Thursday, October 25, 2018

Traffic Policy Failed in Huawei S6720 Switch

Issue Description
Customer feedback that the traffic policy apply fail in Huawei S6720 200R009C00SPC500, and want to know the reason.
transparent.gif Alarm Information
=========================================================================
  ===============display traffic-policy applied-record===============
=========================================================================
#
-------------------------------------------------
  Policy Name:   af1
  Policy Index:  0
     Classifier:match-any     Behavior:af1
-------------------------------------------------
 *interface XGigabitEthernet0/0/2.1709
    traffic-policy af1 inbound 
      slot 0    :  fail
 *interface XGigabitEthernet0/0/2.3173
    traffic-policy af1 inbound 
      slot 0    :  fail
 *interface XGigabitEthernet0/0/2.3870
    traffic-policy af1 inbound 
      slot 0    :  fail
 *system
    traffic-policy af1 global inbound slot 0
      slot 0    :  success
-------------------------------------------------
  Policy total applied times: 4.
#
transparent.gif Handling Process
Step 1 check the traffic policy configuration as follow:

traffic behavior af1
 remark 8021p 1
#
traffic classifier match-any operator or
 if-match any
#
traffic policy af1 match-order config
 classifier match-any behavior af1
#

Step 2 check the port configuration as follow:

interface XGigabitEthernet0/0/2.1709
 mtu 1600
 qinq mapping vid 1710 map-vlan vid 1709
 traffic-policy af1 inbound
 mpls l2vc 10.3.1.4 152 tunnel-policy T1
#
interface XGigabitEthernet0/0/2.3173
 mtu 1600
 qinq mapping vid 1711 map-vlan vid 3173
 traffic-policy af1 inbound
 mpls l2vc 10.3.1.4 156 tunnel-policy T2
#
interface XGigabitEthernet0/0/2.3870
 mtu 1600
 qinq mapping vid 1712 map-vlan vid 3870
 traffic-policy af1 inbound
 mpls l2vc 10.3.1.4 158 tunnel-policy T3
#

Root Cause
The traffic behavior Remark 8021p and qinq mapping vid 1710 map-vlan vid 1709 conflict,It cause the fail.
transparent.gifSolution
The traffic behavior Remark 8021p and qinq mapping vid 1710 map-vlan vid 1709 both opreation for vlan, so it will conflict and cause the fail.
So we suggest customer change the traffic behavior for example remark dscp or others behavior

transparent.gifSuggestions
The conflict operation may cause the traffic policy fail. Before configuration suggest check our production document there have the detail limit description.
Posted by at No comments:
Labels:

S5720-56C-HI-AC AP switch to Low frequency channel after set the calibrate 5G channel to high frequency channel

S5720-56C-HI-AC AP switch to Low frequency channel after set the calibrate 5G channel to high frequency channel
Some of the APs are still showing 5GHz on channel 36 (20MHz) after set the calibrate 5G channel to high frequency channel.
#
regulatory-domain-profile name default
  dca-channel 5g channel-set 100,104,108,112,116,120,124,128,149,153,157,161
  dca-channel 5g bandwidth 40mhz
#
e80a8bf292824645a9e691f555745bd9
1. Checking the regulatory-domain-profile, all of the channel is high frequency channle. And calibrate enable on the device. 
#
regulatory-domain-profile name default
  dca-channel 5g channel-set 100,104,108,112,116,120,124,128,149,153,157,161
  dca-channel 5g bandwidth 40mhz
#
2. Checking the channel switch of the AP, it shows that the switch reason is dfs, it means that the AP detect radar and after that the channel switch. It is normal that the AP switch channel when it detect radar signal. Current software version of the switch is S5720 V200R010C00SPC600 and it doesn't support radar channel choose and channel switch back, so after channel change to low channel, before next calibration, the AP will keep on low channel. 
25dfc8c790fc42e48d87d54f2d6c7c14
3. Recommend upgrade software of the switch to V200R011C10SPC600 and install patch V200R011SPH005. After upgrade,enable calibration bandwidth function, it is enable by default. With this way, after the AP detect radar signal, it will switch to other random channel, if the channel is low channel, the AC will enable calibrate bandwidth and change to high frequency channel. 
<HUAWEI> system-view
[HUAWEI] wlan 
[HUAWEI-wlan-view] regulatory-domain-profile name huawei
[HUAWEI-wlan-regulate-domain-huawei] dca-channel 5g bandwidth 40mh
Recommend upgrade software of the switch to V200R011C10SPC600 and install patch V200R011SPH005. After upgrade,enable calibration bandwidth function, it is enable by default. With this way, after the AP detect radar signal, it will switch to other random channel, if the channel is low channel, the AC will enable calibrate bandwidth and change to high frequency channel. 
<HUAWEI> system-view
[HUAWEI] wlan 
[HUAWEI-wlan-view] regulatory-domain-profile name huawei
[HUAWEI-wlan-regulate-domain-huawei] dca-channel 5g bandwidth 40mhz
Posted by at No comments:
Labels:

