host. By default, the source interface number is 38514. Format info-center loghost source-port source-port undo info-center loghost source-port Parameters Parameter Description Value source-port Specifies the number of the source The value is an integer interface through which the device sends ranging from 1025 to information to the log host. 65535. Views System view Default Level 3: Management level Usage Guidelines To harden system security, run the info-center loghost source-port source-port command to change the number of the source interface through which the device sends information to the log host. Example # Change the number of the source interface through which the device sends information to the log host to 1026. <Huawei> system-view [Huawei] info-center loghost source-port 1026 4.4.27 info-center max-logfile-number Function The info-center max-logfile-number command sets the maximum number of log files to be saved. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 331 Fit AP Command Reference 4 Device Management Commands The undo info-center max-logfile-number command restores the default maximum number of log files to be saved. By default, the AD9430DN-12 and AD9431DN-24X allow a maximum of 10 log files to be saved, and other devices allow a maximum of 200 log files to be saved. Format info-center max-logfile-number filenumbers undo info-center max-logfile-number Parameters Parameter Description filenumbers Specifies the maximum number of log files that can be saved. Value The value is an integer that ranges from 2 to 500. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario If too many log files are saved on the AP, many disk space resources are occupied. To view log files generated recently, run the info-center max-logfile-number command to set the maximum number of log files that can be saved. Precautions If the number of log files generated on the AP exceeds the limit, the system deletes the oldest log file so that the number of log files is not larger than the maximum value. NOTICE If the number of saved log files is greater than the default value, more system resources are consumed. The default value is recommended. Excess log files can be deleted manually or automatically. When the system deletes excess log files, high CPU usage may last for a short period. Example # Set the maximum number of log files to be saved to 100. <Huawei> system-view [Huawei] info-center max-logfile-number 100 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 332 Fit AP Command Reference 4 Device Management Commands Related Topics 4.4.5 display info-center 4.4.22 info-center logfile path 4.4.23 info-center logfile size 4.4.14 display logfile 4.4.22 info-center logfile path 4.4.40 save logfile 4.4.28 info-center rate-limit except Function The info-center rate-limit except command prevents logs with a specified log ID from being suppressed by the information center. The undo info-center rate-limit except command deletes the preceding configuration. Format info-center rate-limit except { byinfoid infoID | bymodule-alias modname alias } undo info-center rate-limit except { byinfoid infoID | bymodule-alias modname alias } Parameters Parameter Description byinfoid infoID Specifies the log ID in hexadecimal notation. Value The value is a string of 8 characters. The value is in hexadecimal notation, and the valid characters include 0-9, a-f, and A-F. bymodulealias Specifies a log through a module name and a mnemonic. - modname Specifies the name of the module. The value is a string of 1 to 24 characters without spaces. alias Specifies the name of the mnemonic. The value is a string of 1 to 64 characters without spaces. Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 333 Fit AP Command Reference 4 Device Management Commands Usage Guidelines When too many logs will never generate under a specified ID, you can run the info-center rate-limit except command to prevent logs with the specified log ID from being suppressed by the information center. This can avoid the impact of the suppression of the log processing rate. After the command is run, the information center no longer monitor logs with the specified log ID. Example # Prevent logs specified by the module name and mnemonic from being suppressed by the information center. <Huawei> system-view [Huawei] info-center rate-limit except bymodule-alias AAA LOCALACCOUNT_ADD # Prevent logs specified by the log ID from being suppressed by the information center. <Huawei> system-view [Huawei] info-center rate-limit except byinfoid ff011015 # Prevent logs with a specified log ID from being suppressed by the information center. <Huawei> system-view [Huawei] undo info-center rate-limit except bymodule-alias AAA LOCALACCOUNT_ADD Related Topics 4.4.9 display info-center rate-limit threshold 4.4.8 display info-center rate-limit record 4.4.29 info-center rate-limit global-threshold Function The info-center rate-limit global-threshold command sets the total number of logs that the information center can process every second. The undo info-center rate-limit global-threshold command restores the default value. By default, the information center processes a maximum of 400 logs in every second. Format info-center rate-limit global-threshold value undo info-center rate-limit global-threshold Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 334 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description value Value Specifies the maximum number of The value is an integer that logs that the information center ranges from 100 to 1000. The can process every second. default value is 400. Views System view Default Level 2: Configuration level Usage Guidelines You can run the info-center rate-limit global-threshold command to set the maximum number of logs that the information center can process every second. This can adjust the processing capability of the information center. If the number of logs to be processed exceeds the processing capability of the information center, the extra logs are discarded. NOTE ● If the threshold is too low, some logs may be discarded. ● If the threshold is too high, the information center cannot identify the log ID under which too many logs are generated. The number of logs to be processed depends on the current processing capacity of the information center. Example # Set the number of logs that the information center can process every second to 300. <Huawei> system-view [Huawei] info-center rate-limit global-threshold 300 Related Topics 4.4.9 display info-center rate-limit threshold 4.4.8 display info-center rate-limit record 4.4.30 info-center rate-limit monitor-period Function The info-center rate-limit monitor-period command sets the monitoring period for the information center to suppress the log processing rate. The undo info-center rate-limit monitor-period command restores the default value. By default, the monitoring period is 3 seconds. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 335 Fit AP Command Reference 4 Device Management Commands Format info-center rate-limit monitor-period value undo info-center rate-limit monitor-period Parameters Parameter Description Value value The value is an integer ranging from 1 to 60, in seconds. The default value is 3. Specifies the monitoring period for the information center to suppress the log processing rate. Views System view Default Level 2: Configuration level Usage Guidelines The info-center rate-limit monitor-period command can be used to set a monitoring period for the information center to limit the log processing rate. ● In the monitoring period specified by value, if the rate of sending a single log every second exceeds info-center rate-limit threshold, the information center will limit the log processing rate. ● Then, in the monitoring period which is five times value, if the number of a single type of logs that are sent every second is smaller than info-center rate-limit threshold, the information center will no longer limit the log processing rate. Example # Set the monitoring period for the information center to suppress the log processing rate to 5 seconds. <Huawei> system-view [Huawei] info-center rate-limit monitor-period 5 Related Topics 4.4.9 display info-center rate-limit threshold 4.4.8 display info-center rate-limit record 4.4.31 info-center rate-limit threshold Function The info-center rate-limit threshold sets the maximum number of logs with the same log ID that the information center can process every second. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 336 Fit AP Command Reference 4 Device Management Commands The undo info-center rate-limit threshold restores the default setting. By default, the information center processes a maximum of 30 logs in a minute. Format info-center rate-limit threshold value [ byinfoid infoID | bymodule-alias modname alias ] undo info-center rate-limit threshold [ value ] [ byinfoid infoID | bymodulealias modname alias ] Parameters Parameter Description Value value Specifies the maximum number of logs with the same log ID that the information center can process every second. The value is an integer that ranges from 1 to 500. The default value is 30. byinfoid infoID Specifies the log ID. The value is a string of 8 characters. The value is in hexadecimal notation, and the valid characters include 0-9, a-f, and A-F. bymoduleSpecifies the name of the The value is a string of 1 to 24 alias modname module. characters without spaces. alias Specifies the name of the The value is a string of 1 to 64 mnemonic. characters without spaces. Views System view Default Level 2: Configuration level Usage Guidelines You can run the info-center rate-limit threshold command to set the maximum number of logs with the same log ID that the information center can process every second. The information center monitors the number of logs that are generated every second under the same log ID. When the number of logs that are generated every second under the same log ID exceeds the threshold during the monitoring period, the information center decides that too many logs are generated and thus suppresses its log processing rate by processing only the conforming traffic (logs within the threshold) and discarding the non-conforming traffic (logs exceeding the threshold). When the number of logs that are generated every second under the same log ID falls below the threshold and remains below the threshold for five monitoring periods, the information center removes the suppression. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 337 Fit AP Command Reference 4 Device Management Commands NOTE If the threshold value1 specified by the parameter byinfoid infoID or bymodule-alias modname alias differs from the threshold value0 specified globally, value1 takes effect. By default, the information center processes a maximum of 30 logs with the same log ID in every second. In certain application scenarios, the information center is required to process a maximum of more than 30 logs with the same log ID in every second. You can set thresholds for logs with different log IDs. NOTE ● If the threshold is too low, some logs may be discarded. ● If the threshold is too high, the information center cannot identify the log ID under which too many logs are generated. Example # Set the maximum number of logs that the information center can process every second to 60. <Huawei> system-view [Huawei] info-center rate-limit threshold 60 # Set the maximum number of logs identified by the same module name and mnemonic that the information center can process every second to 30. <Huawei> system-view [Huawei] info-center rate-limit threshold 30 bymodule-alias AAA LOCALACCOUNT_ADD # Set the maximum number of logs with the same log ID that the information center can process every second to 20. <Huawei> system-view [Huawei] info-center rate-limit threshold 20 byinfoid ff011015 # Restore the maximum number of logs that the information center can process every second to the default value. <Huawei> system-view [Huawei] undo info-center rate-limit threshold # Cancel the restriction on the maximum number of logs with a specified log ID that the information center can process every second. <Huawei> system-view [Huawei] undo info-center rate-limit threshold bymodule-alias AAA LOCALACCOUNT_ADD Related Topics 4.4.9 display info-center rate-limit threshold 4.4.8 display info-center rate-limit record 4.4.32 info-center source channel Function The info-center source channel command configures a rule for outputting information to a channel. The undo info-center source channel command restores the default rule for outputting information to a channel. The following lists the default rule for outputting information to a channel. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 338 Fit AP Command Reference 4 Device Management Commands Table 4-33 Default rule for outputting information to a channel Output Channe l Module Enable d to Output Inform ation Log Trap Debugging Message Status Lowest Output Severit y Status Lowest Output Severit y Status Lowest Output Severit y 0 (consol e) default on warnin g on debuggi ng on debuggi ng 1 (remote termina l) default on warnin g on debuggi ng on debuggi ng 2 (log host) default on informa tional on debuggi ng off debuggi ng 3 (trap buffer) default off informa tional on debuggi ng off debuggi ng 4 (log buffer) default on warnin g off debuggi ng off debuggi ng 5 (SNMP agent) default off debuggi ng on debuggi ng off debuggi ng 6 (chann el 6) default on debuggi ng on debuggi ng off debuggi ng 7 (chann el 7) default on debuggi ng on debuggi ng off debuggi ng 8 (chann el 8) default on debuggi ng on debuggi ng off debuggi ng 9 (chann el 9) default on debuggi ng on debuggi ng off debuggi ng NOTE The output directi on of channe l 9 is the logfile. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 339 Fit AP Command Reference 4 Device Management Commands Format info-center source { module-name | default } channel { channel-number | channel-name } [ log { state { off | on } | level severity } * | trap { state { off | on } | level severity } * | debug { state { off | on } | level severity } * ] * undo info-center source { module-name | default } channel { channel-number | channel-name } Parameters Parameter Description Value module-name Specifies the module name. Enumerated type. The value depends on the registered module. default Indicates the default module. - channel-number Specifies the number of a channel. The value is an integer that ranges from 0 to 9. channel-name Specifies the name of a channel. The value is a string of 1 to 30 case-sensitive characters. The value consists of letters or numbers and must start with a letter. log { state { off | on } } Specifies the log status. - ● off: Logs are not sent. ● on: Logs are sent. log { level severity } Specifies the lowest severity of output logs. Logs are classified into eight severities. The following severities are listed in descending order of priority: ● emergencies ● alert ● critical ● error ● warning ● notification ● informational ● debugging trap { state { off | on } } Specifies the trap status: - ● off: Traps are not sent. ● on: Traps are sent. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 340 Fit AP Command Reference 4 Device Management Commands Parameter Description Value trap { level severity } Specifies the lowest severity of output traps. Logs are classified into eight severities. The following severities are listed in descending order of priority: ● emergencies ● alert ● critical ● error ● warning ● notification ● informational ● debugging debug { state { off | on } } Specifies the debugging message status. - ● off: Debugging messages are not sent. ● on: Debugging messages are sent. debug { level severity } Specifies the lowest severity of output debugging messages. Logs are classified into eight severities. The following severities are listed in descending order of priority: ● emergencies ● alert ● critical ● error ● warning ● notification ● informational ● debugging Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 341 Fit AP Command Reference 4 Device Management Commands To collect and query information generated on the AP, define severities for various types of information that is output to different channels. You can run the infocenter source channel command to configure a rule for outputting information to a channel. The following lists information severities. Table 4-34 Information severities Value Severity Description 0 emergencies A fault causes the device to fail to run normally unless it is restarted. For example, the device is restarted because of program exceptions or a memory error is detected. 1 alert A fault needs to be rectified immediately. For example, memory usage of the system reaches the upper limit. 2 critical A fault needs to be analyzed and processed. For example, the memory usage falls below the lower threshold; temperature falls below the alarm threshold; BFD detects that a device is unreachable or detects locally generated error messages. 3 error An improper operation is performed or exceptions occur during service processing. The fault does not affect services but needs to be analyzed. For example, users enter incorrect commands or passwords; error protocol packets are received from other devices. 4 warning Some events or operations may affect device running or cause service processing faults, which requires full attention. For example, a routing process is disabled; BFD detects packet loss; error protocol packets are detected. 5 notification A key operation is performed to keep the device running normally. For example, the shutdown command is run; a neighbor is discovered; protocol status changes. 6 informationa l A normal operation is performed. For example, a display command is run. 7 debugging A normal operation is performed, which requires no attention. Precautions Each information channel has a default record with the module name default. The default configuration for logs, traps, and debugging messages in different channels may differ. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 342 Fit AP Command Reference 4 Device Management Commands If a module generates a large number of logs, traps, or debugging messages in a short time, use the following methods to suppress this information: ● Specify level severity to adjust the channel level. Information with lower severity will be filtered. ● Specify state off to disable information sent by a specified module. NOTICE After the lowest severity of output information is specified, information lower than the severity will be filtered. Example # Configure the device to send logs higher than or equal to warning of the CFM module. <Huawei> system-view [Huawei] info-center source CFM channel snmpagent log level warning Related Topics 4.4.3 display channel 4.4.5 display info-center 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.20 info-center logbuffer 4.4.24 info-center loghost 4.4.35 info-center trapbuffer 4.4.41 terminal debugging 4.4.42 terminal logging 4.4.43 terminal monitor 4.4.44 terminal trapping 4.4.33 info-center statistic-suppress enable Function The info-center statistic-suppress enable command enables suppression of statistics about consecutive repeated logs. The undo info-center statistic-suppress enable command disables suppression of statistics about consecutive repeated logs. By default, suppression of statistics about consecutive repeated logs is enabled. Format info-center statistic-suppress enable Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 343 Fit AP Command Reference 4 Device Management Commands undo info-center statistic-suppress enable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario In the system, service modules generate logs and control the volume of generated logs. The information center processes the received logs. A large number of repeated logs are generated in a short time in some scenarios, for example, when ARP and ACL are enabled. This wastes both the storage space and CPU resources. Generally, users do not want to view the repeated logs. You can run the info-center statistic-suppress enable command to suppress statistics on consecutive repeated logs so that the system can still record other logs. Precautions Statistics about repeatedly generated logs are first output at the 30th seconds from the time the first log is output, and then statistics about repeatedly generated logs are output at the 120th seconds. After being output two times, statistics about repeatedly generated logs are output every 600 seconds. Example # Disable suppression of statistics about consecutive repeated logs. <Huawei> system-view [Huawei] undo info-center statistic-suppress enable 4.4.34 info-center timestamp Function The info-center timestamp command sets the timestamp format of logs, traps, and debugging messages. The undo info-center timestamp command restores the default timestamp format of logs, traps, and debugging messages. By default, the timestamp format of logs, traps, and debugging messages is date. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 344 Fit AP Command Reference 4 Device Management Commands Format info-center timestamp debugging { { date | short-date | format-date } [ precision-time { tenth-second | second } ] | boot | none } info-center timestamp log { { date | short-date | format-date } [ precisiontime { tenth-second | millisecond } ] | boot | none } info-center timestamp trap { { date | short-date | format-date } [ precisiontime { tenth-second | millisecond } ] | boot | none } undo info-center timestamp { debugging | trap | log } Parameters Parameter Description Value debugging Indicates debugging messages. - log Indicates logs. - trap Indicates traps. - boot Indicates that the timestamp is expressed in the format of relative time, a period of time since the start of the system. The format is xxxxxx.yyyyyy. xxxxxx is the higher order 32 bits of the milliseconds elapsed since the start of the system; yyyyyy is the lower order 32 bits of the milliseconds elapsed since the start of the system. - date Specifies the current date and time. It is expressed in mm dd yyyy hh:mm:ss format. none Indicates that the output information does not contain the timestamp. - short-date Indicates the short date. This timestamp differs from date is that the year is not displayed. - format-date Indicates that the timestamp is expressed in YYYY-MMDD hh:mm:ss format. - precision-time Specifies the precision. - second Indicates that the precision is accurate to seconds. - tenth-second Indicates that the precision is accurate to 0.1 seconds. - millisecond Indicates that the precision is accurate to milliseconds. - Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 345 Fit AP Command Reference 4 Device Management Commands Usage Guidelines The info-center timestamp command sets the timestamp format of logs, traps, and debugging messages. The following describes the timestamp in date format. Table 4-35 Description of fields of the timestamp in date format Field Description Value mm Month The value can be Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec. dd Date 1-31. If the date is smaller than 10, add a space in front of the date, For example, " 7". yyyy Year 4 digits hh:mm:ss Local time hh ranges from 00 to 23, and mm or ss ranges from 00 to 59. When the precision of the timestamp is accurate to 0.1 second or milliseconds, the system adds identifies to the logs generated at the same time based on the sequence. Prerequisites The information center has been enabled by using the 4.4.18 info-center enable command. Example # Set the timestamp format of traps to boot. <Huawei> system-view [Huawei] info-center timestamp trap boot # Set the timestamp precision of logs, traps, and debugging messages. <Huawei> system-view [Huawei] info-center timestamp log date precision-time millisecond [Huawei] info-center timestamp debugging date precision-time tenth-second [Huawei] info-center timestamp trap date precision-time millisecond Related Topics 4.4.5 display info-center 4.4.35 info-center trapbuffer Function The info-center trapbuffer command enables the AP to send traps to the trap buffer. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 346 Fit AP Command Reference 4 Device Management Commands The undo info-center trapbuffer command disables the AP from sending traps to the trap buffer. By default, the AP is enabled to send traps to the trap buffer. Format info-center trapbuffer [ channel { channel-number | channel-name } | size buffer-size ] * undo info-center trapbuffer [ channel | size ] Parameters Parameter Description channel Sets the channel number for In the range of 0 to 9. That is, outputting information to the system has 10 channels. the alarm buffer. channel Sets the channel name for outputting information to the alarm buffer. The name is a string of 1 to 30 case-insensitive characters without spaces, hyphens (-), slashes (\), and anti-slashes (/). size buffer-size Sets the size of the alarm buffer (the number of information in the buffer). The value is in the range of 0 to 1024. channel-number channel-name Value Views System view Default Level 2: Configuration level Usage Guidelines To view traps in the trap buffer, run the info-center trapbuffer command to enable the AP to send traps to the trap buffer. Example # Enable the AP to send traps to the trap buffer. <Huawei> system-view [Huawei] info-center trapbuffer Related Topics 4.4.5 display info-center 4.4.15 display trapbuffer 4.4.16 info-center channel Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 347 Fit AP Command Reference 4 Device Management Commands 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.36 info-center trapbuffer size 4.4.39 reset trapbuffer 4.4.36 info-center trapbuffer size Function The info-center trapbuffer size command sets the maximum number of traps in the trap buffer. The undo info-center trapbuffer size command restores the default maximum number of traps in the trap buffer. By default, a trap buffer allows a maximum of 256 traps. Format info-center trapbuffer size trapbuffer-size undo info-center trapbuffer size Parameters Parameter Description trapbuffer-size Specifies the maximum number of traps in the trap buffer. Value The value is an integer that ranges from 0 to 1024. If trapbuffer-size is 0, traps are not displayed. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario The info-center trapbuffer size command sets the maximum number of traps in the trap buffer. Prerequisites The AP has been enabled to output traps to the trap buffer by using the 4.4.35 info-center trapbuffer command. Precautions When you run the info-center trapbuffer size command multiple times, only the latest configuration takes effect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 348 Fit AP Command Reference 4 Device Management Commands If a small value of trapbuffer-size is used, some traps may be not displayed. If a large value of trapbuffer-size is used, repeated traps may be displayed. The default value of trapbuffer-size is recommended. Example # Set the maximum number of traps in the trap buffer to 30. <Huawei> system-view [Huawei] info-center trapbuffer size 30 Related Topics 4.4.5 display info-center 4.4.15 display trapbuffer 4.4.16 info-center channel 4.4.17 info-center channel name 4.4.18 info-center enable 4.4.35 info-center trapbuffer 4.4.39 reset trapbuffer 4.4.37 reset info-center statistics Function The reset info-center statistics command clears statistics on each module. Format reset info-center statistics Parameters None Views User view Default Level 2: Configuration level Usage Guidelines Usage Scenario To re-collect statistics on each module, run the reset info-center statistics command to clear all historical statistics. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 349 Fit AP Command Reference 4 Device Management Commands The cleared statistics cannot be restored. Exercise caution when you run the reset info-center statistics command. Example # Clear statistics on each module. <Huawei> reset info-center statistics Related Topics 4.4.5 display info-center 4.4.10 display info-center statistics 4.4.38 reset logbuffer Function The reset logbuffer command clears logs in the log buffer. Format reset logbuffer Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario To record logs in the log buffer again, run the reset logbuffer command to clear all the information in the log buffer. Precautions Statistics cannot be restored after being cleared. Exercise caution when you run the reset logbuffer command. Example # Clear information in the log buffer. <Huawei> reset logbuffer Warning: This command will reset the log buffer. Logs in the buffer will be lost . Continue? (y/n)[n]:y Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 350 Fit AP Command Reference 4 Device Management Commands Related Topics 4.4.13 display logbuffer 4.4.39 reset trapbuffer Function The reset trapbuffer command clears Trap information in the trap buffer. Format reset trapbuffer Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario To record traps in the trap buffer again, run the reset trapbuffer command to clear all the information in the trap buffer. Precautions Statistics cannot be restored after being cleared. Exercise caution when you run the reset trapbuffer command. Example # Clear information in the trap buffer. <Huawei> reset trapbuffer Related Topics 4.4.15 display trapbuffer 4.4.40 save logfile Function The save logfile command saves logs in the log file buffer to a log file. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 351 Fit AP Command Reference 4 Device Management Commands Format save logfile Parameters None Views User view Default Level 0: Visit level Usage Guidelines Usage Scenario To reduce the number of times information is written into the storage device, information generated on the AP is saved into the log buffer before the information is saved into the log file. When the log file buffer is full, the system saves the logs in the log file buffer to the log file. You can also run the save logfile command to save the logs in the log file buffer to the log file. After the log file is generated, the system clears logs in the log file buffer to save new logs. Prerequisites The path to save log files has been set by using the 4.4.22 info-center logfile path command. Precautions When you run this command, the device obtains or uses some personal data of users, such as the STA MAC address. Delete the personal data immediately after the command is executed to ensure user data security. When this command is executed on a device supporting binlogs, binlogs and data dictionary information are also saved. Example # Save logs in the log file buffer to the log file. <Huawei> save logfile Related Topics 4.4.5 display info-center 4.4.22 info-center logfile path 4.4.23 info-center logfile size 4.4.14 display logfile 4.4.22 info-center logfile path 4.4.27 info-center max-logfile-number Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 352 Fit AP Command Reference 4 Device Management Commands 4.4.41 terminal debugging Function The terminal debugging command enables debugging message display on the user terminal. The undo terminal debugging command disables debugging message display on the user terminal. By default, debugging message display is disabled on the user terminal. Format terminal debugging undo terminal debugging Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the terminal debugging command to enable debugging message display on the user terminal to view system debugging message and locate faults. Prerequisites The 4.4.43 terminal monitor command has been executed to enable display of logs, traps, and debugging message output on the user terminal. Example # Enable debugging message display on the user terminal. <Huawei> terminal debugging Info: Current terminal debugging is on. Related Topics 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.43 terminal monitor Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 353 Fit AP Command Reference 4 Device Management Commands 4.4.42 terminal logging Function The terminal logging command enables log display on the user terminal. The undo terminal logging command disables log display on the user terminal. By default, log display is enabled on the user terminal. Format terminal logging undo terminal logging Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario To view logs on a terminal, run the terminal logging command to enable log display on the user terminal. Prerequisites The 4.4.43 terminal monitor command has been executed to enable display of logs, traps, and debugging message output on the user terminal. Example # Disable log display on the user terminal. <Huawei> undo terminal logging Info: Current terminal logging is off. Related Topics 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.43 terminal monitor Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 354 Fit AP Command Reference 4 Device Management Commands 4.4.43 terminal monitor Function The terminal monitor command enables display of logs, traps, and debugging message output by the information center on the user terminal. The undo terminal monitor command disables display of logs, traps, and debugging message output by the information center on the user terminal. By default, terminal display is . Format terminal monitor undo terminal monitor Parameters None Views User view Default Level 3: Management level Usage Guidelines Prerequisites The information center has been enabled by using the 4.4.18 info-center enable command. Follow-up Procedure Run the terminal debugging/undo terminal debugging, terminal logging/undo terminal logging, terminal trapping/undo terminal trapping/ command to enable or disable terminal debugging message, log, or trap display. Precautions Logs, traps, and debugging message are sent to the current terminal only when the terminal monitor command is used. Running the undo terminal monitor command is equivalent to running the undo terminal debugging, undo terminal logging, undo terminal trapping command. Example # Disable display of logs, traps, and debugging message output by the information center on the user terminal. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 355 Fit AP Command Reference 4 Device Management Commands <Huawei> undo terminal monitor Info: Current terminal monitor is off. Related Topics 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.41 terminal debugging 4.4.42 terminal logging 4.4.44 terminal trapping 4.4.44 terminal trapping Function The terminal trapping command enables trap display on the user terminal. The undo terminal trapping command disables trap display on the user terminal. By default, trap display is enabled on the user terminal. Format terminal trapping undo terminal trapping Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario To view traps on a terminal, run the terminal trapping command to enable trap display on the user terminal. Prerequisites The 4.4.43 terminal monitor command has been executed to enable display of logs, traps, and debugging message output on the user terminal. Example # Disable trap display on the user terminal. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 356 Fit AP Command Reference 4 Device Management Commands <Huawei> undo terminal trapping Info: Current terminal trapping is off. Related Topics 4.4.18 info-center enable 4.4.32 info-center source channel 4.4.43 terminal monitor 4.5 PoE Configuration Commands 4.5.1 display current power-workmode Function The display current power-workmode command displays the current power mode of an AP. All APs support this command except the AD9430DN-24 and AD9431DN-24X. Format display current power-workmode Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines When an AP is supplied with DC or PoE power, the power may fail to enable the AP to work with the maximum power. You can run this command to view the current power mode of the AP. Example # Display the current power mode of an AP. <Huawei> display current power-workmode Current power workmode is AT (FULL), decided by AP capability Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 357 Fit AP Command Reference 4 Device Management Commands Table 4-36 Description of the display current power-workmode command output Item Description Current power workmode is AT (FULL), decided by AP capability The AP's current power mode is 802.3at (without restricting functions of the AP). An AP's current power mode is determined by its own highest capability. ● The power mode of an AP can be AF, AT, or BT, which represents 802.3af, 802.3at, or 802.3bt, respectively. ● The current power mode of an AP is determined by LLDP, hardware detect, or AP capability, which respectively represent the LLDP negotiation result, hardware detection result, and the AP's own highest capability. 4.5.2 display poe device Function The display poe device command displays information about the device supporting Power over Ethernet (PoE). Only the AP8082DN, AP8182DN, AP4050DN-E, AP4050DN-HD, AP7050DN-E, AD9431DN-24X, AD9430DN-24, and AD9430DN-12 support this command. Format display poe device Parameters None Views All views Default Level 2: Configuration level Usage Guidelines Before using the PoE function, run the display poe device command to check whether the device supports the PoE function. If the command output is displayed, the device supports the PoE function. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 358 Fit AP Command Reference 4 Device Management Commands Example # Display information about the device supporting PoE. <Huawei> display poe device slot 0 : POE Table 4-37 Description of the display poe device command output Item Description Slot 0 The device supports PoE. 4.5.3 display poe information Function The display poe information command displays PoE running information about the device. Only the AP8082DN, AP8182DN, AP4050DN-E, AP4050DN-HD, AP7050DN-E, AD9431DN-24X, AD9430DN-24, and AD9430DN-12 support this command. Format display poe information [ slot slot-id ] Parameters Parameter Description Value slot slot-id Displays the PoE state information about a device in a specified slot. The value is an integer and the value range depends on the device configuration. If this parameter is not specified, the PoE information about all device is displayed. Views All views Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 359 Fit AP Command Reference 4 Device Management Commands Usage Guidelines This command displays information including the maximum output power set by the user, current power consumption, peak power consumption, and power management mode. Example # Display the PoE running information about the device. <Huawei> display poe information PSE Information of slot 0: User Set Max Power(mW) : 380000 POE Power Supply(mW) : 380000 Available Total Power(mW) : 371784 Total Power Consumption(mW): 8216 Power Peak Value(mW) : 11284 Power-Management Mode : auto Power High Inrush : disable Power AF Inrush : disable Table 4-38 Description of the display poe information command output Item Description User Set Max Power(mW) Maximum output power set by the user. POE Power Supply(mW) PoE power supply, which is determined by the PoE power module configured on the device. Available Total Power(mW) Total available power. Total Power Consumption(mW) Total output power. Power Peak Value(mW) Peak value of the output power. Power-Management Mode Power management mode, including auto and manual modes. Power High Inrush State of power high inrush function, including enabled and disabled state. By default, the power high inrush function is in disabled state. Power AF Inrush Whether to set the PoE standard to IEEE 802.3af. ● enable: The current PoE standard is IEEE 802.3af. ● disable: The current PoE standard is IEEE 802.3at. By default, a central AP provides PoE power in compliance with IEEE 802.3at. 4.5.4 display poe power Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 360 Fit AP Command Reference 4 Device Management Commands Function The display poe power command displays current power information on interfaces. Only the AP8082DN, AP8182DN, AP4050DN-E, AP4050DN-HD, AP7050DN-E, AD9431DN-24X, AD9430DN-24, and AD9430DN-12 support this command. Format display poe power [ slot slot-id | interface interface-type interface-number ] Parameters Parameter Description Value slot slot-id Displays the PoE power information about a specified slot. The value is an integer, and the value is 0. If this parameter is not specified, the PoE power information of the device is displayed. interface interface-type interface-number Displays the PoE power information about a specified interface. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. If this parameter is not specified, the output power of all interfaces on the device is displayed. Views All views Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 361 Fit AP Command Reference 4 Device Management Commands Usage Guidelines The display poe power command displays information including the current actual power, maximum output power set for an interface, and class, reference power, and average power of PDs on the interface. If this parameter is not specified, the output power of all interfaces on the device is displayed. Example # Display the power information of interfaces on the device whose ID is 0. <Huawei> display poe power slot 0 Codes: REFPW(Reference power), USMPW(User set max power), CURPW(Current power), PKPW(Peak power), AVGPW(Average power) PortName Class REFPW(mW) USMPW(mW) CURPW(mW) PKPW(mW) AVGPW(mW) -------------------------------------------------------------------------------GigabitEthernet0/0/1 15400 0 0 0 GigabitEthernet0/0/2 15400 0 0 0 GigabitEthernet0/0/3 15400 0 0 0 GigabitEthernet0/0/4 15400 0 0 0 GigabitEthernet0/0/5 15400 0 0 0 GigabitEthernet0/0/6 15400 0 0 0 GigabitEthernet0/0/7 15400 0 0 0 GigabitEthernet0/0/8 15400 0 0 0 GigabitEthernet0/0/9 15400 0 0 0 GigabitEthernet0/0/10 15400 0 0 0 GigabitEthernet0/0/11 2 7000 15400 3710 3816 3487 GigabitEthernet0/0/12 2 7000 15400 2968 3180 2960 GigabitEthernet0/0/13 15400 0 0 0 GigabitEthernet0/0/14 15400 0 0 0 GigabitEthernet0/0/15 15400 0 0 0 GigabitEthernet0/0/16 15400 0 0 0 GigabitEthernet0/0/17 15400 0 0 0 GigabitEthernet0/0/18 15400 0 0 0 GigabitEthernet0/0/19 15400 0 0 0 GigabitEthernet0/0/20 15400 0 0 0 GigabitEthernet0/0/21 15400 0 0 0 GigabitEthernet0/0/22 15400 0 0 0 GigabitEthernet0/0/23 15400 0 0 0 GigabitEthernet0/0/24 15400 0 0 0 Table 4-39 Description of the display poe power slot command output Item Description PortName Name of an interface. Class Class of a PD on an interface. The system classifies PDs into five classes, namely, class 0 to class 4, according to their maximum power. If no PDs are connected to an interface, "-" is displayed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 362 Fit AP Command Reference 4 Device Management Commands Item Description REFPW(mW) Reference power of a PD. The system can identify the reference power of each PD. The value varies according to types of PDs. The mapping between PD classes and the reference power is as follows: ● 0: reference power 15.4 W ● 1: reference power 4 W ● 2: reference power 7 W ● 3: reference power 15.4 W ● 4: reference power 30 W USMPW(mW) Maximum output power set for an interface. CURPW(mW) Current power of the PDs on an interface. PKPW(mW) Peak power of the PDs on an interface. The value is a statistical value, which equals the current maximum power consumption of the PDs on the interface. AVGPW(mW) Average power of the PDs on an interface. The value is a statistical value, which equals the average power consumption from the power-on of the interface till now. # Display the power of interface GigabitEthernet0/0/3. <Huawei> display poe power interface gigabitethernet 0/0/3 Port PD power(mW) : 3710 Port PD class :2 Port PD reference power(mW) : 7000 Port user set max power(mW) : 15400 Port PD peak power(mW) : 3816 Port PD average power(mW) : 3487 Table 4-40 Description of the display poe power interface command output Item Description Port PD power(mW) Output power of an interface. Port PD class Class of a PD on an interface. The system classifies PDs into five classes, namely, class 0 to class 4, according to their maximum power. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 363 Fit AP Command Reference 4 Device Management Commands Item Description Port PD reference power(mW) Reference power of a PD. The system can identify the reference power of each PD. The value varies according to types of PDs. The mapping between PD classes and the reference power is as follows: ● 0: reference power 15.4 W ● 1: reference power 4 W ● 2: reference power 7 W ● 3: reference power 15.4 W ● 4: reference power 30 W Port user set max power(mW) Maximum output power set for an interface. Port PD peak power(mW) Peak power of the PDs on an interface. Port PD average power(mW) The value is a statistical value, which equals the current maximum power consumption of the PDs on the interface. Average power of the PDs on an interface. The value is a statistical value, which equals the average power consumption from the power-on of the interface till now. Related Topics 4.5.2 display poe device 4.5.5 display poe power-state Function The display poe power-state command displays the PoE power supply status of a device. Only the AP8082DN, AP8182DN, AP4050DN-E, AP4050DN-HD, AP7050DN-E, AD9431DN-24X, AD9430DN-24, and AD9430DN-12 support this command. Format display poe power-state [ slot slot-id | interface interface-type interfacenumber ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 364 Fit AP Command Reference 4 Device Management Commands Parameters Parameter Description Value slot slot-id Displays the power supply status of interfaces supporting PoE in a specified slot. The value is an integer, and the value is 0. interface interface-type Displays the PoE power supply status of a specified interface. - interface-number ● interface-type specifies the interface type. ● interface-number specifies the interface number. If this parameter is not specified, the PoE power supply status of all interfaces on the device is displayed. Views All views Default Level 2: Configuration level Usage Guidelines The display poe power-state command displays information including whether an interface is enabled to check compatibility of non-standard PDs, power supply status on of an interface, class of PDs on an interface, power supply priority, and maximum output power of an interface. Example # Display the PoE power supply status of GigabitEthernet 0/0/3. <Huawei> display poe power-state interface gigabitethernet 0/0/3 Port legacy detect : disable Port power enabled : enable Port power ON/OFF : on Port power status : Powered Port PD class :3 Port reference power(mW) : 15400 Port power priority : Low Port max power(mW) : 15400 Port current power(mW) : 2794 Port peak power(mW) : 2794 Port average power(mW) : 2741 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 365 Fit AP Command Reference 4 Device Management Commands Port current(mA) Port voltage(V) : 52.73 : 53.00 Table 4-41 Description of the display poe power-state interface command output Item Description Port legacy detect Whether an interface is enabled to check compatibility of non-standard PDs. Port power enabled Whether PoE is enabled on an interface. Port power ON/OFF Whether the interface is powered on. ● On: indicates that the interface is powered on. ● Off: indicates that the interface is powered off. Port power status Power supply status of an interface. The status can be: ● Test mode: indicates the testing state. ● Detecting: indicates the detection state. ● Disabled: indicates that PoE is disabled on the interface. ● Chip fault: indicates that the chip of the interface fails. ● Power-deny: indicates that the reference power is greater than the maximum output power of an interface. ● Classification overcurrent: indicates that the current of the PDs on the interface exceeds the threshold. ● Unknown class: indicates that the class of the PD is unknown. ● Power overcurrent: indicates that the current of the PD on the interface exceeds the maximum current of the interface. ● Power-on failed: indicates that the interface fails to be powered on. ● Power-ready: indicates that the interface is ready to be powered on. ● Powering: indicates that the PSE starts to power on the interface. ● Powered: indicates that the interface is powered on. ● Over loaded: indicates that the power is overloaded. ● Time-range power-off: indicates that the interface is in the power-off time range. ● Legacy disable: indicates that compatibility detection for PDs is disabled. That is, the device cannot identify or provide power for the nonstandard PD. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 366 Fit AP Command Reference 4 Device Management Commands Item Description Port PD class Class of a PD connected to an interface. The system classifies PDs into five classes, namely, class 0 to class 4, according to their maximum power. Port reference power(mW) Reference power of an interface. NOTE This parameter is not supported on the AP4050DN-E. The system can identify the maximum power of a PD, classify the PD into a certain level, and define the reference power of each level. The mappings between PD types and reference power values are: ● 0: reference power 15.4 W ● 1: reference power 4 W ● 2: reference power 7 W ● 3: reference power 15.4 W ● 4: reference power 30 W Port power priority Power supply priority of an interface. The priority is as follows: ● Critical: indicates the highest priority. ● High: indicates the second highest priority. ● Low: indicates the lowest priority. Port max power(mW) Maximum output power of an interface. NOTE A maximum output power of 15400 mW indicates that the device complies with 802.3af. A maximum output power of 30000 mW indicates that the device complies with 802.3at. Port current power(mW) Current output power of an interface. Port peak power(mW) Peak output power of an interface. Port average power(mW) Average output power of an interface. Port current(mA) Output current of an interface. Port voltage(V) Output voltage of an interface. # Display the PoE power supply status of the device. <Huawei> display poe power-state slot 0 PORTNAME POWERON/OFF ENABLED PRIORITY STATUS -------------------------------------------------------------------------------off enable Low Detecting GigabitEthernet0/0/1 GigabitEthernet0/0/2 off enable Low Detecting GigabitEthernet0/0/3 on enable Low Powered off enable Low Detecting GigabitEthernet0/0/4 off enable Low Detecting GigabitEthernet0/0/5 GigabitEthernet0/0/6 off enable Low Detecting Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 367 Fit AP Command Reference 4 Device Management Commands GigabitEthernet0/0/7 GigabitEthernet0/0/8 off off enable Low enable Low Detecting Detecting Table 4-42 Description of the display poe power-state slot command output Item Description PORTNAME Name of an interface. POWERON/OFF Whether the interface is powered on. ● On: indicates that the interface is powered on. ● Off: indicates that the interface is powered off. ENABLED Whether PoE is enabled on an interface. PRIORITY Power supply priority of an interface. The priority is as follows: ● Critical: indicates the highest priority. ● High: indicates the second highest priority. ● Low: indicates the lowest priority. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 368 Fit AP Command Reference 4 Device Management Commands Item Description STATUS Power supply status of an interface. The status is classified into following types: ● Test mode: indicates the testing state. ● Detecting: indicates the detection state. ● Disabled: indicates that PoE is disabled on the interface. ● Chip fault: indicates that the chip of the interface fails. ● Power-deny: indicates that the reference power is greater than the maximum output power of an interface. ● Classification overcurrent: indicates that the current of the PDs on the interface exceeds the threshold. ● Unknown class: indicates that the class of the PD is unknown. ● Power overcurrent: indicates that the current of the PD on the interface exceeds the maximum current of the interface. ● Power-on failed: indicates that the interface fails to be powered on. ● Power-ready: indicates that the interface is ready to be powered on. ● Powering: indicates that the PSE starts to power on the interface. ● Powered: indicates that the interface is powered on. ● Over loaded: indicates that the power is overloaded. ● Time-range power-off: indicates that the interface is in the power-off time range. ● Legacy disable: indicates that compatibility detection for PDs is disabled. That is, the device cannot identify or provide power for the nonstandard PD. 4.5.6 display poe-power Function The display poe-power command displays information about the PoE power supply. Only the AP8082DN, AP8182DN, AP4050DN-E, AP4050DN-HD, AP7050DN-E, AD9431DN-24X, AD9430DN-24, and AD9430DN-12 support this command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 369 Fit AP Command Reference 4 Device Management Commands Format display poe-power [ slot slot-id ] Parameters Parameter Description Value slot slot-id Specifies the slot ID of a device. The value is an integer, and the value is 0. Views All views Default Level 2: Configuration level Usage Guidelines The display poe-power displays information including the available total PoE power, percentage of the reserved power, power alarm threshold, and PoE power module. Example # Display information about the PoE power supply of the devices. <Huawei> display poe-power Slot 0 Total Available POE Power(mW) : 246400 Reserved POE Power Percent : 20 % POE Power Threshold Percent : 90 % POE Power 1 Power Value(mW) : 123200 Type : AD9430DN-12 Supported Mode : Redundancy, Balance POE Power 2 Power Value(mW) :Type :Supported Mode :- Table 4-43 Description of the display poe-power command output Item Description Total Available POE Power(mW) Total power that can be provided for PDs. Reserved POE Power Percent Percentage of the reserved power to the total power. POE Power Threshold Percent Alarm threshold of the power consumption percentage. