No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

S1720, S2700, S5700, and S6720 V200R011C10

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Ethernet Switching Compatible Commands

Ethernet Switching Compatible Commands

MAC Compatible Commands

mac-address blackhole (upgrade-compatible command)

Function

Using the mac-address blackhole command, you can add a blackhole MAC address entry.

Format

mac-address blackhole mac-address [ interface-type interface-number ] vlan vlan-id1 [ ce-vlan vlan-id2 ]

Parameters

Parameter

Description

Value

mac-address

Specifies the destination MAC address in a MAC address entry.

The value is in H-H-H format. H is a hexadecimal number of 1 to 4 digits.

interface-type interface-number

Specifies the outbound interface in a MAC address entry.
  • interface-type specifies the type of the outbound interface.
  • interface-number specifies the number of the outbound interface.

-

vlan vlan-id1

Specifies the VLAN ID in the outer VLAN tag.

The value is an integer that ranges from 1 to 4094.

Views

Ethernet interface view, GE interface view, XGE interface view, Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the mac-address blackhole command.

mac-address static (upgrade-compatible command)

Function

Using the mac-address static command, you can add a static MAC address entry .

Format

mac-address static mac-address interface-type interface-number vlan vlan-id1

Parameters

Parameter

Description

Value

mac-address

Specifies the destination MAC address in a MAC address entry.

The value is in H-H-H format. H is a hexadecimal number of 1 to 4 digits.

interface-type interface-number

Specifies the outbound interface in a MAC address entry.
  • interface-type specifies the type of the outbound interface.
  • interface-number specifies the number of the outbound interface.

-

vlan vlan-id1

Specifies the VLAN ID in the VLAN tag.

The value is an integer that ranges from 1 to 4094.

Views

Ethernet interface view, GE interface view, XGE interface view, Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the mac-address static vlan, mac-address static vlanif, and mac-address static vsi command.

port-security maximum (upgrade-compatible command)

Function

The port-security maximum command sets the maximum number of MAC addresses that can be learned on an interface.

Format

port-security maximum max-number

Parameters

Parameter

Description

Value

max-number

Specifies the maximum number of MAC addresses that can be learned by an interface.

The value is an integer that ranges from 1 to 4096.

Views

Ethernet interface view, GE interface view, XGE interface view, Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the port-security max-mac-num command.

Link Aggregation Compatible Commands

mode lacp-static (upgrade-compatible command)

Function

The mode command configures the LACP mode of an Eth-Trunk.

Format

mode lacp-static

Parameters

none

Views

Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

After the upgrade, this command is no longer supported, and it is replaced by the mode lacp command.

lacp e-trunk system-id (Eth-Trunk interface view) (upgrade-compatible command)

Function

The lacp e-trunk system-id command configures the Link Aggregation Control Protocol (LACP) system ID of an E-Trunk.

The undo lacp e-trunk system-id command deletes the LACP system ID of an E-Trunk.

By default, the LACP system ID is the Ethernet MAC address of the device.

Format

lacp e-trunk system-id mac-address

undo lacp e-trunk system-id

Parameters

Parameter Description Value
system-id mac-address Specifies the LACP system ID of the E-Trunk. The value is in the format of H-H-H. An H contains 1 to 4 hexadecimal digits, such as 00e0 and fc01. If an H contains less than four digits, 0s are padded ahead. For example, if an H is specified as e0, it is displayed as 00e0. The LACP system ID cannot be all 0s or all Fs.
NOTE:

The LACP system ID cannot be all 0s.

If the value is all Fs, it indicates that the LACP system ID is restored to the default.

Views

Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

It is replaced by the lacp system-id mac-address command.

snmp-agent trap enable eth-trunk (upgrade-compatible command)

Function

Using the ssnmp-agent trap enable eth-trunk command, you can enable the Simple Network Management Protocol (SNMP) trap function on an Eth-Trunk.

Using the undo snmp-agent trap enable eth-trunk command, you can disable the SNMP trap function on an Eth-Trunk.

By default, the SNMP trap function is disabled on an Eth-Trunk.

Format

snmp-agent trap enable eth-trunk

undo snmp-agent trap enable eth-trunk

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

If the SNMP trap function is enabled on an Eth-Trunk, the system sends a trap to the network management system (NMS) server in case of when the following exceptions occurs:
  • The negotiation of the LAG fails.
  • The bandwidth of the LAG is lost. For example, if the lower threshold of the number of active interfaces is set by using the least active-linknumber command and if the number of active interfaces is smaller than this value, the Eth-Trunk becomes Down and the system sends the trap.
  • Part of the bandwidth of the LAG is lost. When one of active interfaces fails, the system sends the trap because the number of active interfaces is reduced.