The principles of DLAG feature of Huawei DWDM Equipment

When the main board like Huawei TN52SCC on Huawei OSN8800 or OSN6800  detects a failed port, the cross-connect board switches the services carried by the failed port from the main board to the slave board to protect the services.
Figure 1 shows the processing flow of a DLAG.
Figure 1 Processing flow of a DLAG 
In the transmit direction, the processing flow of the DLAG is described as follows:
  • The cross-connect board of NE1 transmits the services to the main board and slave board of the DLAG. Then, the main board and slave board of the DLAG transmit the services to the equipment at the opposite end.
  • When a link down failure, a board offline event, or a hardware failure occurs on the main board, the equipment at the opposite end receives the signals sent by the slave board.
In the receive direction, the processing flow of the DLAG is described as follows:
  • The main board and slave board of NE1 transmit the main services and slave services sent from the opposite end respectively to the cross-connect board of NE1. The cross-connect board of NE1 selects services between the main services and slave services.
  • When the main board works normally, the cross-connect board selects the services sent by the main board.
  • When the main board detects a link down failure, a board offline event, or a hardware failure, the cross-connect board selects the services sent by the slave board to protect the services.
Posted by at No comments:
Labels: , ,

How to troubleshoot the fault through the CLI when the service board of Huawei MA5600T/MA5603T/MA5608T is in failed state?

Location Method

When the service board of Huawei MA5600T/MA5603T/MA5608T is in the failed state, locate the fault according to the following procedure:
  1. Check whether the type of the actual used service board is the same as that configured on the system.
  2. Check whether the service board is firmly inserted.
  3. Check whether the power supply of the cabinet is normal.
  4. Replace the original service board with a new service board and then check whether the new service board can start normally.
icon-notice.gif NOTICE:
To facilitate fault report, save the results of the following steps.
When you remove and insert a service board, antistatic measures must be taken.

Procedure

  1. Run the display board frameid/slotid command to query the name of the faulty board, check the type of the actual board inserted in the subrack, and check whether their types are the same.
    • If their types are the same, go to 4.
    • If their types are different, proceed to 2.
  2. If it is confirmed that system configurations are correct, insert a board of the correct type into the slot and then proceed to the next step. If it is confirmed that system configurations are incorrect, run the board delete command to delete the original configurations, after the system displays a message indicating that the board is auto discovered, run the board confirm command to confirm the board and then proceed to the next step.
  3. Wait five minutes and then check whether the fault is rectified.
    • If the fault is rectified, go to 11.
    • If the fault persists, proceed to 4.
  4. Check whether the service board is firmly inserted.
    • If the service board is firmly inserted, go to 6.
    • If the service board is not firmly inserted, remove and insert the service board, and ensure that the service board is firmly inserted. Then, proceed to 5.
  5. Check whether the fault is rectified.
    • If the fault is rectified, go to 11.
    • If the fault persists, proceed to 6.
  6. Check whether the power supply of the cabinet is normal.
    • If the power supply of the cabinet is normal, go to 8.
    • If the power supply of the cabinet is abnormal, check the device supplying power and enable this device to supply power in the normal state. Then, proceed to 7.
  7. Check whether the fault is rectified.
    • If the fault is rectified, go to 11.
    • If the fault persists, proceed to 8.
  8. Replace the original service board, and then check whether the new service board can start normally.
    • If the new service board can start normally, it indicates that service board is faulty. In this case, replace the original service board with a new one. Then, go to 11.
    • If the new service board cannot start normally, proceed to 9.
  9. In the diagnosis mode, run the display reset-record command.
  10. The fault is rectified.
Posted by at No comments:
Labels: ,

Wednesday, October 24, 2018

How to Configure Huawei MSTP in OLT?