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 370 Fit AP Command Reference 4 Device Management Commands Item Description POE Power 1 PoE power supply 1. POE Power 2 PoE power supply 2. Power Value(mW) Power of a PoE power supply. Type Type of a PoE power supply, which is displayed as the name of the AP model. Supported Mode Supported PoE power supply mode. The value can be: ● Redundancy: redundancy backup mode ● Balance: current balance mode Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 371 Fit AP Command Reference 5 5 Interface Management Commands Interface Management Commands About This Chapter 5.1 Basic Interface Configuration Commands 5.2 Ethernet Interface Configuration Commands 5.3 Logical Interface Configuration Commands 5.1 Basic Interface Configuration Commands 5.1.1 bandwidth (Interface view) Function The bandwidth command specifies the interface bandwidth acquired by the NMS from the MIB. The undo bandwidth command cancels the configured interface bandwidth acquired by the NMS from the MIB. By default, no interface bandwidth acquired by the NMS from the MIB is set. Format bandwidth bandwidth [ kbps ] undo bandwidth Parameters Parameter Description Value bandwidth Specifies the bandwidth of an interface. The value is an integer ranging from 1 to 1000000, in Mbit/s. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 372 Fit AP Command Reference 5 Interface Management Commands Parameter Description Value kbps - Indicates that the unit of the interface bandwidth is kbit/s. If this parameter is not specified, the interface bandwidth is expressed in Mbit/s. Views Interface view Default Level 2: Configuration level Usage Guidelines The bandwidth command mainly ensures that the network management station (NMS) can acquire the bandwidth of an interface. The NMS can check the interface bandwidth through the two objects ifSpeed and ifHighSpeed in IF-MIB. ● If the configured bandwidth is smaller than 4000 Mbit/s, ifSpeed and ifHighSpeed are respectively displayed as bandwidth x 1000 x 1000 and bandwidth. ● If the configured bandwidth is equal to or larger than 4000 Mbit/s, ifSpeed and ifHighSpeed are respectively displayed as 4294967295 (0XFFFFFFFF) and bandwidth. Example # Set the bandwidth of GE0/0/1 to 10000 Mbit/s. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] bandwidth 10000 5.1.2 description (interface view) Function The description command configures the description for an interface. The undo description command restores the default description of an interface. By default, the description of an interface is "HUAWEI, AP Series, interface-type interface-number Interface". Format description description undo description Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 373 Fit AP Command Reference 5 Interface Management Commands Parameters Parameter Description Value description Specifies the interface description. The value is a string of 1 to 242 characters. The character string is case sensitive. It can contain blanks but cannot contain the question mark (?). Views Interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario To facilitate device management and maintenance, you can configure descriptions for interfaces. An interface description can contain the device where the interface is located, interface type, and remote device. For example: To-[DeviceB]GE-0/0/1 indicates that an interface of this device is connected to GE0/0/1 of device B. Precautions The interface description is displayed from the first non-space character. Example # Configure the description of GE0/0/1 as To-[DeviceB]GE-0/0/1, indicating that this device is connected to device B through GE0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] description To-[DeviceB]GE-0/0/1 Related Topics 5.1.6 display interface description 5.1.3 display default-parameter interface Function The display default-parameter interface command displays the default interface configuration, including the interface status, MTU, interval for collecting traffic statistics, alarm threshold, interface description, whether the alarm function is enabled to send an alarm to the NMS when the interface status changes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 374 Fit AP Command Reference 5 Interface Management Commands Format display default-parameter interface interface-type interface-number Parameters Parameter Description Value interface-type interfacenumber Displays the default configuration of a specified interface. - Views All views Default Level 1: Monitoring level Usage Guidelines Default configurations are not saved in the configuration file. To check the default configuration of an interface, run the display default-parameter interface command on the interface. The displayed information varies according to interfaces. Example # Display the default configuration of GE0/0/1. <Huawei> display default-parameter interface gigabitethernet 0/0/1 Interface state: undo shutdown Flow-stat interval: 300s Snmp trap updown: enable Description: HUAWEI, AP Series, GigabitEthernet0/0/1 Interface # Display the default configuration of the VLANIF 2 interface. <Huawei> display default-parameter interface vlanif 2 Interface state: undo shutdown MTU: 1500 Flow-stat interval: 300s Description: HUAWEI, AP Series, Vlanif2 Interface Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 375 Fit AP Command Reference 5 Interface Management Commands Table 5-1 Description of the display default-parameter interface command output Item Description Interface state Default status of an interface: ● shutdown: The default status of a physical interface is shutdown. ● undo shutdown: The default status of a logical interface is undo shutdown. To change the interface status, run the shutdown command or the undo shutdown command in the interface view. MTU Default MTU value of the interface. Flow-stat interval Interval for collecting traffic statistics on the interface. To set the interval for collecting traffic statistics on an interface, run the 5.1.14 set flow-stat interval (interface view) command in the interface view. Snmp trap updown Whether an alarm is sent to the NMS when the interface status changes: ● disable: No alarm is sent to the NMS when the interface status changes. ● enable: An alarm is sent to the NMS when the interface status changes. Description Interface description. To configure the description for an interface, run the 5.1.2 description (interface view) command in the interface view. 5.1.4 display interface Function The display interface command displays interface running status and statistics. Format display interface [ interface-type [ interface-number | main ] | main ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 376 Fit AP Command Reference 5 Interface Management Commands Parameters Parameter Description Value interface-type [ interface-number ] Displays running status of an interface. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. If the interface type is specified but no interface number is specified, running status of all the interfaces of this type is displayed. main Displays running status and traffic statistics about an interface. - ● If an interface has no sub-interfaces, status and traffic statistics about the interface are displayed whether you specify the main parameter or not. ● If an interface has sub-interfaces, status and traffic statistics about the interface and sub-interfaces are displayed if you do not specify the main parameter. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 377 Fit AP Command Reference 5 Interface Management Commands The running status and statistics of an interface includes the physical status, basic configuration, and packet forwarding of the interface. You can use the display interface command to collect traffic statistics or locate faults on an interface. Precautions If no interface type is specified, the running status and statistics of all the interfaces is displayed. If the interface type is specified but no interface number is specified, running status of all the interfaces of this type is displayed. Example # Display the running status, basic configuration, and packet forwarding on Layer 2 Ethernet interface GigabitEthernet0/0/1. <Huawei> display interface gigabitethernet 0/0/1 GigabitEthernet0/0/1 current state : UP Line protocol current state : UP Description:lineate-port-0 Switch Port, PVID : 1, TPID : 8100(Hex), The Maximum Frame Length is 9216 IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 1047-80ac-cc60 Last physical up time : 2012-02-10 01:46:35 UTC+08:00 Last physical down time : 2012-02-10 01:46:30 UTC+08:00 Current system time: 2012-02-11 11:11:36+08:00 Port Mode: COMMON COPPER Speed : 1000, Loopback: NONE Duplex: FULL, Negotiation: ENABLE Mdi : AUTO Last 300 seconds input rate 80 bits/sec, 0 packets/sec Last 300 seconds output rate 152 bits/sec, 0 packets/sec Input peak rate 57064 bits/sec,Record time: 2012-02-10 07:43:17 Output peak rate 39872 bits/sec,Record time: 2012-02-11 11:11:36 Input: 71004 packets, 9224321 bytes Unicast: 20023, Multicast: Broadcast: 1879, Jumbo: Discard: 0, Total Error: CRC: Jabbers: Runts: Symbols: Frames: 0, Giants: 0, Throttles: 0, Alignments: 0, Ignoreds: 0 Output: 20221 packets, 1679706 bytes Unicast: 19989, Multicast: Broadcast: 232, Jumbo: Discard: 0, Total Error: Collisions: Late Collisions: 0, ExcessiveCollisions: 0, Deferreds: 49102 0 0 0 0 0 0 0 0 0 0 0 Input bandwidth utilization threshold : 100.00% Output bandwidth utilization threshold: 100.00% Input bandwidth utilization : 0.01% Output bandwidth utilization : 0.01% Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 378 Fit AP Command Reference 5 Interface Management Commands Table 5-2 Description of the display interface command output Item Description current state Current interface status: ● DOWN: indicates that the interface is disabled. ● UP: indicates that the interface is enabled. Line protocol current state Link layer protocol status of the interface: ● DOWN: indicates that the link layer protocol of the interface fails or no IP address is assigned to the interface. ● UP: indicates that the link layer protocol of the interface is running properly. Description Interface description. To configure the description for an interface, run the description command. Switch Port, PVID Default VLAN ID of the interface. TPID Indicates the type of frames that are supported on the interface. By default, TPID is displayed as 0x8100, indicating an 802.1Q frame. This field is displayed only when the interface is a Layer 2 interface. The Maximum Frame Length Maximum frame length allowed by the interface. IP Sending Frames' Format Format of the frame contained in the sent IP packet, which can be PKTFMT_ETHNT_2, Ethernet_802.3, or Ethernet_SNAP. Hardware address MAC address of the device. Last physical up time Last time the interface went Up physically. If this field displays "-", the physical status of the interface does not change. Last physical down time Last time the interface went Down physically. If this field displays "-", the physical status of the interface does not change. Current system time Current system time. Port Mode Working mode of the interface: ● COMMON COPPER: The interface works as an electrical interface. ● COMMON FIBER: The interface works as an optical interface. Speed Issue 08 (2021-02-25) Current rate of the interface. Copyright © Huawei Technologies Co., Ltd. 379 Fit AP Command Reference 5 Interface Management Commands Item Description Loopback Loopback configuration of the interface. The loopback command configures loopback on an interface. Duplex Duplex mode of the interface. Negotiation Auto-negotiation mode of the interface. Mdi Network cable type of the interface. Last 300 seconds input rate Incoming packet rate (bits per second and packets per second) within the last 300 seconds. Last 300 seconds output rate Outgoing packet rate (bits per second and packets per second) within the last 300 seconds. Input peak rate Maximum incoming packet rate. Output peak rate Maximum outgoing packet rate. Input Total number of received packets. Output Total number of sent packets. Unicast Number of unicast packets received or sent by the interface. Multicast Number of multicast packets received or sent by the interface. Broadcast Number of broadcast packets received or sent by the interface. Jumbo Number of jumbo frames received or sent by the interface. Discard Number of packets discarded by the interface during physical layer detection. These packets are discarded because the interface is congested. Layer 2 Ethernet interfaces of the device do not support this statistical item. Total Error Number of error packets found during physical layer detection. CRC Number of CRC error packets received by the interface. Giants Number of jumbo frames with correct Frame Check Sequence (FCS) received by the interface. Jabbers Number of jumbo frames with incorrect FCS received by the interface, including alignment errors (the number of bytes that a packet contains is not an integer). Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 380 Fit AP Command Reference 5 Interface Management Commands Item Description Throttles Number of undersized frames with incorrect FCS received by the interface. Undersized frames are the frames that are shorter than 64 bytes and have the correct format and valid CRC field. Runts Number of undersized frames with correct FCS received by the interface. Undersized frames are the frames that are shorter than 64 bytes and have the correct format and valid CRC field. Alignments Number of received frames with alignment errors. Symbols Number of received frames with coding errors. Ignoreds Number of received MAC control frames with OpCode not being PAUSE. Frames Number of packets with incorrect 802.3 length. Collisions Number of frames that the interface stops sending when conflicts are detected during transmission. ExcessiveCollisions Number of frames that experience more than 16 consecutive conflict events and fail to be sent. Late Collisions Number of frames that experience conflict events and are delayed. The first 512 bits of these frames have been sent but these frames are delay because conflicts are detected. Deferreds Number of packets delayed because conflicts are detected before transmission. Input bandwidth utilization threshold Threshold for inbound bandwidth usage. Output bandwidth utilization threshold Threshold for outbound bandwidth usage. Input bandwidth utilization Inbound bandwidth usage. Output bandwidth utilization Outbound bandwidth usage. Related Topics 5.1.2 description (interface view) 5.1.15 shutdown (interface view) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 381 Fit AP Command Reference 5 Interface Management Commands 5.1.5 display interface brief Function The display interface brief command displays brief information about the status and configuration of interfaces. Format display interface brief [ main ] Parameters Parameter Description Value main Displays brief information about an Ethernet main interface. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The display interface brief command displays brief information about interfaces, including the physical status, link layer protocol status, inbound and outbound bandwidth usage within a certain period, and numbers of sent and received error packets. This information helps locate faults on interfaces. Precautions To clear statistics on an interface, run the reset counters interface command. Example # Display brief information about the status and configuration of interfaces. <Huawei> display interface brief PHY: Physical *down: administratively down (l): loopback (s): spoofing (e): ETHOAM down (d): Dampening Suppressed InUti/OutUti: input utility/output utility Interface PHY Protocol InUti OutUti inErrors outErrors GigabitEthernet0/0/1 up up 0.01% 0.01% 0 0 NULL0 up up(s) 0% 0% 0 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 382 Fit AP Command Reference 5 Interface Management Commands Vlanif1 Wlan-Capwap0 Wlan-Radio0/0/0 Wlan-Radio0/0/1 up up -up up up up up up ----- ---- 0 0 0 0 0 0 0 0 Table 5-3 Description of the display interface brief command output Item Description Interface Type and number of an interface. PHY Physical status of an interface: ● up: indicates that the interface is working properly. ● down: indicates that the physical layer of the interface fails. ● *down: Administratively Down, indicating that the administrator has run the shutdown command on the interface. ● (l): indicates that the loopback function is enabled on the interface. Protocol Link layer protocol status of the interface: ● up: indicates that the interface is working properly. ● down: indicates that the link layer protocol of the interface fails. ● (l): indicates that the loopback function is enabled on the interface. ● (s): indicates that the spoofing function is enabled on the interface. ● (e): indicates that the link layer of the interface is in EFM Down state. ● (d): indicates that the protocol module of the interface is suppressed. ● --: indicates that the link layer protocol status is not obtained. InUti Average inbound bandwidth usage of an interface within the last 300 seconds. Average inbound bandwidth usage within the last 300 seconds = Average inbound traffic rate within the last 300 seconds/Interface bandwidth When the average bandwidth usage is smaller than 0.01% and greater than 0, the value 0.01% is displayed. When the interface bandwidth becomes lower, the bandwidth usage may be displayed as 100% because the traffic volume is not adjusted in time. "--" indicates that an interface does not support the display of bandwidth usage. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 383 Fit AP Command Reference 5 Interface Management Commands Item Description OutUti Average outbound bandwidth usage within the last 300 seconds. Average outbound bandwidth usage within the last 300 seconds = Average outbound traffic rate within the last 300 seconds/Interface bandwidth When the average bandwidth usage is smaller than 0.01% and greater than 0, the value 0.01% is displayed. When the interface bandwidth becomes lower, the bandwidth usage may be displayed as 100% because the traffic volume is not adjusted in time. "--" indicates that an interface does not support the display of bandwidth usage. inErrors Number of error packets received by an interface. The value becomes 0 when you run the reset counters interface command in the user view or when the number of received packets reaches the maximum value 0xFFFFFFFF. outErrors Number of error packets sent by an interface. The value becomes 0 when you run the reset counters interface command in the user view or when the number of sent packets reaches the maximum value 0xFFFFFFFF. Related Topics 5.1.4 display interface 5.1.12 reset counters interface 5.1.6 display interface description Function The display interface description command displays the description of an interface. Format display interface description [ interface-type [ interface-number ] ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 384 Fit AP Command Reference 5 Interface Management Commands Parameters Parameter Description Value interface-type [ interface-number ] Displays the description of a specified interface. - If an interface type is specified but no interface number is specified, the description of all interfaces of the specified type is displayed. Views All views Default Level 1: Monitoring level Usage Guidelines The display interface command can also display the description of an interface. To quickly view the description of an interface, you are advised to use the display interface description command. If no interface type is specified, the description of all interfaces is displayed. If an interface type is specified but no interface number is specified, the description of all interfaces of the specified type is displayed. Example # Display the description of GE0/0/1. <Huawei> display interface description gigabitethernet 0/0/1 PHY: Physical *down: administratively down (l): loopback (s): spoofing (e): ETHOAM down (d): Dampening Suppressed Interface PHY Protocol Description GE0/0/1 down down lineate-port-0 Table 5-4 Description of the display interface description command output Item Description Interface Type and number of an interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 385 Fit AP Command Reference 5 Interface Management Commands Item Description PHY Physical status of an interface: ● up: indicates that the interface is working properly. ● down: indicates that the physical layer of the interface fails. ● *down: Administratively Down, indicating that the administrator has run the shutdown command on the interface. ● (l): indicates that the loopback function is enabled on the interface. Protocol Link layer protocol status of the interface: ● up: indicates that the interface is working properly. ● down: indicates that the link layer protocol of the interface fails. ● (l): indicates that the loopback function is enabled on the interface. ● (s): indicates that the spoofing function is enabled on the interface. ● (e): indicates that the link layer of the interface is in EFM Down state. ● (d): indicates that the protocol module of the interface is suppressed. ● --: indicates that the link layer protocol status of the interface is not obtained. Description Interface description. Related Topics 5.1.2 description (interface view) 5.1.7 display ip interface Function The display ip interface command displays the IP configuration and statistics on interfaces. The statistics include the number of packets and bytes received and sent by interfaces, number of multicast packets sent and received by interfaces, and number of broadcast packets received, sent, forwarded, and discarded by interfaces. The display ip interface brief command displays brief information about interface IP addresses, including the IP address, subnet mask, physical status, linklayer protocol status, and number of interfaces in different states. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 386 Fit AP Command Reference 5 Interface Management Commands Format display ip interface [ interface-type interface-number ] display ip interface brief [ interface-type [ interface-number ] ] display ip interface brief [ interface-type ] &<1-8> Parameters Parameter interface-type interface-number brief Description Value Specifies the type and number of an interface. If no interface is specified, IP configuration and statistics about all interfaces are displayed. - Displays brief information, including the IP address, subnet mask, physical status, link-layer protocol status, and number of interfaces in different states. - Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display ip interface brief command to view the following information: ● IP configurations of all interfaces ● IP configurations of interfaces of the specified type and a specified interface ● IP configurations of interfaces that have IP addresses This command, however, cannot display the IP configurations of Layer 2 interfaces. NOTE ● You can run the display interface description command to view the interface description. ● You can run the display interface command to view detailed information about the running status and statistics on the interface. Example # Display IP information about VLANIF15. <Huawei> display ip interface vlanif 15 Vlanif15 current state : UP Line protocol current state : UP The Maximum Transmit Unit : 1500 bytes input packets : 766390, bytes : 41540847, multicasts : 681817 output packets : 242239, bytes : 14679482, multicasts : 172333 Directed-broadcast packets: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 387 Fit AP Command Reference 5 Interface Management Commands received packets: 0, sent packets: forwarded packets: 0, dropped packets: Internet Address is 10.1.1.119/24 Broadcast address : 10.1.1.255 TTL being 1 packet number: 164035 TTL invalid packet number: 0 ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 Timestamp reply: 0 Information request: 0 Information reply: 0 Netmask request: 0 Netmask reply: 0 Unknown type: 0 0 0 Table 5-5 Description of the display ip interface command output Item Description current state : Physical status of the interface: ● UP: indicates that the interface is physically Up. ● DOWN: indicates that the interface is physically Down. ● Administratively down: indicates that the administrator has run the shutdown command on the interface. Line protocol current state : Link layer protocol status of the interface: ● UP: The link layer protocol of the interface is running properly. ● DOWN: The link layer protocol of the interface is Down or no IP address is configured on the interface. The Maximum Transmit Unit : MTU of the interface. The default MTU of an Ethernet interface or a serial interface is 1500 bytes. Packets longer than the MTU are fragmented before being transmitted. If fragmentation is not allowed, the packets are discarded. input packets : 766390, bytes : 41540847, multicasts : 681817 Total number of packets, bytes, and multicast packets received by the interface. output packets : 242239, bytes : 14679482, multicasts : 172333 Total number of packets, bytes, and multicast packets sent by the interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 388 Fit AP Command Reference 5 Interface Management Commands Item Description Directed-broadcast packets: Number of packets broadcast on the interface directly. received packets: Total number of received packets. sent packets: Total number of sent packets. forwarded packets: Total number of forwarded packets. dropped packets: Total number of discarded packets. Internet Address is IP address assigned to the interface and mask length. Broadcast address : Broadcast address of the interface. TTL being 1 packet number: Number of packets with TTL 1. TTL invalid packet number: Number of packets with invalid TTL. ICMP packet input number: Number of received ICMP packets. Echo reply: Number of Echo Reply packets. Unreachable: Number of Destination Unreachable packets. Source quench: Number of Source Quench packets. Routing redirect: Number of Redirect packets. Echo request: Number of Echo Request packets. Router advert: Number of Router Advertisement packets. Router solicit: Number of Router Solicitation packets. Time exceed: Number of Time Exceeded packets. IP header bad: Number of IP header error packets. Timestamp request: Number of Timestamp Request packets. Timestamp reply: Number of Timestamp Reply packets. Information request: Number of Information Request packets. Information reply: Number of Information Reply packets. Netmask request: Number of Address Mask Request packets. Netmask reply: Number of Address Mask Reply packets. Unknown type: Number of unknown packets. Related Topics 5.1.4 display interface Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 389 Fit AP Command Reference 5 Interface Management Commands 5.1.8 display ip interface description Function The display ip interface description command displays IP-related information (such as the IP address, subnet mask, physical layer status, link layer protocol status, and number of interfaces in different states) and description of an interface. Format display ip interface description [ interface-type [ interface-number ] | interfacetype &<1-8> ] Parameters Parameter Description Value interface-type Indicates the interface type. If no interface type is specified, IP-related configurations and statistics of all interfaces are displayed. - interfacenumber Indicates the interface number, which is used together with interface-type to identify an interface. If no interface number is specified, IP-related configurations and statistics of interfaces in the same type are displayed. - interface-type Indicates that the command can display IP-related information about interfaces of multiple types. The command can display IP-related information about interfaces in a maximum of eight types. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Instead of running the display ip interface brief and display interface description commands, you can run the display ip interface description command to view both IP-related information and description of an interface, which facilitates the user operation. Example # View IP-related information and description of a specified interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 390 Fit AP Command Reference 5 Interface Management Commands <Huawei> display ip interface description Codes: Ana(Analogmodem), Asy(Async), Cell(Cellular), Dia(Dialer), Eth(Ethernet) GE(GigabitEthernet), H(Hssi), Ima(Ima-group), Loop(LoopBack), MTun(MTunnel), S(Serial), Tun(Tunnel), VE(Virtual-Ethernet), VT(Virtual-Template) d(dampened), D(down), *D(administratively down), s(spoofing), ^D(standby), l(loopback), U(up), E(E-Trunk down) -----------------------------------------------------------------------------Number of interfaces whose physical status is Up: 3 Number of interfaces whose physical status is Down: 1 Number of interfaces whose protocol status is Up: 2 Number of interfaces whose protocol status is Down: 2 Interface NULL0 Vlanif1 Vlanif102 Vlanif400 Issue 08 (2021-02-25) IP Address/Mask Phy Prot Description unassigned U U(s) unassigned U D unassigned D D 192.168.40.1/24 U U Copyright © Huawei Technologies Co., Ltd. 391 Fit AP Command Reference 5 Interface Management Commands Table 5-6 Description of the display ip interface description command output Item Description Codes: The following information provides the full spelling and explanation of the abbreviated interface names, physical status, and link layer protocols. ● Full spelling of the abbreviated interface names is as follows: – Ana: Analogmodem interfaces – Asy: Async interfaces – Cell: Cellular interfaces – Dia: Dialer interfaces – Eth: Ethernet interfaces – GE: GigabitEthernet interfaces – H: Hssi interfaces – Ima: IMA-Group interfaces – Loop: Loopback interfaces – MTun: MTunnel interfaces – S: Serial interfaces – Tun: Tunnel interfaces – VE: Virtual-Ethernet interfaces – VT: Virtual-Template interfaces ● Explanation of the abbreviated physical status of the interface is as follows: – U: indicates that the physical status of the interface is Up. U(l) indicates that the interface is enabled with the loopback function. – D: indicates that the physical status of the interface is Down. – *D: indicates that the network administrator has run the shutdown command on the interface. – ^D: indicates that the FIB module is in the standby state. – s: indicates that the interface is in spoofing status. – E: indicates the physical status of the Eth-Trunk. ● Explanation of the abbreviated link layer protocol status is as follows: – U: indicates that the status of the link layer protocol on the interface is Up. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 392 Fit AP Command Reference 5 Interface Management Commands Item Description U(s) indicates that the link layer protocol of the interface is Up even though the interface is not configured with an IP address. (s) is an inherent attribute of the interface and will be displayed when the interface is configured with an IP address. (d) indicates that the protocol module of the interface is dampened. – D: indicates that the link layer protocol of the interface is Down or no IP address is assigned to the interface. Number of interfaces whose physical status is Up: Indicates the number of interfaces whose physical status is Up. Number of interfaces whose physical status is Down: Indicates the number of interfaces whose physical status is Down. Number of interfaces whose protocol status is Up: Indicates the number of interfaces whose link layer protocol is Up. Number of interfaces whose protocol status is Down: Indicates the number of interfaces whose link layer protocol is Down. Interface Indicates the name and number of an interface. IP Address/Mask Indicates the IP address and subnet mask of an interface. Phy Indicates the physical status of an interface. Prot Indicates the link layer protocol status of an interface. Description Indicates the description of an interface, expressed in characters. A maximum of 20 characters can be displayed. When the length of the description is greater than 20 characters, only the first 17 characters are displayed and the last 3 characters are replaced by ellipsis (...). If the description of an interface is the default setting, no information is displayed. Related Topics 5.1.4 display interface Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 393 Fit AP Command Reference 5 Interface Management Commands 5.1.9 display this interface Function The display this interface command displays interface information in the current interface view. Format display this interface Parameters None Views Interface view Default Level 1: Monitoring level Usage Guidelines In the interface view, you can run the display this interface command to rapidly view the status of the interface and packet statistics on the interface. Although the default level of the display this interface command is monitoring level, this command must be run in the interface view. Therefore, to run this command, you need to be of the configuration level or higher. Example # Display information about GE0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] display this interface GigabitEthernet0/0/1 current state : UP Line protocol current state : DOWN Description:HUAWEI, lineate-port-0 Switch Port, PVID : 1, TPID : 8100(Hex), The Maximum Frame Length is 9216 IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is dcd2-fcf9-b5ca Last physical up time : Last physical down time : 2011-12-12 03:36:09 UTC+08:00 Current system time: 2011-12-12 10:51:31+08:00 Port Mode: COMMON COPPER Speed : 1000, Loopback: NONE Duplex: FULL, Negotiation: ENABLE Mdi : AUTO Last 300 seconds input rate 0 bits/sec, 0 packets/sec Last 300 seconds output rate 0 bits/sec, 0 packets/sec Input peak rate 0 bits/sec,Record time: Output peak rate 0 bits/sec,Record time: Input: 0 packets, 0 bytes Unicast: 0, Multicast: Issue 08 (2021-02-25) 0 Copyright © Huawei Technologies Co., Ltd. 394 Fit AP Command Reference 5 Interface Management Commands Broadcast: Discard: 0, Jumbo: 0, Total Error: CRC: Jabbers: Runts: Symbols: Frames: 0, Giants: 0, Throttles: 0, Alignments: 0, Ignoreds: 0 Output: 0 packets, 0 bytes Unicast: 0, Multicast: Broadcast: 0, Jumbo: Discard: 0, Total Error: Collisions: Late Collisions: 0 0 0 0 0 0 0 0 0 0, ExcessiveCollisions: 0, Deferreds: 0 0 Input bandwidth utilization threshold : 100.00% Output bandwidth utilization threshold: 100.00% Input bandwidth utilization : 0% Output bandwidth utilization : 0% Table 5-7 Description of the display this interface command output Item Description current state Current interface status: ● DOWN: indicates that the interface is disabled. ● UP: indicates that the interface is enabled. Line protocol current state Link layer protocol status of the interface: ● DOWN: indicates that the link layer protocol of the interface fails or no IP address is assigned to the interface. ● UP: indicates that the link layer protocol of the interface is running properly. Description Interface description. PVID Default VLAN ID of the interface. TPID Type of frames that are supported on the interface. By default, this field displays 0x8100, indicating an 802.1Q frame. If the device does not support 802.1Q frames, the interface discards the 802.1Q frames immediately after receiving them. This field is displayed only for a Layer 2 interface. The Maximum Frame Length Maximum frame length allowed by the interface. IP Sending Frames' Format Format of the frame contained in the sent IP packet, which can be PKTFMT_ETHNT_2, Ethernet_802.3, or Ethernet_SNAP. Hardware address MAC address of the device. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 395 Fit AP Command Reference 5 Interface Management Commands Item Description Last physical up time Last time the interface went Up physically. If this field displays "-", the physical status of the interface does not change. Last physical down time Last time the interface went Down physically. If this field displays "-", the physical status of the interface does not change. Current system time Current system time. If the time zone is configured and the daylight saving time is used, the time is in YYYY/MM/DD HH:MM:SS UTC±HH:MM DST format. Port Mode Working mode of the interface: ● COMMON COPPER: The interface works as an electrical interface. ● COMMON FIBER: The interface works as an optical interface. Speed Current rate of an interface. Loopback Loopback configuration of the interface. Duplex Duplex mode of the interface. Negotiation Auto-negotiation mode of the interface. Mdi Network cable type of the interface. Last 300 seconds input rate Incoming packet rate (bits per second and packets per second) within the last 300 seconds. Last 300 seconds output rate Outgoing packet rate (bits per second and packets per second) within the last 300 seconds. Input peak rate 0 bits/sec,Record time Maximum rate of incoming packets and time when the maximum rate is reached. Output peak rate 0 bits/sec,Record time Maximum rate of outgoing packets and time when the maximum rate is reached. Input Total number of received packets. Output Total number of sent packets. Unicast Number of unicast packets received or sent by the interface. Multicast Number of multicast packets received or sent by the interface. Broadcast Number of broadcast packets received or sent by the interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 396 Fit AP Command Reference 5 Interface Management Commands Item Description Jumbo Number of jumbo frames received or sent by the interface. Discard Number of packets discarded by the interface during physical layer detection. Total Error Number of error packets found during physical layer detection. CRC Number of CRC error packets received by the interface. Giants Number of jumbo frames with correct FCS received by the interface. Jabbers Number of jumbo frames with incorrect FCS received by the interface, including alignment errors (the number of bytes that a packet contains is not an integer). Throttles Number of undersized frames with incorrect FCS received by the interface. Runts Number of undersized frames with correct FCS received by the interface. Alignments Number of received frames with alignment errors. Symbols Number of received frames with coding errors. Ignoreds Number of received MAC control frames with OpCode not being PAUSE. Frames Number of packets with incorrect 802.3 length. Collisions Number of sent packets with 1 to 15 conflict events. ExcessiveCollisions Number of packets with 16 conflict events and failing to be sent. Late Collisions Number of packets with conflict and delayed. Deferreds Number of delayed packets without conflict. Input bandwidth utilization threshold Threshold for inbound bandwidth usage. Output bandwidth utilization threshold Threshold for outbound bandwidth usage. Input bandwidth utilization Inbound bandwidth usage. Output bandwidth utilization Outbound bandwidth usage. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 397 Fit AP Command Reference 5 Interface Management Commands Related Topics 5.1.4 display interface 5.1.5 display interface brief 5.1.10 interface Function The interface command displays the interface view. Format interface interface-type interface-number undo interface interface-type interface-number Parameters Parameter interface-type interface-number Description Value Specifies the type and number of an interface. The interface type and number can be closely next to each other or separated by a space character. - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario After the specified interface view is displayed, you can set attributes for the interface. Precautions ● The interface command can display only the view of an existing physical interface and cannot create a physical interface. ● The interface command can create a logical interface and display the view of the logical interface. Example # Display the view of GE0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 398 Fit AP Command Reference 5 Interface Management Commands Related Topics 5.1.4 display interface 5.1.11 reset counters if-mib interface Function The reset counters if-mib interface command clears interface traffic statistics in the Network Management System (NMS). Format reset counters if-mib interface [ interface-type [ interface-number ] ] Parameters Parameter Description Value interface-type [ interfacenumber ] Clears traffic statistics on a specified interface in the NMS. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. If an interface type is specified but no interface number is specified, traffic statistics on all interfaces of the specified type are cleared. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario Before collecting traffic statistics on a specific interface within a period in the NMS, clear existing traffic statistics on this interface in the NMS. NOTE For details on how to view interface traffic statistics in the NMS, see the NMS documentation. Precautions ● Issue 08 (2021-02-25) If no interface type and number are specified, traffic statistics of all interfaces in the NMS are cleared. Copyright © Huawei Technologies Co., Ltd. 399 Fit AP Command Reference 5 Interface Management Commands ● After you run the reset counters if-mib interface command, traffic statistics on all interfaces in the NMS are cleared. Therefore, confirm the action before you run this command. ● Running the reset counters if-mib interface command does not affect the interface traffic statistics displayed by the display interface command. To clear the interface traffic statistics displayed by the display interface command, run the reset counters interface command. Example # Clear traffic statistics on GE0/0/1 in the NMS. <Huawei> reset counters if-mib interface gigabitethernet 0/0/1 Related Topics 5.1.12 reset counters interface 5.1.12 reset counters interface Function The reset counters interface command clears traffic statistics about a specified interface. Format reset counters interface [ interface-type [ interface-number ] ] Parameters Parameter Description Value interface-type [ interface-number ] Clears traffic statistics on a specified interface. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. If an interface type is specified but no interface number is specified, traffic statistics on all interfaces of the specified type are cleared. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 400 Fit AP Command Reference 5 Interface Management Commands Views User view Default Level 3: Management level Usage Guidelines Usage Scenario Before collecting traffic statistics on an interface within a certain period, run the reset counters interface command to clear existing traffic statistics. Precautions ● Statistics cannot be restored after being cleared. Therefore, exercise caution before clearing the statistics. ● Traffic accounting is based on the packet statistics on an interface. The clearing of the packet statistics on an interface by using the reset counters interface command affects the traffic accounting result. Therefore, do not randomly clear the packet statistics on an interface in a normal application environment. ● If no interface type is specified, traffic statistics on all types of interfaces are cleared. If an interface type is specified but no interface number is specified, traffic statistics on all interfaces of the specified type are cleared. ● Running the reset counters interface command clears the last part of the display interface command output. That is, statistics about received and transmitted packets on the interface are cleared. Example # Clear traffic statistics on all interfaces. <Huawei> reset counters interface # Clear traffic statistics on VLANIF10. <Huawei> reset counters interface vlanif 10 Related Topics 5.1.4 display interface 5.1.5 display interface brief 5.1.13 restart (interface view) Function The restart command restarts an interface. Format restart Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 401 Fit AP Command Reference 5 Interface Management Commands Parameters None Views GE interface view, VLANIF interface view, Eth-Trunk interface, Ethernet interface view , MultiGE interface view interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario After modifying parameters of an interface, run the restart command to make the modification take effect. Precautions ● Restarting an interface during data transmission will cause data frame loss or service interruption. Exercise caution when you use the restart command. ● Running the restart command is equivalent to running the shutdown command and the undo shutdown command in sequence. Example # Restart GE 0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet 0/0/1] restart Related Topics 5.1.15 shutdown (interface view) 5.1.14 set flow-stat interval (interface view) Function The set flow-stat interval command sets the interval for collecting the traffic statistics on interfaces. The undo set flow-stat interval command restores the default interval for collecting traffic statistics on interfaces. By default, the interval for collecting traffic statistics on interfaces is 300 seconds. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 402 Fit AP Command Reference 5 Interface Management Commands Format set flow-stat interval interval-time undo set flow-stat interval Parameters Parameter Description Value interval-time Specifies the interval for collecting traffic statistics on interfaces. The value is an integer that ranges from 10 to 600, in seconds. In addition, the value must be a multiple of 10. The default value is 300s. Views Interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario By using the set flow-stat interval command to set the interval for collecting traffic statistics on interfaces, you can collect and analyze traffic statistics according to your needs. You can also take traffic control measures based on the traffic statistics to prevent network congestion and service interruption. ● When congestion occurs, set the interval for collecting traffic statistics on an interface to less than 300 seconds, or 30 seconds if congestion worsens. Then observe the traffic distribution on the interface within a short period of time. If data packets cause congestion, take proper measures to control the rate of the packets. ● When the network bandwidth is sufficient and services are running properly, set the interval for collecting traffic statistics on an interface to more than 300 seconds. If the value of any traffic parameter is not within the specified range, change the interval for collecting traffic statistics to observe the traffic volume in real time. Precautions ● The interval configured in the system view takes effect on all the interfaces that use the default interval. ● The interval configured in the interface view takes effect only on the current interface. ● The interval configured in the interface view takes precedence over the interval configured in the system view. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 403 Fit AP Command Reference 5 Interface Management Commands Example # Set the interval for collecting traffic statistics on GE0/0/1 to 400s. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] set flow-stat interval 400 Related Topics 5.1.4 display interface 5.1.12 reset counters interface 5.1.15 shutdown (interface view) Function The shutdown command disables an interface. The undo shutdown command enables an interface. By default, interfaces are enabled. Format shutdown undo shutdown Parameters None Views GE interface view, Eth-Trunk interface view, Ethernet interface view , VLANIF interface view, MultiGE interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario After modifying parameters of an interface, run the shutdown and undo shutdown commands to make the modification take effect. When an interface is not connected to a cable or fiber, you can use the shutdown command to disable the interface to prevent exceptions caused by interference. Precautions ● Issue 08 (2021-02-25) Disabling an interface during data transmission will cause data frame loss or service interruption. Exercise caution when you use the shutdown command. Copyright © Huawei Technologies Co., Ltd. 404 Fit AP Command Reference 5 Interface Management Commands ● Some logical interfaces, such as loopback, and null interfaces, do not support the shutdown and undo shutdown commands. ● Running the shutdown and undo shutdown commands is equivalent to running the restart command. Example # Shut down GE 0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet 0/0/1] shutdown Related Topics 5.1.4 display interface 5.1.13 restart (interface view) 5.2 Ethernet Interface Configuration Commands 5.2.1 cable-snr-test Function The cable-snr-test command checks the network cable quality and displays the check result. NOTE Format cable-snr-test Parameters None Views MultiGE interface view Default Level 3: Management level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 405 Fit AP Command Reference 5 Interface Management Commands You can check the quality of the network cable on a MultiGE electrical interface to determine whether the network cable quality meets communication requirements. Precautions ● This command checks real-time quality of the network cable on an interface, and the network cable quality changes with the external environment. ● A MultiGE electrical interface supports the network cable quality check only when it works at the rate of 2.5 Gbit/s or higher. ● An interface does not support the network cable quality check when it is Down or in loopback detection mode. Example # Check the network cable quality on MultiGE0/0/1. <Huawei> system-view [Huawei] interface MultiGE 0/0/1 [Huawei-MultiGE0/0/1] cable-snr-test Info: The current network cable is of good quality. 5.2.2 display interface ethernet brief Function The display interface ethernet brief command displays brief information about all Ethernet interfaces. Format display interface ethernet brief [ main ] Parameters Parameter Description Value main Displays brief information about all Ethernet main interfaces. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can use the display interface ethernet brief command to view brief information about Ethernet interfaces, including the physical status, autoIssue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 406 Fit AP Command Reference 5 Interface Management Commands negotiation mode, duplex mode, bandwidth, and average inbound and outbound bandwidth usages within the last period of time. This information helps you locate and rectify faults. Precautions To clear statistics on an interface, run the reset counters interface command. Example # Display brief information about all Ethernet interfaces. <Huawei> display interface ethernet brief PHY: Physical *down: administratively down (l): loopback InUti/OutUti: input utility/output utility Interface PHY Auto-Neg Duplex Bandwidth InUti OutUti Trunk GigabitEthernet0/0/1 up enable full 1000M 0.01% 0.01% -- Table 5-8 Description of the display interface ethernet brief command output Item Description Interface Type and number of an interface. All interfaces are displayed in alphabetical order. Information about the following interfaces can be displayed: ● GE interface ● Ethernet interface PHY Physical status of an interface: ● up: indicates that the interface works properly. ● down: indicates that the physical layer of the interface fails. ● *down: refers to Administratively Down, indicating that the administrator has run the shutdown (interface view) command on the interface. ● (l): refers to loopback, indicating that the loopback function is enabled on the interface. AutoNeg Whether auto-negotiation is enabled on an interface: ● enable: indicates that auto-negotiation is enabled on the interface. ● disable: indicates that auto-negotiation is disabled on the interface. Duplex Duplex mode of an interface: ● full: indicates the full-duplex mode. ● half: indicates the half-duplex mode. Bandwidt h Issue 08 (2021-02-25) Bandwidth on the interface. Copyright © Huawei Technologies Co., Ltd. 407 Fit AP Command Reference 5 Interface Management Commands Item Description InUti Average inbound bandwidth usage within the last 5 minutes. Average inbound bandwidth usage = Average inbound rate within the last 5 minutes/Interface bandwidth OutUti Average outbound bandwidth usage within the last 5 minutes. Average outbound bandwidth usage = Average outbound rate within the last 5 minutes/Interface bandwidth Trunk Number of the Eth-Trunk to which an interface is added. Related Topics 5.1.4 display interface 5.1.12 reset counters interface 5.2.3 interface (Ethernet interface) Function Using the interface command, you can enter the specified interface view. Format interface { gigabitethernet | ethernet | multige } interface-number Parameters Parameter Description Value gigabitethernet Enter the view of a GE interface. - interface-number Specifies the number of an interface. - ethernet Enter the view of an FE interface. - multige Enter the view of an MultiGE interface. - Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 408 Fit AP Command Reference 5 Interface Management Commands Usage Guidelines After enter the specified Ethernet interface view, you can set attributes for the Ethernet interface. Example # Enter the view of GE0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] Related Topics 5.1.4 display interface 5.2.4 log-threshold Function The log-threshold command sets the inbound and outbound bandwidth usage thresholds for generating a log. The undo log-threshold command restores the default inbound and outbound bandwidth usage thresholds for generating a log. The default inbound and outbound bandwidth usage thresholds for generating a log is 100. Format log-threshold { input-rate | output-rate } bandwidth-in-use [ resume-rate resume-threshold ] undo log-threshold { input-rate | output-rate } Parameters Parameter Description Value input-rate Specifies the inbound bandwidth. - output-rate Specifies the outbound bandwidth. - bandwidth-in-use Specifies the bandwidth usage The value is an integer that threshold for generating a ranges from 1 to 100. log, prompting for a bandwidth increase request. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 409 Fit AP Command Reference 5 Interface Management Commands Parameter Description resume-rate Specifies the bandwidth usage resume-threshold threshold for generating a log, indicating that bandwidth usage has been restored. Value The value is an integer that ranges from 1 to the value of bandwidth-in-use. The default value is the value of bandwidth-in-use. Views GE interface view, Ethernet interface view, MultiGE interface view, XGE interface view Default Level 2: Configuration level Usage Guidelines Monitoring bandwidth usage helps you learn about current device load. If the bandwidth usage exceeds a configured threshold, a log or an alarm is generated, indicating that bandwidth resources become insufficient and need an increase. For example, if bandwidth usage exceeds 95% of total bandwidth, an alarm is generated, indicating that bandwidth is exhausted. Some services may be interrupted before the bandwidth increases. To help prevent service interruption, setting two bandwidth usage thresholds, one for generating a log and the other for generating an alarm helps you increase bandwidth in time. NOTE Outbound bandwidth usage = (Outbound interface rate/Outbound physical interface bandwidth) x 100 Inbound bandwidth usage = (Inbound interface rate/Inbound physical interface bandwidth) x 100 If the offset between the value of bandwidth-in-use and the value of resumethreshold is too small, log information may be frequently displayed. Example # Configure GE0/0/1 to generate a log when the outbound interface rate exceeds 80% of the bandwidth. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] log-threshold output-rate 80 # Configure GE0/0/1 to generate a log when the outbound interface rate exceeds 80% of the bandwidth and to generate a log indicating that bandwidth usage has been restored, when the outbound interface rate is lower than 60% of the bandwidth. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] log-threshold output-rate 80 resume-rate 60 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 410 Fit AP Command Reference 5 Interface Management Commands 5.2.5 loopback Function The loopback command enables loopback detection on an interface. The undo loopback command disables loopback detection on an interface. By default, loopback detection is not configured. NOTE The AD9431DN-24X does not support this command. Format loopback remote undo loopback Parameters Parameter Description Value remote Configures remote loopback detection on an interface. - Views GE interface view, Ethernet interface view, MultiGE interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario Loopback detection can be enabled to test some special functions, for example, locating faults on the Ethernet. After loopback detection is enabled, the Ethernet interface works in full-duplex mode. After loopback detection is disabled, the original duplex mode of the Ethernet interface is restored. After remote loopback detection is configured, the local interface sends a packet received from the peer interface back to the peer interface, rather than forwarding the packet to the destination address. Follow-up Procedure Use a dedicated test tool to check whether the number of packets received and the number of packets sent on the Ethernet interface are the same. If not, the hardware is faulty. If yes, the hardware works properly. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 411 Fit AP Command Reference 5 Interface Management Commands Precautions Loopback detection interrupts the operation of Ethernet interfaces and links. After loopback detection is performed, run the undo loopback command to disable loopback detection immediately. Example # Configure remote loopback detection on GE0/0/1. <Huawei> system-view [Huawei] interface gigabitethernet 0/0/1 [Huawei-GigabitEthernet0/0/1] loopback remote Info: This may interrupt the operation of Ethernet interfaces and links.Continue ? [Y/N]:y Related Topics 5.1.4 display interface 5.2.6 virtual-cable-test Function The virtual-cable-test command tests the cable connected to an Ethernet electrical interface and displays the test result. Format virtual-cable-test Parameters None Views GE interface view, MultiGE interface view Default Level 3: Management level Usage Guidelines Usage Scenario You can run the virtual-cable-test command to check whether the cable works properly. According to the command output, you can locate and rectify cable faults. ● If the cable works properly, the total length of the cable is displayed. ● If the cable cannot work properly, the distance between the interface and the fault point is displayed. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 412 Fit AP Command Reference 5 Interface Management Commands ● Only the electrical interface or combo interface working as an electrical interface support the VCT function. ● Running the virtual-cable-test command may affect services on the interface in a short period of time. ● The VCT function is supported only when the local and peer ends work at 1000 Mbit/s in auto-negotiation mode.The VCT function is supported only by the R230D when its interfaces work at 100 Mbit/s in auto-negotiation mode. ● When the cable works properly, the VCT function is not supported by all or some interfaces of the following APs. The cable length is 0 in the command output of interfaces. ● If the cable cannot work properly, the distance between the interface and the failure point is displayed. ● The test result is only for reference and may be inaccurate for cables of some vendors. ● VCT detection cannot be performed on multiple interfaces of the device at the same time. ● For wire sequence of cables, see Testing the Connection of Assembled Cables in the Hardware Installation and Maintenance Guide. Example # Test the cable connected to 0/0/1. Table 5-9 Description of the virtual-cable-test command output Item Description Pair A/B/C/D Four pairs of circuits in a network cable. Pair A length Length of a network cable: ● The length is the distance between the interface and the fault point if a fault occurs. ● The length is the actual length of the cable when the cable works properly. Pair A state Network cable status: ● Ok: indicates that the circuit pair is terminated normally. ● Open: indicates that the circuit pair is not terminated. ● Short: indicates that the circuit pair is short-circuited. ● Crosstalk: indicates that the circuit pairs interfere with each other. ● Unknown: indicates that the circuit pair has an unknown fault. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 413 Fit AP Command Reference 5 Interface Management Commands 5.3 Logical Interface Configuration Commands 5.3.1 display interface null Function The display interface null command displays the status of a null interface. Format display interface null [ 0 | main ] Parameters Parameter Description Value 0 Specifies the number of the null interface. The value can be 0 only. main Displays status and traffic statistics about a Null interface. - A Null interface has no sub-interfaces. Status and traffic statistics about a Null interface are displayed whether you specify the main parameter or not. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The display interface null command displays the status of a null interface. The interface status information includes: the physical status, link layer protocol status, description, MTU, current system time, last time statistics about the null interface are cleared, incoming and outgoing packet rates in bit/s and pps, total numbers of packets and bytes received and sent by the null interface, and percentages of the rates for receiving and sending packets to the total bandwidth. Precautions There is only one null interface, namely, NULL 0. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 414 Fit AP Command Reference 5 Interface Management Commands Example # Display the status of Null 0 interface. <Huawei> display interface null 0 NULL0 current state : UP Line protocol current state : UP (spoofing) Description:HUAWEI, AP Series, NULL0 Interface Route Port,The Maximum Transmit Unit is 1500 Internet protocol processing : disabled Physical is NULL DEV Current system time: 2011-12-12 10:28:12+08:00 Last 300 seconds input rate 0 bits/sec, 0 packets/sec Last 300 seconds output rate 0 bits/sec, 0 packets/sec Realtime 0 seconds input rate 0 bits/sec, 0 packets/sec Realtime 0 seconds output rate 0 bits/sec, 0 packets/sec Input: 0 bytes Output:0 bytes Input bandwidth utilization : 0% Output bandwidth utilization : 0% Table 5-10 Description of the display interface null command output Item Description NULL0 current state Physical status of the null interface. The physical status of the null interface is always Up. Line protocol current state Link layer protocol status of the interface. The protocol status of the null interface is always Up. Description Description of the interface, which can be set by using the description command. Route Port,The Maximum Transmit Unit is 1500 The MTU is 1500 bytes. Internet protocol processing Whether Internet protocol processing is enabled. ● enabled: The Internet protocol processing is enabled. ● disabled: The Internet protocol processing is disabled. Physical is NULL DEV The interface is null. Current system time Current system time. Last 300 seconds input rate Rates for sending and receiving the bytes and the packets by the interface in the last five minutes. Last 300 seconds output rate Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 415 Fit AP Command Reference 5 Interface Management Commands Item Description Realtime 0 seconds input rate Real-time rates of sending and receiving the bytes and the packets. Realtime 0 seconds output rate It refers to the interval between two display commands that are run on the same interface. The maximum value is the statistical interval displayed in the previous piece of information. This entry is displayed only when information about a logical interface is viewed. Input Total number of packets and the total number of bytes received by the interface. Output Total number of packets and the total number of bytes sent by the interface. Input bandwidth utilization Percentage of the rate for receiving packets to the total bandwidth. Output bandwidth utilization Percentage of the rate for sending packets to the total bandwidth. Related Topics 5.3.2 interface null 5.3.2 interface null Function Using the interface null command, you can enter the null interface view. Format interface null 0 Parameters None Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 416 Fit AP Command Reference 5 Interface Management Commands The Null0 interface never forwards or accepts any traffic. All traffic sent to this interface is directly discarded. Unnecessary traffic can be sent to the Null0 interface to avoid using ACLs. Precautions There is only one null interface, named null0. This interface is always Up and cannot be shut down or deleted. Example # Enter the view of the Null0 interface. <Huawei> system-view [Huawei] interface null 0 [Huawei-NULL0] Related Topics 5.3.1 display interface null Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 417 Fit AP Command Reference 6 6 Network Interconnection Configurations Commands Network Interconnection Configurations Commands About This Chapter 6.1 MAC Address Table Configuration Commands 6.2 VLAN Configuration Commands 6.3 STP Configuration Commands 6.4 ARP Configuration Commands 6.5 DHCP Configuration Commands 6.6 DHCPv6 Configuration Commands 6.7 DNS Configuration Commands 6.8 IP Performance Configuration Commands 6.9 Basic IPv6 Configuration Commands 6.10 IPv6 DNS Configuration Commands 6.11 IP Routing Basic Configuration Commands 6.12 IGMP Snooping Configuration Commands 6.1 MAC Address Table Configuration Commands 6.1.1 display mac-address Function The display mac-address command displays the MAC address table of the wireless access point. A MAC address entry contains the destination MAC address, VLAN ID, outbound interface, and entry type. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 418 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display mac-address mac-address [ vlan vlan-id ] [ verbose ] display mac-address [ vlan vlan-id | interface-type interface-number ] [ verbose ] * Parameters Parameter Description Value mac-address Specifies the destination MAC address in an entry. The value is in H-H-H format. H is a hexadecimal number of 4 digits. The MAC address cannot be FFFF-FFFF-FFFF, 0000-0000-0000, or a multicast MAC address. vlan vlan-id Displays MAC address entries in a specified VLAN. The value is an integer that ranges from 1 to 4094. interface-type interfacenumber Displays the MAC address entries with a specified outbound interface. - ● interface-type specifies the type of the outbound interface. ● interface-number specifies the number of the outbound interface. verbose Displays detailed information about MAC address entries. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The MAC address table of the wireless access point stores MAC addresses of other devices. When forwarding an Ethernet frame, the wireless access point searches Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 419 Fit AP Command Reference 6 Network Interconnection Configurations Commands the MAC address table for the outbound interface according to the destination MAC address and VLAN ID in the Ethernet frame. The display mac-address command displays all MAC address entries, such as dynamic MAC address entries, static MAC address entries, and blackhole MAC address entries. A MAC address entry contains the destination MAC address, VLAN ID, outbound interface, and entry type. Follow-up Procedure If any MAC address entry in the command output is incorrect, run the undo macaddress command to delete the entry or run the mac-address command to add a correct one. Precautions If you run the display mac-address command without parameters, all MAC address entries are displayed. When the wireless access point has a large number of MAC address entries, it is recommended that you specify parameters in the command to filter the output information. Otherwise, the following problems may occur due to excessive output information: ● The displayed information is repeatedly refreshed, so you cannot find the required information. ● The system traverses and retrieves information for a long time, and does not respond to any request. Example # Display all MAC address entries. <Huawei> display mac-address ------------------------------------------------------------------------------MAC Address VLAN/VSI Learned-From Type ------------------------------------------------------------------------------4c1f-cc25-611b 100/GE0/0/1 security ------------------------------------------------------------------------------Total items displayed = 1 Table 6-1 Description of the display mac-address command output Item Description MAC Address Destination MAC address in a MAC address entry. VLAN/VSI ID of the VLAN or name of the VSI that a MAC address belongs to. Learned-From Interface on which the MAC address is learned. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 420 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Type Type of a MAC address entry. ● static: indicates a static MAC address entry, which is manually configured and will not be aged out. ● blackhole: indicates a blackhole MAC address entry, which is manually configured and will not be aged out. ● dynamic: indicates a MAC address entry learned by the wireless access point, which will be aged out when the aging time expires. ● security: indicates a MAC address entry that an interface learns after port security is enabled. ● sticky: indicates a MAC address entry that an interface learns after the sticky MAC function is enabled. ● mux: indicates a MAC address entry learned by a MUX VLAN enabled interface. ● snooping: indicates a static MAC address entry generated based on the dynamic DHCP snooping binding table. Related Topics 6.1.6 display mac-address summary 6.1.7 display mac-address total-number 6.1.9 mac-address 6.1.2 display mac-address aging-time Function The display mac-address aging-time command displays the aging time of dynamic MAC address entries in the MAC address table. Format display mac-address aging-time Parameters None Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 421 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario This command displays the aging time of dynamic MAC address entries on the wireless access point. You can check whether the aging time is suitable for network requirements and device performance. Follow-up Procedure If the aging time is unsuitable for requirements or device performance, run the mac-address aging-time command to set the aging time properly. Precautions If the aging time is 0, dynamic MAC addresses will not be aged out. In this case, MAC address entries increase sharply and the MAC address table will be full quickly. Example # Display the aging time of dynamic MAC address entries. <Huawei> display mac-address aging-time Aging time: 300 second(s) Table 6-2 Description of the display mac-address aging-time command output Item Description Aging time Aging time of dynamic MAC address entries, in seconds. To set the aging time, run the macaddress aging-time command. Related Topics 6.1.10 mac-address aging-time 6.1.3 display mac-address blackhole Function The display mac-address blackhole command displays blackhole MAC address entries. Format display mac-address blackhole [ vlan vlan-id ] [ verbose ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 422 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value vlan vlan-id Displays blackhole MAC address entries in The value is an integer a specified VLAN. vlan-id specifies the ID of that ranges from 1 to a VLAN. 4094. verbose Displays detailed information about blackhole MAC address entries. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The MAC address table of the wireless access point stores MAC addresses of other devices. When forwarding an Ethernet frame, the wireless access point searches the MAC address table for the outbound interface according to the destination MAC address and VLAN ID in the Ethernet frame. The MAC address table contains the following MAC address entries: ● Blackhole MAC address entries that are used to discard packets with the specified MAC addresses or destination MAC addresses. Blackhole MAC address entries are manually configured and will not be aged out. ● Static MAC entries that are manually configured and will not be aged out. ● Dynamic MAC address entries that are learned by the wireless access point and will be aged out when the aging time expires. To check whether blackhole MAC address entries are configured correctly, run this command. These entries ensure communication between authorized users. Follow-up Procedure If any blackhole MAC address entry in the command output is incorrect, run the undo mac-address command to delete the entry or run the mac-address command to add a correct one. Precautions If you run the display mac-address blackhole command without parameters, all blackhole MAC address entries are displayed. If the MAC address table does not contain any blackhole MAC address, no information is displayed. Example # Display all blackhole MAC address entries. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 423 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> display mac-address blackhole ------------------------------------------------------------------------------MAC Address VLAN/VSI Learned-From Type ------------------------------------------------------------------------------0022-0022-0033 100/blackhole 0000-0000-0001 200/blackhole ------------------------------------------------------------------------------Total items displayed = 2 Table 6-3 Description of the display mac-address blackhole command output Item Description MAC Address Destination MAC address in a blackhole MAC address entry. VLAN/VSI ID of the VLAN or name of the VSI that a MAC address belongs to. Learned-From When the type of a MAC address entry is blackhole, "-" is displayed. Type Type of a MAC address entry. Related Topics 6.1.6 display mac-address summary 6.1.7 display mac-address total-number 6.1.9 mac-address 6.1.4 display mac-address dynamic Function The display mac-address dynamic command displays dynamic MAC address entries. If no parameter is specified, all dynamic MAC address entries are displayed. Format display mac-address dynamic [ vlan vlan-id | interface-type interface-number ] [ verbose ] * Parameters Parameter Description Value vlan vlan-id Displays dynamic MAC address entries in a specified VLAN. The value is an integer that ranges from 1 to 4094. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 424 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value interface-type interfacenumber Displays dynamic MAC address entries with a specified outbound interface. - ● interface-type specifies the type of the outbound interface. ● interface-number specifies the number of the outbound interface. verbose Displays detailed information about dynamic MAC address entries. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The MAC address table needs to be updated constantly because the network topology always changes. You can use this command to view learned MAC addresses in real time. Follow-up Procedure If the displayed dynamic MAC address entries are invalid, run the undo macaddress command to delete dynamic MAC address entries. Precautions If you run the display mac-address dynamic command without parameters, all dynamic MAC address entries are displayed. If the MAC address table does not contain any dynamic MAC address entry, no information is displayed. When the wireless access point has a large number of dynamic MAC address entries, it is recommended that you specify parameters in the command to filter the output information. Otherwise, the following problems may occur due to excessive output information: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 425 Fit AP Command Reference 6 Network Interconnection Configurations Commands ● The displayed information is repeatedly refreshed, so you cannot find the required information. ● The system traverses and retrieves information for a long time, and does not respond to any request. Example # Display all dynamic MAC address entries. <Huawei> display mac-address dynamic ------------------------------------------------------------------------------MAC Address VLAN/VSI Learned-From Type ------------------------------------------------------------------------------0000-0000-0001 100/GE0/0/1 dynamic ------------------------------------------------------------------------------Total items displayed = 1 Table 6-4 Description of the display mac-address dynamic command output Item Description MAC Address Destination MAC address in a dynamic MAC address entry. VLAN/VSI ID of the VLAN or name of the VSI that a MAC address belongs to. Learned-From Interface that learns a MAC address. Type Type of a MAC address entry. Related Topics 6.1.6 display mac-address summary 6.1.7 display mac-address total-number 6.1.5 display mac-address static Function The display mac-address static command displays static MAC address entries. Format display mac-address static [ vlan vlan-id | interface-type interface-number ] [ verbose ] * Parameters Parameter Description Value vlan vlan-id Displays static MAC address entries in a specified VLAN. The value is an integer that ranges from 1 to 4094. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 426 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value interface-type interfacenumber Displays the static MAC address entries on a specified interface. - verbose Displays detailed information about static MAC address entries. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The MAC address table of the wireless access point stores MAC addresses of other devices. When forwarding an Ethernet frame, the wireless access point searches the MAC address table for the outbound interface according to the destination MAC address and VLAN ID in the Ethernet frame. The MAC address table contains the following MAC address entries: ● Static MAC entries that are manually configured and will not be aged out. ● Blackhole MAC address entries that are used to discard packets with the specified source MAC addresses or destination MAC addresses. Blackhole MAC address entries are manually configured and will not be aged out. ● Dynamic MAC address entries that are learned by the wireless access point and will be aged out when the aging time expires. To improve network security, configure static MAC address entries to ensure that packets destined for specified MAC addresses are forwarded by the specified interfaces. This prevents attack packets with bogus MAC addresses and guarantees communication between the wireless access point and the upstream device or server. After configuring static MAC address entries, you can run the display macaddress static command to verify the configuration. Follow-up Procedure If any static MAC address entry is incorrect, run the undo mac-address command to delete it. Precautions If you run the display mac-address static command without parameters, all static MAC address entries are displayed. If the MAC address table does not contain any static MAC address entry, no information is displayed. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 427 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Display all static MAC address entries. <Huawei> display mac-address static ------------------------------------------------------------------------------MAC Address VLAN/VSI Learned-From Type ------------------------------------------------------------------------------0000-0000-0033 100/GE0/0/1 static 0000-0000-0001 200/GE0/0/1 static ------------------------------------------------------------------------------Total items displayed = 2 Table 6-5 Description of the display mac-address static command output Item Description MAC Address Destination MAC address in a static MAC address entry. VLAN/VSI ID of the VLAN or name of the VSI that a MAC address belongs to. Learned-From Interface that learns a MAC address. Type Type of a MAC address entry. Related Topics 6.1.6 display mac-address summary 6.1.7 display mac-address total-number 6.1.9 mac-address 6.1.6 display mac-address summary Function The display mac-address summary command displays statistics on MAC address entries. Format display mac-address summary Parameters None Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 428 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines The MAC address table of the device stores MAC addresses of other devices. When forwarding an Ethernet frame, the wireless access point searches the MAC address table for the outbound interface according to the destination MAC address and VLAN ID in the Ethernet frame. When the wireless access point has many MAC address entries of different types, you can use the display mac-address summary command to view the summary of MAC address entries in the system. In the command output, Local and Remote identify the MAC address entries learned by the local device and MAC address entries synchronized from other devices. Example # Display statistics on all MAC address entries in the system. <Huawei> display mac-address summary Summary information of slot 0: ----------------------------------Static : 0 Local interface : Blackhole : Dyn-Local : 0 Dyn-Remote : 0 Dyn-Trunk : 0 Sticky : 0 Security : 1 Snooping : 0 In-used : 1 Capacity : 4096 ----------------------------------- Table 6-6 Description of the display mac-address summary command output Item Description Static Number of static MAC address entries. Local interface Local static MAC address. Blackhole Number of blackhole MAC address entries Dyn-Local Number of MAC address entries learned by the local device. Dyn-Remote Number of MAC address entries synchronized from other device. Dyn-Trunk Total number of MAC address entries learned by all trunk interfaces. Sticky Number of sticky MAC address entries. Security Number of secure dynamic MAC address entries. Snooping Number of Snooping MAC address entries. In-used Total number of existing MAC address entries. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 429 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Capacity Capacity of the MAC address table. The actual value varies according to device models. Related Topics 6.1.1 display mac-address 6.1.7 display mac-address total-number 6.1.9 mac-address 6.1.7 display mac-address total-number Function The display mac-address total-number command displays the number of MAC address entries of a specified type. Format display mac-address total-number display mac-address total-number [ vlan vlan-id | interface-type interfacenumber ] * display mac-address total-number vlan all display mac-address total-number blackhole [ vlan vlan-id ] display mac-address total-number dynamic [ vlan vlan-id | interface-type interface-number ] * display mac-address total-number static [ vlan vlan-id | interface-type interface-number ] * Parameters Parameter Description Value dynamic Displays the number of dynamic MAC address entries. - blackhole Displays the number of blackhole MAC address entries. - static Displays the number of static MAC address entries. - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 430 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value vlan vlan-id Displays the number of MAC address entries in a specified VLAN. The value is an integer that ranges from 1 to 4094. vlan all Displays the number of MAC address entries in all VLANs. - interface-type interfacenumber Displays the number of MAC address entries learned by a specified interface. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The MAC address table of the wireless access point stores MAC addresses of other devices. When forwarding an Ethernet frame, the wireless access point searches the MAC address table for the outbound interface according to the destination MAC address and VLAN ID in the Ethernet frame. When the wireless access point has many MAC address entries of different types, you can use the display mac-address total-number command to view statistics on MAC address entries of a specified type. Precautions If no parameter is specified, the total number of MAC address entries in the system is displayed. If interface-type interface-number is not specified, the total number of MAC addresses learned by all interfaces is displayed. If vlan vlan-id is not specified, the total number of MAC addresses in all VLANs is displayed. Example # Display the number of dynamic MAC address entries. <Huawei> display mac-address total-number dynamic Info: total number of mac-address is : 20 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 431 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-7 Description of the display mac-address total-number command output Item Description Info: total number of macaddress Total number of MAC address entries in the system. Related Topics 6.1.6 display mac-address summary 6.1.1 display mac-address 6.1.8 display mac-limit Function The display mac-limit command displays the rules that limit the number of learned MAC addresses. Format display mac-limit [ interface-type interface-number | vlan vlan-id ] Parameters Parameter Description Value interface-type interfacenumber Displays the MAC address limiting rule on a specified interface. - ● interface-type specifies the type of the interface. ● interface-number specifies the number of the interface. vlan vlan-id Displays the MAC address limiting rules in a specified VLAN. The value is an integer that ranges from 1 to 4094. Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 432 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario To check whether MAC address limiting rules are configured correctly, run the display mac-limit command. If a rule is incorrect, run the mac-limit command to modify the rule. Precautions If the interface-type and interface-number are not specified, MAC address limiting rules on all interfaces are displayed. If vlan vlan-id is not specified, MAC address limiting rules in all VLANs are displayed. Example # Display all the MAC address limiting rules. <Huawei> display mac-limit MAC limit is enabled Total MAC limit rule count : 1 PORT VLAN/VSI SLOT Maximum Rate(ms) Action Alarm ---------------------------------------------------------------------------GE0/0/1 - 1 discard disable Table 6-8 Description of the display mac-limit command output Item Description Total MAC Limit rule count Number of configured MAC address limiting rules. PORT Name of an interface. VLAN/VSI ID of a VLAN or a VSI name. SLOT Slot ID of the board where a MAC address limiting rule is configured. Maximum Maximum number of MAC addresses that can be learned. To set the maximum number of MAC addresses, run the mac-limit command. Rate(ms) Indicates the interval at which MAC addresses are learned. Action Action performed on packets when the number of learned MAC addresses exceeds the maximum number. ● discard: discards packets with new source MAC addresses. ● forward: forwards packets with new source MAC addresses. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 433 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Alarm Whether an alarm is generated when the number of learned MAC addresses exceeds the maximum. ● enable: indicates that an alarm is generated. ● disable: indicates that an alarm is not generated. Related Topics 6.1.11 mac-limit 6.1.9 mac-address Function The mac-address command adds a static MAC address entry or a blackhole MAC address entry. The undo mac-address command deletes MAC address entries of a specified type. Format mac-address static mac-address interface-type interface-number vlan vlan-id mac-address blackhole mac-address [ vlan vlan-id ] undo mac-address blackhole [ mac-address ] [ vlan vlan-id ] undo mac-address mac-address [ vlan vlan-id ] undo mac-address [ all | dynamic | static ] [ interface-type interface-number | vlan vlan-id ] * Parameters Parameter Description Value blackhole Indicates blackhole MAC address entries. - static Indicates static MAC address entries, that is, MAC address entries configured manually. - mac-address Specifies the source or destination MAC address in a MAC address entry. The value is in H-H-H format. H is a hexadecimal number of 4 digits. The MAC address cannot be FFFF-FFFF-FFFF, 0000-0000-0000, or a multicast MAC address. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 434 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value interface-type interfacenumber Specifies the outbound interface in a MAC address entry. - ● interface-type specifies the type of the outbound interface. ● interface-number specifies the number of the outbound interface. vlan vlan-id Specifies the ID of the VLAN that the outbound interface belongs to. The value is an integer that ranges from 1 to 4094. all Deletes all MAC address entries. - dynamic Deletes dynamic MAC address entries, that is, the MAC address entries learned by an interface. - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario MAC address entries are classified into the following types: ● Dynamic MAC address entries that are learned by an interface after MAC address learning is enabled. ● Static MAC address entries that are manually configured. They take precedence over dynamic MAC address entries. ● Blackhole MAC address entries that are manually configured. A data frame is discarded if the source or destination MAC address matches a blackhole MAC address entry. Functions of static and blackhole MAC address entries are: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 435 Fit AP Command Reference 6 Network Interconnection Configurations Commands ● Static MAC address entries prevent bogus packets with trusted device MAC addresses sent from attackers and guarantee communication between the wireless access point and the upstream device or server. ● Blackhole MAC address entries prevent untrusted devices from attacking the wireless access point. The undo mac-address command is used in the following scenarios: ● The upstream device or server has changed or the untrusted device has been removed, and the corresponding static MAC address entry or blackhole MAC address entry needs to be deleted. ● Dynamic address entries become invalid and need to be deleted to trigger MAC address relearning. Prerequisites The interface has been added to a VLAN. Precautions You can configure multiple static MAC address entries or blackhole MAC address entries by running the mac-address command multiple times. If you configure a static or blackhole MAC address entry when the MAC table is full, the wireless access point processes the MAC address entry as follows: ● If a dynamic MAC address entry with the same MAC address exists in the MAC address table, the wireless access point replaces the dynamic MAC address entry with the configured entry. ● If no dynamic MAC address entry with the same MAC address exists in the MAC address table, the MAC address entries cannot be added to the MAC address table. When using the undo mac-address command, pay attention to the following points: ● If interface-type interface-number is not specified, MAC address entries of a specified type on all interfaces are deleted. ● If vlan vlan-id is not specified, MAC address entries of a specified type in all VLANs are deleted. Example # Add a static MAC address entry to the MAC address table. The destination MAC address is 0003-0003-0003. The outbound interface is gigabitethernet0/0/1, which belongs to VLAN 4. <Huawei> system-view [Huawei] mac-address static 0003-0003-0003 gigabitethernet 0/0/1 vlan 4 # Configure a blackhole MAC address entry to discard the Ethernet frames whose destination MAC address is 0004-0004-0004 and VLAN ID is VLAN 5. <Huawei> system-view [Huawei] mac-address blackhole 0004-0004-0004 vlan 5 # Delete all dynamic MAC address entries. <Huawei> system-view [Huawei] undo mac-address dynamic Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 436 Fit AP Command Reference 6 Network Interconnection Configurations Commands Related Topics 6.1.1 display mac-address 6.1.6 display mac-address summary 6.1.10 mac-address aging-time Function The mac-address aging-time command sets the aging time of dynamic MAC address entries. The undo mac-address aging-time command restores the default aging time of dynamic MAC address entries. By default, the aging time of dynamic MAC address entries is 300 seconds. Format mac-address aging-time aging-time undo mac-address aging-time Parameters Parameter Description Value aging-time Specifies the aging time of dynamic MAC address entries. The value is 0 or an integer that ranges from 60 to 65535, in seconds. The default value is 300. The value 0 indicates that dynamic MAC address entries will not be aged out. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario The network topology changes frequently, and the wireless access point will learn many MAC addresses. You can run the mac-address aging-time command to set a proper aging time for dynamic MAC address entries so that aged MAC address entries are deleted from the MAC address table. This reduces MAC address entries in the MAC address table. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 437 Fit AP Command Reference 6 Network Interconnection Configurations Commands The system starts an aging timer for each dynamic MAC address entry. If a dynamic MAC address entry is not updated within a certain period (twice the aging time), the entry is deleted. If the entry is updated within this period, the aging timer of this entry is reset. If the aging time is short, the wireless access point is sensitive to network changes. When setting the aging time of dynamic MAC address entries, follow these rules: ● Set a longer aging time on a stable network and a shorter aging time on an unstable network. ● The capacity of the MAC address table on a low end device is small; therefore, set a relatively short aging time on low end devices to save the MAC address table space. Precautions If the aging time is 0, dynamic MAC addresses will not be aged out. In this case, MAC address entries increase sharply and the MAC address table will be full quickly. If you run the mac-address aging-time command multiple times, only the latest configuration takes effect. Dynamic MAC address entries are lost after system restart. Static MAC address entries and blackhole MAC address entries are not aged or lost. Example # Set the aging time of dynamic MAC address entries to 500 seconds. <Huawei> system-view [Huawei] mac-address aging-time 500 Related Topics 6.1.2 display mac-address aging-time 6.1.11 mac-limit Function The mac-limit command configures a rule to limit the number of MAC addresses that can be learned. The undo mac-limit command deletes the rule. By default, the number of learned MAC addresses is not limited. Format mac-limit { action { discard | forward } | alarm { disable | enable } | maximum max-num }* undo mac-limit Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 438 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value action { discard | forward } Indicates the action performed when the number of learned MAC address entries reaches the limit. If no action is specified in the command, the default action discard is used. ● discard: discards packets with new source MAC addresses. ● forward: forwards packets with new source MAC addresses but does not add the new MAC addresses to the MAC address table. NOTE This parameter cannot be specified in the VLAN view. alarm { disable | enable } Indicates whether the system generates an alarm when the number of learned MAC address entries reaches the limit. If you do not set this parameter in the command, the alarm function is enabled by default. ● disable: indicates that no alarm is generated when the number of learned MAC addresses reaches the limit. ● enable: indicates that an alarm is generated when the number of learned MAC addresses reaches the limit. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 439 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value maximum max-num Sets the maximum number of MAC addresses that can be learned. The value is a decimal integer ranging from 0 to 4096. The value 0 indicates that the highest rate of MAC address learning is not limited. NOTE If maximum is not set, you must run the mac-limit command with maximum specified. If you have run the mac-limit command to set the maximum number of MAC addresses that can be learned, you do not need to set maximum max-num when running this command again. Views Ethernet interface view, GE interface view, XGE interface view, MultiGE interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario The mac-limit command limits the number of access users and prevents attacks to the MAC address tables. You can enable the function to improve network security. Precautions The action cannot be set in the VLAN view. Example # Configure the following MAC address learning rule on GigabitEthernet0/0/1: ● The maximum number of learned MAC addresses is 30. ● When the number of learned MAC addresses exceeds the maximum, and an alarm is generated. <Huawei> system-view [Huawei] interface GigabitEthernet 0/0/1 [Huawei-GigabitEthernet0/0/1] mac-limit maximum 30 alarm enable 6.2 VLAN Configuration Commands Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 440 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.2.1 management-vlan Function The management-vlan command configures CAPWAP packets sent from an AP wired interface to carry a management VLAN tag. The undo management-vlan command cancels the management VLAN configuration for CAPWAP packets sent from an AP wired interface. By default, CAPWAP packets sent from an AP wired interface do not carry a management VLAN tag. Format management-vlan vlan-id undo management-vlan Parameters Parameter Description Value vlan-id Specifies a management VLAN ID. The value is an integer that ranges from 1 to 4094. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario By default, CAPWAP packets sent from an AP wired interface do not carry a management VLAN tag. In most cases, the access switch interface directly connected to the AP adds the PVID to the CAPWAP packets as the management VLAN ID. If the PVID of the access device has been used for other purposes (for example, as the default VLAN ID of wired users), the PVID cannot be configured as the management VLAN ID on the access device interface. In this case, configure CAPWAP packets sent from an AP wired interface to carry the management VLAN tag. The AP then adds the management VLAN ID to the CAPWAP packets sent to the AC. You only need to configure the access device to allow the packets carrying the management VLAN ID to pass. Precautions The configuration takes effect only after the AP is restarted. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 441 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Configure CAPWAP packets sent from an AP wired interface to carry management VLAN 2. <Huawei> system-view [Huawei] management-vlan 2 6.2.2 description (VLANIF interface view) Function The description command set the description of a VLANIF interface. The undo description command restores the default description of a VLANIF interface. By default, the description of a VLANIF interface is in "HUAWEI, AP Series, Vlanif2 Interface" format. Format description description undo description Parameters Parameter Description Value description Specifies the description of a VLANIF interface. It is a string of 1 to 242 characters. The characters are case sensitive. Spaces are allowed. Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario To manage VLANIF interfaces conveniently, use the description command to set VLANIF interface descriptions. The description of a VLANIF interface helps you identify the VLANIF interface and know its functions. You can use the display interface vlanif command to view the description of a VLANIF interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 442 Fit AP Command Reference 6 Network Interconnection Configurations Commands Precautions The description of a VLANIF interface should provide useful information. Set different descriptions for VLANIF interfaces to distinguish VLANIF interfaces. If you run the description command multiple times in the same VLANIF interface view, only the latest configuration takes effect. Example # Set the description of VLANIF 2 to Huawei. <Huawei> system-view [Huawei] interface vlanif 2 [Huawei-Vlanif2] description Huawei Related Topics 6.2.3 display interface vlanif 6.2.6 interface vlanif 6.2.3 display interface vlanif Function The display interface vlanif command displays the status and configuration of a VLANIF interface. Format display interface vlanif [ vlan-id | main ] Parameters Parameter Description Value vlan-id Specifies the ID of a VLAN. The value is an integer and the value range depends on the range of existing VLANIF interfaces. You can enter the question mark (?) to obtain the range of VLAN IDs. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 443 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value main Displays status and traffic statistics about a VLANIF interface. - A VLANIF interface has no sub-interfaces. Status and traffic statistics about a VLANIF interface are displayed whether you specify the main parameter or not. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario To monitor an interface or locate an interface fault, you can use the display interface vlanif command to view the interface status, interface configuration, and traffic statistics on the interface. Prerequisites The specified VLANIF interface has been created. Precautions If vlan-id is not specified, the display interface vlanif command displays information about all VLANIF interfaces in the system. Example # Display the status and configuration of VLANIF 3. <Huawei> display interface vlanif 3 Vlanif3 current state : DOWN Line protocol current state : DOWN Description:HUAWEI, AP Series, Vlanif3 Interface Route Port,The Maximum Transmit Unit is 1500 Internet protocol processing : disabled IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc01-00e1 Current system time: 2007-09-12 20:21:13 Input bandwidth utilization : -Output bandwidth utilization : -- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 444 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-9 Description of the display interface vlanif command output Item Description current state Status of a VLANIF interface. The value is UP or Down. Line protocol current state Status of the link-layer protocol on a VLANIF interface. The value is UP or Down. Last line protocol up time The last time the line protocol is up. Description Description of a VLANIF interface. Route Port Indicates that the interface is a Layer 3 interface. The Maximum Transmit Unit Specifies the MTU of a VLANIF interface. Internet Address IP address of a VLANIF interface. If the VLANIF interface does not have an IP address, the system displays "Internet protocol processing: disabled." IP Sending Frames' Format Encapsulation format of IP packets, which can be PKTFMT_ETHNT_2, Ethernet_802.3, or Ethernet_SNAP. Hardware address MAC address of the VLANIF interface. Current system time Indicates the current system time. If the system is configured with a time zone and is in the summer time, the time is displayed in the format of YYYY/MM/DD HH:MM:SS UTC±HH:MM DST. Input/Output bandwidth utilization Inbound/outbound bandwidth utilization on an interface. Related Topics 6.2.2 description (VLANIF interface view) 6.2.6 interface vlanif 6.2.7 mtu (VLANIF interface view) 6.2.4 display port vlan Function The display port vlan command displays information about interfaces of the VLAN. Format display port vlan [ interface-type interface-number | active ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. * 445 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value interface-type interfacenumber Specifies the type and number of an interface in the VLAN. If this parameter is not specified, information about all interfaces in the VLAN is displayed. - active Indicates the interface information of dynamic entries in the VLAN. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can run the display port vlan command to view information about interfaces of the VLAN and check whether the VLAN is assigned by the command, protocols, or services. If a fault occurs on an interface, you can locate the fault based on the information about the interface and VLAN. Prerequisite A VLAN has been created and the Layer 2 interface has joined the VLAN. Precautions If a large number of mappings between interfaces and VLANs exist on the device, you are advised to specify the interface or active to filter the command output. Otherwise, the following problems may occur due to excessive output information: ● The displayed information is repeatedly refreshed, causing required information to fail to be obtained. ● The system does not respond because of long-time information traverse and search. Example # Display information about interfaces that belong to each VLAN on the device. <Huawei> display port vlan Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 446 Fit AP Command Reference 6 Network Interconnection Configurations Commands Port Link Type PVID Trunk VLAN List ------------------------------------------------------------------------------GigabitEthernet0/0/1 trunk 1 1 2001 # Display information about all dynamic entries. <Huawei> display port vlan active T=TAG U=UNTAG C=Configured H=HVRP G=GVRP V=VOICE-VLAN E=E-LMI DA=Dynamic-authorization-VLAN UU=Unauthenticated-user-VLAN M=Mac-Flapping LBDT=Loopback-detect LDT=Loop-detection ------------------------------------------------------------------------------Port Link Type PVID VLAN List ------------------------------------------------------------------------------GE0/0/1 trunk 1(C) U: 1(C) T: 2001(C) Table 6-10 Description of the display port vlan command output Item Description Port Indicates the type and number of the interface. Link Type Indicates the types of the interface link. PVID Indicates the default VLAN ID of the interface. By default, VLAN 1 is the default VLAN of all interfaces. Trunk VLAN List ● Indicates the VLAN IDs that are dynamically added by an interface. ● Indicates the VLAN IDs of packets that are statically configured to pass through an interface. VLAN List Indicates the VLAN IDs of packets that are statically configured to pass through an interface. 6.2.5 display vlan Function The display vlan command displays information about all VLANs. If no parameter is specified, brief information about all VLANs is displayed. Format display vlan [ vlan-id [ verbose ] ] display vlan vlan-name vlan-name [ verbose ] display vlan [ vlan-id1 [ to vlan-id2 ] | vlan-name vlan-name | brief | summary ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 447 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value vlan-id Specifies the ID of a VLAN. The value is an integer that ranges from 1 to 4094. vlan-id1 [ to vlan-id2 ] Specifies a range of VLAN IDs. ● The value of vlan-id1 is an integer that ranges from 1 to 4094. ● vlan-id1 specifies the first VLAN ID. ● to vlan-id2 specifies the last VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1. If to vlanid2 is not specified, only information about the VLAN specified by vlan-id1 is displayed. ● The value of vlan-id2 is an integer that ranges from 1 to 4094. summary Displays summary of all VLANs. - verbose Displays detailed information about a specified VLAN. - vlan-name vlan-name Specifies a VLAN name. The value is a string of 1 to 31 case-sensitive characters without spaces. brief Indicates brief information about VLANs. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 448 Fit AP Command Reference 6 Network Interconnection Configurations Commands The display vlan command displays VLAN configuration or packet statistics on interfaces in a VLAN. Example # Display brief information about all VLANs. <Huawei> display vlan * : management-vlan --------------------The total number of vlans is : 6 VLAN ID Type Status MAC Learning Broadcast/Multicast/Unicast Property -------------------------------------------------------------------------------1 common enable enable forward forward forward default 10 common enable enable forward forward forward default 100 common enable enable forward forward forward default 199 common enable enable forward forward forward default 900 common enable enable forward forward forward default 4094 common enable enable forward forward forward default # Display detailed information about VLAN 100. <Huawei> display vlan 100 verbose * : Management-VLAN --------------------VLAN ID : 100 VLAN Name : VLAN Type : Common Description : VLAN 0100 Status : Enable Broadcast : Enable MAC Learning : Enable Smart MAC Learning : Disable Current MAC Learning Result : Enable Statistics : Disable Property : Default VLAN State : Down ---------------Tagged Port: GigabitEthernet0/0/1 ---------------Active Tag Port: GigabitEthernet0/0/1 ------------------Interface Physical GigabitEthernet0/0/1 DOWN # Display summary of all VLANs. <Huawei> display vlan summary static vlan: Total 8 static vlan exist(s). 1 10 to 12 20 100 200 470 dynamic vlan: Total 0 dynamic vlan exist(s). # Display brief of all VLANs. <Huawei> display vlan brief U:Up;D:Down;TG:Tagged;UT:Untagged; VID Name Status Ports -------------------------------------------------------------------------------1 enable UT: GE0/0/1(U) 2001 enable TG: GE0/0/1(U) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 449 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-11 Description of the display vlan command output Item Description VID or VLAN ID ID of a VLAN. Type or VLAN Type Type of a VLAN. ● mux: indicates a principal VLAN used in the MUX VLAN function. ● mux-sub: indicates a subordinate VLAN used in the MUX VLAN function. ● super: indicates a super-VLAN used for VLAN aggregation. ● sub: indicates a sub-VLAN used for VLAN aggregation. ● Common: indicates a common VLAN. ● *Common: indicates the management VLAN. Ports Interfaces in a VLAN. VLAN Name Name of a VLAN. Description Description of a VLAN. Status Status of a VLAN. The value is always Enable. Broadcast Whether the broadcast function is enabled in a VLAN. ● disable: The broadcast function is disabled. ● enable: The broadcast function is enabled. MAC Learning/MAC-LRN Whether MAC address learning is enabled: ● disable: MAC address learning is disabled. ● enable: MAC addresses learning is enabled. Broadcast/Multicast/Unicast Indicates whether broadcast packets, multicast packets, or unicast packets are forwarded. The value can be: ● forward: forwarding broadcast packets, multicast packets, or unicast packets ● discard: discarding broadcast packets, multicast packets, or unicast packets Smart MAC Learning Whether smart MAC address learning is enabled: ● disable: Smart MAC address learning is disabled. ● enable: Smart MAC addresses learning is enabled. Current MAC Learning Result Issue 08 (2021-02-25) MAC address learning result. Copyright © Huawei Technologies Co., Ltd. 450 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Statistics Whether the traffic statistics function is enabled in a VLAN. ● disable: Traffic statistics function is disabled. ● enable: Traffic statistics function is enabled. Property Property of a VLAN. ● Default: indicates a default VLAN. ● MutilcastVlan: indicates a multicast VLAN. ● UserVlan: indicates a user VLAN. VLAN state Indicates the status of the VLAN. The value can be: ● Up ● Down The status of a VLAN is determined by the status of member interfaces in the VLAN. A VLAN is Up only when at least one member interface in the VLAN is Up. Tagged/Untagged Port Interfaces that are manually added to a VLAN in tagged or untagged mode. Active Tag/Active Untag Port Active interfaces that join a VLAN in tagged or untagged mode. static vlan VLANs that are created manually. dynamic vlan VLANs that are learned dynamically. 6.2.6 interface vlanif Function The interface vlanif command displays the VLANIF interface view. Format interface vlanif vlan-id undo interface vlanif vlan-id Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 451 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value vlan-id Specifies the ID of the VLAN that a VLANIF interface belongs to. The value is an integer that ranges from 1 to 4094. The device supports 1 VLANIF interfaces. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario When a device needs to communicate with devices at the network layer, you can create a logical interface based on a VLAN on the device, namely, a VLANIF interface. A VLANIF interface is a network layer interface and can be configured with an IP address. The device then users the VLANIF interface to communicate with devices at the network layer. Precautions If the specified VLANIF interface exists, the interface vlanif command displays the VLANIF interface view directly. When a VLANIF interface is used as a management VLANIF interface where you can telnet to the device, the user VLAN ID cannot be the same as the management VLAN ID; otherwise, you will fail to telnet to the device. Example # Create VLANIF 2 and enter the VLANIF interface view. <Huawei> system-view [Huawei] interface vlanif 2 [Huawei-Vlanif2] Related Topics 6.2.3 display interface vlanif Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 452 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.2.7 mtu (VLANIF interface view) Function Using the mtu command, you can set the maximum transmission unit (MTU) of a VLANIF interface. Using the undo mtu command, you can restore the default MTU of a VLAN interface. By default, the MTU of a VLAN interface is 1500 bytes. Format mtu mtu undo mtu Parameters Parameter Description Value mtu Specifies the MTU of a VLANIF interface. The value is an integer that ranges from 128 to 1700, in bytes. Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario MTU is short for maximum transmission unit. An MTU value determines the maximum number of bytes each time a sender can send. If the size of packets exceeds the MTU supported by a transit node or a receiver, the transit node or receiver fragments the packets or even discards them, aggravating the network transmission load. To avoid this problem, set the MTU value of the VLANIF interface. Example # Set the MTU of the VLANIF interface to 1492 bytes. <Huawei> system-view [Huawei] interface Vlanif 100 [Huawei-Vlanif100] mtu 1492 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 453 Fit AP Command Reference 6 Network Interconnection Configurations Commands Related Topics 6.2.9 shutdown (VLANIF interface view) 6.2.8 reset vlan statistics Function Using the reset vlan statistics command, you can clear traffic statistics in a specified VLAN. Format reset vlan statistics vlan-id Parameters Parameter Description Value vlan-id Specifies the ID of a VLAN. The value is an integer that ranges from 1 to 4094. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario This command is used when you need to collect new packet statistics in a VLAN. After this command is executed, the packet count in the VLAN becomes 0. Precautions NOTICE Traffic statistics cannot be restored after they are cleared. Exercise caution when you use the command. Example # Clear traffic statistics in VLAN 3. <Huawei> reset vlan statistics 3 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 454 Fit AP Command Reference 6 Network Interconnection Configurations Commands Related Topics 6.2.5 display vlan 6.2.9 shutdown (VLANIF interface view) Function Using the shutdown command, you can shut down a VLANIF interface. Using the undo shutdown command, you can enable a VLANIF interface. By default, a VLANIF interface is enabled. Format shutdown undo shutdown Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario When a VLANIF interface fails or is not needed, you can run the shutdown command on the VLANIF interface. Precautions A VLANIF interface is Up as long as an interface in the corresponding VLAN is Up. After the VLANIF interface is shut down, the interface status changes to Down even if physical interfaces in the corresponding VLAN are Up. After a VLANIF interface is shut down, none of the users that use the VLANIF interface address as the gateway address can communicate at Layer 3. In addition, the VLANIF interface address cannot be used in route calculation. After a VLANIF interface is shut down, the dynamic ARP entry corresponding to the VLANIF interface starts aging in the ARP table. If the VLANIF interface address is in a static ARP entry, the ARP entry is not deleted. Example # Enable VLANIF 2. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 455 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> system-view [Huawei] interface vlanif 2 [Huawei-Vlanif2] undo shutdown Related Topics 6.2.3 display interface vlanif 6.3 STP Configuration Commands 6.3.1 display stp Function The display stp command displays the status of and statistics on a spanning tree instance. Format display stp [ interface interface-type interface-number ] [ brief ] Parameters Parameter Description Value interface interface- Displays the information of a spanning tree on a type interfacespecified interface. number If interface interface-type interface-number is not specified, the status and statistics of all interfaces will be displayed in the sequence of the interface numbers. - brief - Displays the brief status. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The display stp command is used to check whether STP/RSTP/MSTP is run in the existing switching device or specified interface. ● Issue 08 (2021-02-25) If the Protocol Status field value is Disabled, STP/RSTP/MSTP is not run. Copyright © Huawei Technologies Co., Ltd. 456 Fit AP Command Reference ● 6 Network Interconnection Configurations Commands If STP/RSTP/MSTP has been run, information such as the working mode of STP/RSTP/MSTP will be displayed. When the network planner has deployed STP on the network, you can run the display stp command to check whether the configurations and calculation result. Example # When the stp enable command does not run, the status and statistics of STP are displayed. <Huawei> display stp -------[CIST Global Info][Mode STP]------CIST Bridge :40960.dcd2-fc9d-0bb0 Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 CIST Root/ERPC :40960.dcd2-fc9d-0bb0 / 0 (This bridge is the root) CIST RegRoot/IRPC :40960.dcd2-fc9d-0bb0 / 0 CIST RootPortId :0.0 BPDU-Protection :Disabled TC or TCN received :0 TC count per hello :0 STP Converge Mode :Normal Time since last TC :0 days 0h:0m:0s Number of TC :0 Table 6-12 Description of the display stp command output Item Description CIST Global Info CIST global information. ModeSTP The operation mode is STP. CIST Bridge ID of the CIST bridge. ● The previous 16 bits are the priority of the switch in CIST. ● The latter 48 bits is the MAC address of the switch. Config Times Values that are configured manually in the bridge protocol information: ● Hello: the period of sending BPDUs. ● MaxAge: the maximum life cycle of BPDU. ● FwDly: deferred time of the change of the port status. ● MaxHop: the maximum hops in the MST region. Active Times Values that are used actually in the bridge protocol information: ● Hello: the period of sending BPDUs. ● MaxAge: the maximum life cycle of BPDU. ● FwDly: deferred time of the change of the port status. ● MaxHop: the maximum hops in the MST region. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 457 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description CIST Root/ERPC CIST root bridge ID/External path cost (the path cost from the switch to the CIST root bridge.) CIST RegRoot/IRPC Region root bridge ID/Internal path cost (the path cost from the switch to region root bridge.) CIST RootPortId CIST root port ID. "0.0" indicates the switch is a root bridge and has no root port. BPDU-Protection BPDU protection function: ● Disabled ● Enabled TC or TCN received Number of the received TC or TCN packets. TC count per hello Number of TC packets received within a hello interval. STP Converge Mode STP converge mode Time since last TC Period from the last topology change to now. Number of TC Topology change count. 6.3.2 display stp abnormal-interface Function The display stp abnormal-interface command displays information about abnormal interfaces running the Spanning Tree Protocol (STP). Format display stp [ instance instance-id ] abnormal-interface Parameters Parameter Description Value instance Displays the status and statistics of a specified spanning tree instance. The value is an integer in the range 0 to 4094. The value 0 indicates a common and internal spanning tree (CIST) instance. instance-id If instance instance-id is not specified, the status and statistics of all spanning tree instances will be displayed in the sequence of the interface numbers. Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 458 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 1: Monitoring level Usage Guidelines Usage Scenario If a device has many interfaces and the display stp command output displays vast information, viewing information about abnormal interfaces running STP is difficult. You can use the display stp abnormal-interface command to view information about abnormal interfaces running STP. Example # Display information about abnormal interfaces in process 0 running STP <Huawei> display stp instance 0 abnormal-interface MSTID Interface Status Reason 0 GigabitEthernet0/0/1 DISCARDING LOOP-Protected Table 6-13 Description of the display stp abnormal-interface command output Item Description MSTID MSTP instance ID Interface Interface type Status Status of an interface after the STP protection takes effect ● DOWN: indicates that the physical status of the interface is Down (including error-down). ● DISCARDING: indicates the blocked interface after the topology of the spanning tree becomes stable. Reason An interface running STP becomes abnormal due to one of the following: ● Root-Protected: indicates that the root protection takes effect. ● Loop-Protected: indicates that the loop protection takes effect. ● BPDU-Protected: indicates that the BPDU protection takes effect. ● Loop-Detected: indicates that the loop detection takes effect. Related Topics 6.3.1 display stp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 459 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.3.3 display stp active Function The display stp active command displays the status of and statistics on spanning trees of all Up interfaces. Format display stp active Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The display stp active command displays information about spanning trees of Up interfaces only. Example # Display information about spanning trees of all Up interfaces. <Huawei> display stp active -------[CIST Global Info][Mode STP]------CIST Bridge :40960.dcd2-fc9d-0bb0 Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 CIST Root/ERPC :40960.dcd2-fc9d-0bb0 / 0 (This bridge is the root) CIST RegRoot/IRPC :40960.dcd2-fc9d-0bb0 / 0 CIST RootPortId :0.0 BPDU-Protection :Disabled TC or TCN received :0 TC count per hello :0 STP Converge Mode :Normal Time since last TC :0 days 0h:0m:0s Number of TC :0 Table 6-14 Description of the display stp active command output Item Description CIST Bridge ● The 16 leftmost bits are the switch's priority in the CIST. ● The 48 rightmost bits are the switch's MAC address. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 460 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Config Times Configured bridge protocol parameters: ● Hello: interval at which Bridge Protocol Data Units (BPDUs) are sent ● MaxAge: maximum TTL of a BPDU ● FwDly: delay in interface status transition ● MaxHop: maximum number of hops in the MST region Active Times Bridge protocol parameters that are being used: ● Hello: interval at which BPDUs are sent ● MaxAge: maximum TTL of a BPDU ● FwDly: delay in interface status transition ● MaxHop: maximum number of hops in the MST region CIST Root/ERPC CIST root bridge ID/external path cost from the switch to the root bridge. CIST RegRoot/IRPC ID of the CIST region root bridge/Cost of the internal path (path from the switch to the CIST region root switch) CIST RootPortId CIST root port ID. "0.0" indicates that the switch is the root switch without the root port. BPDU-Protection Whether BPDU protection is enabled: ● Disabled: BPDU protection is disabled. ● Enabled: BPDU protection is enabled. TC or TCN received Number of received topology change (TC) or topology change notification (TCN) packets TC count per hello Number of TC packets received per Hello time STP Converge Mode Convergence mode of the Spanning Tree Protocol (SPT), which can be fast or normal. Time since last TC Time since the last topology change Number of TC Number of topology changes Related Topics 6.3.1 display stp 6.3.4 display stp bridge 6.3.6 display stp global Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 461 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.3.4 display stp bridge Function The display stp bridge command displays details about the spanning tree of a bridge. Format display stp bridge { root | local } Parameters Parameter Description Value root Displays details about the spanning tree of the root bridge. - local Displays details about the spanning tree of the local bridge. - Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario When a device provides many interfaces, running the display stp command displays a large amount of information, and it is difficult to find information about the spanning trees of the root and local bridges. Using the display stp bridge command, you can easily view details about the spanning trees of the root and local bridges. Example # Display details about the spanning tree of the root bridge of STP. <Huawei> display stp bridge root MSTID Root ID Root Cost Hello Max Forward Root Port Time Age Delay ----- -------------------- ---------- ----- --- ------- ----------------0 0.4c1f-cc48-6514 419998 2 20 15 Table 6-15 Description of the display stp bridge command output Item Description MSTID STP instance ID Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 462 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Root ID STP root bridge ID Root Cost STP root path cost Hello Time Interval at which Bridge Protocol Data Units (BPDUs) are sent from the root switch Max Age Maximum TTL of a BPDU Forward Delay Delay in interface status transition Root Port Root interface Related Topics 6.3.1 display stp 6.3.3 display stp active 6.3.6 display stp global 6.3.5 display stp error packet Function The display stp error packet command displays the statistics about error packets received by STP and the contents of recently received packets. Format display stp error packet Parameters None. Views All views Default Level 1: Monitoring level Usage Guidelines If a device on a Layer 2 network runs STP is attacked by STP error packets, the display stp error packet command can be used to view recently received STP error packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 463 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Display the statistics about error packets received by STP and the contents of recently received packets. <Huawei> display stp error packet 4 error-packet(s) have been recieved and the last one is recieved at 2011/05/02 12:45:31. 01 80 C2 00 00 00 38 AA D2 11 11 10 00 69 42 42 03 00 00 03 02 7C 00 00 38 AA D2 11 11 10 00 00 00 00 00 00 38 AA D2 11 11 10 80 01 00 00 14 00 02 00 0F 00 00 00 40 00 33 38 61 61 64 32 31 31 31 31 31 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AC 36 17 7F 50 28 3C D4 B8 38 21 D8 AB 26 DE 62 00 00 00 00 00 00 38 AA D2 11 11 10 14 6.3.6 display stp global Function The display stp global command displays global Spanning Tree Protocol (STP) information. Format display stp global Parameters None. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario When a device provides many interfaces, the display stp command output contains a large amount of information, and it is difficult to find the desired information quickly and view global information at a glance. The display stp brief command output, by comparison, displays information about spanning trees on interfaces, but not global information. Using the display stp global command, you can view global STP information conveniently. Example # Display brief STP information about MSTP. <Huawei> display stp global Protocol Status : Enabled Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 464 Fit AP Command Reference 6 Network Interconnection Configurations Commands Bpdu-filter default : Disabled Tc-protection : Disabled Tc-protection threshold : 1 Tc-protection interval : 2s Edged port default : Enabled Pathcost-standard : Dot1t Timer-factor :3 Transmit-limit : 10 Bridge-diameter :7 -------[CIST Global Info][Mode MSTP]------CIST Bridge :61440.781d-ba56-f06c Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20 CIST Root/ERPC :61440.781d-ba56-f06c / 0 (This bridge is the root) CIST RegRoot/IRPC :61440.781d-ba56-f06c / 0 (This bridge is the root) CIST RootPortId :0.0 BPDU-Protection :Disabled TC or TCN received :85 TC count per hello :0 STP Converge Mode :Normal Time since last TC :0 days 9h:12m:34s Number of TC :13 Table 6-16 Description of the display stp global command output Item Description Protocol Status Spanning Tree Protocol (STP) status: ● Enabled: STP is enabled. ● Disabled: STP is disabled. Bpdu-filter default Whether the function of configuring device interfaces as Bridge Protocol Data Unit (BPDU) filter interfaces is enabled: ● Enabled: The function is enabled. ● Disabled: The function is disabled. Tc-protection Topology change (TC) protection status: ● Enabled: TC protection is enabled. ● Disabled: TC protection is disabled. Tc-protection threshold Threshold of TC packets that the device can handle and immediately refresh forwarding entries in a given period Tc-protection interval Time the STP takes to handle a given number of TC packets and immediately refresh forwarding entries Edged port default Whether the function of configuring all ports of the switch as edge ports is enabled: ● Enabled: The function is enabled. ● Disabled: The function is disabled. Pathcost-standard Method of calculating the STP path cost Timer-factor Multiplier of Hello time Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 465 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Transmit-limit Maximum number of BPDUs that the current interface can send per Hello time. Bridge-diameter Network diameter of the STP CIST Bridge Common and internal spanning tree (CIST) bridge ID ● The first 16 bits represent the switch's priority in the CIST. ● The last 48 bits represent the switch's MAC address. Config Times Configured bridge protocol parameters: ● Hello: interval at which BPDUs are sent ● MaxAge: maximum TTL of a BPDU ● FwDly: delay in interface status transition ● MaxHop: maximum number of hops in the MST region Active Times Bridge protocol parameters that are being used: ● Hello: interval at which BPDUs are sent ● MaxAge: maximum TTL of a BPDU ● FwDly: delay in interface status transition ● MaxHop: maximum number of hops in the MST region CIST Root/ERPC CIST root switch ID/Cost of the external path (path from the switch to the CIST root switch) CIST RegRoot/IRPC ID of the CIST region root bridge/Cost of the internal path (path from the switch to the CIST region root switch) CIST RootPortId ID of the CIST root interface. 0.0 indicates that the switch is the root switch and does not provide any root interface. BPDU-Protection Whether BPDU protection is enabled: ● Disabled: BPDU protection is disabled. ● Enabled: BPDU protection is enabled. TC or TCN received Number of received TC or topology change notification (TCN) packets TC count per hello Number of TC packets received per Hello time STP Converge Mode Convergence mode of the Spanning Tree Protocol (SPT), which can be fast or normal. Time since last TC Time since the last topology change Number of TC Number of topology changes Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 466 Fit AP Command Reference 6 Network Interconnection Configurations Commands Related Topics 6.3.1 display stp 6.3.3 display stp active 6.3.4 display stp bridge 6.3.7 display stp tc-bpdu statistics Function The display stp tc-bpdu statistics command displays statistics of sent and received topology change (TC) and topology change notification (TCN) BPDUs on interfaces. Format display stp [ interface interface-type interface-number ] tc-bpdu statistics Parameters Parameter Description interface Specifies the interface on which statistics of TC and interface-type TCN BPDUs are displayed. interface-number If the parameter interface interface-type interfacenumber is not specified, statistics of TC and TCN BPDUs on all interfaces are displayed in the sequence of the interface numbers. Value - Views All views Default Level 1: Monitoring level Usage Guidelines If you need to know whether a fault has occurred on interfaces that send and receive TC/TCN BPDUs, you can run this command to view statistics of these BPDUs and locate the fault. Example # Display the statistics of TC/TCN BPDUs on interfaces of an MSTP instance. <Huawei> display stp tc-bpdu statistics -------------------------- STP TC/TCN information -------------------------- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 467 Fit AP Command Reference 6 Network Interconnection Configurations Commands MSTID Port TC(Send/Receive) TCN(Send/Receive) 0 GigabitEthernet0/0/1 1/0 0/0 Table 6-17 Description of the display stp tc-bpdu statistics command output Item Description MSTID ID of an MSTP instance Port Interface name TC(Send/Receive) Statistics of send and received TC BPDUs TCN(Send/Receive) Statistics of send and received TCN BPDUs ("-" indicates that MSTP instances except MSTP instance 0 do not have TCN BPDUs sent and received) 6.3.8 display stp topology-change Function The display stp topology-change command displays the statistics about STP topology changes. Format display stp [ instance instance-id ] topology-change Parameters Parameter Description Value instance Displays statistics about the topology changes of a specified STP instance. The value is an integer ranging from 0 to 4094. Value 0 refers to CIST. instance-id If this parameter is not specified, the statistics about the topology changes of a CIST instance are displayed. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario On a Layer 2 network running STP, a device clears ARP entries and MAC entries after receiving topology change packets. If a device receives too many topology Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 468 Fit AP Command Reference 6 Network Interconnection Configurations Commands change packets, the device will frequently clear ARP entries and MAC entries, causing high CPU usage. As a result, network traffic is instable. The display stp topology-change command can be used to display the statistics about STP topology changes. If the statistics increase, network flapping occurs. Example # Display statistics about STP topology changes. <Huawei> display stp topology-change CIST topology change information Number of topology changes :0 Table 6-18 Description of the display stp topology-change command output Item Description Number of topology changes Total number of topology changes since MSTP initialization. Time since last topology change Time since the last topology change Topology change initiator(notified) Interface that initiates a topology change because the interface status changes to detected Topology change last received from Source bridge MAC address contained in a topology change packet Number of generated topologychange traps Total number of generated topology-change traps. Number of suppressed topologychange traps Total number of suppressed topology-change traps. 6.3.9 display stp vlan Function The display stp vlan command displays the STP status on an interface added to a specified VLAN. Format display stp vlan vlan-id Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 469 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description vlan-id Value Displays the STP status on an interface added to a specified VLAN. The value is an integer ranging from 1 to 4094. Views All views Default Level 1: Monitoring level Usage Guidelines After an interface is added to a VLAN, the display stp vlan command can be used to the display the STP status on the interface. In this case, the mapping between VLANs and instances does not need to be concerned with. Example # Display the STP status on an interface added to a specified VLAN. <Huawei> display stp vlan 1 InstanceId Port Role State ---------------------------------------------------------0 GigabitEthernet0/0/1 DESI FORWARDING Table 6-19 Description of the display stp vlan command output Item Description InstanceId. Instance ID Port Interface Role Interface role State Interface status 6.4 ARP Configuration Commands 6.4.1 arp detect-mode unicast Function The arp detect-mode unicast command configures an interface to send ARP aging probe packets in unicast mode. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 470 Fit AP Command Reference 6 Network Interconnection Configurations Commands The undo arp detect-mode unicast command restores the default configuration of detection modes on an interface. By default, an interface broadcasts ARP aging probe packets. Format arp detect-mode unicast undo arp detect-mode unicast Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario Before an ARP entry is aged, the interface periodically sends ARP aging probe packets at a set interval to update ARP entries. The device deletes an ARP entry if it does not receive a reply after a specified number of probes. The aging probe packet can be a unicast or broadcast packet. When a non-Huawei device connected to a Huawei wireless access point receives an ARP aging probe packet whose destination MAC address is a broadcast address, the non-Huawei device checks the ARP table. If the mapping between the IP address and the MAC address of the Huawei wireless access point exists in the ARP table, the non-Huawei device discards the ARP aging probe packet. Then the Huawei wireless access point cannot receive a response and deletes the corresponding ARP entry. As a result, traffic from the non-Huawei device cannot be forwarded. Therefore, when a non-Huawei device is connected to a Huawei wireless access point, configure the Huawei switch to unicast ARP aging probe packets. The non-Huawei device needs to respond to the ARP aging probe packet. Precautions If the IP address of the peer device remains the same but the MAC address changes frequently, it is recommended that you configure ARP aging probe packets to be broadcast. When the MAC address of the peer device remains the same, and the bandwidth of the network is insufficient, it is recommended that you set the interface to send ARP aging probe packets in unicast mode. Example # Configure an interface to send ARP aging probe packets in unicast mode. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 471 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp detect-mode unicast Related Topics 6.4.2 arp detect-times 6.4.3 arp expire-time 6.4.2 arp detect-times Function The arp detect-times command sets the number of ARP probes for aging dynamic ARP entries. The undo arp detect-times command restores the default number of ARP probes for aging dynamic ARP entries. By default, the number of ARP probes for aging dynamic ARP entries is 3. Format arp detect-times detect-times undo arp detect-times Parameters Parameter Description detect-times Specifies the number of ARP probes for aging dynamic ARP entries. Value The value is an integer ranging from 0 to 10. The default value is 3. Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario The arp detect-times command sets the number of ARP probes for aging dynamic ARP entries to reduce address resolution errors. Before aging a dynamic ARP entry, the system first performs probes. If no response is received after the number of probes reaches the upper limit, the ARP entry is deleted. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 472 Fit AP Command Reference 6 Network Interconnection Configurations Commands If the number of ARP probes is set to 0, the system directly deletes expired ARP entries. Example # Set the number of ARP probes to 5 on VLANIF 10. [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp detect-times 5 Related Topics 6.4.3 arp expire-time 6.4.1 arp detect-mode unicast 6.4.3 arp expire-time Function The arp expire-time command sets the aging time of dynamic ARP entries. The undo arp expire-time command restores the default aging time of dynamic ARP entries. By default, the aging time of dynamic ARP entries is 1200 seconds, that is, 20 minutes. Format arp expire-time expire-time undo arp expire-time Parameters Parameter Description Value expire-time Specifies the aging time of dynamic ARP entries. The value is an integer ranging from 30 to 62640, in seconds. The default value is 1200 seconds, that is, 20 minutes. Views GE interface view, VLANIF interface view, Ethernet interface view, MultiGE interface view, XGE interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 473 Fit AP Command Reference 6 Network Interconnection Configurations Commands The arp expire-time command sets the aging time of dynamic ARP entries to reduce address resolution errors. Precautions After proxy ARP is enabled, the aging time of ARP entries on hosts should be shortened so that invalid ARP entries can be deleted as soon as possible. Then IP packet forwarding failures decrease on the router. Example # Set the aging time of dynamic ARP entries to 600s on VLANIF 10. [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp expire-time 600 Related Topics 6.4.2 arp detect-times 6.4.1 arp detect-mode unicast 6.4.4 arp ip-conflict-detect enable Function The arp ip-conflict-detect enable command enables the function to detect IP address conflicts. The undo arp ip-conflict-detect enable command disables the function to detect IP address conflicts. By default, the function to detect IP address conflicts is disabled. Format arp ip-conflict-detect enable undo arp ip-conflict-detect enable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines When an IP address conflict occurs between network devices, it causes high CPU usage and route flapping. User services will be affected and even interrupted. To Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 474 Fit AP Command Reference 6 Network Interconnection Configurations Commands help users better manage the address of a network device and to prevent IP address conflicts from affecting user services, run the arp ip-conflict-detect enable command to enable the function to detect IP address conflicts. When receiving a non-gratuitous ARP packet, the device compares the source IP address and the source MAC address of this ARP packet with that of the ARP entry learned on the device. If the source IP address and the IP address in the ARP entry are the same but the source MAC address and the MAC address in the ARP entry are different, the client considers that an IP address conflict occurs in the network. Example # Enable the function to detect IP address conflicts. <Huawei> system-view [Huawei] arp ip-conflict-detect enable 6.4.5 arp static Function The arp static command configures static ARP entries. The undo arp static command deletes static ARP entries. By default, the ARP mapping table is empty and address mappings are obtained using dynamic ARP. Format arp static ip-address mac-address [ vid vlan-id [ interface interface-type interface-number ] ] undo arp static ip-address [ mac-address ] [ vid vlan-id interface interface-type interface-number ] Parameters Parameter Description Value ip-address Specifies the IP address in a static ARP entry. The value is in dotted decimal notation. mac-address Specifies the MAC address of a static ARP entry. The value is in H-H-H format. An H contains four hexadecimal numbers. interface Specifies the outbound interface interface-type of a static ARP packet. interface-number ● interface-type specifies the interface type. - ● interface-number specifies the interface number. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 475 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value vid vlan-id Specifies the ID of the VLAN to which a static ARP entry belongs. The value is an integer ranging from 1 to 4094. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To ensure security and facilitate management, you may need to configure mappings between IP addresses and MAC addresses. In this case, run the arp static command to configure a fixed ARP mapping entry that maps an IP address to a MAC address. A static ARP entry cannot be dynamically modified. A static ARP entry is used in the following situations: ● Direct the packets whose destination IP addresses are not on the local network segment to a gateway on the local network segment so that the packets can be forwarded by the gateway. ● Bind the destination IP addresses of invalid packets to a nonexistent MAC address so that the invalid packets are filtered out. Precautions If a static ARP entry to be created exists, the system updates the entry. After a static ARP entry is configured, it cannot be dynamically updated. The IP address specified by ip-address and the IP address of the outbound interface specified by interface must be on the same network segment. Example # Configure a static ARP entry that maps the IP address 10.0.0.1 to the MAC address aaaa-fccc-1212. <Huawei> system-view [Huawei] arp static 10.0.0.1 aaaa-fccc-1212 Related Topics 6.4.13 display arp interface 6.4.21 reset arp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 476 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.6 arp topology-change disable Function The arp topology-change disable command disables a device from aging or deleting ARP entries in response to network topology changes. The undo arp topology-change disable command enables a device to age or delete ARP entries in response to network topology changes. By default, when the network topology changes, ARP entries are aged or deleted. Format arp topology-change disable undo arp topology-change disable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario Usually, when a ring protocol detects a network topology change, it will send a protocol packet to notify the ARP module to age or delete ARP entries. Then the device will re-learn ARP entries. However, if the network topology changes frequently or a device has a large number of ARP entries, re-learning of ARP entries will cause flooding of ARP entries, consuming mass network resources and affecting other services running on the device. To avoid this problem, the arp topology-change disable command can be used to disable a device from aging or deleting ARP entries for network topology changes. Example # Disable the device from aging or deleting ARP entries for network topology changes. <Huawei> system-view [Huawei] arp topology-change disable Warning: This operation will not age or delete dynamic ARP entries when the topology changes,continue? [Y/N]:y Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 477 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.7 arp-proxy enable Function The arp-proxy enable command enables routed proxy ARP on an interface. The undo arp-proxy enable command disables routed proxy ARP on an interface. By default, routed proxy ARP is disabled on an interface. Format arp-proxy enable undo arp-proxy enable Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines Usage Scenario If two hosts on different physical networks of the same logical network segment are not configured with the default gateways, you can use the arp-proxy enable command to enable routed proxy ARP on a device between the two hosts to resolve IP addresses of the hosts. Precautions Routed ARP proxy allows hosts on different physical networks of the same logical network segment to communicate. The IP addresses of the hosts on a subnet have the same network ID; therefore, the default gateway address does not need to be configured on the hosts. Example # Enable routed proxy ARP on VLANIF 10. <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp-proxy enable Related Topics 6.4.8 arp-proxy inner-sub-vlan-proxy enable Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 478 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.8 arp-proxy inner-sub-vlan-proxy enable Function The arp-proxy inner-sub-vlan-proxy enable command enables intra-VLAN proxy ARP. The undo arp-proxy inner-sub-vlan-proxy enable command disables intra-VLAN proxy ARP. By default, intra-VLAN proxy ARP is disabled. Format arp-proxy inner-sub-vlan-proxy enable undo arp-proxy inner-sub-vlan-proxy enable Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines If host isolation is configured on the wireless access point, you need to configure intra-VLAN proxy ARP to allow hosts to communicate in a VLAN. Example # Enable intra-VLAN proxy ARP on VLANIF 10. <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp-proxy inner-sub-vlan-proxy enable Related Topics 6.4.7 arp-proxy enable 6.4.9 arp-proxy inter-sub-vlan-proxy enable 6.4.9 arp-proxy inter-sub-vlan-proxy enable Function The arp-proxy inter-sub-vlan-proxy enable command enables inter-VLAN proxy ARP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 479 Fit AP Command Reference 6 Network Interconnection Configurations Commands The undo arp-proxy inter-sub-vlan-proxy enable command disables inter-VLAN proxy ARP. By default, inter-VLAN proxy ARP is disabled. Format arp-proxy inter-sub-vlan-proxy enable undo arp-proxy inter-sub-vlan-proxy enable Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines To allow users in different VLANs to communicate at Layer 3, you must enable inter-VLAN proxy ARP on the interface. After inter-VLAN proxy ARP is enabled and packets are sent from different VLANs but do not have the corresponding ARP entries, ARP packets are replicated in all VLANs on the involved sub-interface. If a lot of VLANs are configured, a large number of ARP packets need to be replicated, causing heavy burden on the peer device and abnormalities (such as high CPU usage and broadcast suppression) on downstream devices. In addition, the local device may fail to send ARP packets in time due to the replication of a large number of packets, which may lead to ARP learning failures. Therefore, do not configure too many VLANs on an interface. Example # Enable inter-VLAN proxy ARP on . <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] arp-proxy inter-sub-vlan-proxy enable Related Topics 6.4.7 arp-proxy enable 6.4.8 arp-proxy inner-sub-vlan-proxy enable 6.4.10 display arp Function The display arp command displays all ARP mapping entries. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 480 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display arp [ all | brief ] Parameters Parameter Description Value all Displays all ARP mapping entries. - brief Displays brief information about ARP mapping entries. - Views All views Default Level 1: Monitoring level Usage Guidelines This command displays all ARP mapping entries, including the aging time of ARP entries, ARP entry type, and VPN instance to which ARP entries belong. Example # Display all ARP mapping entries. <Huawei> display arp all IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN -----------------------------------------------------------------------------192.168.120.251 60de-4474-9640 I - Vlanif1 192.168.120.1 7054-f5df-9b40 6 D-0 GE0/0/0 1 192.168.120.252 04f9-3895-8300 20 D-0 GE0/0/0 1 -----------------------------------------------------------------------------Total:3 Dynamic:2 Static:0 Interface:1 # Display brief information about all ARP mapping entries. <Huawei> display arp brief IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VLAN/CEVLAN -----------------------------------------------------------------------------192.168.120.251 60de-4474-9640 I - Vlanif1 192.168.120.1 7054-f5df-9b40 3 D-0 GE0/0/0 1/192.168.120.252 04f9-3895-8300 19 D-0 GE0/0/0 1/-----------------------------------------------------------------------------Total:3 Dynamic:2 Static:0 Interface:1 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 481 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-20 Description of the display arp command output Item Description IP ADDRESS IP address in the ARP entry. MAC ADDRESS MAC address in the ARP entry. EXPIRE(M) Remaining lifetime of ARP entries, in minutes. TYPE ARP entry type and slot ID of the LPU that obtains the entry. The entry type contains 3 bits. The first bit can be any of the following: ● I: Interface, indicating the MAC address of the interface ● D: Dynamic, indicating the dynamic entry obtained through the ARP packet ● S: Static, indicating the static entry obtained through static configuration If the second bit is F, the ARP entry has been reported to the routing module, the route to this IP address has been calculated, and the entry in the FIB has been updated. If the entry is not reported to the routing module, this field displays "-". NOTE For the ARP entry with the type as "I", this flag bit does not exist. The third bit indicates the slot ID of the LPU that obtains the entry. NOTE For the ARP entry with the type as "I" or "S", this field displays "-". VPN-INSTANCE Name of the VPN instance to which the ARP entry belongs. INTERFACE Type and number of the interface that has learnt ARP entries. VLAN ID of the VLAN to which the ARP entry belongs. Total Total number of ARP entries in the ARP mapping table. Dynamic Number of dynamic ARP entries in the ARP mapping table. Static Number of static ARP entries in the ARP mapping table. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 482 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Interface Number of ARP entries in the ARP mapping table on the local interface. Related Topics 6.4.5 arp static 6.4.11 display arp dynamic 6.4.13 display arp interface 6.4.15 display arp network 6.4.17 display arp static 6.4.18 display arp statistics 6.4.21 reset arp 6.4.11 display arp dynamic Function The display arp dynamic command displays all dynamic ARP entries. Format display arp dynamic Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display all dynamic ARP mapping entries. <Huawei> display arp dynamic IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN -----------------------------------------------------------------------------192.168.120.251 60de-4474-9640 I - Vlanif1 192.168.120.1 7054-f5df-9b40 15 D-0 GE0/0/0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 483 Fit AP Command Reference 6 Network Interconnection Configurations Commands 1 192.168.120.252 04f9-3895-8300 19 D-0 GE0/0/0 1 -----------------------------------------------------------------------------Total:3 Dynamic:2 Static:0 Interface:1 Table 6-21 Description of the display arp dynamic command output Item Description IP ADDRESS IP address in the ARP entry. MAC ADDRESS MAC address in the ARP entry. EXPIRE(M) Remaining lifetime of ARP entries, in minutes. TYPE ARP entry type and slot ID of the LPU that obtains the entry. The entry type contains 3 bits. The first bit can be any of the following: ● I: Interface, indicating the MAC address of the interface ● D: Dynamic, indicating the dynamic entry obtained through the ARP packet ● S: Static, indicating the static entry obtained through static configuration The second bit can only be F, indicating that the ARP entry has been reported to the routing module, the route to this IP address has been calculated, and the entry in the FIB has been updated. NOTE If the entry is not reported to the routing module, this field displays "-". For the ARP entry with the type as "I", this flag bit does not exist. The third bit indicates the slot ID of the LPU that obtains the entry. NOTE For the ARP entry with the type as "I" or "S", this field displays "-". VPN-INSTANCE Name of the VPN instance to which the ARP entry belongs. INTERFACE Type and number of the interface that has learnt ARP entries. VLAN ID of the VLAN to which the ARP entry belongs. Total Total number of ARP entries in the ARP mapping table. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 484 Fit AP Command Reference 6 Network Interconnection Configurations Commands Dynamic Number of dynamic ARP entries in the ARP mapping table. Static Number of static ARP entries in the ARP mapping table. Interface Number of ARP entries in the ARP mapping table on the local interface. Related Topics 6.4.10 display arp 6.4.13 display arp interface 6.4.15 display arp network 6.4.17 display arp static 6.4.18 display arp statistics 6.4.21 reset arp 6.4.12 display arp error packet Function The display arp error packet command displays the latest ten ARP error packets. Format display arp error packet Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines If a device cannot learn ARP entries, you can run this command to check the latest received ARP error packets. The ARP error packets help locate the fault. Example # Display the latest ten ARP error packets. <Huawei> display arp error packet -------------------------------------------------- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 485 Fit AP Command Reference 6 Network Interconnection Configurations Commands [interface = Vlanif10, time = 2010-05-24 20:34:53]: 00 01 08 00 06 04 00 01 00 25 9E 4B 1F 75 0A 8A 4E 02 00 00 00 00 00 00 0A 8A 4E FF 00 00 00 00 00 00 00 00 00 00 FF FF FF FF FF FF 00 25 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:34:54]: 00 01 08 00 06 04 00 01 00 13 72 FD E7 1C 0A 8A 4E 98 00 00 00 00 00 00 0A 8A 4E 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:34:55]: 00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A 4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:05]: 00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A 4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:05]: 00 01 08 00 06 04 00 01 00 E0 FC 8F B2 DD 0A 8A 4E 01 00 00 00 00 00 00 0A 8A 4F FA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:08]: 00 01 08 00 06 04 00 01 00 0F E2 5C 8C EA AC 12 3E FE 00 00 00 00 00 00 AC 12 3E FE 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:11]: 00 01 08 00 06 04 00 01 00 1B B9 78 25 2E 0A 8A 4E A5 00 00 00 00 00 00 0A 8A 4E 2D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:15]: 00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A 4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:19]: 00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A 4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -------------------------------------------------[interface = Vlanif10, time = 2010-05-24 20:35:22]: 00 01 08 00 06 04 00 01 00 E0 FC 8F B2 DD 0A 8A 4E 01 00 00 00 00 00 00 0A 8A 4F FA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Table 6-22 Description of the display arp error packet command output Item Description interface Interface name. time Time when an ARP error packet is received. Related Topics 6.4.13 display arp interface 6.4.21 reset arp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 486 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.13 display arp interface Function The display arp interface command displays ARP mapping entries of a specified interface. Format display arp interface interface-type interface-number Parameters Parameter Description Value interface-type interfacenumber Specifies the type and number of an interface. - Views All views Default Level 1: Monitoring level Usage Guidelines To monitor dynamic ARP entries or locate the faults in ARP, you can run this command to check the ARP entries. Example # Display all the ARP entries of VLANIF 10. <Huawei> display arp interface vlanif 10 IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN -----------------------------------------------------------------------------192.168.78.1 dcd2-fcf9-b5ca IVlanif10 -----------------------------------------------------------------------------Total:1 Dynamic:0 Static:0 Interface:1 Table 6-23 Description of the display arp interface command output Item Description IP ADDRESS IP address in the ARP entry. MAC ADDRESS MAC address in the ARP entry. EXPIRE(M) Remaining lifetime of the ARP entry, in minutes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 487 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TYPE ARP entry type and slot ID of the LPU that obtains the entry. The entry type contains 3 bits. The first bit can be any of the following: ● I: Interface, indicating the MAC address of the interface ● D: Dynamic, indicating the dynamic entry obtained through the ARP packet ● S: Static, indicating the static entry obtained through static configuration The second bit can only be F, indicating that the entry is reported to the routing module, the route to this IP address is calculated, and entries in the FIB are correspondingly updated. NOTE If the entry is not reported to the routing module, this field displays "-". For the ARP entry with the type as "I", this flag bit does not exist. The third bit indicates the slot ID of the LPU that obtains the entry. NOTE For the ARP entry with the type as "I" or "S", this field displays "-". INTERFACE Type and number of the interface that has learnt ARP entries. VPN-INSTANCE Name of the VPN instance to which the ARP entry belongs. VLAN ID of the VLAN to which the ARP entry belongs. Total: 1 One ARP entry exists in the ARP mapping table. Dynamic: 0 No dynamic ARP entry exists in the ARP mapping table. Static: 0 No static ARP entry exists in the ARP mapping table. Interface: 1 One ARP entry of the local interface exists in the ARP mapping table. Related Topics 6.4.5 arp static 6.4.21 reset arp Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 488 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.14 display arp ip-conflict track Function The display arp ip-conflict track command displays recorded information about the detected IP address conflict. Format display arp ip-conflict track Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Route flapping caused by IP address conflicts affects user services. To help users quickly locate IP conflicts to better manage IP addresses of network devices, run the display arp ip-conflict track command to view the recorded information about the detected IP address conflict. NOTE The maximum number of IP conflict information that can be recorded by the system is 200, and the oldest recorded information will be covered by newly added if the conflicted IP address is more than 200. Example # Display the information of the detected IP address conflict. <Huawei> display arp ip-conflict track Conflict type : Local IP conflict IP address : 192.168.1.1 System time : 2011-11-19 03:22:16+08:00 Conflict count :1 Suppress count :0 Local interface : Vlanif1001 Receive interface : GE0/0/1 Receive VLAN/CEVLAN : 1001/0 Receive MAC : 0000-0a88-36f5 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 489 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-24 Description of the display arp ip-conflict track command output Item Description Conflict type IP address conflict type IP address Conflicting IP address System time System time when an IP conflict occurred Conflict count Total number of the IP conflict times NOTE The field is displayed as 0 if the ARP entry corresponding to the IP address expires or is deleted. Suppress count Number of the suppressed IP conflicts NOTE The field is displayed as 0 if the ARP entry corresponding to the IP address expires or is deleted. Local interface Interface recorded in the ARP entry of the IP address Receive interface Interface that receives the ARP packet with duplicate IP address Receive VLAN/CEVLAN VLAN and CEVLAN configured on the interface that receives the ARP packet with duplicate IP address Receive MAC Source MAC address of the second ARP packet with duplicate IP address 6.4.15 display arp network Function The display arp network command displays ARP mapping entries of a specified network segment. Format display arp network net-number [ net-mask | mask-length ] [ dynamic | static ] Parameters Parameter Description Value net-number Specifies the network ID. The value is in dotted decimal notation. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 490 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value net-mask Specifies the subnet mask. The value is in dotted decimal notation. mask-length Specifies the mask length. The value is a decimal integer ranging from 1 to 32. dynamic Displays dynamic ARP entries of a specified network segment. - static Displays static ARP entries of a specified network segment. - Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display all ARP entries of the network segment with network ID 10.10.0.0 and subnet mask 255.255.0.0. <Huawei> display arp network 10.10.0.0 255.255.0.0 IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN -----------------------------------------------------------------------------10.10.20.9 0018-2000-0083 IVlanif1 10.10.10.6 0018-2000-0083 IVlanif20 -----------------------------------------------------------------------------Total:2 Dynamic:0 Static:0 Interface:2 Table 6-25 Description of the display arp network command output Item Description IP ADDRESS IP address in the ARP entry. MAC ADDRESS MAC address in the ARP entry. EXPIRE(M) Remaining lifetime of ARP entries, in minutes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 491 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TYPE ARP entry type and slot ID of the LPU that obtains the entry. The entry type contains 3 bits. The first bit can be any of the following: ● I: Interface, indicating the MAC address of the interface ● D: Dynamic, indicating the dynamic entry obtained through the ARP packet ● S: Static, indicating the static entry obtained through static configuration The second bit can only be F, indicating that the ARP entry has been reported to the routing module, the route to this IP address has been calculated, and the entry in the FIB has been updated. NOTE If the entry is not reported to the routing module, this field displays "-". For the ARP entry with the type as "I", this flag bit does not exist. The third bit indicates the slot ID of the LPU that obtains the entry. NOTE For the ARP entry with the type as "I" or "S", this field displays "-". VPN-INSTANCE Name of the VPN instance to which the ARP entry belongs. INTERFACE Type and number of the interface that has learnt ARP entries. VLAN ID of the VLAN to which the ARP entry belongs. Total Total number of ARP entries in the ARP mapping table. Dynamic Number of dynamic ARP entries in the ARP mapping table. Static Number of static ARP entries in the ARP mapping table. Interface Number of ARP entries in the ARP mapping table on the local interface. Related Topics 6.4.5 arp static 6.4.11 display arp dynamic Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 492 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.4.13 display arp interface 6.4.17 display arp static 6.4.18 display arp statistics 6.4.21 reset arp 6.4.16 display arp packet statistics Function The display arp packet statistics command displays the statistics on ARP-based packets. Format display arp packet statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines To locate and rectify ARP faults, you can run this command to the statistics on ARP-based packets. Example # Display the statistics on ARP-based packets. <Huawei> display arp packet statistics ARP Pkt Received: sum 10088 ARP Learnt Count: sum 52 ARP Pkt Discard For Limit: sum 0 ARP Pkt Discard For SpeedLimit: sum 31 ARP Pkt Discard For Proxy Suppress: sum 307 ARP Pkt Discard For Other: sum 9274 Table 6-26 Description of the display arp packet statistics command output Item Description ARP Pkt Received Number of the received ARP packets. ARP Learnt Count Times of ARP learning. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 493 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description ARP Pkt Discard For Limit Number of ARP packets discarded due to the ARP entry limit. ARP Pkt Discard For SpeedLimit Number of ARP packets discarded when the number of ARP packets from a specified source IP address exceeds the limit. ARP Pkt Discard For Proxy Suppress Number of packets discarded for the speed limit. ARP Pkt Discard For Other Number of the packets discarded due to other causes. 6.4.17 display arp static Function The display arp static command displays all static ARP mapping entries. Format display arp static Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display all static ARP entries. <Huawei> display arp static IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE VLAN -----------------------------------------------------------------------------172.16.1.1 0efc-0505-86e3 S-10/192.168.0.1 0e00-fc01-0000 S-10.0.0.1 aa00-fcc0-1200 S-- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 494 Fit AP Command Reference 6 Network Interconnection Configurations Commands 3/-----------------------------------------------------------------------------Total:3 Dynamic:0 Static:3 Interface:0 Table 6-27 Description of the display arp static command output Item Description IP ADDRESS IP address in the ARP entry. MAC ADDRESS MAC address in the ARP entry. EXPIRE(M) Remaining lifetime of ARP entries, in minutes. TYPE ARP entry type and slot ID of the LPU that obtains the entry. The entry type contains 3 bits. The first bit can be any of the following: ● I: Interface, indicating the MAC address of the interface ● D: Dynamic, indicating the dynamic entry obtained through the ARP packet ● S: Static, indicating the static entry obtained through static configuration The second bit can only be F, indicating that the ARP entry has been reported to the routing module, the route to this IP address has been calculated, and the entry in the FIB has been updated. NOTE If the entry is not reported to the routing module, this field displays "-". For the ARP entry with the type as "I", this flag bit does not exist. The third bit indicates the slot ID of the LPU that obtains the entry. NOTE For the ARP entry with the type as "I" or "S", this field displays "-". VPN-INSTANCE Name of the VPN instance to which the ARP entry belongs. INTERFACE Type and number of the interface that has learnt ARP entries. VLAN ID of the VLAN to which the ARP entry belongs. Total Total number of ARP entries in the ARP mapping table. Dynamic Number of dynamic ARP entries in the ARP mapping table. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 495 Fit AP Command Reference 6 Network Interconnection Configurations Commands Static Number of static ARP entries in the ARP mapping table. Interface Number of ARP entries in the ARP mapping table on the local interface. Related Topics 6.4.5 arp static 6.4.11 display arp dynamic 6.4.13 display arp interface 6.4.15 display arp network 6.4.18 display arp statistics 6.4.21 reset arp 6.4.18 display arp statistics Function The display arp statistics command displays ARP entry statistics. Format display arp statistics { all | interface interface-type interface-number } Parameters Parameter Description Value all Displays ARP entry statistics of the system. - interface interface-type interface-number Displays ARP entry statistics of a specified interface. - Views All views Default Level 1: Monitoring level Usage Guidelines To monitor ARP entries or locate the faults in ARP, you can run this command to check ARP entry statistics. Example # Display ARP entry statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 496 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> display arp statistics all Dynamic:1 Static:0 Table 6-28 Description of the display arp statistics all command output Item Description Dynamic Number of dynamic ARP entries. Static Number of static ARP entries. 6.4.19 display arp track Function The display arp track command displays changes of outbound interfaces in ARP entries learned by a VLANIF interface. Format display arp track Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario If the outbound interfaces change in ARP entries learned by a VLANIF interface, traffic may be interrupted. In this case, run the display arp track command to check changes of outbound interfaces and time of changes. Precautions After the display arp track command is executed, changes of ARP entries are displayed in the following situations: ● Outbound interfaces in dynamic ARP entries learnt by the VLANIF interface change to other interfaces. ● No outbound interface is specified in the static ARP entries. The outbound interface changes to other interfaces. ● Dynamic ARP entries or static ARP entries in which no VLAN ID or outbound interface is specified are deleted. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 497 Fit AP Command Reference 6 Network Interconnection Configurations Commands Changes of ARP entries cannot be displayed in the following situations: ● ARP entries change on a non-VLANIF interface. ● New ARP entries are learnt. ● The VLAN ID and outbound interface are manually specified in static ARP entries. Example # Display changes of ARP entries. <Huawei> display arp track Operate Flags: M - Modify, D - Delete -------------------------------------------------------------------------------Op IP-Address MAC-Address VLAN Old-Port New-Port System-Time -------------------------------------------------------------------------------D 192.168.129.100 0053-6721-9e00 2001 GE0/0/0 02-23 23:52:51+ 08:00 D 192.168.129.100 0053-6721-9e00 2001 GE0/0/0 02-27 15:18:02+ 08:00 Table 6-29 Description of the display arp track command output Item Description Op Operation identifier. ● M: Modify, indicating that the outbound interface changes. ● D: Delete, indicating that the ARP entry is deleted. IP-Address IP address in the ARP entry. MAC-Address MAC address in the ARP entry. VLAN ID of the VLAN to which the VLANIF interface belongs. Old-Port Original outbound interface in the ARP entry. New-Port New outbound interface in the ARP entry. System-Time System time when the outbound interface changes. 6.4.20 l2-topology detect enable Function The l2-topology detect enable command enables Layer 2 topology detection. The undo l2-topology detect enable command disables Layer 2 topology detection. By default, Layer 2 topology detection is disabled. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 498 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format l2-topology detect enable undo l2-topology detect enable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines After the l2-topology detect enable command is run, all ARP entries in the VLAN are updated if the Layer 2 interface changes from Down to Up. Example # Enable Layer 2 topology detection. <Huawei> system-view [Huawei] l2-topology detect enable 6.4.21 reset arp Function The reset arp command deletes ARP entries in the ARP mapping table. Format reset arp { dynamic [ ip ip-address ] | interface interface-type interface-number [ ip ip-address ] | static } Parameters Parameter Description Value dynamic Deletes dynamic ARP entries. - interface ● interface-type specifies the type of the interface. - interface-type interface-number Issue 08 (2021-02-25) ● interface-number specifies the number of the interface. Copyright © Huawei Technologies Co., Ltd. 499 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter ip ip-address Description Value Deletes dynamic ARP entries of a specified interface and with a specified IP address. The value is in dotted decimal notation. If an interface learns excessive ARP entries, you can specify this parameter to delete a specified ARP entry. static Deletes static ARP entries. - Views User view Default Level 2: Configuration level Usage Guidelines Usage Scenario If an unauthorized user sends a large number of ARP packets to a device, the device learns a large number of ARP entries in a short period of time, causing the buffer to overflow. As a result, users may fail to access the network. To solve the problem, you can run the reset arp command to delete invalid ARP entries and create new ARP entries to ensure that users can access the network. Prerequisites Before using the reset arp command, ensure that the corresponding ARP entries exist. Configuration Impact After an ARP entry is cleared, the mapping between the IP address and the MAC address is cleared. As a result, users may fail to assess the network and services may be interrupted. Precautions ARP entries are cleared at an interval of at least 20s. Example # Delete dynamic ARP entries in the ARP mapping table. <Huawei> reset arp dynamic # Delete dynamic ARP entries of VLANIF 10. <Huawei> reset arp interface vlanif 10 Related Topics 6.4.13 display arp interface Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 500 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.5 DHCP Configuration Commands 6.5.1 dhcp client request option-list Function The dhcp client request option-list command configures a list of request options that the Option55 field in DHCP Request packets carries besides the default options. The undo dhcp client request option-list command deletes a list of request options that the Option55 field in DHCP Request packets carries besides the default options. By default, the Option55 field in DHCP Request packets carries request options 3, 6, 15, 28, 33, 44, 121, and 184 by default. Format dhcp client request option-list option-code &<1-9> undo dhcp client request option-list option-code &<1-9> Parameters Parameter Description Value option-code Specifies a list of request options that the Option55 field carries besides the default options. The value is of enumerated type and can be 4, 7, 17, 42, 43, 66, 67, 120, and 129. Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines The Option55 field in DHCP Request packets is used to set the request option list. DHCP clients use this option to specify network configuration parameters that need to be obtained from the DHCP server. By default, the Option55 field carries request options 3, 6, 15, 28, 33, 44, 121, and 184 by default. Besides the default options, you can run the dhcp client request option-list option-code command to set a list of other request options that the Option55 field carries. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 501 Fit AP Command Reference 6 Network Interconnection Configurations Commands For option meanings, see DHCP Options in CLI-based Configuration - Network Interconnection Configuration Guide - DHCP Configuration. Example # Configure the Option55 field in DHCP Request packets to carry option 4 on VLANIF100. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] dhcp client request option-list 4 6.5.2 dhcp set ttl Function The dhcp set ttl command sets the TTL value for DHCP Discover messages after they are forwarded by the DHCP relay agent at Layer 3. The undo dhcp set ttl command restores the default setting. By default, the TTL value of DHCP Discovery messages decreases by 1 after they are forwarded by the DHCP relay agent at Layer 3. Format dhcp set ttl { unvaried | ttl-value } undo dhcp set ttl Parameters Parameter Description Value unvaried Indicates that the TTL value of DHCP Discovery messages remains unchanged after the messages are forwarded by the DHCP relay agent at Layer 3. That is, the device does not reduce the TTL value by 1. ttl-value Specifies a fixed TTL value for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3. The value is an integer that ranges from 1 to 255. Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 502 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario The dhcp set ttl command is used on DHCP relay agents. When a DHCP relay agent forwards DHCP Discovery messages at Layer 3, it reduces the TTL value of the messages by 1 by default. Assume that the TTL value of a DHCP Discovery message received by the DHCP relay agent is 1. If the DHCP relay agent reduces the TTL value by 1, the TTL value changes to 0. The next-hop routing device will discard the message as its TTL value is 0. As a result, the DHCP server cannot receive the DHCP Discovery message forwarded by the DHCP relay agent. To ensure that the DHCP server can receive the DHCP Discovery message sent from the client, run the dhcp set ttl command to set the TTL value of the DHCP Discovery message to a non-zero value after the message is forwarded at Layer 3. NOTE If the DHCP relay agent connects to a special client whose TTL value of DHCP Discovery messages is 1, and if there are routing devices between the DHCP relay agent and DHCP server, run the dhcp set ttl ttl-value command to specify a fixed TTL value (16 is recommended) for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3. Example # Set the TTL value of DHCP Discovery messages to 16 after the messages are forwarded by the DHCP relay agent at Layer 3. <Huawei> system-view [Huawei] dhcp set ttl 16 6.5.3 display dhcp client Function The display dhcp client command displays DHCP client lease information. Format display dhcp client [ interface interface-type interface-number ] Parameters Parameter Description Value interface interface-type interface-number Displays DHCP client lease information on a specified interface: - ● interface-type specifies the interface type. ● interface-number specifies the interface number. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 503 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views All views Default Level 1: Monitoring level Usage Guidelines When a device functions as the DHCP client, this command displays DHCP client lease information. Example # Display DHCP client lease information. <Huawei> display dhcp client DHCP client lease information on interface Vlanif119 : Current machine state : Bound Internet address assigned via : DHCP Physical address : 0819-a6cd-a896 IP address : 192.168.119.254 Subnet mask : 255.255.255.0 Gateway ip address : 192.168.119.1 192.168.119.3 192.168.119.2 DHCP server : 192.168.119.1 Lease obtained at : 2008-10-01 04:35:10 Lease expires at : 2008-10-01 04:36:10 Lease renews at : 2008-10-01 04:35:40 Lease rebinds at : 2008-10-01 04:36:03 AC IP : 192.168.10.1 Classless static route : 192.168.0.0/16 via 192.168.119.1 10.10.0.0/16 via 192.168.119.2 Host name : client Request option list : 1 3 6 15 28 33 44 121 184 : huawei Class identifier Client identifier : 0819-a6cd-a896 Table 6-30 Description of the display dhcp client command output Item Description DHCP client lease information on interface if1 DHCP client lease information on the interface if1. Current machine state Current device status. Internet address assigned via IP address obtained using DHCP. Physical address Device MAC address. IP address Device IP address. Subnet mask Mask of the device IP address. Gateway ip address Gateway address of the DHCP server. DHCP server DHCP server address. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 504 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Lease obtained at Time the lease is obtained. Lease expires at Time the lease expires. Lease renews at Time the lease needs to be renewed. The lease of an IP address needs to be renewed when half of the lease expires. Lease rebinds at Time the lease is renewed. The lease of an IP address is renewed when 87.5% of the lease expires. AC IP AC IP address obtained through DHCP Option 43. Classless static route Classless static route. Host name Information about Option 12, which is the host name of the client. Request option list Information about Option 55, which is the request option list of the client. Class identifier Information about Option 60, which is the vendor type identifier. Client identifier Information about Option 61, which is the client identifier. 6.5.4 display dhcp client statistics Function The display dhcp client statistics command displays message statistics on a DHCP client. Format display dhcp client statistics [ interface interface-type interface-number ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 505 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value interface interface-type interface-number Displays message statistics on a specified interface: - ● interface-type specifies the interface type. ● interface-number specifies the interface number. Views All views Default Level 1: Monitoring level Usage Guidelines When the device functions as the DHCP client, the display dhcp client statistics command displays message statistics. Example # Display message statistics on a DHCP client. <Huawei> display dhcp client statistics DHCP message statistics on interface GigabitEthernet0/0/1 : Input: total 0 packets Bootp reply : 0 Offer : 0 Ack : 0 Nak : 0 Output: total 0 packets Bootp request : 0 Discover : 0 Request : 0 Request of init-reboot: 0 Request of selecting : 0 Request of renewing : 0 Request of rebinding : 0 Decline : 0 Release : 0 Table 6-31 Description of the display dhcp client statistics command output Item Description Input Total number of DHCP messages received by the client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 506 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Bootp reply Number of BOOTP replies received by the client from the server. Offer Number of Offer messages received by the client from the server. Ack Number of ACK messages received by the client from the server. Nak Number of NAK messages received by the client from the server. Output Total number of messages forwarded by the client. Bootp request Number of BOOTP requests received by the server from the client. Discover Number of Discover messages received by the server from the client. Request Number of Request messages received by the server from the client. Request of init-reboot Number of Request of init-reboot messages received by the server from the client. Request of selecting Number of Request of selecting messages received by the server from the client. Request of renewing Number of Request of renewing messages received by the server from the client. Request of rebinding Number of Request of rebinding messages received by the server from the client. Decline Number of Decline messages received by the server from the client. Release Number of Release messages received by the server from the client. 6.5.5 display dhcp configuration Function The display dhcp configuration command displays configuration information about the DHCP public module. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 507 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display dhcp configuration Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines This command is used to query configuration information about the DHCP public module. Example # Display configuration information about the DHCP public module. <Huawei> display dhcp configuration DHCP global running information : DHCP : Enable DHCP speed limit : Disable (default) DHCP anti-attack check duplicate option : Disable (default) Table 6-32 Description of the display dhcp configuration command output Item Description DHCP global running information Configuration information about the DHCP public module in the system view. DHCP Indicates whether DHCP is enabled. The value can be: ● Enable: DHCP is enabled. ● Disable (default): DHCP is disabled. By default, DHCP is disabled. DHCP speed limit Indicates whether dynamic DHCP message rate limiting is enabled. The value can be: ● Enable: Dynamic DHCP message rate limiting is enabled. ● Disable (default): Dynamic DHCP message rate limiting is disabled. By default, dynamic DHCP message rate limiting is disabled. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 508 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description DHCP anti-attack check duplicate option Indicates whether the function of checking and discarding DHCP messages with duplicate options is enabled. The value can be: ● Enable: This function is enabled. ● Disable (default): This function is disabled. By default, the function of checking and discarding DHCP messages with duplicate options is disabled. 6.5.6 display dhcp statistics Function The display dhcp statistics command displays DHCP message statistics. Format display dhcp statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The display dhcp statistics command displays statistics about sent and received DHCP messages. Example # Display DHCP message statistics. <Huawei> display dhcp statistics Input: total 172 packets, discarded 0 packets Bootp request : 0, Bootp reply Discover : 0, Offer Request : 0, Ack Release : 0, Nak Decline : 0, Inform Issue 08 (2021-02-25) : : : : : 172 0 0 0 0 Copyright © Huawei Technologies Co., Ltd. 509 Fit AP Command Reference 6 Network Interconnection Configurations Commands Rx buffers full : 2978, L2fdb lookup failed : Output: total 172 packets, discarded 0 packets DHCP AM interact statistics Msg send to AM Request to AM : 0, Realease to AM : Decline to AM : 0 Msg receive from AM Request from AM : 0, Realease from AM : Decline from AM : 0 Drop Reason Temporary lease full : 0, Retransmit too frequent : Discover too frequent : 0, Request static ip fail : Session does not exist : 0, Send ipc msg to AM fail : No temporary lease table: 0, Select req IP invalid : Reboot req IP invalid : 0, Renew req IP invalid : Packet unknown : 0 38 0 0 0 0 0 0 0 Table 6-33 Description of the display dhcp statistics command output Item Description Bootp request Number of BOOTP requests sent by the device that functions as the client. Bootp reply Number of BOOTP replies received by the client from the server. Discover Number of Discover messages received by the server from the client. Offer Number of Offer messages received by the client from the server. Request Number of BOOTP requests received by the server from the client. Ack Number of ACK messages received by the client from the server. Release Number of Release messages received by the server from the client. Nak Number of NAK messages received by the client from the server. Decline Number of Decline messages sent by the client. Inform Number of Inform messages sent by the client. DHCP AM interact statistics Statistics about exchange messages between the DHCP module and the AM module. Msg send to AM Messages sent to the AM module. Request to AM Address request messages sent to the AM module. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 510 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Realease to AM Address release messages sent to the AM module. Realease to AM Address conflict messages sent to the AM module. Msg receive from AM Messages received from the AM module. Request from AM Address request messages received from the AM module. Realease from AM Address release messages received from the AM module. Decline from AM Address conflict messages received from the AM module. Drop Reason Cause of a DHCP message loss. Drop Reason Cause of a DHCP message loss. Temporary lease full Full temporary lease table. Retransmit too frequent Messages that are retransmitted too frequently. Discover too frequent Request messages that are sent too frequently. Request static ip fail Failure to request a static IP address. Session does not exist Session table not existing. Send ipc msg to AM fail Failure to send messages to the AM module. No temporary lease table Failure to query the temporary lease table. Select req IP invalid Invalid requested IP address in the discovery stage. Reboot req IP invalid Invalid requested IP address in the two-step login stage. Renew req IP invalid Invalid requested IP address in the address lease renewal stage. Packet unknown Unknown messages. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 511 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Rx buffers full or L2fdb lookup failed Information displayed when the DHCP service is abnormal. The displayed information includes: ● Rx buffers full: Total number of DHCP packets discarded because the remaining queue length is shorter than the reserved threshold. ● L2fdb lookup failed: Total number of DHCP packets discarded because entries fail to be queried. ● High cpu occupancy: Total number of DHCP packets discarded because the CPU usage is excessively high. ● Port blocked: Total number of DHCP packets discarded because the inbound interface is blocked. ● Bad vlan id: Total number of DHCP packets discarded because the VLAN ID is incorrect. ● Memory exhausted: Total number of DHCP packets discarded because the memory is exhausted. ● L3if protocol down: Total number of DHCP packets discarded because the Layer 3 protocol of the source interface goes Down. ● Rate limit: Total number of DHCP packets discarded because rates of the packets exceed the limit. ● Bad packet length: Total number of DHCP packets discarded because the packet length is incorrect. ● Bad ip header length: Total number of DHCP packets discarded because the IP header length is incorrect. ● Bad ip header checksum: Total number of DHCP packets discarded because the checksum of the IP header is incorrect. ● Bad udp checksum: Total number of DHCP packets discarded because the checksum of the UDP header is incorrect. ● Hops exceeded: Total number of DHCP packets discarded because the number of next hops is incorrect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 512 Fit AP Command Reference Item 6 Network Interconnection Configurations Commands Description ● Bad magic cookie: Total number of DHCP packets discarded because the magic-cookie field is incorrect. ● Duplicate option: Total number of DHCP packets discarded because the option fields are duplicate. ● Bad option length: Total number of DHCP packets discarded because the option field length is incorrect. ● End option absent: Total number of DHCP packets discarded because of the incorrect end option. ● Dest-port equals source: Total number of DHCP packets discarded because the source interface is also the outbound interface. ● Bad chaddr: Total number of DHCP packets discarded because the MAC address of the client is incorrect. ● Bad giaddr: Total number of DHCP packets discarded because the relay gateway is incorrect. ● Bad request: Total number of DHCP packets discarded because the request packets are incorrect. ● Bad reply: Total number of DHCP packets discarded because the response packets are incorrect. ● Bad dest udp-port: Total number of DHCP packets discarded because the destination interface is incorrect. ● Bad message type: Total number of DHCP packets discarded because of incorrect destination interfaces. ● L2fdb lookup failed: Total number of incoming DHCP packets discarded because entries fail to be queried. ● Max-user limit: Total number of DHCP packets discarded because the maximum number of users is exceeded. ● Add bindtable failed: Total number of DHCP packets discarded because dynamic binding entries are added. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 513 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description ● Client transferred: Total number of DHCP packets discarded due to interface flapping. ● Bad original interface: Total number of DHCP packets discarded because dynamic binding entries are added. ● Bad client-id: Total number of DHCP packets discarded because the client ID is incorrect. ● Bad server-id: Total number of DHCP packets discarded because the server ID is incorrect. ● Bad dest-ip: Total number of DHCP packets discarded because the destination IP address is incorrect. ● Other error: Total number of DHCP packets discarded due to other reasons. 6.6 DHCPv6 Configuration Commands 6.6.1 dhcpv6 duid Function The dhcpv6 duid command configures a DUID for the DHCPv6 device. By default, the device generates a DUID based on the link-layer (LL) address. Format dhcpv6 duid { ll | llt | duid } Parameters Parameter Description Value ll Configures the device to generate a DUID based on the link-layer address (MAC address). - Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 514 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value llt Configures the device to generate a DUID based on the link-layer address (MAC address) plus time. - duid Specifies the DUID of the device. The value is a hexadecimal string with an even number (in the range of 8 to 28) of characters. The value contains only combinations of digits 0 to 9, uppercase letters A to F, and lowercase letters a to f. Views System view Default Level 3: Management level Usage Guidelines A DUID identifies a DHCPv6 device. Each DHCPv6 server or client has a unique DUID. Servers use DUIDs to identify clients and clients use DUIDs to identify servers. When this command is run, a new DUID is stored in the :/dhcp/dhcpduid.txt file of the storage device. You can run the display dhcpv6 duid command to check the DUID of the device. NOTE ● If the AP's DUID is generated through the LL or LLT mode, and the system MAC address of the AP changes, the corresponding DUID also changes. ● If a static binding between the AP's DUID and the IPv6 address or IPv6 prefix is configured on the DHCPv6 server and the DUID changes, you need to manually change the corresponding binding relationship. Example # Configure the device to generate a DUID based on the link-layer address. <Huawei> system-view [Huawei] dhcpv6 duid ll Warning: The DHCP unique identifier should be globally-unique and stable. Are you sure to change it? [Y/ N]y Related Topics 6.6.4 display dhcpv6 duid Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 515 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.6.2 display dhcpv6 client Function The display dhcpv6 client command displays DHCPv6 client information. Format display dhcpv6 client [ interface interface-type interface-number ] Parameters Parameter Description Value interface interface-type interface-number Displays information about the DHCPv6 client with the specified interface type and number. - Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display dhcpv6 client command on the DHCPv6 client to check the address that is applied. Example # Display the DHCPv6 client information. <Huawei> display dhcpv6 client Vlanif10 is in stateful DHCPv6 client mode. Stateful DHCPv6 client is in BOUND state. Preferred server DUID : 000300060819A6CDA894 Reachable via address : FE80::A19:A6FF:FECD:A897 IA NA IA ID 0x00000051 T1 43200 T2 69120 Obtained : 2018-04-18 15:08:49 Renews : 2018-04-18 15:09:19 Rebinds : 2018-04-18 15:09:37 Address : FC00:3::2 Lifetime valid 120 seconds, preferred 60 seconds Expires at 2018-04-18 15:10:49(99 seconds left) DNS server : FC00:4::1 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 516 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-34 Description of the display dhcpv6 client command output Item Description Vlanif10 is in stateful DHCPv6 client mode. The VLANIF10 interface is in stateful DHCPv6 client mode. Stateful DHCPv6 client is in BOUND state. The DHCPv6 client is in BOUND state. Preferred server DUID DUID of a DHCPv6 server. Reachable via address Source IPv6 address from which a DHCPv6 client receives packets. Obtained Time at which the DHCPv6 client obtains an IPv6 address. Renews Time (T1) at which the DHCPv6 client updates the lease extension time. Rebinds Time (T2) at which the DHCPv6 client rebinds the lease extension time. Address IPv6 address that the DHCPv6 client obtains. Lifetime valid 120 seconds, preferred 60 seconds The valid lifetime is 120 seconds and preferred lifetime is 60 seconds. Expires at 2018-04-18 15:10:49(99 seconds left) The address used by the DHCPv6 client will expire at 2018-04-18 15:10:49, and there are 99 seconds left. DNS server IPv6 address of the DNS server that the DHCPv6 client obtains. Related Topics 6.6.3 display dhcpv6 client statistics 6.6.7 reset dhcpv6 client statistics 6.6.3 display dhcpv6 client statistics Function The display dhcpv6 client statistics command displays DHCPv6 message statistics on the DHCPv6 client. Format display dhcpv6 client statistics [ interface interface-type interface-number ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 517 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value interface interface-type interface-number Displays DHCPv6 message statistics on a specified interface. - Views All views Default Level 1: Monitoring level Usage Guidelines When the device functions as a DHCPv6 client, run the display dhcpv6 client statistics command to view DHCPv6 message statistics on the DHCPv6 client. Example # Display DHCPv6 message statistics on the DHCPv6 client. <Huawei> display dhcpv6 client statistics Message statistics of interface Vlanif10: Message Received Advertise 1 Reply 1 Reconfigure 0 Invalid 0 Message Sent Solicit 1 Request 1 Confirm 0 Renew 0 Rebind 0 Release 0 Decline 0 Information-request 0 Table 6-35 Description of the display dhcpv6 client statistics command output Item Description Message Message type. Received Number of received messages. Advertise Number of Advertise messages received by the DHCPv6 client. Reply Number of Reply messages received by the DHCPv6 client. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 518 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Reconfigure Number of Reconfigure messages received by the DHCPv6 client. Invalid Number of unknown-type messages received by the DHCPv6 client. Sent Number of sent messages. Solicit Number of Solicit messages sent by the DHCPv6 client. Request Number of Request messages sent by the DHCPv6 client. Confirm Number of Confirm messages sent by the DHCPv6 client. Renew Number of Renew messages sent by the DHCPv6 client. Rebind Number of Rebind messages sent by the DHCPv6 client. Release Number of Release messages sent by the DHCPv6 client. Decline Number of Decline messages sent by the DHCPv6 client. Information-request Number of Information-request messages sent by the DHCPv6 client. Related Topics 6.6.7 reset dhcpv6 client statistics 6.6.4 display dhcpv6 duid Function The display dhcpv6 duid command displays the DHCP unique identifier of a DHCPv6 device. Format display dhcpv6 duid Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 519 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views All views Default Level 1: Monitoring level Usage Guidelines A DUID identifies a DHCPv6 device. Each DHCPv6 server or client has a DUID. The display dhcpv6 duid command displays the DUID of a device. Example # Display the DUID of a DHCPv6 device. <Huawei> display dhcpv6 duid The device's DHCPv6 unique identifier: 0001000117C667C280FB063545B3 Related Topics 6.6.1 dhcpv6 duid 6.6.5 display dhcpv6 statistics Function The display dhcpv6 statistics command displays DHCPv6 packet statistics. Format display dhcpv6 statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The device may become faulty when running the DHCPv6 service. Some fault location methods are required for administrators or device maintenance personnel to locate faults quickly. The most convenient and effective method is to provide statistics about packets and packet loss reasons. Run the display dhcpv6 statistics command to view DHCPv6 packet statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 520 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # View DHCPv6 packet statistics. <Huawei> display dhcpv6 statistics Input: total 10 packets, discarded 0 packets Solicit : 10, Advertise : : Request : 0, Confirm Renew : 0, Rebind : Reply : 0, Release : : Decline : 0, Reconfigure Information-request : 0, Relay-forward Relay-reply : 0, Leasequery : Leasequery-reply : 0, Max-user limit : 831, Add bindtable failed Output: total 0 packets, discarded 0 packets 0 0 0 0 0 : 0 : 0 100 Table 6-36 Description of the display dhcpv6 statistics command output Item Description Input: total x packets, discarded y packets Statistics about DHCPv6 packets received by the device. The number of received DHCPv6 packets is x and the number of discarded DHCPv6 packets is y. Solicit Number of SOLICIT packets received by the device. Advertise Number of ADVERTISE packets received by the device. Request Number of REQUEST packets received by the device. Confirm Number of CONFIRM packets received by the device. Renew Number of RENEW packets received by the device. Rebind Number of REBIND packets received by the device. Reply Number of REPLY packets received by the device. Release Number of RELEASE packets received by the device. Decline Number of DECLINE packets received by the device. Reconfigure Number of RECONFIGURE packets received by the device. Information-request Number of INFORMATION-REQUEST packets received by the device. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 521 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Relay-forward Number of RELAY-FORW packets received by the device. Relay-reply Number of RELAY-REPL packets received by the device. Leasequery Number of LEASEQUERY packets received by the device. Leasequery-reply Number of LEASEQUERY-REPLY packets received by the device. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 522 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Max-user limit or Add bindtable failed Information displayed if the DHCPv6 service is abnormal. The displayed information includes: ● Max-user limit: Total number of DHCP packets discarded because the maximum number of users is exceeded. ● Add bindtable failed: Total number of DHCP packets discarded because dynamic binding entries fail to be added. ● High cpu occupancy: Total number of DHCP packets discarded because the CPU usage is excessively high. ● Port blocked: Total number of DHCP packets discarded because the inbound interface is blocked. ● Rx buffers full: Total number of DHCP packets discarded because the remaining queue length is shorter than the reserved threshold. ● L2fdb lookup failed: Total number of DHCP packets discarded because entries fail to be queried. ● Bad vlan id: Total number of DHCP packets discarded because the VLAN ID is incorrect. ● Memory exhausted: Total number of DHCP packets discarded because the memory is exhausted. ● L3if protocol down: Total number of DHCP packets discarded because the Layer 3 protocol of the source interface goes Down. ● Rate limit: Total number of DHCP packets discarded because rates of the packets exceed the limit. ● Bad packet length: Total number of DHCP packets discarded because the packet length is incorrect. ● Bad ip header length: Total number of DHCP packets discarded because the IP header length is incorrect. ● Bad ip header checksum: Total number of DHCP packets discarded because the checksum of the IP header is incorrect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 523 Fit AP Command Reference Item 6 Network Interconnection Configurations Commands Description ● Bad udp checksum: Total number of DHCP packets discarded because the checksum of the UDP header is incorrect. ● Hops exceeded: Total number of DHCP packets discarded because the number of next hops is incorrect. ● Bad magic cookie: Total number of DHCP packets discarded because the magic-cookie field is incorrect. ● Duplicate option: Total number of DHCP packets discarded because the option fields are duplicate. ● Bad option length: Total number of DHCP packets discarded because the option field length is incorrect. ● End option absent: Total number of DHCP packets discarded because of the incorrect end option. ● Dest-port equals source: Total number of DHCP packets discarded because the source interface is also the outbound interface. ● Bad chaddr: Total number of DHCP packets discarded because the MAC address of the client is incorrect. ● Bad giaddr: Total number of DHCP packets discarded because the relay gateway is incorrect. ● Bad request: Total number of DHCP packets discarded because the request packets are incorrect. ● Bad reply: Total number of DHCP packets discarded because the response packets are incorrect. ● Bad dest udp-port: Total number of DHCP packets discarded because the destination interface is incorrect. ● Bad message type: Total number of DHCP packets discarded because of incorrect destination interfaces. ● L2fdb lookup failed: Total number of incoming DHCP packets discarded because entries fail to be queried. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 524 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description ● Client transfered: Total number of DHCP packets discarded due to interface flapping. ● Bad original interface: Total number of DHCP packets discarded because dynamic binding entries are added. ● Bad client-id: Total number of DHCP packets discarded because the client ID is incorrect. ● Bad server-id: Total number of DHCP packets discarded because the server ID is incorrect. ● Bad dest-ip: Total number of DHCP packets discarded because the destination IP address is incorrect. ● Other error: Total number of DHCP packets discarded due to other reasons. Output: total x packets, discarded y packets Statistics about DHCPv6 packets sent by the device. The number of sent DHCPv6 packets is x and the number of discarded DHCPv6 packets is y. 6.6.6 reset dhcpv6 statistics Function The reset dhcpv6 statistics command clears DHCPv6 packet statistics. Format reset dhcpv6 statistics Parameters None Views User view Default Level 3: Management level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 525 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Collecting statistics about the DHCPv6 messages sent and received within a specified period helps you locate DHCPv6 faults. Before collecting new statistics, run the reset dhcpv6 statistics command to clear the existing message statistics. After clearing existing statistics, run the display dhcpv6 statistics command to view latest message statistics. Example # Clear DHCPv6 packet statistics. <Huawei> reset dhcpv6 statistics Related Topics 6.6.5 display dhcpv6 statistics 6.6.7 reset dhcpv6 client statistics Function The reset dhcpv6 client statistics command clears DHCPv6 message statistics on the DHCPv6 client. Format reset dhcpv6 client statistics [ interface interface-type interface-number ] Parameters Parameter Description Value interface interface-type interface-number Clears DHCPv6 message statistics on a specified interface. - If no interface is specified, all message statistics on the DHCPv6 client are cleared. Views User view Default Level 3: Management level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 526 Fit AP Command Reference 6 Network Interconnection Configurations Commands This command applies to the DHCPv6 client. Collecting statistics about the DHCPv6 messages sent and received within a specified period helps you locate DHCPv6 faults. Before collecting new statistics, run the reset dhcpv6 client statistics [ interface interface-type interface-number ] command to clear the existing message statistics. After clearing existing statistics, run the display dhcpv6 client statistics [ interface interface-type interface-number ] command to view latest message statistics. Example # Clear message statistics on the DHCPv6 client. <Huawei> reset dhcpv6 client statistics 6.7 DNS Configuration Commands 6.7.1 display dns configuration Function The display dns configuration command displays the global DNS configurations. Format display dns configuration Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display the global DNS configurations. <Huawei> display dns configuration ------------------------------------------------------------------------------Dns resolve : Disabled DNS-server-select-algorithm : Auto Dns server source ip address : Dns server source ipv6 address : ------------------------------------------------------------------------------- Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 527 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-37 Description of the display dns configuration command output Item Description Dns resolve Whether dynamic DNS resolution is enabled. The value can be: ● Enabled: Dynamic DNS resolution is enabled. ● Disabled: Dynamic DNS resolution is disabled. DNS-server-selectalgorithm Algorithm for selecting a destination DNS server. The value can be: ● Fixed: The destination DNS server is selected in fixed order. ● Auto: The destination DNS server is selected in auto order. Dns server source ip address Source IP address of the local device for communication. Dns server source ipv6 address Source IPv6 address of the local device for communication. 