Example

# Enable the SNMP trap function on an Eth-Trunk so that the trap can be sent to the NMS server promptly when the status of the LAG changes.

<HUAWEI> system-view
[HUAWEI] snmp-agent trap enable eth-trunk

VLAN Compatible Commands

port mux-vlan enable (upgrade-compatible command)

Function

The port mux-vlan enable command enables the MUX VLAN function on an interface.

The undo port mux-vlan enable command disables the MUX VLAN function on an interface.

By default, the MUX VLAN function is disabled on an interface.

Format

port mux-vlan enable

undo port mux-vlan enable

Parameters

None

Views

GE interface view, XGE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the port mux-vlan enable vlan command.

Voice VLAN Compatible Commands

voice-vlan enable (upgrade-compatible command)

Function

The voice-vlan enable command enables the voice VLAN function on an interface.

By default, the voice VLAN function is disabled on an interface.

Format

voice-vlan enable

Parameters

None

Views

GE interface view, Ethernet interface view, XGE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the voice-vlan vlan-id enable command.

GVRP Compatible Commands

garp leaveall timer (upgrade-compatible command)

Function

The garp leaveall timer command sets the GARP LeaveAll timer.

Format

garp leaveall timer timer-value

Parameters

Parameter

Description

Value

timer-value

Specifies the value of the GARP LeaveAll timer.

The value is an integer that ranges from 65 to 32765 and that can be exactly divided by 5, in centiseconds. The value of the LeaveAll timer must be greater than the values of Leave timers on all the interfaces.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a GARP participant is enabled, the LeaveAll timer is started. When the LeaveAll timer expires, the GARP participant sends LeaveAll messages to request other GARP participants to re-register all its attributes. Then the LeaveAll timer restarts.

Devices on a network may have different settings for the LeaveAll timer. In this case, all the devices use the smallest LeaveAll timer value on the network. When the LeaveAll timer of a device expires, the device sends LeaveAll messages to other devices. After other devices receive the LeaveAll messages, they reset their LeaveAll timers. Therefore, only the LeaveAll timer with the smallest value takes effect even if devices have different settings for the LeaveAll timer.

Prerequisites

Before setting GARP timers on an interface, you must enable GVRP globally.

Precautions

The Leave timer length on an interface is restricted by the global LeaveAll timer length. When configuring the global LeaveAll timer, ensure that all the interfaces that have a GARP Leave timer configured are working properly.

Example

# Set the LeaveAll timer to 510 centiseconds.

<HUAWEI> system-view
[HUAWEI] garp leaveall timer 510

STP Compatible Commands

snmp-agent trap enable mstp (upgrade-compatible command)

Function

The snmp-agent trap enable mstp command enables the trap function for the MSTP module.

Format

snmp-agent trap enable mstp

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

After the upgrade, this command is no longer supported, and it is replaced by the snmp-agent trap enable feature-name mstp command in the system view.

snmp-agent trap enable feature-name mstp (upgrade-compatible command)

Function

The snmp-agent trap enable feature-name mstp command enables the trap function for the MSTP module.

By default, the trap function is disabled for the MSTP module.

Format

snmp-agent trap enable feature-name mstp trap-name { nnewroot | ntopologychange }

undo snmp-agent trap enable feature-name mstp trap-name { nnewroot | ntopologychange }

Parameters

Parameter Description Value
trap-name Enables the traps of spanning tree protocol events of specified types. -
nnewroot Enables the device to send trap when the current device is elected as the root bridge. -
ntopologychange Enables the device to send trap when the topology changes. -

Views

System view

Default Level

3: Management level

Usage Guidelines

This command is available to aid upgrade compatibility. It can only be run during the configuration restoration phase of the upgrade.

After the upgrade, this command is no longer supported, and it is replaced by the snmp-agent trap enable feature-name mstp trap-name { newroot | topologychange } command in the system view.

stp tc-protection (upgrade-compatible command)

Function

The stp tc-protection command enables the trap function for the Topology Change (TC) BPDU protection.

The undo stp tc-protection command disables the trap function for the TC BPDU protection.

By default, the trap function for the TC BPDU protection is disabled.

