No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

S1720, S2700, S5700, and S6720 V200R011C10

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Network Management Compatible Commands

Network Management Compatible Commands

SNMP Compatible Commands

snmp-agent group (upgrade-compatible command)

Function

The snmp-agent group command creates an SNMP group by mapping SNMP users to SNMP views.

The undo snmp-agent group command deletes a specified SNMP user group.

By default, no SNMP group is configured.

Format

snmp-agent group v3 group-name [ authentication | privacy ] [ read-view read-view | write-view write-view | notify-view notify-view ] * [ acl acl-number ]

undo snmp-agent group v3 group-name [ authentication | privacy ]

Parameters

Parameter Description Value
v3 Indicates that the SNMP group uses the security mode in SNMPv3. -
group-name Specifies the name of an SNMP group. It is a string of 1 to 32 case-sensitive characters without spaces.
authentication | privacy
Indicates the security level of the SNMP group.
  • authentication: authenticates SNMP messages without encryption.
  • privacy: authenticates and encrypts SNMP messages.

To ensure security, it is recommended that you set the security level of the SNMP group to privacy.

read-view read-view Specifies a read-only view. It is a string of 1 to 32 case-sensitive characters without spaces. read-view specified by the snmp-agent mib-view command.
write-view write-view Specifies a read-write view. It is a string of 1 to 32 case-sensitive characters without spaces. write-view is specified by the snmp-agent mib-view command.
notify-view notify-view Specifies a notify view. It is a string of 1 to 32 case-sensitive characters without spaces. notify-view is specified by the snmp-agent mib-view command.
acl acl-number Specifies a basic ACL.
NOTE:

The ACL configured by the acl acl-number parameter takes effect on both IPv4 and IPv6 networks.

The value is an integer that ranges from 2000 to 2999.

Views

System view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

snmp-agent trap enable (upgrade-compatible command)

Function

The snmp-agent trap enable command enables a specified trap for a specified feature.

The undo snmp-agent trap enable command disables a specified trap for a specified feature.

The default configuration of the snmp-agent trap enable command can be checked using the display snmp-agent trap all command.

Format

snmp-agent trap enable feature-name

undo snmp-agent trap enable feature-name

Parameters

Parameter Description Value
feature-name Specifies the name of the feature that generates traps. -

Views

System view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

snmp-agent trap enable standard (upgrade-compatible command)

Function

Using the snmp-agent trap enable standard command, you can enable the trap function of standard SNMP.

Using the undo snmp-agent trap enable standard command, you can disable the trap function of standard SNMP.

By default, no trap messages are sent to a device.

Format

snmp-agent trap enable standard [ authentication | coldstart | warmstart | linkup | linkdown ] *

undo snmp-agent trap enable standard [ authentication | coldstart | warmstart | linkup | linkdown ] *

Parameters

Parameter Description Value
Authentication Indicates that a trap message is sent when packets failed to be authenticated through SNMP. -
Coldstart Indicates that a trap message is sent when the system is cold started. -
Warmstart Indicates that a trap message is sent when the system is hot started. -
Linkup Indicates that a trap message is sent when the interface goes Up. -
Linkdown Indicates that a trap message is sent when the interface goes Down. -

Views

System view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

snmp-agent usm-user (upgrade-compatible command)

Function

The snmp-agent usm-user command adds a user to an SNMP user group.

The undo snmp-agent usm-user command deletes a user from an SNMP user group.

By default, the SNMP user group has no users added.

NOTE:

It is recommended that you deliver the snmp-agent usm-user v3 user-name group-name authentication-mode { md5 | sha } password [ privacy-mode { des56 | aes128 | aes192 | aes256 | 3des } encrypt-password ] [ acl acl-number ] to the switch from the NMS. Do not directly configure the command on the switch.