Configure Huawei MSTP parameters as follows:
  • Enable the MSTP function.
  • Enable the MSTP function on port 0/19/0.
  • Set the MSTP running mode to MSTP compatible mode.
  • Configure MST region parameters:
    • Configure the MD5-Key for the MD5 encryption algorithm to 0x11ed224466.
    • Configure the MST region name to huawei-mstp-bridge.
    • Map VLAN2-VLAN10 and VLAN12-VLAN16 to MSTP instance 3.
    • Map all the VLANs to the specified MSTP instances.
    • Configure the MSTP revision level of the device to 100.
  • Configure the maximum hops for the MST region to 10.
  • Activate the configuration of the MST region manually.
  • Configure the priority of the device in spanning tree instance 2 to 4096.
  • Configure the current device as the root bridge of MSTP instance 2.
  • Configure the diameter of the switching network to 6.
  • Configure the calculation standard for the path cost to IEEE 802.1t.
  • Configure the time parameters of a specified bridge:
    • Configure the forward delay to 2000 centiseconds.
    • Configure the hello time to 1000 centiseconds.
    • Configure the max age to 3000 centiseconds.
    • Configure the timeout time factor to 6.
  • Configure the parameters of a specified port:
    • Configure the maximum number of packets transmitted in a hello time period to 16.
    • Configure port 0/19/0 to be an edge port.
    • Configure the path cost of the port in a specified spanning tree instance to 1024.
    • Configure the priority of the port to 64.
    • The link connected to port 0/19/0 is a point-to-point link.
  • Enable the BPDU protection function on the device.
huawei(config)#stp enable
  Change global stp state may active region configuration,it may take several
minutes,are you sure to change global stp state? [Y/N][N]y
huawei(config)#stp port 0/19/0 enable
huawei(config)#stp mode mstp
huawei(config)#stp md5-key 11ed224466
huawei(config)#stp region-configuration
huawei(stp-region-configuration)#region-name huawei-mstp-bridge
huawei(stp-region-configuration)#instance 3 vlan 2 to 10 12 to 16
huawei(stp-region-configuration)#vlan-mapping module 16
huawei(stp-region-configuration)#revision-level 100
huawei(stp-region-configuration)#active region-configuration
huawei(stp-region-configuration)#quit
huawei(config)#stp instance 2 priority 4096
huawei(config)#stp instance 2 root primary
huawei(config)#stp max-hops 10
huawei(config)#stp bridge-diameter 6
huawei(config)#stp pathcost-standard dot1t
huawei(config)#stp timer forward-delay 2000
huawei(config)#stp timer hello 1000
huawei(config)#stp timer max-age 3000
huawei(config)#stp time-factor 6
huawei(config)#stp port 0/19/0 transmit-limit 16
huawei(config)#stp port 0/19/0 edged-port enable
huawei(config)#stp port 0/19/0 instance 0 cost 1024
huawei(config)#stp port 0/19/0 instance 0 port-priority 64
huawei(config)#stp port 0/19/0 point-to-point force-true
huawei(config)#stp bpdu-protection enable
Posted by at No comments:
Labels: ,

Monday, October 15, 2018

How to monitor Huawei DSLAM backup in U2000?

How to monitor Huawei DALSM MA5616 or MA5600T Backup in U2000?

 You can check the backups from this path:

1170faecc5cc400c99a37a8073148337

You can also modify the backup policy and select the file type you want for the NE you choose:
2df8cb947fb1449785a93ca46f1e4303



For the backup result, you can check them only in U2000. For the backups failure, you can check the alarms if your U2000 version is R16C60 or higher.
c75f1e8a927b48ab81529315d0c22df4



Unfortunately, there is no function implemented yet to allow us to receive the failed backups alarms via email.
Posted by at No comments:
Labels: ,

Huawei WDM 40G Line Board NS3 configuration instruction

Huawei 40G line board TN54NS3/TN55NS3 board for Huawei OptiX OSN 6800/OptiX OSN 8800 universal platform subrack only supports relay mode. TN56NS3 board for the OptiX OSN 8800 universal platform subrack only supports relay mode.
When the TN56NS3 board is used to receive SDH services, the SDH service license for universal line boards is required.