Format

stp tc-protection

undo stp tc-protection

Parameters

None

Views

System view or MST process region view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The TC attack defense function is enabled by default, you can run the stp tc-protection interval command to set the time that a device needs to process the maximum number of TC BPDUs which is configured using the stp tc-protection threshold command. If there are packets exceeding the maximum number, the switch processes the packets after the time specified in the stp tc-protection interval command expires. For example, if the time is set to 10 seconds and the maximum number is set to 5, when a switch receives TC BPDUs, the switch processes only the first 5 TC BPDUs within 10 seconds and processes the other TC BPDUs after the time expires. In this way, the device does not frequently update its MAC address entries and ARP entries, reducing CPU usage.

To learn about detailed processing information on TC BPDUs, run the stp tc-protection command to enable the trap function for the TC BPDU protection. After the function is enabled, MSTP_1.3.6.1.4.1.2011.5.25.42.4.2.15 hwMstpiTcGuarded and MSTP_1.3.6.1.4.1.2011.5.25.42.4.2.16 hwMstpProTcGuarded are generated.

Precautions

The trap function for the TC BPDU protection takes effect only when the snmp-agent trap enable feature-name mstp and stp tc-protection are both run.

L2PT Compatible Commands

bpdu-tunnel (upgrade-compatible command)

Function

The bpdu-tunnel command configures an interface to forward or discard BPDUs.

By default, an interface discards the received BPDUs.

Format

bpdu-tunnel { enable | disable }

Parameters

Parameter

Description

Value

enable | disable

Indicates the action that an interface performs on BPDUs.
  • enable: The interface discards BPDUs.
  • disable: The interface forwards BPDUs.

-

Views

Ethernet interface view, GE interface view, XGE interface view, port group view, Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel stp { enable | disable } command.

bpdu-tunnel enable (upgrade-compatible command)

Function

The bpdu-tunnel enable command enables Layer 2 protocol transparent transmission on an interface.

Format

bpdu-tunnel { all | protocol-type &<1-15> } enable

Parameters

Parameter

Description

Value

all

Enables or disables transparent transmission of packets of all standard Layer 2 protocols and user-defined Layer 2 protocols.

-

protocol-type

Enables or disables transparent transmission of packets of a specified Layer 2 protocol. You can specify multiple protocols in the command.

-

Views

Ethernet interface view, XGE interface view, GE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel { all | { protocol-type } &<1-15> | user-defined-protocol protocol-name } enable command.

bpdu-tunnel group-mac (upgrade-compatible command)

Function

The bpdu-tunnel group-mac command enables the switch to replace the multicast destination MAC address of Layer 2 protocol packets with a specified multicast MAC address.

Format

bpdu-tunnel protocol-type group-mac group-mac

Parameters

Parameter

Description

Value

protocol-type

Specifies the type of a Layer 2 protocol.

The value is a string of 1 to 31.

group-mac group-mac

Specifies the multicast MAC address that replaces the destination MAC address of Layer 2 protocol packets.

The value is in H-H-H format. An H is a hexadecimal number of 1 to 4 digits. The value ranges from 0100-0000-0000 to 01ff-ffff-ffff.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel protocol-type group-mac group-mac command.

bpdu-tunnel stp group-mac (upgrade-compatible command)

Function

Using the bpdu-tunnel stp group-mac command, you can replace the global well-known MAC address of the STP BPDU packets with a multicast MAC address.

Format

bpdu-tunnel stp group-mac group-mac

Parameters

Parameter

Description

Value

group-mac group-mac

Specifies the multicast MAC address that replaces the well-known global MAC address of the BPDU packets.

The value is in H-H-H format. An H is a hexadecimal number of 1 to 4 digits. The value ranges from 0100-0000-0000 to 01ff-ffff-ffff.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel stp group-mac group-mac command.

bpdu-tunnel stp vlan (upgrade-compatible command)

Function

Using the bpdu-tunnel stp vlan command, you can configure the interface to accept the BPDU packets whose tag values range from low-vid to high-vid.

Using the undo bpdu-tunnel stp vlan command, you can cancel the configuration.

By default, an interface does not accept the tagged BPDU packets.

Format

bpdu-tunnel stp vlan { low-vid [ to high-vid ] } &<1-10>

undo bpdu-tunnel stp vlan { low-vid [ to high-vid ] } &<1-10>

Parameters

Parameter

Description

Value

low-vid

Specifies the start VLAN ID of the BPDU packets that can be accepted by the interface.

The value is a decimal integer ranging from 1 to 4094. It must be smaller than high-vid.

high-vid

Specifies the end VLAN ID of the BPDU packets that can be accepted by the interface.

The value is a decimal integer ranging from 1 to 4094. It must be greater than low-vid.