6.7.2 display dns domain Function The display dns domain command displays the configuration and sequence of domain name suffixes. Format display dns domain [ verbose ] Parameters Parameter Description Value verbose - Displays the detail information of domain name suffixes. Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 528 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines You can run the display dns domain command to view the configuration and sequence of domain name suffixes. Example # Display the list of domain name suffixes. <Huawei> display dns domain Type: D:Dynamic S:Static NO. Type Domain name 1 S com 2 S net - - TTL Table 6-38 Description of the display dns domain command output Item Description NO. Domain name suffix numbers, that is, the configuration sequence of domain name suffixes. Type Domain name suffixes type, including dynamic and static domain name suffix. Domain name Configured domain name suffix. TTL Domain name suffix TTL. In this example, two domain name suffixes are displayed. During DNS resolution, the first suffix "com" is added and sent to the DNS server. If the DNS server gives no response, the query message is resent. If the DNS server still gives no response, the query message is resent for a third time. If the DNS server still does not respond, the second suffix "net" is added and sent to the DNS server for searching for the mapped address. 6.7.3 display dns dynamic-host Function The display dns dynamic-host command displays dynamic DNS entries saved in the domain name cache. Format display dns dynamic-host [ ip | naptr | srv ] [ domain-name ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 529 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value ip Specifies the Class-A and PTR query dynamic DNS entries. - naptr Specifies the NAPTR query dynamic DNS entries. - srv Specifies the SRV query dynamic DNS entries. - domain-name Specifies the dynamic DNS entries of a domain name. The value must be an existing domain name suffix. Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display dns dynamic-host command to view dynamic DNS entries saved in the domain name cache and check whether domain names match the mapping entries. Example # Display the dynamic DNS entries saved in the domain name cache. <Huawei> display dns dynamic-host Host TTL Type Address sipx.autosrv.com 114 IP 192.168.1.1 sip.autosrv.com 237 IP 192.168.1.2 sip.autonaptr.com 117 IP 192.168.1.3 _sip._tcp.autosrv.com 55 SRV 0 0 0 sipx.autosrv.com 0 0 0 sip.autosrv.com autonaptr.com 0 NAPTR 101 10 A SIP+D2T sip.autona Total : 5 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 530 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-39 Description of the display dns dynamic-host command output Item Description Host Domain name. ● sipx.autosrv.com: indicates the domain name of the server providing the SIP service. ● _sip._tcp.autosrv.com: indicates the domain name of the server providing the SIP service through TCP in autosrv.com. ● autonaptr.com: indicates the domain name in the NAPTR resource record. TTL Time left before dynamic DNS entries saved in the cache age out, in seconds. Type Query type: ● IP: Class-A query, which is used to request the IP address corresponding to a domain name, or Pointer (PTR) query, which is used to request the domain name corresponding to an IP address. ● SRV: Service Record (SRV) query, which is used to obtain information about a server based on the protocol running on the server, including the domain name and port number. ● NAPTR: Naming Authority Pointer (NAPTR) query, which is used to obtain information about a server based on the server's domain name, including the IP address, and the transmission protocol. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 531 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Address IP address mapping the domain name. ● 192.168.1.1: indicates the IPv4 address. ● 0 0 0 sipx.autosrv.com: indicates the SRV query result. In the SRV query result, 0 0 0 indicates the priority, weight, and port number respectively, and sipx.autosrv.com indicates the domain name of the server providing the SIP service. ● 101 10 A SIP+D2T sip.autona: indicates the NAPTR query result. In the NAPTR query result, 101 10 indicates the NAPTR resource record sequence and priority; A indicates that the IP address to be queried; SIP+D2T indicates that SIP and TCP are used; sip.autona indicates the domain name to be queried. Related Topics 6.7.9 reset dns dynamic-host 6.7.4 display dns forward table Function The display dns forward table command displays the DNS forwarding table, including the mapping entry of the source IP address in a specified DNS query message. Format display dns forward table [ source-ip ip-address ] Parameters Parameter Description Value source-ip ip-address Specifies the source IP address in query messages. The value is in dotted decimal notation. Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 532 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 1: Monitoring level Usage Guidelines After DNS proxy or DNS relay is enabled, you can run the display dns forward table command to view the DNS table of IP addresses. NOTE When the device receives DNS request packets from the client but does not receive DNS reply packets from the server, you need to run the display dns forward table command to view the DNS forwarding table. Example # Display the DNS table on the DNS proxy or DNS relay. <Huawei> display dns forward table Domain name : www.domain.com Source IP : 10.136.128.53 Source port : 2055 Source packet id : 3562 Forward packet id : 60669 Query type :1 Table 6-40 Description of the display dns forward table command output Item Description Domain name Domain name. Source IP IP address of the client. Source port Port number of the client. Source packet id ID of the request packet from the client. Forward packet id ID of the forwarded packet, which corresponds to the ID of the request packet from the client. Query type Query type: ● 1: Class-A query ● 12: Pointer Record (PTR) query ● 33: SRV query ● 35: NAPTR query Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 533 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.7.5 display dns server Function The display dns server command displays the configuration and sequence of the current DNS server. Format display dns server [ verbose ] Parameters Parameter Description Value verbose Displays detailed information about the DNS server. - Views All views Default Level 1: Monitoring level Usage Guidelines After configuring DNS, run the display dns server command to view the configuration and sequence of current DNS servers. Example # Display configurations of a DNS server. <Huawei> display dns server Type: D:Dynamic S:Static IPv4 DNS server : NO. Type Status Used IP Address 0 S Yes 10.1.1.1 1 S Yes 10.1.1.2 2 D Up Yes 10.1.1.2 3 D Up Yes 10.1.1.3 IPv6 DNS servers : NO. Type Status Used IPv6 Address 0 S Yes FC00:1::1 1 D Yes FC00:1::1 2 D Yes FC00:1::2 Issue 08 (2021-02-25) - Interface Copyright © Huawei Technologies Co., Ltd. 534 Fit AP Command Reference 6 Network Interconnection Configurations Commands Table 6-41 Description of the display dns server command output Item Description Type Configuration type of the DNS server IP address, including dynamic and static. IPv4 DNS server IPv4 DNS server configuration. NO. DNS server number, indicating the order in which they were configured. Status DNS server status. Used Indicates whether the DNS server is used. IP Address IPv4 address of the DNS server. IPv6 Address IPv6 address of the DNS server. IPv6 DNS servers IPv6 DNS server configuration. Interface Name of the outbound interface communicating with the DNS server. 6.7.6 display dns statistics Function The display dns statistics command displays statistics on DNS packets. Format display dns statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can use this command to check statistics on DNS packets. Example # Display statistics on DNS packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 535 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> display dns statistics SumFromDNSv4Client SumToDNSv4Client SumFromDNSv4Server SumToDNSv4Server :0 :0 :0 :0 SumFromDNSv6Client SumToDNSv6Client SumFromDNSv6Server SumToDNSv6Server :0 :0 :0 :0 RetryFromClient :0 NotQueryFromClient :0 ParseFailFromClient :0 TooLongFromClient :0 LocalQueryFromClient :0 NotStandardQueryFromClient : 0 NotRespFromServer :0 NoAnswerFromServer :0 ParseFailFromServer :0 TooLongFromServer :0 ErrorRespFromServer :0 NotStandardQueryFromServer : 0 Table 6-42 Description of the display dns statistics command output Item Description SumFromDNSv4Client Total number of packets sent from IPv4 DNS clients. SumToDNSv4Client Total number of packets sent to IPv4 DNS clients. SumFromDNSv4Server Total number of packets sent from IPv4 DNS servers. SumToDNSv4Server Total number of packets sent to IPv4 DNS servers. SumFromDNSv6Client Total number of packets sent from IPv6 DNS clients. SumToDNSv6Client Total number of packets sent to IPv6 DNS clients. SumFromDNSv6Server Total number of packets sent from IPv6 DNS servers. SumToDNSv6Server Total number of packets sent to IPv6 DNS servers. RetryFromClient Number of packets retransmitted from clients. NotQueryFromClient Number of non-query packets sent from clients. ParseFailFromClient Number of packets that failed to be parsed and are sent from clients. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 536 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TooLongFromClient Number of packets longer than 512 bytes sent from clients. LocalQueryFromClient Number of query packets of which the source address is a local address and sent from clients. NotStandardQueryFromClient Number of nonstandard query packets sent from clients. NotRespFromServer Number of non-response packets sent from servers. NoAnswerFromServer Number of response packets of which the ANCOUNT field is 0 and sent from servers. ParseFailFromServer Number of packets that failed to be parsed and are sent from servers. TooLongFromServer Number of packets longer than 512 bytes sent from servers. ErrorRespFromServer Number of error response packets sent from servers. NotStandardQueryFromServer Number of nonstandard query packets sent from servers. 6.7.7 display ip host Function The display ip host command displays mappings between hosts and IP addresses. Format display ip host Parameters None Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 537 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines After configuring static DNS entries, you can run the display ip host command to view the mapping between hosts and IP addresses. Example # Display mappings between hosts and IP addresses. <Huawei> display ip host Host Age example 0 Flags Address static 10.2.2.2 Table 6-43 Description of the display ip host output of the command Item Description Host Host name. Age Aging time. The value 0 indicates that the static DNS entry need not be aged. Flags Status of the domain name. "Static" indicates the static domain name. Address IP address matching the host. 6.7.8 ip host Function The ip host command configures static DNS entries. The undo ip host command deletes static DNS entries. By default, no static DNS entries are configured. Format ip host host-name ip-address undo ip host host-name [ ip-address ] Parameters Parameter Description Value host-name The value is a string of 1 to 24 casesensitive characters without spaces. Issue 08 (2021-02-25) Specifies the host name. Copyright © Huawei Technologies Co., Ltd. 538 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value ip-address Specifies the IP address mapping the host name. The value is in dotted decimal notation. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario A static domain name resolution table is manually set up using the ip host command, describing the mappings between host names and IP addresses. In addition, some common host names are added to the table. Then, static host name resolution can be performed according to the static domain name resolution table. When requiring the IP address corresponding to a host name, the client first searches the static host name resolution table for the specified host name and obtains the corresponding IP address. In this manner, the efficiency of host name resolution is improved. Precautions The ip host command configures a maximum of 50 static DNS entries. Each host name can be mapped to only one IP address. When multiple IP addresses are mapped to a host name, only the latest configuration takes effect. Example # Configure the IP address 10.110.0.1 for the host test. <Huawei> system-view [Huawei] ip host test 10.110.0.1 Related Topics 6.7.7 display ip host 6.7.9 reset dns dynamic-host Function The reset dns dynamic-host command deletes dynamic DNS entries saved in the domain name cache. Format reset dns dynamic-host Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 539 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters None Views User view Default Level 3: Management level Usage Guidelines NOTICE Clear dynamic DNS entries with caution because they cannot be restored after being cleared. After confirming the action of clearing DNS entries, you can run the reset command to clear them. Example # Clear dynamic DNS entries from the domain name cache. <Huawei> reset dns dynamic-host Related Topics 6.7.3 display dns dynamic-host 6.7.10 reset dns statistics Function The reset dns statistics command clears statistics on DNS packets. Format reset dns statistics Parameters None Views User view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 540 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 3: Management level Usage Guidelines The reset dns statistics command clears statistics on DNS packets. The cleared statistics cannot be restored. Example # Clear statistics on DNS packets. <Huawei> reset dns statistics 6.8 IP Performance Configuration Commands 6.8.1 clear ip df Function The clear ip df command enables an interface to fragment outgoing IP packets. The undo clear ip df command disables an interface from fragmenting outgoing IP packets. By default, an interface does not fragment outgoing IP packets. Format clear ip df undo clear ip df Parameters None Views VLANIF interface view Default Level 2: Configuration level Usage Guidelines After forcible IP packet fragmentation is enabled on a device, the device sets the Don't Fragment (DF) field to 0 and fragments IP packets that meet the following conditions: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 541 Fit AP Command Reference 6 Network Interconnection Configurations Commands ● The value of the DF field in the IP packet header is 1. ● The packet length is larger than the MTU value of the interface that sends the packets. Example # Enable forcible fragmentation for outgoing packets on VLANIF100. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] clear ip df 6.8.2 discard ra Function The discard ra command discards IP packets with route-alert options. The undo discard ra command restores the default configurations. By default, packets with route-alert options are processed by the CPU. Format discard ra undo discard ra Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines When a device receives a huge number of packets with route-alert options that increase the traffic loads, performance of the device is affected. The discard ra command is used to discard IP packets with route-alert options, which reduces pressure on CPU and improves network performance and security. NOTE The discard ra command applies to only incoming packets. Example # Configure the device to discard the IP packets with route-alert options. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 542 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] discard ra 6.8.3 discard rr Function The discard rr command discards IP packets with record-route options. The undo discard rr command restores the default configurations. By default, packets with record-route options are processed by the CPU. Format discard rr undo discard rr Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines When a device receives a huge number of packets with record-route options that increase the traffic loads, performance of the device is affected. The discard rr command is used to discard IP packets with record-route options, which reduces pressure on CPU and improves network performance and security. NOTE The discard rr command applies to only incoming packets. Example # Configure the device to discard the IP packets with record-route options. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] discard rr Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 543 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.8.4 discard srr Function Using the discard srr command, you can enable the function of discarding IP packets with source-route options. Using the undo discard srr command, you can disable the function of discarding the IP packets with source-route options. By default, the function of discarding IP packets with source-route options is not enabled. That is, a device processes the IP packets with source-route options. Format discard srr undo discard srr Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines After the discard srr command is run, the device does not process but discard the IP packets with source-route options (including the packets to be forwarded and the packets for itself). This prevents attackers from snooping into the network structure and enhances network security. srr indicates the source-route options, which are actually called the source and record route (SRR) options. During packet routing, the IP address list is updated on each hop. Therefore, each hop needs to record the routes for sending the response packet along the reverse path. The SRR options are classified into the Loose Source and Record Route (LSRR) option and Strict Source and Record Route (SSRR) option. NOTE The discard srr command applies to only incoming packets. Example # Configure the device to discard the IP packets with source-route options on VLANIF100. <Huawei> system-view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 544 Fit AP Command Reference 6 Network Interconnection Configurations Commands [Huawei] interface vlanif 100 [Huawei-Vlanif100] discard srr 6.8.5 discard ts Function The discard ts command discards IP packets with time-stamp options. The undo discard ts command restores the default configurations. By default, packets with time-stamp options are processed by the CPU. Format discard ts undo discard ts Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines When a device receives a huge number of packets with time-stamp options that increase the traffic loads, performance of the device is affected. The discard ts command is used to discard IP packets with time-stamp options, which reduces pressure on CPU and improves network performance and security. NOTE The discard ts command applies to only incoming packets. Example # Configure the device to discard the IP packets with time-stamp options. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] discard ts 6.8.6 display icmp statistics Function The display icmp statistics command displays ICMP traffic statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 545 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display icmp statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display ICMP traffic statistics. <Huawei> display icmp statistics Input: bad formats 0 bad checksum 0 echo 0 destination unreachable 0 source quench 0 redirects 0 echo reply 0 parameter problem 0 timestamp request 0 information request 0 mask requests 0 mask replies 0 time exceeded 0 timestamp reply 0 Output:echo 0 destination unreachable 39735 source quench 0 redirects 0 echo reply 0 parameter problem 0 timestamp request 0 information reply 0 mask requests 0 mask replies 0 time exceeded 0 timestamp reply 0 Table 6-44 Description of the display icmp statistics command output Item Description Input Received packets. Output Sent packets. bad formats Number of packets in incorrect format. bad checksum Number of packets with checksum errors. echo Number of echo request packets. destination unreachable Number of unreachable packets. source quench Number of source quench packets. redirects Number of redirection packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 546 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description echo reply Number of echo reply packets. parameter problem Number of packets with incorrect parameters. timestamp request Number of timestamp request packets. information request Number of information request packets. information reply Number of information reply packets. mask requests Number of mask request packets. mask replies Number of mask reply packets. time exceeded Number of expired packets. timestamp reply Number of timestamp reply packets. 6.8.7 display ip interface Function The display ip interface command displays the IP configuration and statistics on interfaces. The statistics include the number of packets and bytes received and sent by interfaces, number of multicast packets sent and received by interfaces, and number of broadcast packets received, sent, forwarded, and discarded by interfaces. The display ip interface brief command displays brief information about interface IP addresses, including the IP address, subnet mask, physical status, linklayer protocol status, and number of interfaces in different states. Format display ip interface [ interface-type interface-number ] display ip interface brief [ interface-type [ interface-number ] ] display ip interface brief [ interface-type ] &<1-8> Parameters Parameter interface-type interface-number Issue 08 (2021-02-25) Description Value Specifies the type and number of an interface. If no interface is specified, IP configuration and statistics about all interfaces are displayed. - Copyright © Huawei Technologies Co., Ltd. 547 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value brief Displays brief information, including the IP address, subnet mask, physical status, link-layer protocol status, and number of interfaces in different states. - Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display ip interface brief command to view the following information: ● IP configurations of all interfaces ● IP configurations of interfaces of the specified type and a specified interface ● IP configurations of interfaces that have IP addresses This command, however, cannot display the IP configurations of Layer 2 interfaces. NOTE ● You can run the display interface description command to view the interface description. ● You can run the display interface command to view detailed information about the running status and statistics on the interface. Example # Display IP information about VLANIF15. <Huawei> display ip interface vlanif 15 Vlanif15 current state : UP Line protocol current state : UP The Maximum Transmit Unit : 1500 bytes input packets : 766390, bytes : 41540847, multicasts : 681817 output packets : 242239, bytes : 14679482, multicasts : 172333 Directed-broadcast packets: received packets: 0, sent packets: 0 forwarded packets: 0, dropped packets: 0 Internet Address is 10.1.1.119/24 Broadcast address : 10.1.1.255 TTL being 1 packet number: 164035 TTL invalid packet number: 0 ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 Timestamp reply: 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 548 Fit AP Command Reference 6 Network Interconnection Configurations Commands Information request: Information reply: Netmask request: Netmask reply: Unknown type: 0 0 0 0 0 Table 6-45 Description of the display ip interface command output Item Description current state : Physical status of the interface: ● UP: indicates that the interface is physically Up. ● DOWN: indicates that the interface is physically Down. ● Administratively down: indicates that the administrator has run the shutdown command on the interface. Line protocol current state : Link layer protocol status of the interface: ● UP: The link layer protocol of the interface is running properly. ● DOWN: The link layer protocol of the interface is Down or no IP address is configured on the interface. The Maximum Transmit Unit : MTU of the interface. The default MTU of an Ethernet interface or a serial interface is 1500 bytes. Packets longer than the MTU are fragmented before being transmitted. If fragmentation is not allowed, the packets are discarded. input packets : 766390, bytes : 41540847, multicasts : 681817 Total number of packets, bytes, and multicast packets received by the interface. output packets : 242239, bytes : 14679482, multicasts : 172333 Total number of packets, bytes, and multicast packets sent by the interface. Directed-broadcast packets: Number of packets broadcast on the interface directly. received packets: Total number of received packets. sent packets: Total number of sent packets. forwarded packets: Total number of forwarded packets. dropped packets: Total number of discarded packets. Internet Address is IP address assigned to the interface and mask length. Broadcast address : Broadcast address of the interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 549 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TTL being 1 packet number: Number of packets with TTL 1. TTL invalid packet number: Number of packets with invalid TTL. ICMP packet input number: Number of received ICMP packets. Echo reply: Number of Echo Reply packets. Unreachable: Number of Destination Unreachable packets. Source quench: Number of Source Quench packets. Routing redirect: Number of Redirect packets. Echo request: Number of Echo Request packets. Router advert: Number of Router Advertisement packets. Router solicit: Number of Router Solicitation packets. Time exceed: Number of Time Exceeded packets. IP header bad: Number of IP header error packets. Timestamp request: Number of Timestamp Request packets. Timestamp reply: Number of Timestamp Reply packets. Information request: Number of Information Request packets. Information reply: Number of Information Reply packets. Netmask request: Number of Address Mask Request packets. Netmask reply: Number of Address Mask Reply packets. Unknown type: Number of unknown packets. Related Topics 5.1.4 display interface 6.8.8 display ip socket register-port Function The display ip socket register-port command displays non-well-known port numbers that have been assigned to services on the device. Format display ip socket register-port Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 550 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views All views Default Level 3: Management level Usage Guidelines As defined in RFC standards, port numbers larger than 1024 are non-well-known port numbers and can be assigned to desired services, such as NQA and SSH services. However, a non-well-known port number can be assigned to only one service on the same device. If you assign a non-well-known port number to two or more services, this port number takes effect for only the latest configured service. As a result, the other services using this port number will fail. Before you assign a non-well-known port number to a service, run the display ip socket register-port command to check non-well-known port numbers that have been assigned to other services, preventing service failures caused by conflicts of non-well-known port numbers. Example # Display non-well-known port numbers that have been assigned to services on the device. <Huawei> display ip socket register-port Port Task Type 3232 mdt UDP4 3503 MPLSFW UDP4 3784 BFD UDP4 4784 BFD UDP4 Table 6-46 Description of the display ip socket register-port command output Item Description Port Non-well-known port number that has been assigned to a service. Task Name of the task to which a non-well-known port number is assigned. Type Port type. 6.8.9 display ip statistics Function The display ip statistics command displays IP traffic statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 551 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display ip statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines IP traffic statistics include statistics about received packets (including discarded packets that carry source-route options), sent packets, fragmented packets, and reassembled packets. If a large number of bad protocol and no route fields is displayed in the command output, the device receives a large volume of IP packets of unknown protocol types and IP packets for which no routes can be found. In this situation, the device may be attacked by the connected devices. Example # Display IP traffic statistics. <Huawei> display ip statistics Input: sum 49617 local 40133 bad protocol 0 bad format 0 bad checksum 0 bad options 0 discard srr 0 discard rr 0 discard ra 0 discard ts 0 TTL exceeded 0 Output: forwarding 0 local 44518 dropped 0 no route 0 Fragment: input 0 output 0 dropped 0 fragmented 0 couldn't fragment 0 Reassembling:sum 0 timeouts 0 Table 6-47 Description of the display ip statistics command output Item Description Input Received packets. sum Total number of packets. local Number of packets sent to the upper-layer protocol. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 552 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description bad protocol Number of received IP packets of unknown protocol types. The protocol field in the IP header cannot be identified by the upperlayer protocol. bad format Number of packets in incorrect format. bad checksum Number of packets with checksum errors. bad options Number of packets with incorrect options. discard srr Number of discarded packets with source route options. discard rr Indicates the number of packets that are received and then discarded because of record-route options. discard ra Indicates the number of packets that are received and then discarded because of alert-route options. discard ts Indicates the number of packets that are received and then discarded because of time stamps options. TTL exceeded Number of packets discarded because the TTL expires. Output Sent packets. forwarding Number of forwarded packets. local Number of generated packets. dropped Number of discarded packets. no route Number of packets for which no correct route can be found, including the packets sent and forwarded by the local device. Fragment Number of packet fragments. input Number of received fragments. output Number of sent fragments. dropped Number of discarded fragments. fragmented Number of successfully fragmented packets. couldn't fragment Number of packets that cannot be fragmented. Reassembling:sum Number of successfully reassembled fragments. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 553 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description timeouts Number of expired fragments. Related Topics 5.1.7 display ip interface 6.8.27 reset ip statistics 6.8.10 display network status Function Running the display network status command, you can check the network status of a device. Format display network status { all | tcp | udp | port port-number } Parameters Parameter Description Value all Displays all the network information. - tcp Displays TCP. - udp Displays UDP. - port port-number Specifies the number of an interface. The value is an integer ranging from 1 to 65535. Views All views Default Level 1: Monitoring level Usage Guidelines The display network status command is used to check the network status, such as the running interfaces and services on the network. For example, when you find that an interface is being used by an unknown module during a security scan, run the command to check out the module. Example # Display the IPv4 RawIP connection status. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 554 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> display network status all Proto Task/SockId Local Addr&Port Foreign Addr&Port State TCP VTYD/1 0.0.0.0:23 0.0.0.0:0 Listening TCP VTYD/3 10.23.23.1:23 10.23.23.201:4332 Established TCP6 VTYD/2 ::->23 ::->0 Listening UDP NTPT/1 0.0.0.0:123 0.0.0.0:0 UDP AGNT/1 0.0.0.0:161 0.0.0.0:0 UDP RDS /1 0.0.0.0:1812 0.0.0.0:0 UDP WEB /1 0.0.0.0:2000 0.0.0.0:0 UDP L2_P/1 0.0.0.0:40000 0.0.0.0:0 UDP NAP /1 0.0.0.0:53535 0.0.0.0:0 UDP6 NTPT/2 ::->123 ::->0 UDP6 AGT6/1 ::->161 ::->0 Table 6-48 Description of the display network status command output Item Description Proto Task/SockId Protocol Task and Socket ID Local Addr&Port Local IP address and Port number Foreign Addr&Port Remote IP address and Port number State Connection status 6.8.11 display rawip statistics Function The display rawip statistics command displays RawIP traffic statistics. Format display rawip statistics [ verbose ] Parameters Parameter Description Value verbose - Displays detailed RawIP traffic statistics based on the ICMP, OSPF, RSVP, and Others protocols. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 555 Fit AP Command Reference 6 Network Interconnection Configurations Commands The statistics about RawIP packets include the number of sent RawIP packets and the number of received RawIP packets. RSVP, OSPF, and ICMP packets are encapsulated into RawIP packets to be sent. During the ping operation, for example, you can run the display rawip statistics command to view the number of RawIP packets sent by the local device to check whether the abnormality on the network is caused by abnormal sending and receiving of RawIP packets. If you want to diagnose problems and monitor information of specific applications, configure verbose in the display rawip statistics command to display application-specific RawIP packet statistics. The applications can be ICMP, OSPF, RSVP, and others. Precautions The number of packets received by a wireless access point includes the number of forwarded packets, packets sent to the upper layer, and discarded packets. NOTE RawIP traffic statistics are collected based on the well-known protocol number. The protocol number is identified by the protocol field in the IP packet header. ● The protocol number of ICMP statistics is 1. ● The protocol number of OSPF statistics is 89. ● The protocol number of RSVP statistics is 46. ● Statistics about packets with other protocol numbers are collected into the Others field. Example # View the statistics about RawIP packets. <Huawei> display rawip statistics Received packets: dropped packets because the socket buffer is full : 0 dropped packets because no matching socket is found : 0 Sent packets: dropped packets : 0 Table 6-49 Description of the display rawip statistics command output Item Description Received packets Indicates the number of received packets. dropped packets because the socket buffer is full Indicates the number of RawIP packets that are discarded because the socket buffer is full. dropped packets because no matching socket is found Indicates the number of RawIP packets that are discarded because the socket of the receiver does not match with that of the sender. Sent packets Indicates the number of sent packets. dropped packets Indicates the number of discarded packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 556 Fit AP Command Reference 6 Network Interconnection Configurations Commands # Display detailed RawIP traffic statistics. <Huawei> display rawip statistics verbose Received packets: -----------------------------------------------------------------Application Overflow No Matching -----------------------------------------------------------------ICMP 0 0 OSPF 0 0 RSVP 0 0 Others 0 1 -----------------------------------------------------------------Sent packets: -----------------------------------------------------------------Application Dropped Packets -----------------------------------------------------------------ICMP 0 OSPF 0 RSVP 0 Others 0 ------------------------------------------------------------------ Table 6-50 Description of the display rawip statistics verbose command output Item Description Received packets Statistics on received packets. Application Application type. Overflow Number of RawIP packets discarded because the Socket buffer is full. No Matching Number of RawIP packets discarded because the receiver's Socket is mismatching. ICMP ICMP packets. OSPF OSPF packets. RSVP RSVP packets. Others Other types of packets. Sent packets Statistics about sent packets. Dropped Packets Number of discarded packets. Related Topics 6.8.28 reset rawip statistics 6.8.12 display tcp statistics Function The display tcp statistics command displays TCP traffic statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 557 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display tcp statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The command displays TCP traffic statistics including different types of received and sent packets. For example, duplicate received packets and packets with checksum errors. In addition, connection-related statistics are displayed, for example, times of accepted connections, the number of retransmitted packets, and the number of keepalive packets. Most of the preceding statistics are expressed in number of packets, and some of them are expressed in number of bytes. Example # Display TCP traffic statistics. <Huawei> display tcp statistics Received packets: Total: 0 Total(64bit high-capacity counter): 0 packets in sequence: 0 (0 bytes) window probe packets: 0, window update packets: 0 checksum error: 0, offset error: 0, short error: 0 duplicate packets: 0 (0 bytes), partially duplicate packets: 0 (0 bytes) out-of-order packets: 0 (0 bytes) packets of data after window: 0 (0 bytes) packets received after close: 0 ACK packets: 0 (0 bytes) duplicate ACK packets: 0, too much ACK packets: 0 Sent packets: Total: 0 Total(64bit high-capacity counter): 0 urgent packets: 0 control packets: 0 (including 0 RST) window probe packets: 0, window update packets: 0 data packets: 0 (0 bytes), data packets retransmitted: 0 (0 bytes) ACK-only packets: 0 (0 delayed) Other information: Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0 Keep alive timeout: 0, keep alive probe: 0, Keep alive timeout, so connections disconnected : 0 Initiated connections: 0, accepted connections: 0, established connections: 0 Closed connections: 0 ( dropped: 0, initiated dropped: 0) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 558 Fit AP Command Reference 6 Network Interconnection Configurations Commands Packets dropped with MD5 authentication: 0 Packets permitted with MD5 authentication: 0 Send Packets permitted with Keychain authentication: 0 Receive Packets permitted with Keychain authentication: 0 Receive Packets Dropped with Keychain authentication: 0 Table 6-51 Description of the display tcp statistics command output Item Description Received packets Statistics about received packets. Total Total number of packets. Total (64bit high-capacity counter) Total number of packets, using the 64-bit counter. packets in sequence (bytes) Number of bytes in the packets that arrive in order. window probe packets Number of window probe packets. window update packets Number of window update packets. checksum error Number of packets with checksum errors. offset error Number of packets with offset errors. short error Number of packets whose length is too short. duplicate packets (bytes) Number of bytes in the duplicate packets. partially duplicate packets (bytes) Number of bytes in partially duplicate packets. out-of-order packets (bytes) Number of bytes in the out-of-order packets. packets of data after window (bytes) Number of bytes in the packets whose size is greater than the window size. packets received after close Number of packets that arrive after a connection is closed. ACK packets (bytes) Number of acknowledged packets, in bytes. duplicate ACK packets Number of re-acknowledged packets. too much ACK packets Number of acknowledged packets with no data sent. Sent packets Number of sent packets. urgent packets Number of urgent packets. control packets (RST) Number of control packets (RST packets). data packets Number of data packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 559 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description data packets retransmitted (0 bytes) Number of bytes in the retransmitted packets. ACK-only packets (delayed) Number of acknowledged packets that are delayed. ACK-only packets (delayed) Other data statistics. Retransmitted timeout Timeout interval of the retransmission timer. connections dropped in retransmitted timeout Number of connections discarded because the number of retransmission times exceeds the threshold. Keep alive timeout Timeout interval of the keepalive timer. keep alive probe Number of sent keepalive packets. Keep alive timeout, so connections disconnected Number of connections discarded because keepalive probe fails. Initiated connections Number of initiated connections. accepted connections Number of accepted connections. established connections Number of established connections. Closed connections (dropped, initiated dropped) Number of closed connections (number of discarded packets after a connection is set up or before a connection is set up). Packets dropped with MD5 authentication Number of packets that fail to pass MD5 authentication. Packets permitted with MD5 authentication Number of packets that pass MD5 authentication. Send Packets permitted with Keychain authentication Number of sent packets that carry keychain options. Receive Packets permitted with Keychain authentication Number of received packets that pass keychain authentication. Receive Packets Dropped with Keychain authentication Number of received packets that fail to pass keychain authentication. Related Topics 6.8.13 display tcp status Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 560 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.8.13 display tcp status Function The display tcp status command displays current TCP connection status. Format display tcp status [ [ task-id task-id ] [ socket-id socket-id ] | [ local-ip ipaddress ] [ local-port local-port-number ] [ remote-ip ip-address ] [ remote-port remote-port-number ] ] Parameters Parameter Description Value Displays the TCP connection status of the task with a specified ID. The value is an integer that ranges from 1 to 150. socket-id socket-id Displays the TCP connection status of the socket with a specified ID. The value is an integer that ranges from 1 to 131072. local-ip ip-address Displays the TCP connection status of a specified local IP address. The value is in dotted decimal notation. local-port localport-number Displays the TCP connection status of a specified local port ID. The value is an integer that ranges from 0 to 65535. remote-ip ipaddress Displays the TCP connection status a specified remote IP address. The value is in dotted decimal notation. task-id task-id remote-port Displays the TCP connection remote-port-number status of a specified remote port ID. The value is an integer that ranges from 0 to 65535. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario The transmission control protocol defined in RFC 793 ensures high reliability of transmission between hosts. TCP provides reliable and connection-oriented Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 561 Fit AP Command Reference 6 Network Interconnection Configurations Commands services in full duplex mode. Run the display tcp status command to monitor the TCP connection status. The following information is displayed. ● ID of the TCP task control block. ● ID of the IPv4 TCP task and socket. ● Local IPv4 address and port ID. ● Remote IPv4 address and port ID. ● ID of the VPN instance to which the TCP connection belongs. ● IPv4 TCP connection status. You can set filtering rules based on the Task ID, socket ID, IP address and port number of the local device, and IP address and port number of the remote device so that only the information matching the rules is displayed. This prevents unnecessary information from being displayed and helps you locate faults accurately and efficiently. Precautions The command output is null if there is no TCP connection. Example # Display the TCP connection status on the local device. <Huawei> display tcp status TCPCB Tid/Soid Local Add:port 0a5d560c 30 /1 0.0.0.0:23 Foreign Add:port VPNID State 0.0.0.0:0 14849 Listening # Display the status of the TCP connection originated from the local IP address 0.0.0.0 and port 23. <Huawei> display tcp status local-ip 0.0.0.0 local-port 23 TCPCB Tid/Soid Local Add:port Foreign Add:port VPNID State 0a5d560c 30 /1 0.0.0.0:23 0.0.0.0:0 14849 Listening # Display the status of the TCP connection originated from the local IP address 0.0.0.0 and port 24. <Huawei> display tcp status local-ip 0.0.0.0 local-port 24 TCPCB Tid/Soid Local Add:port Foreign Add:port VPNID State Table 6-52 Description of the display tcp status command output Field Description TCPCB ID of the TCP task control block. Tid/Soid Task ID and socket ID. Local Add: port IP address and port number of the local device. If the value of Local Add is 0.0.0.0, TCP connections of all IP addresses are monitored. If the value of port is 0, the TCP connection of all ports is monitored. Foreign Add: port IP address and port number of the remote device. If the value of Foreign Add is 0.0.0.0, the TCP connection of all IP addresses is monitored. If the value of port is 0, TCP connections of all ports are monitored. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 562 Fit AP Command Reference 6 Network Interconnection Configurations Commands Field Description VPNID ID of the VPN instance to which the TCP connection belongs. ● -1: indicates all VPNs. ● 0: indicates the public VPN. ● Other values: indicates the private VPN. The VPNID is defined by users. State TCP connection status: ● Closed: indicates that the TCP connection is closed. ● Listening: indicates that the TCP connection is being monitored. ● Syn_Rcvd: indicates that a packet with the SYN flag is received. ● Established: indicates that the TCP connection has been set up. ● Close_Wait: indicates that a user sends a packet with the FIN flag to the server to close the TCP connection in Established state. The server then sends an ACK packet to the user after receiving the packet and enters the Close_Wait state. ● Fin_Wait1: indicates that a user sends a packet with the FIN flag to the server to close the TCP connection and enter this state. ● Fin_Wait2: indicates that a user receives an ACK packet that responds to the sent packet with the FIN flag. ● Time_Wait: indicates that TCP enters this state after the TCP connection is closed. When TCP has been in Time_Wait state two times the lifetime of the longest packets, records about the closed connection are deleted. ● Closing: indicates that the user and server close the TCP connection simultaneously. 6.8.14 display udp statistics Function The display udp statistics command displays UDP traffic statistics. Format display udp statistics Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 563 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The command displays UDP traffic statistics including different types of received and sent packets. For example, packets with checksum errors. In addition, connection-related statistics are displayed, for example, the number of broadcast packets. The preceding statistics are expressed in number of packets. Example # Display UDP traffic statistics. <Huawei> display udp statistics Received packets: Total: 104808 Total(64bit high-capacity counter): 104808 checksum error: 0 shorter than header: 0 data length larger than packet: 0 unicast(no socket on port): 0 broadcast/multicast(no socket on port): 104808 not delivered, input socket full: 0 input packets missing pcb cache: 0 Sent packets: Total: 4957 Total(64bit high-capacity counter): 4957 Table 6-53 Description of the display udp statistics command output Item Description Received packet: Total number of received UDP packets. Total: Total number of received UDP packets (using the 64-bit counter). Total (64bit high-capacity counter): checksum error: Number of packets with checksum errors. shorter than header: Number of packets whose length is shorter than the packet header. data length larger than packet: Number of packets whose data length is greater than the packet length. unicast (no socket on port): Number of unicast packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 564 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description broadcast/multicast (no socket on port): Number of broadcast and multicast packets. not delivered, input socket full: Number of packets that are not sent out because the socket buffer is full. input packets missing pcb cache: Number of sent packets that are not found in the PCB cache. Sent packets: Total number of sent UDP packets. Total: Total number of sent UDP packets (using the 64-bit counter). Total (64bit high-capacity counter): Related Topics 6.8.30 reset udp statistics 6.8.15 icmp blackhole unreachable send Function The icmp blackhole unreachable send command enables the BRAS to send a Destination Unreachable ICMP packet to an initiator when a tracert packet matches an IPv4 blackhole route. The undo icmp blackhole unreachable send command disables the BRAS from sending a Destination Unreachable ICMP packet to an initiator when a tracert packet matches an IPv4 blackhole route. By default, the BRAS is disabled from sending a Destination Unreachable ICMP packet to an initiator when a tracert packet matches an IPv4 blackhole route. Format icmp blackhole unreachable send undo icmp blackhole unreachable send Parameters None Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 565 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario If static IPv4 blackhole routes are configured on the BRAS and a user goes offline, only the IPv4 blackhole route corresponding to the user's address segment exists on the BRAS. When a tracert packet matches the IPv4 blackhole route, the BRAS discards the packet. As a result, an initiator cannot detect that the user has gone offline. After you run the icmp blackhole unreachable send command, the BRAS sends a Destination Unreachable ICMP packet to an initiator, notifying the initiator that the user has gone offline if a user goes offline and a tracert packet matches the IPv4 blackhole route. Pre-configuration Tasks Static IPv4 blackhole routes have been configured on the BRAS. Example # Enable the BRAS to send a Destination Unreachable ICMP packet to an initiator when a tracert packet matches an IPv4 blackhole route. <Huawei> system-view [Huawei] icmp blackhole unreachable send 6.8.16 icmp host-unreachable send (interface view) Function The icmp host-unreachable send command enables an interface to send ICMP host unreachable packets. The undo icmp host-unreachable send command disables an interface from sending ICMP host unreachable packets. By default, an interface can send ICMP host unreachable packets. Format icmp host-unreachable send undo icmp host-unreachable send Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 566 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines The command is used on the interface that receives ICMP packets. Example # Enable VLANIF10 to send ICMP host unreachable packets. <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] icmp host-unreachable send Related Topics 6.8.6 display icmp statistics 6.8.17 icmp port-unreachable send Function The icmp port-unreachable send command enables the device to send ICMP port unreachable packets. The undo icmp port-unreachable send command disables the device from sending ICMP port unreachable packets. By default, the device sends ICMP port unreachable packets. Format icmp port-unreachable send undo icmp port-unreachable send Parameters None Views System view Default Level 2: Configuration level Usage Guidelines After the function of sending ICMP port unreachable packets is disabled, the device does not send ICMP port unreachable packets. This can reduce the number of ICMP packets on the network and reduce the workload on the peer device. Example # Enable the device to send ICMP port unreachable packets. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 567 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> system-view [Huawei] icmp port-unreachable send 6.8.18 icmp receive Function The icmp receive command enables the device to receive ICMP messages. The undo icmp receive command disables the device from receiving ICMP messages. By default, the device receives ICMP messages. Format icmp { type icmp-type code icmp-code | name icmp-name | all } receive undo icmp { type icmp-type code icmp-code | name icmp-name | all } receive Parameters Parameter Description Value type icmp-type Specifies the type number of an ICMP message. The value is an integer ranging from 0 to 255. code icmpcode The value is an integer ranging from 0 to 255. Issue 08 (2021-02-25) Specifies the code of an ICMP message. Copyright © Huawei Technologies Co., Ltd. 568 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value name icmpname Specifies the name of an ICMP message. The value is a string The value can be any of the following: of case-insensitive characters, with ● echo spaces not supported. ● echo-reply The string length ● fragmentneed-DFset ranges from 1 to 32. ● host-redirect ● host-tos-redirect ● host-unreachable ● information-reply ● information-request ● net-redirect ● net-tos-redirect ● net-unreachable ● parameter-problem ● port-unreachable ● protocol-unreachable ● reassembly-timeout ● source-quench ● source-route-failed ● timestamp-reply ● timestamp-request ● ttl-exceeded all Specifies all ICMP packets. - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario The undo icmp receive command can be used to disable the device from receiving ICMP messages for the purpose of improving network performance or enhancing network security. ● Issue 08 (2021-02-25) On secure networks, the device can normally receive ICMP messages. In the case of heavy traffic on the network, if hosts or ports are frequently unreachable, the device will receive a large number of ICMP packets, which causes heavier traffic burdens over the network and degrades the performance of the device. Copyright © Huawei Technologies Co., Ltd. 569 Fit AP Command Reference ● 6 Network Interconnection Configurations Commands On insecure networks, network attackers often make use of ICMP error messages to spy on the internal structure of the network. Configuration Impact After the undo icmp receive command is run, the device no longer process ICMP messages of a certain type, causing the host to fail to ping the device. Precautions If the network status is normal and the device is required to receive ICMP messages, you can run the icmp receive command. Example # Disable the device from receiving ICMP messages with the type number being 3 and the code number being 1. <Huawei> system-view [Huawei] undo icmp type 3 code 1 receive 6.8.19 icmp redirect send Function The icmp redirect send command enables the system to send ICMP redirection packets. The undo icmp redirect send command disables the system from sending ICMP redirection packets. By default, the system sends ICMP redirection packets. Format icmp redirect send undo icmp redirect send Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines The command is used on the interface that receives ICMP packets. ICMP redirection packets are a type of ICMP control packets. When the device detects that a host uses a non-optimal route, it sends an ICMP redirection packet Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 570 Fit AP Command Reference 6 Network Interconnection Configurations Commands to the host, requesting the host to change the route. The device also sends an ICMP redirection packet to the destination. Example # Enable VLANIF100 to send ICMP redirection packets. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] icmp redirect send Related Topics 6.8.6 display icmp statistics 6.8.20 icmp ttl-exceeded send Function The icmp ttl-exceeded send command enables an interface to send ICMP Time Exceeded messages. The undo icmp ttl-exceeded send command disables an interface from sending ICMP Time Exceeded messages. By default, an interface is enabled to send ICMP Time Exceeded messages. Format icmp ttl-exceeded send undo icmp ttl-exceeded send Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines By default, an interface replies with an ICMP Time Exceeded message after it receives a message with TTL 1. The interface adds its IP address as the source IP address in the ICMP Time Exceeded message, exposing the interface itself to attackers. In addition, after being attacked, the interface replies with numerous ICMP Time Exceeded messages, consuming CPU resources and degrading system performance. To resolve these problems, run the undo icmp ttl-exceeded send command to disable the interface from replying with ICMP Time Exceeded messages. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 571 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Disable VLANIF 10 from sending ICMP Time Exceeded messages. <Huawei> system-view [Huawei] interface vlanif 10 [Huawei-Vlanif10] undo icmp ttl-exceeded send 6.8.21 ip forward-broadcast Function Using the ip forward-broadcast command, you can enable an interface to forward broadcast packets. Using the undo ip forward-broadcast command, you can disable an interface from forwarding broadcast packets. By default, disable the interface from forwarding broadcast packets. Format ip forward-broadcast [ acl acl-number ] undo ip forward-broadcast Parameters Parameter Description Value acl acl-number Specifies the number of an ACL. The value is an integer that ranges from 2000 to 3999. ● The number of a basic ACL ranges from 2000 to 2999. ● The number of an advanced ACL ranges from 3000 to 3999. Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines The ip forward-broadcast command cannot be used on Layer 2 interfaces. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 572 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Enable VLANIF100 to forward broadcast packets. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] ip forward-broadcast Related Topics 5.1.7 display ip interface 6.8.22 ip soft-forward enhancement disable Function The ip soft-forward enhancement disable command disables the enhanced forwarding function for control packets generated by the device. The undo ip soft-forward enhancement disable command enables the enhanced forwarding function for control packets generated by the device. By default, the enhanced forwarding function is enabled for control packets generated by the device. Format ip soft-forward enhancement disable undo ip soft-forward enhancement disable Parameters None. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can configure forwarding policies (such as QoS policies) for data packets to implement differentiated services. In some scenarios, you may need to manage control packets generated by the device to process different control packets. For example, carriers have limited the bandwidth of data packets through QoS policies and also want to limit the bandwidth of control packets. In this situation, QoS policies take effect only for data packets. You can configure the enhanced forwarding function to make QoS policies take effect for control packets. Currently, the enhanced forwarding function is valid only for the control packets Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 573 Fit AP Command Reference 6 Network Interconnection Configurations Commands generated by the device but not for the control packets forwarded by other devices. You can run the undo ip soft-forward enhancement disable command to enable the enhanced forwarding function for control packets generated by the device. Follow-up Procedures After enabling the enhanced forwarding function on the device, you can perform some configurations on the control packets generated by the device. For example, you can configure different QoS policies for different types of packets generated by the device. Example # Disable the enhanced forwarding function for control packets generated by the device. <Huawei> system-view [Huawei] ip soft-forward enhancement disable 6.8.23 ip verify source-address Function The ip verify source-address command enables an interface to check validity of source IP addresses of received packets. The undo ip verify source-address command disables an interface from checking validity of source IP addresses of received packets. By default, an interface does not check validity of source IP addresses of received packets. Format ip verify source-address undo ip verify source-address Parameters None Views VLANIF interface view, loopback interface view Default Level 2: Configuration level Usage Guidelines The following IP addresses are illegal source addresses: Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 574 Fit AP Command Reference 6 Network Interconnection Configurations Commands ● Addresses with all 0s or 1s ● Multicast addresses (class D addresses) ● Class E addresses ● Loopback addresses that are not generated on local hosts (in 127.x.x.x format) ● Broadcast addresses of classes A, B, and C ● Subnet broadcast addresses that are on the same network segment as the address of the inbound interface Run the display this command in the VLANIF interface view to check configuration of checking validity of source IP addresses. The interface only check validity of source IP addresses of the packets that are forwarded to the CPU and does not check validity of source IP addresses of the packets that will be directly forwarded according to the FIB table. Example # Enable VLANIF100 to check validity of source addresses of received packets. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] ip verify source-address Related Topics 2.1.4 display this 6.8.24 reset ip socket monitor Function The reset ip socket monitor command clears information in a socket monitor. Format reset ip socket monitor [ task-id task-id socket-id socket-id ] Parameters Parameter Description task-id task-id Clears information about the task The value is an integer with a specified ID in the socket ranging from 1 to 150 monitor. socket-id socket-id Clears information about the socket with a specified ID in the socket monitor. Value The value is an integer ranging from 1 to 131072. Views User view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 575 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 3: Management level Usage Guidelines You can specify the task ID and socket ID for deleting information about the socket monitor that meets the filtering condition. Example # Clear information in a socket monitor. <Huawei> reset ip socket monitor 6.8.25 load-balance (system view) Function The load-balance command enables the per-packet load balancing mode of IP Packet Forwarding. The undo load-balance command restores the default configuration. The default load balancing mode of IP Packet Forwarding is per-flow. Format load-balance { flow | packet } [ all ] undo load-balance packet [ all ] Parameters Parameter Description Value flow Indicates flow-based load balancing. - packet Indicates packet-based load balancing. - all Configure per-flow load balancing on the local device. - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario The per-flow load balancing mode does not prevent packet loss in some services, such as a voice service that has fixed source and destination IP addresses. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 576 Fit AP Command Reference 6 Network Interconnection Configurations Commands Therefore, if the per-flow load balancing mode does not meet the service reliability requirement, run the load-balance packet command to enable the perpacket load balancing mode. If packet-based load balancing is used, packets are forwarded through different links. Packet-based load balancing can only be performed on packets that are sent to the CPU for software forwarding. Configuration Impact This command takes effect for packets delivered by hosts and those processed by the CPU. Example # Configure packet-based load balancing for IP packet forwarding. <Huawei> system-view [Huawei] load-balance packet 6.8.26 reset ip socket pktsort Function The reset ip socket pktsort command resets statistics on the dual receive buffer of the socket. Format reset ip socket pktsort task-id task-id socket-id socket-id Parameters Parameter Description Value task-id task-id Specifies the ID of a task. The value is an integer ranging from 1 to 150. socket-id socket-id Specifies the ID of a socket. The value is an integer range from 1 to 131072. Views User view Default Level 3: Management level Usage Guidelines This command resets statistics on the dual receive buffer of the socket and thus the count restarts. Therefore, confirm the action before you use the command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 577 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Reset statistics on the dual receive buffer of the socket with the task ID of 2 and the socket ID of 6. <Huawei> reset ip socket pktsort task-id 2 socket-id 6 6.8.27 reset ip statistics Function The reset ip statistics command clears IP traffic statistics on an interface. Format reset ip statistics [ interface interface-type interface-number ] Parameters Parameter Description Value interface interface-type interface-number Specifies the type and ID of an interface. If no optional parameter is specified, all the IP statistics will be deleted. - Views User view Default Level 3: Management level Usage Guidelines To collect IP traffic statistics on an interface in a period of time, you must clear the existing traffic statistics and collect IP statistics after a period of time. Run the display ip statistics command to display information. If no parameter is specified, the command clears IP traffic statistics on all boards. Example # Clear IP statistics on all interfaces. <Huawei> reset ip statistics Related Topics 5.1.7 display ip interface 6.8.9 display ip statistics Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 578 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.8.28 reset rawip statistics Function The reset rawip statistics command clears RawIP packet statistics. Format reset rawip statistics Parameters None Views user view Default Level 3: Management level Usage Guidelines The reset rawip statistics command clears RawIP packet statistics. Confirm your action before running this command. Example # Clear RawIP packet statistics. <Huawei> reset rawip statistics Related Topics 6.8.11 display rawip statistics 6.8.29 reset tcp statistics Function The reset tcp statistics command deletes TCP traffic statistics. Format reset tcp statistics Parameters None Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 579 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views User view Default Level 3: Management level Usage Guidelines The reset tcp statistics command deletes TCP traffic statistics. Confirm your action before running this command. Example # Delete TCP traffic statistics. <Huawei> reset tcp statistics Related Topics 6.8.12 display tcp statistics 6.8.30 reset udp statistics Function The reset udp statistics command deletes UDP traffic statistics. Format reset udp statistics Parameters None Views User view Default Level 3: Management level Usage Guidelines The reset udp statistics command deletes UDP traffic statistics. Confirm your action before running this command. Example # Delete UDP traffic statistics. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 580 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> reset udp statistics Related Topics 6.8.14 display udp statistics 6.8.31 tcp max-mss Function The tcp max-mss command sets the maximum MSS value for a TCP connection. The undo tcp max-mss command deletes the maximum MSS value of a TCP connection. By default, the maximum MSS value is not configured for TCP connections. Format tcp max-mss mss-value undo tcp max-mss Parameters Parameter Description Value mss-value The value is an integer ranging from 32 to 9600, in bytes. Specifies the maximum MSS value for a TCP connection. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To establish a TCP connection, the MSS value is negotiated, which indicates the maximum length of packets that the local device can receive. This length is the TCP payload length, excluding that of the TCP header. If the path MTU is unavailable on one end of a TCP connection, this end cannot adjust the TCP packet size based on the MTU. As a result, this end may send TCP packets that are longer than the MTUs on intermediate devices, which will discard these packets. To prevent this problem, run the tcp max-mss command on either end of a TCP connection to set the maximum MSS value of TCP packets. Then the MSS value negotiated by both ends will not exceed this maximum MSS value, and accordingly TCP packets sent from both ends will not be longer than this maximum MSS value and can travel through the intermediate network. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 581 Fit AP Command Reference 6 Network Interconnection Configurations Commands The maximum MSS value configured using the tcp max-mss command must be greater than the minimum MSS value configured using the tcp min-mss command. Example # Set the maximum MSS value for a TCP connection to 1024 bytes. <Huawei> system-view [Huawei] tcp max-mss 1024 Related Topics 6.8.32 tcp min-mss 6.8.32 tcp min-mss Function The tcp min-mss command sets the minimum value of maximum segment size (MSS) for a TCP connection. The undo tcp min-mss command restores the default minimum value of the MSS for a TCP connection. The default minimum MSS value for a TCP connection is 216 bytes. Format tcp min-mss mss-value undo tcp min-mss Parameters Parameter Description Value mss-value The value ranges from 32 byte to 1500 bytes. By default, the value is 216 bytes. Specifies the minimum MSS value for a TCP connection. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To establish a TCP connection, the MSS value is negotiated, which indicates the maximum length of packets that the local device can receive. The TCP client on a Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 582 Fit AP Command Reference 6 Network Interconnection Configurations Commands network may send a request packet for establishing a TCP connection carrying a small MSS value. For example, the MSS value is 1. After the TCP server receives the request packet carrying the MSS value, the TCP connection is established. The TCP client then may send large numbers of requests to the server by an application, causing the TCP server to generate large numbers of reply packets. This may burden the TCP server or network, causing denial of service (DoS) attacks. To resolve this problem, run the tcp min-mss command to set the minimum MSS value for a TCP connection. This configuration prevents a server from receiving packets carrying a small MSS value. Precautions If the tcp min-mss command is run more than once in the same view, the latest configuration overrides the previous one. Configure the parameters under the guidance of the technical personnel. Example # Set the minimum MSS value for a TCP connection to 512 bytes. <Huawei> system-view [Huawei] tcp min-mss 512 Related Topics 6.8.35 tcp window 6.8.33 tcp timer fin-timeout Function The tcp timer fin-timeout command configures the value of the TCP FIN-Wait timer. The undo tcp timer fin-timeout command restores the default value of the TCP FIN-Wait timer. By default, the value of the TCP FIN-Wait timer is 675s. Format tcp timer fin-timeout interval undo tcp timer fin-timeout Parameters Parameter Description Value interval The value is an integer that ranges from 76 to 3600, in seconds. The default value is 675s. Issue 08 (2021-02-25) Specifies the value of the TCP FIN-Wait timer. Copyright © Huawei Technologies Co., Ltd. 583 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views System view Default Level 2: Configuration level Usage Guidelines When a TCP connection changes from FIN_WATI_1 to FIN_WAIT_2, the TCP FINWait timer is started. If no response packet is received after the TCP FIN-Wait timer expires, the TCP connection is closed. If you run this command in the same view for multiple times, only the last configuration takes effect. You are advised to configure this parameter under the supervision of technical support personnel. Example # Set the value of the TCP FIN-Wait timer to 400s. <Huawei> system-view [Huawei] tcp timer fin-timeout 400 Related Topics 6.8.34 tcp timer syn-timeout 6.8.35 tcp window 6.8.34 tcp timer syn-timeout Function The tcp timer syn-timeout command configures the value of the TCP SYN-Wait timer. The undo tcp timer syn-timeout command restores the default value of the TCP SYN-Wait timer. By default, the value of the TCP SYN-Wait timer is 75s. Format tcp timer syn-timeout interval undo tcp timer syn-timeout Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 584 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value interval The value is an integer ranging from 2 to 600, in seconds. The default value is 75s. Specifies the value of the TCP SYN-Wait timer. Views System view Default Level 2: Configuration level Usage Guidelines When an SYN packet is sent, the TCP SYN-Wait timer is started. If no response packet is received after the TCP SYN-Wait timer expires, the TCP connection is closed. If you run this command in the same view for multiple times, only the last configuration takes effect. You are advised to configure this parameter under the supervision of technical support personnel. Example # Set the value of the TCP SYN-Wait timer to 100s. <Huawei> system-view [Huawei] tcp timer syn-timeout 100 Related Topics 6.8.33 tcp timer fin-timeout 6.8.35 tcp window 6.8.35 tcp window Function The tcp window command configures the size of the receive or send buffer of a connection-oriented socket. The undo tcp window command restores the default size of the receive or send buffer of a connection-oriented socket. By default, the size of the receive or send buffer of a connection-oriented socket is 8K bytes. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 585 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format tcp window window-size undo tcp window Parameters Parameter Description Value window-size Specifies the size of the receive The value is an integer that ranges or send buffer of a connection- from 1 to 32, in K bytes. The oriented socket. default value is 8K bytes. Views System view Default Level 2: Configuration level Usage Guidelines If you run this command in the same view for multiple times, only the last configuration takes effect. You are advised to configure this parameter under the supervision of technical support personnel. Example # Set the size of the receive or send buffer of a connection-oriented socket to 3K bytes. <Huawei> system-view [Huawei] tcp window 3 Related Topics 6.8.33 tcp timer fin-timeout 6.8.34 tcp timer syn-timeout 6.9 Basic IPv6 Configuration Commands 6.9.1 display default-parameter tcp6 Function The display default-parameter tcp6 command displays the default values of all configurable parameters on the TCP6 module. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 586 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format display default-parameter tcp6 Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines The display default-parameter tcp6 command displays the default values of all configurable parameters on the TCP6 module. The configurable parameters are as follows: ● SYN-Wait timer value ● FIN-Wait timer value ● Slide window size Example # Display the default values of all configurable parameters on the TCP6 module. <Huawei> display default-parameter tcp6 --------------------------------SYN Timeout Value(sec) : 75 FIN Timeout Value(sec) : 600 Window Size(KBytes) : 8 --------------------------------- Table 6-54 Description of the display default-parameter tcp6 command output Item Description SYN Timeout Value(sec) TCP SYN-Wait timer value. To configure this parameter, run the tcp ipv6 timer syn-timeout command. FIN Timeout Value(sec) TCP FIN-Wait timer value. To configure this parameter, run the tcp ipv6 timer fin-timeout command. Window Size(KBytes) TCP6 slide window size. To configure this parameter, run the tcp ipv6 window command. Related Topics 6.9.19 tcp ipv6 timer syn-timeout Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 587 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.9.18 tcp ipv6 timer fin-timeout 6.9.20 tcp ipv6 window 6.9.2 display ipv6 interface Function The display ipv6 interface command displays IPv6 information on an interface. Format display ipv6 interface [ interface-type interface-number | brief ] Parameters Parameter Description Value interface-type interface-number Displays IPv6 information on a specified interface. - ● interface-type specifies the interface type. ● interface-number specifies the interface number. If no interface is specified, IPv6 information on all interfaces configured with IPv6 addresses is displayed. brief Displays brief information about the interface. - Views All views Default Level 1: Monitoring level Usage Guidelines Before running this command, ensure that the interface is configured with an IPv6 address. If no IPv6 address is assigned to the interface, no interface information is displayed. Example # Display IPv6 information on VLANIF100. <Huawei> display ipv6 interface vlanif 100 Vlanif100 current state : UP IPv6 protocol current state : UP IPv6 is enabled, link-local address is FE80::200:1FF:FE04:5D00 [TENTATIVE] Global unicast address(es): 2001:db8:2002::1, subnet is 2001:db8:2001::/64 [TENTATIVE] Joined group address(es): FF02::1:FF00:1 FF02::1:FF04:5D00 FF02::2 FF02::1 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 588 Fit AP Command Reference 6 Network Interconnection Configurations Commands MTU is 1500 bytes ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses Table 6-55 Description of the display ipv6 interface command output Item Description IPv6 protocol current state Current protocol status of the interface. link-local address Link-local address configured on the interface. Global unicast address(es) Global unicast address configured on the interface. Joined group address(es) Addresses of all multicast groups that the interface joins. MTU MTU of the interface. ND DAD is enabled NS packets are sent when the system performs Duplicate Address Detection (DAD). number of DAD attempts Number of times duplicate address detection is performed. ND reachable time Neighbor reachable time. ND retransmit interval Retransmission interval. Hosts use stateless autoconfig for addresses Hosts obtain IPv6 addresses using stateless autoconfiguration. 6.9.3 display ipv6 neighbors Function The display ipv6 neighbors command displays information about neighbor entries. Format display ipv6 neighbors [ ipv6-address | [ vid vid ] interface-type interfacenumber ] display ipv6 neighbors [ interface-type interface-number [ vid vid [ cevid cevid ] ] ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 589 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value ipv6-address Displays neighbor entries of a specified IPv6 address. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. vid vid Displays neighbor entries of a specified VLAN. The value is an integer that ranges from 1 to 4094. interface-type interface-number Displays neighbor entries on a specified interface. - cevid cevid Specifies the inner tag. The value is an integer that ranges from 1 to 4094. Views All views Default Level 1: Monitoring level Usage Guidelines The display ipv6 neighbors command displays information about dynamic and static ND entries. The information helps you: ● Check whether the local routing device has learned MAC addresses from neighbors. ● Check the neighbor status of the local routing device, including neighbor unreachable, neighbor reachable, or unknown. You can run one of the following commands as required: ● To view neighbor entries based on the neighbor IPv6 address, run the display ipv6 neighbors [ ipv6-address ] command. ● To view neighbor entries based on the neighbor interface number, run the display ipv6 neighbors interface-type interface-number command. To view neighbor entries on a VLANIF interface, run the display ipv6 neighbors [ interface-type interface-number [ vid vid ] ] command. If no parameter is specified, the display ipv6 neighbors command displays all neighbor entries. Example # Display neighbor entries on vlanif 100. <Huawei> display ipv6 neighbors vlanif 100 ----------------------------------------------------------------------------IPv6 Address : 2::1 Link-layer : 707b-e8e9-d329 State : STALE Interface : GE0/0/0 Age : 00h05m12s Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 590 Fit AP Command Reference 6 Network Interconnection Configurations Commands VLAN : 200 VPN name : Secure FLAG : UN-SECURE CEVLAN: Is Router: TRUE IPv6 Address : FE80::727B:E8FF:FEE9:D329 Link-layer : 707b-e8e9-d329 State : STALE Interface : GE0/0/1 Age : 00h03m02s VLAN : 100 CEVLAN: Is Router: TRUE Secure FLAG : UN-SECURE ----------------------------------------------------------------------------Total: 2 Dynamic: 2 Static: 0 # Display neighbor entries of IPv6 address 2::1. <Huawei> display ipv6 neighbors 2::1 ----------------------------------------------------------------------------IPv6 Address : 2::1 Link-layer : 707b-e8e9-d329 State : STALE Interface : GE0/0/0 Age : 00h08m37s VLAN : 200 CEVLAN: Is Router: TRUE Secure FLAG : UN-SECURE ----------------------------------------------------------------------------Total: 1 Dynamic: 1 Static: 0 Table 6-56 Description of the display ipv6 neighbors command output Item Description IPv6 Address IPv6 address of a neighbor. Link-layer Link layer address (MAC address) of a neighbor. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 591 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description State Status of a neighbor entry: ● INCMP: indicates that the neighbor is unreachable. When the address is being resolved, the link layer address of the neighbor is not detected. If resolution succeeds, the neighbor entry is in REACH state. ● REACH: indicates that the neighbor is reachable within a specified period. By default, the neighbor is reachable within 30s. If the period expires and the entry remains unused, the neighbor entry is in STALE state. ● STALE: indicates that whether the neighbor is reachable is unknown. The entry remains unused within a specified period. By default, the neighbor is reachable within 30s. A device does not detect neighbor reachability unless it needs to send packets to a neighbor. ● DELAY: indicates that whether the neighbor is reachable is unknown. A device has sent a packet to a neighbor. If the device does not receive any response from the neighbor within the specified period, the neighbor entry is in PROBE state. ● PROBE: indicates that whether the neighbor is reachable is unknown. A device has sent a packet to a neighbor to detect whether the neighbor is reachable. If the device receives a response from the neighbor within a specified period, the neighbor entry is in REACH state. Otherwise, the neighbor entry is in INCMP state. Interface Name of the interface to which the neighbor entry belongs. Age Aging time of the neighbor entry: ● The aging time of static entries is displayed as "-". ● The aging time of dynamic entries is the time elapsed since the neighbor becomes reachable, in minutes. If the neighbor is always unreachable, "#" is displayed (only for dynamic entries). VLAN ID of the VLAN to which the neighbor belongs. CEVLAN Inner VLAN ID. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 592 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Is Router Whether an NA packet carries the R flag: ● If the NA packet carries the R flag, "TRUE" is displayed. In this case, the neighbor is a routing device. ● If the NA packet carries no R flag, "FALSE" is displayed. In this case, the neighbor may be a PC or a routing device that sends an NA packet carrying no R flag. Secure FLAG Whether the neighbor entry is secure: ● If the neighbor entry is static or the neighbor has the neighbor security function enabled, "SECURE" is displayed. ● If the neighbor entry is dynamic and the neighbor has no neighbor security function enabled, "UN-SECURE" is displayed. Total Total number of neighbor entries. Dynamic Number of dynamic neighbor entries. Static Number of static neighbor entries. 6.9.4 display ipv6 socket Function The display ipv6 socket command displays information about sockets, including the socket type, socket ID, and task ID. Format display ipv6 socket [ socktype socket-type | task-id task-id socket-id socket-id ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 593 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value socktype socket- Specifies the type of a socket. The value can be: The value is an integer that ranges from 1 to 3. type ● 1: indicates SOCK_STREAM, corresponding to the TCP-based socket. ● 2: indicates SOCK_DGRAM, corresponding to the UDP-based socket. ● 3: indicates SOCK_RAW, corresponding to the RawIP-based socket. socket-id socket- Specifies the socket ID. The value is an integer that ranges from 1 to 131072. task-id task-id The value is an integer that ranges from 1 to 150. id Specifies the task ID. Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario To locate a fault, you can use this command to view detailed information about sockets of all types or a specified type. If no parameter is specified, this command displays information about all types of sockets. Precautions If there is no socket information, no information is displayed. Example # Display information about a socket with a specified socket type, socket ID, and task ID. <Huawei> display ipv6 socket SOCK_STREAM: Task = FTPS(161), socketid = 1, Proto = 6, LA=0.0.0.0:21, FA=0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 594 Fit AP Command Reference 6 Network Interconnection Configurations Commands socket option = SO_ACCEPTCONN SO_REUSEADDR SO_KEEPALIVE SO_LINGER SO_SENDVPNID(2 3553) SO_SETKEEPALIVE SO_SETACL, socket state = SS_PRIV Task = _S0f(8), socketid = 1, Proto = 6, LA=0.0.0.0:23, FA=0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_REUSEADDR SO_LINGER SO_SENDVPNID(23553) SO_SETA CL, socket state = SS_PRIV SS_NBIO Task = _S0f(8), socketid = 16, Proto = 6, LA=172.16.129.120:23, FA=172.16.254.203:1381, sndbuf = 8192, rcvbuf = 8192, sb_cc = 527, rb_cc = 0, socket option = SO_REUSEADDR SO_KEEPALIVE SO_LINGER SO_OOBINLINE SO_SENDVPNID(0) SO_SETKEEPALIVE SO_SETACL, socket state = SS_ISCONNECTED SS_PRIV SS_NBIO Task = _S0f(8), socketid = 15, Proto = 6, LA=172.16.129.120:23, FA=172.16.254.206:1354, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEADDR SO_KEEPALIVE SO_LINGER SO_OOBINLINE SO_SENDVPNID(0) SO_SETKEEPALIVE SO_SETACL, socket state = SS_ISCONNECTED SS_PRIV SS_NBIO SOCK_DGRAM: Task = NTPT(38), socketid = 1, Proto = 17, LA=0.0.0.0:123, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEADDR SO_LINGER SO_UDPCHECKSUM SO_SENDVPNID(23553), socket state = SS_PRIV Task = _S0f(10), socketid = 1, Proto = 17, LA=0.0.0.0:161, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEPORT SO_UDPCHECKSUM SO_SENDVPNID(23553), socket state = SS_PRIV Task = WEB (85), socketid = 1, Proto = 17, LA=0.0.0.0:2000, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM SO_SENDVPNID(23553), socket state = SS_PRIV SS_ASYNC Task = HTPD(81), socketid = 1, Proto = 17, LA=0.0.0.0:2100, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_ASYNC Task = APP(124), socketid = 1, Proto = 17, LA=0.0.0.0:3503, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_RECALL Task = LBS(148), socketid = 1, Proto = 17, LA=0.0.0.0:6412, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 1048576, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_NBIO SS_ASYNC Task = HTPD(81), socketid = 3, Proto = 17, LA=0.0.0.0:7073, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_ASYNC Task = APP(124), socketid = 2, Proto = 17, Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 595 Fit AP Command Reference 6 Network Interconnection Configurations Commands LA=0.0.0.0:31009, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_RECALL Task = _S0f(10), socketid = 2, Proto = 17, LA=0.0.0.0:49152, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV Task = HTPD(81), socketid = 2, Proto = 17, LA=0.0.0.0:50100, FA=0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_ASYNC SOCK_RAWIP: SOCK_RAWLINK: 6.9.5 display rawip ipv6 statistics Function The display rawip ipv6 statistics command displays Raw IPv6 packet statistics. Format display rawip ipv6 statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display rawip ipv6 statistics command to view Raw IPv6 packet statistics, including: ● Statistics about received and sent Raw IPv6 packets ● Statistics about discarded Raw IPv6 packets Example # Display Raw IPv6 packet statistics. <Huawei> display rawip ipv6 statistics Received packets: total: 20 packets sent for external pre processing: 0 packets for which checksum has to be calculated: 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 596 Fit AP Command Reference 6 Network Interconnection Configurations Commands packets with invalid checksum : 0 dropped packets due to socket buffer is full: 0 dropped packets due to no matching socket: 20 dropped multicast packets due to no matching socket: 0 Sent packets: total (excluding ICMP6 packets): 0 Table 6-57 Description of the display rawip ipv6 statistics command output Item Description total Total number of received and sent packets. packets sent for external pre processing Number of received Raw IPv6 packets for external preprocessing. packets for which checksum has to be calculated Number of received Raw IPv6 packets for which checksum has been calculated. packets with invalid checksum Number of discarded Raw IPv6 packets with checksum errors. dropped packets due to socket buffer is full Number of Raw IPv6 packets that are discarded because the socket buffer is full. dropped packets due to no matching socket Number of discarded Raw IPv6 packets that do not match the receiving socket. dropped multicast packets due to no matching socket Number of discarded Raw IPv6 packets destined to a multicast address that do not match the receiving socket. 6.9.6 display tcp ipv6 authentication-statistics Function The display tcp ipv6 authentication-statistics command displays authentication statistics of a specified TCP6 connection. Format display tcp ipv6 authentication-statistics src-ip src-ip src-port src-port dest-ip dest-ip dest-port dest-port Parameters Parameter Description Value src-ip src-ip Specifies the source IPv6 address. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. src-port src-port Specifies the source port. The value is an integer that ranges from 0 to 65535. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 597 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameter Description Value dest-ip dest-ip Specifies the destination IPv6 address. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. dest-port dest-port Specifies the destination port. The value is an integer that ranges from 0 to 65535. Views All views Default Level 1: Monitoring level Usage Guidelines You can run the display tcp ipv6 authentication-statistics command to view authentication statistics of a specified TCP6 connection, including: ● Number of TCP6 packets with MD5 Option ● Number of TCP6 packets with Enhanced Authentication Option Example # Display authentication statistics of a specified TCP6 connection. <Huawei> display tcp ipv6 authentication-statistics src-ip 1::1 src-port 3456 dest-ip 3::5 dest-port 5678 MD5 Signature Option (MSO)is enabled | Enhanced Authentication Option (EAO)is enabled Received packets: total: 0 packets received with MSO: 0 packets received with EAO: 0 packets dropped due to MD5 authentication failure: 0 packets dropped due to absence of MSO: 0 packets dropped due to presence of MSO: 0 packets dropped due to MAC authentication failure: 0 packets dropped due to absence of active receive key: 0 packets dropped due to invalid receive algorithm id: 0 packets dropped due to absence of EAO: 0 Sent packets: total: 0 packets sent with MSO: 0 packets sent with EAO: 0 packets not sent due to absence of active send key: 0 Table 6-58 Description of the display tcp ipv6 authentication-statistics command output Item Description packets received with MSO Total number of received TCP6 packets with MD5 Option. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 598 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description packets received with EAO Total number of received TCP6 packets with Enhanced Authentication Option. packets dropped due to MD5 authentication failure Total number of TCP6 packets discarded due to MD5 authentication failure. packets dropped due to absence of MSO Total number of TCP6 packets discarded due to absence of MD5 Option. packets dropped due to presence of MSO Total number of TCP6 packets discarded due to presence of MD5 Option. packets dropped due to MAC authentication failure Total number of TCP6 packets discarded due to MAC authentication failure. packets dropped due to absence of active receive key Total number of TCP6 packets discarded due to absence of active receive key. packets dropped due to invalid receive algorithm id Total number of TCP6 packets discarded due to invalid receive algorithm ID. packets dropped due to absence of EAO Total number of TCP6 packets discarded due to absence of Enhanced Authentication Option. packets sent with MSO Total number of sent TCP6 packets with MD5 Option. packets sent with EAO Total number of sent TCP6 packets with Enhanced Authentication Option. packets not sent due to absence of active send key Total number of TCP6 packets discarded due to absence of active send key. Related Topics 6.9.13 reset tcp ipv6 authentication-statistics 6.9.7 display tcp ipv6 statistics Function The display tcp ipv6 statistics command displays IPv6 TCP traffic statistics. Format display tcp ipv6 statistics Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 599 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can check the network connection status according to the following items in the command output: ● Established connections: You can view information about "Established connections" to check whether the number of connections exceeds the upper limit, and then determine whether to continue deploying services such as BGP services or adjust the load. ● Duplicate ACK packets: You can view information about "Duplicate ACK packets" to check whether the device is attacked by unknown ACK packets. If the device receives a large number of unknown ACK packets, the device may be attacked. ● Out-of-order packets: You can view information about "Out-of-order packets" to check network performance. If the network is in poor condition, a lot of out-of-order packets are generated. Precautions ● The total number of packets received by a routing device includes the number of forwarded packets, number of packets delivered by the routing device to the upper layer, and number of discarded packets. ● Before running this command to view IPv6 TCP statistics within a specified period, run the 6.9.14 reset tcp ipv6 statistics command to clear existing statistics. Example # Display IPv6 TCP packet statistics. <Huawei> display tcp ipv6 statistics Received packets: total: 0 total(64bit high-capacity counter): 0 packets in sequence: 0 (0 bytes) window probe packets: 0 window update packets: 0 checksum error: 0 offset error: 0 short error: 0 duplicate packets: 0 (0 bytes) partially duplicate packets: 0 (0 bytes) out-of-order packets: 0 (0 bytes) packets with data after window: 0 (0 bytes) Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 600 Fit AP Command Reference 6 Network Interconnection Configurations Commands packets after close: 0 ACK packets: 0 (0 bytes) duplicate ACK packets: 0 too much ACK packets: 0 packets dropped due to MD5 authentication failure: 0 packets dropped due to absence of MSO: 0 packets dropped due to presence of MSO: 0 packets received with MD5 Signature Option: 0 packets dropped due to MAC authentication failure: 0 packets dropped due to absence of active receive key: 0 packets dropped due to invalid receive algorithm id: 0 packets dropped due to absence of Enhanced Authentication Option: 0 packets received with Enhanced Authentication Option: 0 Sent packets: total: 0 urgent packets: 0 total(64bit high-capacity counter): 0 control packets: 0 (including 0 RST) window probe packets: 0 window update packets: 0 data packets: 0 (0 bytes) data packets retransmitted: 0 (0 bytes) ACK only packets: 0 (0 delayed) packets sent with MD5 Signature Option: 0 packets sent with Enhanced Authentication Option: 0 packets not sent due to absence of active send key: 0 Other Statistics: retransmitted timeout: 0 connections dropped in retransmitted timeout: 0 keepalive timeout: 0 keepalive probe: 0 keepalive timeout, so connections disconnected: 0 initiated connections: 0 accepted connections: 0 established connections: 0 closed connections: 0 (dropped: 0, initiated dropped: 0) Table 6-59 Description of the display tcp ipv6 statistics command output Item Description Received packets: Total number of received packets. total: 0 total(64bit high-capacity counter) Total number of received or sent packets counted by the 64-bit high-capacity counter. packets in sequence Number of packets received in sequence. window probe packets Number of received window probe packets. window update packets Number of received window update packets. checksum error Number of received packets with invalid checksum. offset error Number of received packets with incorrect TCP header length. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 601 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description short error Number of received packets with total length shorter than the set value in the packet header. duplicate packets Number of received duplicate packets. partially duplicate packets Number of received partially duplicate packets. out-of-order packets Number of received out-of-order packets. packets with data after window Number of received packets exceeding the receive window. packets after close Number of packets received after the connection is closed. ACK packets Number of received ACK packets. duplicate ACK packets Number of received duplicate ACK packets. too much ACK packets Number of received ACK packets with too large ACK values. packets dropped due to MD5 authentication failure Number of packets discarded due to MD5 authentication failure. packets dropped due to absence of MSO Number of packets discarded due to absence of MD5 Signature Option. packets dropped due to presence of MSO Number of packets discarded due to presence of MD5 Signature Option. packets received with MD5 Signature Option Number of received packets with MD5 Signature Option. packets dropped due to MAC authentication failure Number of packets discarded due to MAC authentication failure. packets dropped due to absence of active receive key Number of packets discarded due to absence of active receive key. packets dropped due to invalid receive algorithm id Number of packets discarded due to invalid receive algorithm ID. packets dropped due to absence of Enhanced Authentication Option Number of packets discarded due to absence of Enhanced Authentication Option. packets received with Enhanced Authentication Option Number of received packets with Enhanced Authentication Option. Sent packets: Total number of sent packets. total: 0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 602 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description urgent packets Number of sent packets with the urgent pointer. control packets Number of sent control packets. window probe packets Number of sent window probe packets. window update packets Number of sent window update packets. data packets Number of sent data packets. data packets retransmitted Number of retransmitted data packets. ACK only packets Number of sent ACK only packets. packets sent with MD5 Signature Option Number of sent packets with MD5 Signature Option. packets sent with Enhanced Authentication Option Number of packets sent with Enhanced Authentication Option packets not sent due to absence of active send key Number of packets not sent due to absence of active send key Other Statistics: Other statistics. retransmitted timeout Number of retransmission timeout packets. connections dropped in retransmitted timeout Number of disconnected connections during the retransmission timeout. keepalive timeout Number of Keepalive timeouts. keepalive probe Number of Keepalive probes. keepalive timeout, so connections disconnected Number of connections disconnected due to Keepalive timeout. initiated connections Number of initiated connections. accepted connections Number of accepted connections. established connections Number of established connections. closed connections Number of closed connections. dropped Number of disconnected connections. initiated dropped Number of initiated and disconnected connections. Related Topics 6.9.14 reset tcp ipv6 statistics Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 603 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.9.8 display tcp ipv6 status Function The display tcp ipv6 status command displays the status of all IPv6 TCP connections. Format display tcp ipv6 status [ local-ip ipv6-address ] [ local-port local-port ] [ remote-ip ipv6-address ] [ remote-port remote-port ] display tcp ipv6 status [ task-id task-id [ sock-id sock-id ] ] Parameters Parameter Description local-ip ipv6address Displays the IPv6 TCP connection The value is a 32-digit status of the specified IPv6 hexadecimal number, in address. ipv6-address specifies the the format X:X:X:X:X:X:X:X. IPv6 address of the local device. local-port local- Displays the IPv6 TCP connection port status of the specified port number. local-port specifies the port number of the local device. Value The value is an integer that ranges from 0 to 65535. remote-ip ipv6- Displays the IPv6 TCP connection The value is a 32-digit status of the specified IPv6 hexadecimal number, in address. ipv6-address specifies the the format X:X:X:X:X:X:X:X. IPv6 address of the remote device. remote-port Displays the IPv6 TCP connection The value is an integer status of the specified port that ranges from 0 to number. remote-port specifies the 65535. port number of the remote device. task-id task-id Displays the status of the IPv6 The value is an integer TCP connection with the specified that ranges from 1 to 200. task ID. task-id specifies the task ID. sock-id sock-id Displays the status of the IPv6 The value is an integer TCP connection with the specified that ranges from 1 to socket ID. 131072. address remote-port Views All views Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 604 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 1: Monitoring level Usage Guidelines Usage Scenario You can run the display tcp ipv6 status command to view all valid IPv6 TCP control blocks, including the following information: ● IPv6 TCP socket ID ● APP CID ● Local IPv6 address and port number ● Remote IPv6 address and port number ● IPv6 TCP connection status ● VPN ID To view the status of all valid IPv6 TCP connections, run the display tcp ipv6 status [ local-ip ipv6-address ] [ local-port local-port-number ] [ remote-ip ipv6address ] [ remote-port remote-port-number ] command. To view the status of the IPv6 TCP connection with a specified socket ID, run the display tcp ipv6 status [ task-id task-id [ sock-id sock-id ] ] command. Precautions If there is no TCP connection, no information is displayed. Example # Display the status of IPv6 TCP connections. <Huawei> display tcp ipv6 status * - MD5 Authentication is enabled. # - Keychain Authentication is enabled. TCP6CB TID/SoID Local Address Foreign Address State VPNID 19490ba4 9/2 ::->23 ::->0 Listening 23553 Table 6-60 Description of the display tcp ipv6 status command output Item Description TCP6CB Address of an IPv6 TCP control block, in hexadecimal notation. TID/SoID Task ID and socket ID. Local Address Local IPv6 address and port number. Foreign Address Remote IPv6 address and port number. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 605 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description State Status of an IPv6 TCP connection: ● Closed: indicates that the TCP connection is closed. ● Listening: indicates that the TCP connection is being listened on. ● Syn_Rcvd: indicates that a TCP packet with the SYN flag is received. ● Syn_Sent: indicates that a TCP packet with the SYN flag is sent. ● Established: indicates that the TCP connection has been set up. ● Close_Wait: indicates that a user host sends a packet with the FIN flag to the server, requesting the server to close the TCP connection in Established state. The server then sends an ACK packet to the user host after receiving the packet and enters the Close_Wait state. ● Fin_Wait1: indicates that a user host sends a packet with the FIN flag to the server, requesting the server to close the TCP connection and enters the Fin_Wait1 state. ● Fin_Wait2: indicates that a user host receives an ACK packet in a response to the sent packet with the FIN flag and enters the Fin_Wait2 state. ● Time_Wait: indicates that TCP enters this state after the TCP connection is closed. When TCP has been in Time_Wait state two times the longest packet lifetime, records about the closed connection are deleted. ● Closing: indicates that the two ends close the TCP connection simultaneously. ● LAST_ACK: indicates that the local end waits for acknowledging the TCP connection teardown request sent to the remote end. VPNID Issue 08 (2021-02-25) VPN interface ID. Copyright © Huawei Technologies Co., Ltd. 606 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.9.9 display this ipv6 interface Function The display this ipv6 interface command displays IPv6 information on the current interface. Format display this ipv6 interface Parameters None Views VLANIF interface view, loopback interface view Default Level 1: Monitoring level Usage Guidelines The display this ipv6 interface command must be run in the interface view. Example # Display IPv6 information on VLANIF100. <Huawei> system-view [Huawei] interface vlanif 100 [Huawei-Vlanif100] display this ipv6 interface Vlanif100 current state : UP IPv6 protocol current state : UP IPv6 is enabled, link-local address is FE80::7254:F5FF:FEDF:9B40 [TENTATIVE] Global unicast address(es): 1:1::1:1, subnet is 1:1::/64 [TENTATIVE] Joined group address(es): FF02::1:FF01:1 FF02::2 FF02::1 FF02::1:FFDF:9B40 MTU is 1500 bytes ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses Table 6-61 Description of the display this ipv6 interface command output Item Description Vlanif100 current state Current physical status of VLANIF 100. IPv6 protocol current state Current protocol status of the interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 607 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description link-local address Link-local address configured on the interface. Global unicast address(es) Global unicast address configured on the interface. Joined group address(es) Addresses of all multicast groups that the interface joins. MTU MTU of the interface. number of DAD attempts Number of times duplicate address detection is performed. ND reachable time Neighbor reachable time. ND retransmit interval Retransmission interval. Hosts use stateless autoconfig for addresses Hosts obtain addresses using stateless autoconfiguration. Related Topics 6.9.2 display ipv6 interface 6.9.10 display udp ipv6 statistics Function The display udp ipv6 statistics command displays IPv6 UDP packet statistics. Format display udp ipv6 statistics Parameters None Views All views Default Level 1: Monitoring level Usage Guidelines Usage Scenario Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 608 Fit AP Command Reference 6 Network Interconnection Configurations Commands The User Datagram Protocol (UDP) is a simple protocol that exchanges packets on the Internet. You can run the display udp ipv6 statistics command to view statistics about sent and received IPv6 UDP packets, including: ● Total number of received and sent packets ● Total number of discarded packets ● Total number of redirected packets Precautions The total number of packets received by the device includes the number of forwarded packets, number of packets delivered by the device to the upper layer, and number of discarded packets. Example # Display IPv6 UDP packet statistics. <Huawei> display udp ipv6 statistics Received packets: total: 0 total(64bit high-capacity counter): 0 checksum error: 0 shorter than header: 0 invalid message length: 0 no socket on port: 0 no multicast port: 0 not delivered, input socket full: 0 input packets missing pcb cache: 0 packets sent for external pre processing: 0 Sent packets: total: 0 total(64bit high-capacity counter): 0 Table 6-62 Description of the display udp ipv6 statistics command output Item Description Received packets Number of received packets. total Total number of received and sent packets. total(64bit high-capacity counter) Total number of packets counted by the 64-bit high-capacity counter. checksum error Total number of packets with invalid checksum. shorter than header Total number of IPv6 UDP packets with the length shorter than the packet header. invalid message length Total number of packets whose data length is longer than the packet length. no socket on port Number of packets without corresponding sockets on the interface. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 609 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description no multicast port Number of received packets carrying nonexistent multicast interfaces. not delivered, input socket full Number of unprocessed packets when the buffer is full. input packets missing pcb cache Number of received packets failing to find the PCB cache. packets sent for external pre processing Number of received packets for external preprocessing. Sent packets Number of sent packets. 6.9.11 reset ipv6 socket pktsort Function The reset ipv6 socket pktsort command clears statistics on the dual receive buffer of an IPv6 socket. Format reset ipv6 socket pktsort task-id task-id socket-id socket-id Parameters Parameter Description Value task-id task-id Specifies the ID of a task. The value is an integer that ranges from 1 to 100. socket-id socket-id Specifies the ID of a socket. The value is an integer that ranges from 1 to 131072. Views User view Default Level 3: Management level Usage Guidelines This command clears statistics on the dual receive buffer of an IPv6 socket and the count restarts. Therefore, confirm your action before running this command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 610 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Clear statistics on the dual receive buffer of the IPv6 socket with the task ID 2 and the socket ID 4. <Huawei> reset ipv6 socket pktsort task-id 2 socket-id 4 6.9.12 reset rawip ipv6 statistics Function The reset rawip ipv6 statistics command clears all Raw IPv6 packet statistics. Format reset rawip ipv6 statistics Parameters None Views User view Default Level 3: Management level Usage Guidelines You need to run this command to clear the existing statistics on Raw IPv6 packets before running the display rawip ipv6 statistics command to view statistics on Raw IPv6 packets in a specified period. The reset rawip ipv6 statistics command clears statistics on Raw IPv6 packets. Therefore, confirm your action before running this command. Example # Clear all Raw IPv6 packet statistics. <Huawei> reset rawip ipv6 statistics 6.9.13 reset tcp ipv6 authentication-statistics Function The reset tcp ipv6 authentication-statistics command clears authentication statistics of a specified TCP6 connection. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 611 Fit AP Command Reference 6 Network Interconnection Configurations Commands Format reset tcp ipv6 authentication-statistics src-ip src-ip src-port src-port dest-ip dest-ip dest-port dest-port Parameters Parameter Description Value src-ip src-ip Specifies the source IPv6 address. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. src-port src-port Specifies the source port. The value is an integer that ranges from 0 to 65535. dest-ip dest-ip Specifies the destination IPv6 address. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. dest-port dest-port Specifies the destination port. The value is an integer that ranges from 0 to 65535. Views User view Default Level 3: Management level Usage Guidelines The reset tcp ipv6 authentication-statistics command clears authentication statistics of a TCP6 connection. Therefore, confirm your action before running this command. Example # Clear authentication statistics of a TCP6 connection. <Huawei> reset tcp ipv6 authentication-statistics src-ip 1::1 src-port 3456 dest-ip 3::5 dest-port 5678 Related Topics 6.9.6 display tcp ipv6 authentication-statistics 6.9.14 reset tcp ipv6 statistics Function The reset tcp ipv6 statistics command clears IPv6 TCP packet statistics. Format reset tcp ipv6 statistics Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 612 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters None Views User view Default Level 3: Management level Usage Guidelines Usage Scenario You need to clear the existing statistics on IPv6 TCP packets before running the display tcp ipv6 statistics command to view the statistics on IPv6 TCP packets in a specified period. Precautions The reset tcp ipv6 statistics command clears statistics on IPv6 TCP packets. Therefore, confirm your action before running this command. Example # Clear IPv6 TCP packet statistics. <Huawei> reset tcp ipv6 statistics Related Topics 6.9.7 display tcp ipv6 statistics 6.9.15 reset udp ipv6 statistics Function The reset udp ipv6 statistics command clears IPv6 UDP packet statistics. Format reset udp ipv6 statistics Parameters None Views User view Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 613 Fit AP Command Reference 6 Network Interconnection Configurations Commands Default Level 3: Management level Usage Guidelines Usage Scenario You need to run this command to clear the existing IPv6 UDP packet statistics before running the display udp ipv6 statistics command to view IPv6 UDP packet statistics in a specified period. Precautions The reset udp ipv6 statistics command clears IPv6 UDP packet statistics. Therefore, confirm your action before running this command. Example # Clear IPv6 UDP packet statistics. <Huawei> reset udp ipv6 statistics 6.9.16 tcp ipv6 max-mss Function The tcp ipv6 max-mss command sets the maximum MSS value for a TCP6 connection. The undo ipv6 tcp ipv6 max-mss command deletes the maximum MSS value of a TCP6 connection. By default, the maximum MSS value is not configured for TCP6 connections. Format tcp ipv6 max-mss mss-value undo tcp ipv6 max-mss Parameters Parameter Description Value mss-value The value is an integer ranging from 32 to 9600, in bytes. Specifies the maximum MSS value for a TCP6 connection. Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 614 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario To establish a TCP6 connection, the MSS value is negotiated, which indicates the maximum length of packets that the local device can receive. If the path MTU is unavailable on one end of a TCP6 connection, this end cannot adjust the TCP6 packet size based on the MTU. As a result, this end may send TCP6 packets that are longer than the MTUs on intermediate devices, which will discard these packets. To prevent this problem, run the tcp ipv6 max-mss command on either end of a TCP6 connection to set the maximum MSS value of TCP6 packets. Then the MSS value negotiated by both ends will not exceed this maximum MSS value, and accordingly TCP6 packets sent from both ends will not be longer than this maximum MSS value and can travel through the intermediate network. Precautions The maximum MSS value configured using the tcp ipv6 max-mss command must be greater than the minimum MSS value configured using the tcp ipv6 min-mss command. Example # Set the maximum MSS value for a TCP6 connection to 1024 bytes. <Huawei> system-view [Huawei] tcp ipv6 max-mss 1024 Related Topics 6.9.17 tcp ipv6 min-mss 6.9.17 tcp ipv6 min-mss Function The tcp ipv6 min-mss command sets the minimum value of maximum segment size (MSS) for a TCP6 connection. The undo tcp ipv6 min-mss command restores the default minimum value of the MSS for a TCP6 connection. The default minimum MSS value for a TCP6 connection is 216 bytes. Format tcp ipv6 min-mss mss-value undo tcp ipv6 min-mss Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 615 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value mss-value The value ranges from 32 bytes to 1500 bytes. By default, the value is 216 bytes. Specifies the minimum MSS value for a TCP6 connection. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario To establish a TCP6 connection, the MSS value is negotiated, which indicates the maximum length of packets that the local device can receive. The TCP6 client on a network may send a request packet for establishing a TCP6 connection carrying a small MSS value. For example, the MSS value is 1. After the TCP6 server receives the request packet carrying the MSS value, the TCP6 connection is established. The TCP6 client then may send large numbers of requests to the server by an application, causing the TCP6 server to generate large numbers of reply packets. This may burden the TCP6 server or network, causing denial of service (DoS) attacks. To resolve this problem, run the tcp ipv6 min-mss command to set the minimum MSS value for a TCP6 connection. This configuration prevents a server from receiving packets carrying a small MSS value. Precautions If the tcp ipv6 min-mss command is run more than once in the same view, the latest configuration overrides the previous one. Configure the parameters under the guidance of the technical personnel. Example # Set the minimum MSS value for a TCP6 connection to 512 bytes. <Huawei> system-view [Huawei] tcp ipv6 min-mss 512 Related Topics 6.9.20 tcp ipv6 window Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 616 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.9.18 tcp ipv6 timer fin-timeout Function The tcp ipv6 timer fin-timeout command sets the value of the TCP6 FIN-Wait timer. The undo tcp ipv6 timer fin-timeout command restores the default value of the TCP6 FIN-Wait timer. By default, the value of the TCP6 FIN-Wait timer is 600s. Format tcp ipv6 timer fin-timeout interval undo tcp ipv6 timer fin-timeout Parameters Parameter Description Value interval The value is an integer that ranges from 76 to 3600, in seconds. The default value is 600s. Specifies the value of the TCP6 FIN-Wait timer. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario When a TCP6 connection changes from FIN_WAIT_1 to FIN_WAIT_2, the TCP FINWait timer is started. If the local device does not receive a packet with the FIN flag after the TCP6 FIN-Wait timer expires, the TCP6 connection is closed. Precautions If you run the tcp ipv6 timer fin-timeout command in the same view multiple times, only the latest configuration takes effect. You are advised to use this command under the supervision of technical support personnel. Example # Set the value of the TCP6 FIN-Wait timer to 800s. <Huawei> system-view [Huawei] tcp ipv6 timer fin-timeout 800 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 617 Fit AP Command Reference 6 Network Interconnection Configurations Commands Related Topics 6.9.19 tcp ipv6 timer syn-timeout 6.9.20 tcp ipv6 window 6.9.19 tcp ipv6 timer syn-timeout Function The tcp ipv6 timer syn-timeout command sets the value of the TCP6 SYN-Wait timer. The undo tcp ipv6 timer syn-timeout command restores the default value of the TCP6 SYN-Wait timer. By default, the value of the TCP6 SYN-Wait timer is 75s. Format tcp ipv6 timer syn-timeout interval undo tcp ipv6 timer syn-timeout Parameters Parameter Description Value interval The value is an integer that ranges from 2 to 600, in seconds. The default value is 75s. Specifies the value of the TCP6 SYN-Wait timer. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario When an SYN packet is sent, the TCP6 SYN-Wait timer is started. If no response packet is received when the TCP6 SYN-Wait timer expires, the TCP6 connection is closed. Precautions If you run the tcp ipv6 timer syn-timeout command in the same view multiple times, only the latest configuration takes effect. You are advised to use this command under the supervision of technical support personnel. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 618 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Set the value of the TCP6 SYN-Wait timer to 100s. <Huawei> system-view [Huawei] tcp ipv6 timer syn-timeout 100 Related Topics 6.9.18 tcp ipv6 timer fin-timeout 6.9.20 tcp ipv6 window 6.9.20 tcp ipv6 window Function The tcp ipv6 window command sets the size of the packet receive or send buffer of a connection-oriented socket. The undo tcp ipv6 window command restores the default size of the packet receive or send buffer of a connection-oriented socket. By default, the size of the packet receive or send buffer of a connection-oriented socket is 8K bytes. Format tcp ipv6 window window-size undo tcp ipv6 window Parameters Parameter Description window-size Specifies the size of the packet receive or send buffer of a connection-oriented socket. Value The value is an integer that ranges from 1 to 32, in K bytes. The default value is 8K bytes. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario This command changes the default size of the packet receive or send buffer. The device uses the default size to establish a TCP6 session. Precautions Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 619 Fit AP Command Reference 6 Network Interconnection Configurations Commands If you run the tcp ipv6 window command in the same view multiple times, only the latest configuration takes effect. You are advised to use this command under the supervision of technical support personnel. Example # Set the size of the packet receive or send buffer of a connection-oriented socket to 4K bytes. <Huawei> system-view [Huawei] tcp ipv6 window 4 Related Topics 6.9.18 tcp ipv6 timer fin-timeout 6.9.19 tcp ipv6 timer syn-timeout 6.10 IPv6 DNS Configuration Commands 6.10.1 dns proxy ipv6 enable Function The dns proxy ipv6 enable command enables IPv6 DNS proxy. The undo dns proxy ipv6 enable command disables IPv6 DNS proxy. By default, IPv6 DNS proxy is disabled. Format dns proxy ipv6 enable undo dns proxy ipv6 enable Parameters None Views System view Default Level 2: Configuration level Usage Guidelines IPv6 DNS proxy is used to forward DNS requests and reply packets between the IPv6 DNS client and DNS server. The IPv6 DNS client sends a DNS request packet Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 620 Fit AP Command Reference 6 Network Interconnection Configurations Commands to the device on which IPv6 DNS proxy is enabled. The device sends the request packet to the DNS server and sends the reply packet to the IPv6 DNS client. The device functions as the IPv6 DNS proxy to provide services of the DNS server. Users do not need to interact with the DNS server directly. This function simplifies route deployment and improves performance and security of the DNS server. Example # Enable IPv6 DNS proxy. <Huawei> system-view [Huawei] dns proxy ipv6 enable 6.10.2 display dns ipv6 dynamic-host Function The display dns ipv6 dynamic-host command displays IPv6 dynamic DNS entries saved in the cache. Format display dns ipv6 dynamic-host [ domain-name | a6 ] Parameters Parameter Description Value domain-name Displays IPv6 entries specified the domain name suffix. The value must be an existing domain name suffix. a6 Displays IPv6 entries specified A6 query type. - Views All views Default Level 1: Monitoring level Usage Guidelines After dynamic domain name resolution is completed, you can run the display dns ipv6 dynamic-host command to check dynamic IPv6 DNS entries in the domain name cache. Example # Display the IPv6 dynamic DNS entries saved in the cache. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 621 Fit AP Command Reference 6 Network Interconnection Configurations Commands <Huawei> display dns ipv6 dynamic-host Host TTL Type Address www.huawei.com 3411 IPv6 FC00:1::1 Total : 1 Table 6-63 Description of the display dns ipv6 dynamic-host command output Item Description Host Domain name. TTL Time left before dynamic DNS entries saved in the domain name cache will be aged out, in seconds. Type Dynamic DNS entry type. Address IPv6 address in a dynamic cache entry. Related Topics 6.10.3 reset dns ipv6 dynamic-host 6.10.3 reset dns ipv6 dynamic-host Function The reset dns ipv6 dynamic-host command clears IPv6 dynamic DNS entries saved in the cache. Format reset dns ipv6 dynamic-host Parameters None Views User view Default Level 3: Management level Usage Guidelines IPv6 dynamic DNS entries cannot be restored after being deleted. Confirm the action before you run the command. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 622 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Clear IPv6 dynamic DNS entries saved in the cache. <Huawei> reset dns ipv6 dynamic-host Related Topics 6.10.2 display dns ipv6 dynamic-host 6.11 IP Routing Basic Configuration Commands 6.11.1 display fib Function The display fib command displays information about the FIB table. Format display fib [ slot-id ] [ verbose ] Parameters Parameter Description Value slot-id The value is an integer and the Displays information about the FIB value range depends on the table with a specified slot ID. device configuration. verbose Displays detailed information about the FIB table. - Views All views Default Level 1: Monitoring level Usage Guidelines The display fib command displays information about the FIB table. Each row represents a route. NOTE If there are lots of routes, using wildcard (|, begin, exclude, include, regular-expression) to display information or details lasts a long time. You can press Ctrl+C to terminate information display. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 623 Fit AP Command Reference 6 Network Interconnection Configurations Commands Example # Display brief information about the FIB table. <Huawei> display fib Route Flags: G - Gateway Route, H - Host Route, U - Up Route S - Static Route, D - Dynamic Route, B - Black Hole Route L - Vlink Route -------------------------------------------------------------------------------FIB Table: Total number of Routes : 8 Destination/Mask Nexthop Flag TimeStamp Interface TunnelID 192.168.129.255/32 127.0.0.1 HU t[157] InLoop0 0x0 192.168.129.116/32 127.0.0.1 HU t[157] InLoop0 0x0 255.255.255.255/32 127.0.0.1 HU t[63] InLoop0 0x0 127.255.255.255/32 127.0.0.1 HU t[63] InLoop0 0x0 127.0.0.1/32 127.0.0.1 HU t[63] InLoop0 0x0 127.0.0.0/8 127.0.0.1 U t[63] InLoop0 0x0 192.168.129.0/24 192.168.129.116 U t[157] Vlanif2001 0x0 192.168.0.0/16 192.168.129.1 GSU t[162] Vlanif2001 0x0 # Display detailed information about the FIB table. <Huawei> display fib verbose Route Flags: G - Gateway Route, H - Host Route, U - Up Route S - Static Route, D - Dynamic Route, B - Black Hole Route L - Vlink Route -----------------------------------------------------------------------------FIB Table: Total number of Routes : 8 Destination: 192.168.129.255 Mask : 255.255.255.255 Nexthop : 127.0.0.1 OutIf : InLoopBack0 LocalAddr : 127.0.0.1 LocalMask: 0.0.0.0 Flags : HU Age : 243821sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 192.168.129.116 Mask : 255.255.255.255 Nexthop : 127.0.0.1 OutIf : InLoopBack0 LocalAddr : 127.0.0.1 LocalMask: 0.0.0.0 Flags : HU Age : 243822sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 255.255.255.255 Mask : 255.255.255.255 Nexthop : 127.0.0.1 OutIf : InLoopBack0 LocalAddr : 127.0.0.1 LocalMask: 0.0.0.0 Flags : HU Age : 243916sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 624 Fit AP Command Reference 6 Network Interconnection Configurations Commands EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 127.255.255.255 Mask : 255.255.255.255 Nexthop : 127.0.0.1 OutIf : InLoopBack0 LocalAddr : 127.0.0.1 LocalMask: 0.0.0.0 Flags : HU Age : 243916sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 127.0.0.1 Nexthop : 127.0.0.1 LocalAddr : 127.0.0.1 Flags : HU ATIndex : 0 OriginAs : 0 BGPNextHop : 0.0.0.0 QosInfo : 0x0 NexthopBak : 0.0.0.0 EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 127.0.0.0 Nexthop : 127.0.0.1 LocalAddr : 127.0.0.1 Flags :U ATIndex : 0 OriginAs : 0 BGPNextHop : 0.0.0.0 QosInfo : 0x0 NexthopBak : 0.0.0.0 EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Mask : 255.255.255.255 OutIf : InLoopBack0 LocalMask: 0.0.0.0 Age : 243916sec Slot :0 PeerAs : 0 OriginQos: 0x0 OutIfBak : [No Intf] Mask : 255.0.0.0 OutIf : InLoopBack0 LocalMask: 0.0.0.0 Age : 243916sec Slot :0 PeerAs : 0 OriginQos: 0x0 OutIfBak : [No Intf] Destination: 192.168.129.0 Mask : 255.255.255.0 Nexthop : 192.168.129.116 OutIf : Vlanif2001 LocalAddr : 192.168.129.116 LocalMask: 0.0.0.0 Flags :U Age : 243822sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 Destination: 192.168.0.0 Mask : 255.255.0.0 Nexthop : 192.168.129.1 OutIf : Vlanif2001 LocalAddr : 192.168.129.116 LocalMask: 0.0.0.0 Flags : GSU Age : 243817sec ATIndex : 0 Slot :0 OriginAs : 0 BGPNextHop : 0.0.0.0 PeerAs : 0 QosInfo : 0x0 OriginQos: 0x0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 625 Fit AP Command Reference 6 Network Interconnection Configurations Commands NexthopBak : 0.0.0.0 EntryRefCount : 0 VlanId : 0x0 BgpKey : 0 BgpKeyBak : 0 OutIfBak : [No Intf] Table 6-64 Description of the display fib command output Item Description FIB Table FIB table. Total number of Routes Total number of routes. Destination/Mask Destination address or mask length. Nexthop Next hop of a route. Flag Flag of a route, which is the combination of G, H, U, S, D, and B. ● G: indicates that the next hop is a gateway. ● H: indicates that the route is a host route. ● U: indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B: indicates a blackhole route of which the next hop is a null interface. ● L: indicates a Vlink route. TimeStamp How long an entry has been in the FIB table, in seconds. Interface Outbound interface to the destination address. TunnelID Index of a forwarding entry. If the value is not 0, packets matching the entry are forwarded by the tunnel. If the value is 0, packets matching the entry are not forwarded by the tunnel. Table 6-65 Description of the display fib verbose command output Item Description Destination Destination address. Mask Mask length. Nexthop Next hop of a route. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 626 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description OutIf Outbound interface. LocalAddr Local IP address. LocalMask Mask of the local IP address. Flags Flag of a route, which is the combination of G, H, U, S, D, and B. ● G: indicates that the next hop is a gateway. ● H: indicates that the route is a host route. ● U: indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B: indicates a blackhole route of which the next hop is a null interface. ● L: indicates a Vlink route. Age How long a route has been in the FIB table, in seconds. ATIndex Index of the virtual link between the local end and the gateway. Slot Slot ID of the outbound interface. OriginAs Original AS number. BGPNextHop BGP next-hop address. PeerAs Peer AS number. QosInfo QoS information. OriginQos Original QoS information. NexthopBak Backup next hop. OutIfBak Backup outbound interface. EntryRefCount Number of times an entry has been referenced. VlanId VLAN ID. BgpKey Index allocated by BGP. BgpKeyBak Backup index allocated by BGP. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 627 Fit AP Command Reference 6 Network Interconnection Configurations Commands 6.11.2 display fib interface Function The display fib interface command displays information about FIB entries with a specified outbound interface. Format display fib interface interface-type interface-number Parameters Parameter Description Value interface-type interface- Specifies the type and number of the outbound number interface to a specified destination address. Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display FIB entries with a specified outbound interface. <Huawei> display fib interface vlanif10 Destination/Mask Nexthop Flag TimeStamp Interface 10.1.1.0/24 10.1.1.2 U t[115] Vlanif10 0x0 TunnelID Table 6-66 Description of the display fib interface command output Item Description Destination/Mask Destination address or mask length. Nexthop Next hop. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 628 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description Flag Current flag, which is the combination of G, H, U, S, D, and B. ● G (gateway route): indicates that the next hop is a gateway. ● H (host route): indicates that the route is a host route. ● U (available route): indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B (blackhole route): indicates that the next hop is a null interface. TimeStamp Timestamp, which indicates the lifetime of an entry, in seconds. Interface Outbound interface to the destination address. TunnelID Index of a forwarding entry. It is used in packet forwarding between the upstream and downstream boards. If the value is not 0, packets matching the entry are forwarded through the MPLS tunnel. If the value is 0, packets matching the entry are not forwarded through the MPLS tunnel. 6.11.3 display fib ip-prefix Function The display fib ip-prefix command displays information about the FIB table. Format display fib ip-prefix prefix-name [ verbose ] Parameters Parameter Description Value prefix-name Specifies the name of an IP prefix list. The value is a string of 1 to 169 characters. verbose - Issue 08 (2021-02-25) Displays detailed information about the FIB table. Copyright © Huawei Technologies Co., Ltd. 629 Fit AP Command Reference 6 Network Interconnection Configurations Commands Views All views Default Level 1: Monitoring level Usage Guidelines The command displays FIB entries that match a specified IP prefix list. If 0 FIB entries match, the command output displays that zero FIB entries match. If the name of an IP prefix list is not found, all FIB entries are displayed. Example # Display FIB entries matching the IP prefix list abc0. <Huawei> display fib ip-prefix abc0 Route Entry matched by prefix-list abc0 Summary Counts: 4 Destination/Mask Nexthop Flag TimeStamp Interface TunnelID 127.0.0.0/8 127.0.0.1 U t[0] InLoop0 0x0 127.0.0.1/32 127.0.0.1 U t[0] InLoop0 0x0 172.16.0.0/8 10.1.1.1 SU t[0] Vlanif10 0x0 172.16.0.0/15 10.1.1.1 SU t[0] Vlanif10 0x0 Table 6-67 Description of the display fib ip-prefix command output Item Description Destination/Mask Destination address or mask length. Nexthop Next hop. Flag Current flag, which is the combination of G, H, U, S, D, and B. ● G (gateway route): indicates that the next hop is a gateway. ● H (host route): indicates that the route is a host route. ● U (available route): indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B (blackhole route): indicates that the next hop is a null interface. TimeStamp Timestamp, which indicates the lifetime of an entry, in seconds. Interface Outbound interface to the destination address. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 630 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TunnelID Index of a forwarding entry. It is used in packet forwarding between the upstream and downstream boards. If the value is not 0, packets matching the entry are forwarded through the MPLS tunnel. If the value is 0, packets matching the entry are not forwarded through the MPLS tunnel. 6.11.4 display fib longer Function The display fib longer command displays FIB entries that match a specified parameter. The display fib [ slot-id ] destination-address command displays FIB entries that match a specified destination IP address. If the specified destination IP address matches an FIB entry in the natural mask range, all the subnets are displayed. Otherwise, FIB entries are displayed based on the longest matching principle. The display fib [ slot-id ] destination-address destination-mask command displays FIB entries that accurately match the destination address and mask. The display fib [ slot-id ] destination-address longer command displays all FIB entries that match destination IP addresses in the natural mask range. The display fib [ slot-id ] destination-address destination-mask longer command displays all FIB entries that match destination IP addresses in a specified mask range. The display fib [ slot-id ] destination-address1 destination-mask1 destinationaddress2 destination-mask2 command displays FIB entries that match destination IP addresses in the range of desination-address1 desination-mask1 to desitinationaddress2 destination-mask2. If slot-id is specified, FIB entries on the specified LPU are displayed. Format display fib [ slot-id ] destination-address1 [ destination-mask1 ] [ longer ] [ verbose ] display fib [ slot-id ] destination-address1 destination-mask1 destinationaddress2 destination-mask2 [ verbose ] Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 631 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value slot-id Displays information about The value is an integer and the the FIB table with a value range depends on the specified slot ID. device configuration. destinationaddress1 Indicates destination IP address 1. The value is in dotted decimal notation. destinationmask1 Indicates subnet mask 1. The value is in dotted decimal notation or an integer that ranges from 0 to 32. destinationaddress2 Indicates destination IP address 2. The value is in dotted decimal notation. destinationmask2 Indicates subnet mask 2. The value is in dotted decimal notation or an integer that ranges from 0 to 32. longer Displays FIB entries matching a specified network segment or mask. - verbose Displays detailed information about the FIB table. - Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display FIB entries that match destination address 172.16.0.0 in the natural mask range or based on the longest match principle. <Huawei> display fib 172.16.0.0 Route Entry Count: 1 Destination/Mask Nexthop Flag TimeStamp Interface TunnelID 172.16.0.0/16 10.1.1.1 U t[0] Vlanif10 0x0 # Display the FIB entries with the destination addresses in the range of 172.16.0.0/16 to 172.16.0.6/16. <Huawei> display fib 172.16.0.0 255.255.0.0 172.16.0.6 255.255.0.0 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 632 Fit AP Command Reference 6 Network Interconnection Configurations Commands Route Entry Count: 1 Destination/Mask Nexthop Flag TimeStamp Interface TunnelID 172.16.0.1/8 10.1.1.1 U t[0] Vlanif10 0x0 Table 6-68 Description of the display fib longer command output Item Description Destination/Mask Destination address or mask length. Nexthop Next hop. Flag Current flag, which is the combination of G, H, U, S, D, and B. ● G (gateway route): indicates that the next hop is a gateway. ● H (host route): indicates that the route is a host route. ● U (available route): indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B (blackhole route): indicates that the next hop is a null interface. TimeStamp Timestamp, which indicates the lifetime of an entry, in seconds. Interface Outbound interface to the destination address. TunnelID Index of a forwarding entry. It is used in packet forwarding between the upstream and downstream boards. If the value is not 0, packets matching the entry are forwarded through the MPLS tunnel. If the value is 0, packets matching the entry are not forwarded through the MPLS tunnel. 6.11.5 display fib next-hop Function The display fib next-hop command displays FIB entries that match a specified next-hop IP address. Format display fib next-hop ip-address Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 633 Fit AP Command Reference 6 Network Interconnection Configurations Commands Parameters Parameter Description Value ip-address Specifies the next-hop IP address. The value is in dotted decimal notation. Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display FIB entries that match a specified next-hop IP address. <Huawei> display fib next-hop 10.1.1.1 Destination/Mask Nexthop Flag TimeStamp Interface 10.1.1.1/32 10.1.1.1 HU t[115] Vlanif10 0x0 TunnelID Table 6-69 Description of the display fib next-hop command output Item Description Destination/Mask Destination address or mask length. Nexthop Next hop. Flag Current flag, which is the combination of G, H, U, S, D, and B. ● G (gateway route): indicates that the next hop is a gateway. ● H (host route): indicates that the route is a host route. ● U (available route): indicates that the route status is Up. ● S: indicates a static route. ● D: indicates a dynamic route. ● B (blackhole route): indicates that the next hop is a null interface. TimeStamp Timestamp, which indicates the lifetime of an entry, in seconds. Interface Outbound interface to the destination address. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 634 Fit AP Command Reference 6 Network Interconnection Configurations Commands Item Description TunnelID Index of a forwarding entry. It is used in packet forwarding between the upstream and downstream boards. If the value is not 0, packets matching the entry are forwarded through the MPLS tunnel. If the value is 0, packets matching the entry are not forwarded through the MPLS tunnel. 6.11.6 display fib statistics Function The display fib statistics command displays the total number of IPv4 FIB entries. Format display fib [ slot-id ] statistics [ all ] Parameters Parameter Description slot-id all Value Slot ID. The value is an integer and the value range depends on the device configuration. Displays all FIB entries statistics. - Views All views Default Level 1: Monitoring level Usage Guidelines None Example # Display the total number of FIB entries on the device. <Huawei> display fib statistics Route Entry Count : 30 Route Prefix Count : 30 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 635 Fit AP Command Reference 6 Network Interconnection Configurations Commands # Display statistics about all FIB entries on the SRU. <Huawei> display fib statistics all IPv4 FIB Total Route Prefix Count : 24; Entry Count : 24 IPv4 FIB Public Route Prefix Count : 22; Entry Count : 22 Table 6-70 Description of the display fib statistics command output Item Description Route Entry Count Total number of FIB entries. Route Prefix Count Total number of route prefix entries. IPv4 FIB Total Route Prefix Count: Entry Count: Numbers of route prefix entries and FIB entries. IPv4 FIB Public Route Prefix Count: Entry Count: Numbers of IP route prefix entries and FIB entries on a public network. 6.12 IGMP Snooping Configuration Commands 6.12.1 display l2-multicast forwarding-table Function The display l2-multicast forwarding-table command displays the Layer 2 multicast forwarding table. Format display l2-multicast forwarding-table vlan vlan-id Parameters Parameter Description Value vlan vlan-id Displays Layer 2 multicast forwarding entries in a specified VLAN. The value is an integer that ranges from 1 to 4094. Views All views Default Level 1: Monitoring level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 636 Fit AP Command Reference 6 Network Interconnection Configurations Commands Usage Guidelines Usage Scenario After completing IGMP snooping configuration, you can use the display l2multicast forwarding-table command to view the Layer 2 multicast forwarding table. This command displays dynamic learned multicast forwarding entries. Precautions This command displays Layer 2 multicast forwarding entries in a VLAN only when at least one interface in the VLAN is in Up state. Example # Display Layer 2 multicast forwarding entries in VLAN 10. <Huawei> display l2-multicast forwarding-table vlan 10 VLAN ID: 10 -------------------------------------------------------------------------------(Source, Group) Interface -------------------------------------------------------------------------------(*, 225.1.1.1) GigabitEthernet0/0/0 (*, 225.1.1.2) GigabitEthernet0/0/0 -------------------------------------------------------------------------------Total Group(s): 2 Table 6-71 Description of the display l2-multicast forwarding-table command output Item Description VLAN ID VLAN ID of the forwarding entries. (Source, Group) (S, G) entry, specifying the multicast source and multicast group. Interface Outbound interface. Total Group(s) Total number of multicast forwarding entries. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 637 Fit AP Command Reference 7 7 WLAN Service Configuration Commands WLAN Service Configuration Commands About This Chapter 7.1 ap-address mode 7.2 ap-address static ac-list 7.3 ap-address static ac-list ipv6 7.4 ap-address static ip-address 7.5 ap-address static ip-address ipv6 7.6 ap-group 7.7 ap-sysname 7.8 cawpap dtls psk 7.9 capwap dtls psk-mandatory-match enable 7.10 display ac-list 7.11 display ap-sysname-info 7.12 display capwap configuration 7.13 display station 7.14 display station online-track 7.15 display station offline-record 7.16 display station statistics 7.17 reset station statistics 7.18 work-mode 7.1 ap-address mode Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 638 Fit AP Command Reference 7 WLAN Service Configuration Commands Function The ap-address mode command configures the mode in which an AP obtains an IP address. By default, an AP obtains an IP address in DHCP mode. Format ap-address mode { static | dhcp | slaac } Parameters Parameter Description Value static Indicates that a static IP address is obtained. The AP must be configured with a static IP address. dhcp Indicates that an IP address is obtained in DHCP mode. The AP functions as a DHCP client and is assigned an IP address by the DHCP server. slaac Indicates that an IP address is obtained in SLAAC mode. Only IPv6 addresses can be obtained through stateless address autoconfiguration (SLAAC). - Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario By default, an AP obtains an IP address in DHCP mode and goes online through an AC. You can run the ap-address mode command to change the mode in which an AP goes online. After an AP is configured to obtain an IP address in DHCP mode, the AP serves as the DHCP client. The DHCP Discover and Request messages sent by the AP carry the Option 12 field by default. This field contains the AP model and MAC address in format of Huawei AP-AP model-AP MAC address, for example, HuaweiAPAP5030DN-dc:d2:fc:f6:76:a0. After the AP obtains an IP address, you can check AP information based on the IP address on the DHCP server that supports the display of DHCP client information. Follow-up Procedure You must run the reboot command to restart the AP to make the configuration take effect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 639 Fit AP Command Reference 7 WLAN Service Configuration Commands Example # Configure an AP to obtain an IP address in DHCP mode. <Huawei> system-view [Huawei] ap-address mode dhcp 7.2 ap-address static ac-list Function The ap-address static ac-list command configures the AC list for APs. The undo ap-address static ac-list command deletes the configured AC address list on APs. By default, no AC list is configured. Format ap-address static ac-list ip-address &<1-4> undo ap-address static ac-list Parameters Parameter Description Value ip-address Specifies the IP address for an AC. The value is in dotted decimal notation. Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario You can run the ap-address static ac-list command to configure the AC list on an AP. After going online, the AP sends unicast discovery packets to the AC address to locate the AC. Follow-up Procedure You must run the reboot command to restart the AP to make the configuration take effect. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 640 Fit AP Command Reference 7 WLAN Service Configuration Commands Example # Configure the AC address on the AP to 192.168.10.1. <Huawei> system-view [Huawei] ap-address static ac-list 192.168.10.1 Related Topics 7.1 ap-address mode 7.4 ap-address static ip-address 7.3 ap-address static ac-list ipv6 Function The ap-address static ac-list ipv6 command configures an AC IPv6 address list on APs. The undo ap-address static ac-list command deletes the configured AC IPv6 address list on APs. By default, no AC IPv6 address list is configured on APs. Format ap-address static ac-list ipv6 ipv6-address &<1-4> undo ap-address static ac-list Parameters Parameter Description ipv6-address Specifies the AC' IPv6 address. Value The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. Views System view Default Level 2: Configuration level Usage Guidelines Use Scenario You can run this command to configure an AC IPv6 address list on APs. After this list is configured, the APs can unicast a Discovery Request packet to discover an AC when they go online using IPv6 addresses. Follow-up Procedure Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 641 Fit AP Command Reference 7 WLAN Service Configuration Commands Run the 2.5.4 reboot command to restart the APs. Example # Set the AC's IPv6 address to 1002::0001 on the AP. <Huawei> system-view [Huawei] ap-address static ac-list ipv6 1002::1 Related Topics 7.1 ap-address mode 7.5 ap-address static ip-address ipv6 7.4 ap-address static ip-address Function The ap-address static ip-address command configures the static IP address used by an AP to go online. The undo ap-address static ip-address command deletes the static IP address used by an AP to go online. By default, no static IP address is configured for an AP. Format ap-address static ip-address ip-address { mask | mask-length } [ gateway ] undo ap-address static ip-address Parameters Parameter Description Value ip-address Specifies the static IP address for an AP. The value is in dotted decimal notation. mask Specifies the IP address mask for an AP. The value is in dotted decimal notation. mask-length Specifies the IP address mask length for an AP. The value is an integer that ranges from 0 to 32. gateway The value is in dotted decimal notation. Specifies the egress gateway for AP routes. Views System view Default Level 2: Configuration level Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 642 Fit AP Command Reference 7 WLAN Service Configuration Commands Usage Guidelines Usage Scenario You can run the ap-address static ip-address command to configure the static IP address used by an AP to go online. Precautions Ensure that there are reachable routes between the configured IP address and the AC source address for an AP to go online. Otherwise, the AP may fail to go online. If the AP and AC are connected through a Layer-3 network, the egress gateway for AP routes must be configured. Prerequisites The AP has been configured to go online in static mode using the 7.1 ap-address mode command. Follow-up Procedure You must run the reboot command to restart the AP to make the configuration take effect. Example # Set the static IP address to 192.168.10.254/24. <Huawei> system-view [Huawei] ap-address static ip-address 192.168.10.254 24 7.5 ap-address static ip-address ipv6 Function The ap-address static ip-address ipv6 command configures a static IPv6 address for an AP. The undo ap-address static ip-address command deletes the configured static IPv6 address. By default, no static IPv6 address is configured for an AP. Format ap-address static ip-address ipv6 { ipv6-address prefix-length | ipv6-address/ prefix-length } [ gateway ] undo ap-address static ip-address Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 643 Fit AP Command Reference 7 WLAN Service Configuration Commands Parameters Parameter Description Value ipv6-address Specifies a static IPv6 address for an AP. The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. prefix-length Specifies the prefix length of an IPv6 address. The value is an integer that ranges from is 1 to 128. gateway The value is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X. Specifies the AP's egress gateway. Views System view Default Level 2: Configuration level Usage Guidelines Use Scenario You can run this command to configure static IPv6 addresses for APs. Precautions The route between the AP's IPv6 address and the AC's source IP address must be reachable; otherwise, the AP cannot go online on the AC. If APs connect to the AC through a Layer 3 network, an egress gateway must be configured. Prerequisites APs have been configured to go online in static mode using the 7.1 ap-address mode command. Follow-up Procedure Run the reboot command to restart the APs. Example # Configure the IPv6 address 2001:db8:2002::10 for the AP, set the prefix length of the IPv6 address to 64, and configure the gateway address as 2001:db8:2002::1. <Huawei> system-view [Huawei] ap-address static ip-address ipv6 2001:db8:2002::10/64 2001:db8:2002::1 7.6 ap-group Function The ap-group command adds an AP to an AP group. Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 644 Fit AP Command Reference 7 WLAN Service Configuration Commands The undo ap-group command deletes an AP from an AP group. By default, an AP is not added to any AP group. Format ap-group name group-name undo ap-group Parameters Parameter Description Value name groupname Specifies the name of an AP group. The value is a string of 1 to 35 characters. It does not contain question marks (?), marks (/), or spaces, and cannot start or end with double quotation marks (" "). Views System view Default Level 2: Configuration level Usage Guidelines Usage Scenario If you need to perform the same configuration on multiple APs, add the APs to an AP group and perform the configuration in the AP group. The configuration takes effect on all APs of the group. This prevents repetitive configuration. Precautions ● The configuration takes effect only after the AP is restarted. Example # Add an AP to the AP group group1. <Huawei> system-view [Huawei] ap-group name group1 Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 645 Fit AP Command Reference 7 WLAN Service Configuration Commands 7.7 ap-sysname Function The ap-sysname command changes the system name of an AP. The undo ap-sysname command restores the default system name of an AP. By default, the system name of an AP is Huawei. Format ap-sysname ap-sysname undo ap-sysname Parameters Parameter Description Value ap-sysname Specifies the system name of an AP. The value is a string of 1 to 63 characters. The value cannot contain question marks (?) and cannot start or end with double quotation marks (" ") or spaces. Views System view Default Level 2: Configuration level Usage Guidelines You can run the ap-sysname command to change the AP system name or restore the default name. System names help identify different APs, making them easy to distinguish. ● You must restart the AP to make the configured system name take effect. ● If no AP system name is configured on the AC, the AC delivers names configured on the APs after APs are restarted; if AP system names are configured on the AC, the AC delivers the configured system names after the Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 646 Fit AP Command Reference 7 WLAN Service Configuration Commands APs are restarted. AP names configured on the AC take precedence over names configured on the APs. Example # Change the system name of AP to ap-N1-10. <Huawei> system-view [Huawei] ap-sysname ap-N1-10 7.8 cawpap dtls psk Function The cawpap dtls psk command configures a pre-shared key used for DTLS encryption. The default username and password are available in WLAN Default Usernames and Passwords (Enterprise Network or Carrier). If you have not obtained the access permission of the document, see Help on the website to find out how to obtain it. Format cawpap dtls psk cipher psk-value Parameters Parameter Description Value cipher pskvalue Specifies the pre-shared key used for DTLS encryption. The value is string of characters. The pre-shared key contains 6 to 32 characters in plain text, for example, a1234567. Views System view Default Level 2: Configuration level Usage Guidelines During the CAPWAP tunnel establishment between an AP and an AC, the AP performs a DTLS session with the AC as soon as the AP is associated with the AC. DTLS supports PSK encryption. When the pre-shared key is used for DTLS Issue 08 (2021-02-25) Copyright © Huawei Technologies Co., Ltd. 647 Fit AP Command Reference 7 WLAN Service Configuration Commands encryption, the cawpap dtls psk command can be used to manually change the value in the DTLS session on the AP. NOTE It is recommended that you change the pre-shared key in a timely manner to ensure device security. Example # Configure the pre-shared key for DTLS encryption as huawei123. <Huawei> system-view [Huawei] cawpap dtls psk cipher huawei123 7.9 capwap dtls psk-mandatory-match enable Function The capwap dtls psk-mandatory-match enable command enables an RU to establish a Datacom Transport Layer Security (DTLS) session with a central AP using the default pre-shared key. The undo capwap dtls psk-mandatory-match enable command disables an RU to establish a Datacom Transport Layer Security (DTLS) session with a central AP using the default pre-shared key. By default, an RU is disabled to establish a DTLS session with a central AP using the default pre-shared key. Format capwap dtls psk-mandatory-match enable undo capwap dtls psk-mandatory-match enable NOTE Only the AD9431DN-24X, AD9430DN-24 and AD9430DN-12 support this command. Parameters None. Views System view Default Level 2: Configuration level Usage Guidelines When a new RU is added to the WLAN or the passwords of the RU and central AP are different (for example, the password of the central AP is changed but the RU Is