Format

snmp-agent usm-user v3 user-name group-name simple [ authentication-mode { md5 | sha } password [ privacy-mode { des56 | aes128 | aes192 | aes256 | 3des } encrypt-password ] ] [ acl acl-number ]

snmp-agent usm-user v3 user-name group-name [ cipher ] [ authentication-mode { md5 | sha } password [ privacy-mode { des56 | aes128 | aes192 | aes256 | 3des } encrypt-password ] ] [ acl acl-number ]

undo snmp-agent usm-user v3 user-name group-name [ engineid engineid | local ]

Parameters

Parameter Description Value
v3 Indicates that the security mode in SNMPv3 is adopted. -
user-name Specifies the name of a user. It is a string of 1 to 32 case-sensitive characters without spaces.
group-name Specifies the name of the group to which a user belongs. It is a string of 1 to 32 case-sensitive characters without spaces.
simple Indicates the simple authentication. -
cipher Specifies that the password is in ciphertext, which is the default password type. If this parameter is specified, you can enter only a password in ciphertext. This type of password can be viewed using the configuration file. -
authentication-mode Sets the authentication mode.
NOTE:
Authentication is a process in which the SNMP agent (or the NMS) confirms that the message is received from an authorized NMS (or SNMP agent) and the message is not changed during transmission. RFC 2104 defines Keyed-Hashing for Message Authentication Code (HMAC), an effective tool that uses the security hash function and key to generate the message authentication code. This tool is widely used in the Internet. HMAC used in SNMP includes HWAC-MD5-96 and HWAC-SHA-96. The hash function of HWAC-MD5-96 is MD5 that uses 128-bit authKey to generate the key. The hash function of HWAC-SHA-96 is SHA-1 that uses 160-bit authKey to generate the key.
-
md5 | sha
Indicates the authentication protocol.
  • md5: Specifies HMAC-MD5-96 as the authentication protocol.
  • sha: Specifies HMAC-SHA-96 as the authentication protocol.
-
password Specifies the password for user authentication.

For plain-text password, the value is a string of 6 to 64 characters by default, and the minimum length is 6 characters. If the set password min-length command is run to set the minimum length of passwords to a value greater than 6, the minimum length is the value configured using the set password min-length command. For cipher-text password, the value is a string of 32 to 104 characters.

NOTE:
The password cannot be the same as the user name or reverse of the user name. The password must contain at least two types of characters, including letters, digits, and special characters. The special characters cannot be question mark (?) or space.
privacy-mode Specifies the authentication with encryption.

The system adopts the cipher block chaining (CBC) code of the data encryption standard (DES) and uses 128-bit privKey to generate the key. The NMS uses the key to calculate the CBC code and then adds the CBC code to the message while the SNMP agent fetches the authentication code through the same key and then obtains the actual information. Like the identification authentication, the encryption requires the NMS and the SNMP agent to share the same key to encrypt and decrypt the message.

-
des56 | aes128 | aes192 | aes256 | 3des Indicates the encryption protocol. -
encrypt-password Indicates the encryption password.

For plain-text password, the value is a string of 6 to 64 characters by default, and the minimum length is 6 characters. If the set password min-length command is run to set the minimum length of passwords to a value greater than 6, the minimum length is the value configured using the set password min-length command. For cipher-text password, the value is a string of 32 to 104 characters.

NOTE:
The password cannot be the same as the user name or reverse of the user name. The password must contain at least two types of characters, including letters, digits, and special characters. The special characters cannot be question mark (?) or space.
acl acl-number Specifies the ACL number of the access view. The value is an integer that ranges from 2000 to 2999.
engineid engineid Specifies the ID of the engine associated with a user. The value is a string of 10 to 64 case-insensitive characters without spaces.
local Indicates the local entity user. -

Views

System view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

NQA Compatible Commands

send-trap overthreshold (upgrade-compatible command)

Function

Using the send-trap overthreshold command, you can configure conditions for sending trap messages.

Using the undo send-trap overthreshold command, you can delete the previous configuration.

By default, the device is disabled from sending traps.

Format

send-trap overthreshold

undo send-trap overthreshold

Parameters

None

Views

NQA view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

After the upgrade, this command is no longer supported, and it is replaced by the send-trap rtd command.

Mirror Compatible Commands

port-mirroring (upgrade-compatible command)

Function

The port-mirroring command configures a mirroring behavior on an interface.

Format

port-mirroring to observe-port index

Parameters

Parameter

Description

Value

index

Specifies the index of a global observing interface.

The value is integer.

Views

Traffic behavior view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

Example

# Mirror traffic to observing interface with index 1.

<HUAWEI> system-view
[HUAWEI] traffic behavior b1
[HUAWEI-traffic-behavior-b1] port-mirroring to observe-port 1
Translation
Download
Updated: 2019-04-18

Document ID: EDOC1000178165

Views: 41729

Downloads: 1101

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next