Views

Ethernet interface view, GE interface view, XGE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel stp { vlan low-id [ to high-id ] } &<1-10> command.

bpdu-tunnel vlan (upgrade-compatible command)

Function

The bpdu-tunnel vlan command enables VLAN-based Layer 2 protocol transparent transmission on an interface.

Format

bpdu-tunnel { all | protocol-type &<1-15> } vlan { low-id [ to high-id ] } &<1-10>

Parameters

Parameter

Description

Value

all

Enables or disables transparent transmission of packets of all standard Layer 2 protocols and user-defined Layer 2 protocols.

-

protocol-type

Enables or disables transparent transmission of packets of a specified Layer 2 protocol. You can specify multiple protocols in the command.

-

low-id

Specifies the start VLAN ID.

The value is an integer that ranges from 1 to 4094. The value must be smaller than the end VLAN ID.

high-id

Specifies the end VLAN ID.

The value is an integer that ranges from 1 to 4094. The value must be greater than the start VLAN ID.

Views

Ethernet interface view, XGE interface view, GE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel vlan command.

l2protocol-tunnel user-defined-protocol (upgrade-compatible command)

Function

The l2protocol-tunnel user-defined-protocol command defines the characteristics of a Layer 2 protocol whose packets are transparently transmitted, including the protocol name, Ethernet encapsulation type, destination MAC address of packets, multicast MAC address replacing the destination multicast MAC address of packets, and priority of packets.

By default, there is no user-defined characteristics of a Layer 2 protocol whose packets are transparently transmitted.

Format

l2protocol-tunnel user-defined-protocol protocol-name protocol-mac protocol-mac encape-type { ethernetii protocol-type protocol-type | llc dsap dsap-value ssap ssap-value | snap protocol-type protocol-type } group-mac { group-mac | default-group-mac } [ priority priority-id ]

Parameters

Parameter Description Value
protocol-name Specifies the name of a user-defined Layer 2 protocol whose packets are transparently transmitted. The name is a string of 1 to 31 case-insensitive characters without spaces. When quotation marks are used around the string, spaces are allowed in the string.
protocol-mac protocol-mac Specifies the destination multicast MAC address of the Layer 2 protocol packets that are transparently transmitted. This MAC address must be an ordinary MAC address that has not been used on the S1720, S2700, S5700, and S6720. The address is in the format of H-H-H, H indicating a 4-bit hexadecimal number.
encape-type Defines the encapsulation format for Layer 2 protocol packets that are transparently transmitted.
  • ethernetii: indicates Ethernet_II, the encapsulation format for Layer 2 protocol packets that are transparently transmitted.

  • llc:: indicates Logical Link Control (LLC), the encapsulation format for Layer 2 protocol packets that are transparently transmitted.

  • snap: indicates Sub-Network Access Protocol (SNAP), the encapsulation format for Layer 2 protocol packets that are transparently transmitted.

When transparently-transmitted Layer 2 protocol packets carry the same protocol MAC address and protocol type, you can use the parameter encap-type to define different encapsulation formats to differentiate these packets.
-
protocol-type protocol-type Specifies the value of Ethernet encapsulation type. The value is a hexadecimal number ranging from 0600 to FFFF.
dsap dsap-value Specifies the destination service access point. The value ranges from 0x00 to 0xff, in hexadecimal format.
ssap ssap-value Specifies the source service access point. The value ranges from 0x00 to 0xff, in hexadecimal format.
group-mac group-mac Specifies the multicast MAC address that replaces the destination multicast MAC address of the Layer 2 protocol packets that are transparently transmitted. The address must be an ordinary MAC address, which cannot be the MAC address of bridge protocol data units (BPDUs), the MAC address of Smart Link protocol packets, or a special MAC address. The address is in the format of H-H-H, H indicating a 4-bit hexadecimal number.
default-group-mac

Specifies the default MAC address of a multicast group, which is 0100-0ccd-cdd0.

This parameter can simplify the configuration and reduce the configuration error. For example:

Most Layer 2 protocols can be classified by types. Default MAC addresses of Layer 2 protocols in the same type are the same. In this case, you can attach the parameter default-group-mac to the l2protocol-tunnel user-defined-protocol command to reduce the configuration workload and the probability of configuration error.

-
priority priority-id Specifies the priority of the Layer 2 protocol packets that are transparently transmitted. The value is an integer that ranges from 1 to 7. The default value is 0.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

This command is available to aid upgrade compatibility. It can be run when it is entered in full.

After the upgrade, it is replaced by the l2protocol-tunnel user-defined-protocol command.

Translation
Download
Updated: 2019-10-09

Document ID: EDOC1000178165

Views: 47584

Downloads: 1159

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next