When the TN56NS3 board is installed in a general OptiX OSN 8800 T64 subrack, the XCT+SXH or XCT+SXM cross-connect boards must be used. When the TN56NS3 board is installed in an enhanced OptiX OSN 8800 T64 subrack, the XCT+SXH, XCT+SXM, or UXCT+USXH cross-connect boards must be used. When the TN56NS3 board is installed in an OptiX OSN 8800 T16 subrack to receive SDH services, the TN16UXCM cross-connect board must be used.

When SDH services are provisioned, the TN56NS3 board can be used only in an independent subrack, but not in a master or slave subrack. When OTN services are provisioned, the TN56NS3 board can be used in an independent subrack, a master subrack, or a slave subrack.
Posted by at No comments:
Labels: ,

Which Priority Does an Interface Trust?

An interface can be configured to trust DSCP priorities and 802.1p priorities simultaneously,
or trust IP precedences and 802.1p priorities simultaneously. When an interface is configured
to trust DSCP priorities and 802.1p priorities simultaneously, or trust IP precedences and
802.1p priorities simultaneously, the interface:
Trusts DSCP priorities or IP priorities if L3 packets are received.
Trusts 802.1p priorities if L2 packets are received.

The DSCP priority and IP precedence use different bits of the ToS field; therefore, an interface cannot be configured to trust DSCP priorities and IP precedences simultaneously.
Huawei S5720-SI, S5720S-SI, S5720LI, S5720S-LI, S5710-X-LI, S1720GW-E, S1720GWR-E, S1720GW, and S1720GWR do not support the trust ip-precedence command.
Posted by at No comments:
Labels:

What Are The Differences in the Ring Check Function Between Earlier-Version and Later-Version MA5600T?

  • The processing mechanism of the ring check function of an earlier-version MA5600T has the following disadvantages:
    • After a loop is detected, Huawei MA5600T deactivates the ONT. In this way, live-network configurations are modified.
    • After Huawei ONT like HG8546M is deactivated, you need to manually activate the ONT (that is, re-configure services). This increases the workload.
  • The processing mechanism of the ring check function of MA5600T V800R009 (or later versions) is optimized in terms of the following aspects:
    • After a loop is detected, the MA5600T makes the ONT go offline. In this way, live-network configurations are not modified but the ONT is stopped from transmitting services.
    • The MA5600T automatically makes the offline ONT go online after a period of time elapses. Note that the length of this period of time is configurable.
    • An easy-to-use query function is provided. With this function, you can query all ONTs that go offline because of loops.
  • If you need to query all ONT deactivation records, run the display event history eventid command to query the information about events 0x2910000d and 0x29100026.
Event 0x2910000d indicates the PON port status; event 0x29100026 indicates the non-PON port status.
Posted by at No comments:
Labels: ,

Block all DHCP packets to exit an interface S5720S-28X-LI-24S-AC

Issue Description
For some specific scenarios, we need to block DHCP broadcast packets (Discovery, Request) to exit a specific interface.
b43ae64853dc466c83083ba6cc9eb7a5
In this specific scenario, PC1 gets dynamic IP from DHCP server located on LSW2. LSW1 just forwards the discovery and request packets towards LSW2.
The requirement is to block these packets to exit GE0/0/3 on LSW1.
Solution
Solution: configure a traffic policy and apply it in outbound direction on S5720S-28X-LI-24S-AC interface where you want to block the packets (in this case GE0/0/3 of LSW1)
The traffic classifier will use an advanced ACL to match the DHCP traffic, which is UDP traffic for ports 67 and 68.
The traffic behavior will be set to "deny" and, optionally to "statistic enable" to check afterwards if packets are dropped.
Configuration is as bellow:
acl number 3000
rule 5 permit udp destination-port eq bootps
rule 10 permit udp destination-port eq bootpc
#
traffic classifier c1 operator and
if-match acl 3000
#
traffic behavior b1
deny
statistic enable
#
traffic policy p1
classifier c1 behavior b1
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
traffic-policy p1 outbound
dhcp snooping enable

if you have some other questions about Huawei Switch, you can contact for supports@thunder-link.com.

Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)