No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - System Monitor 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Using Ping/Tracert on an IP Network

Using Ping/Tracert on an IP Network

The ping can monitor link connectivity, and the tracert operation can provide information used to locate a faulty node.

Using Ping to Check Link Connectivity on an IPv4 or IPv6 Network

The ping operation monitors link connectivity and host reachability on a network. In a ping operation, the source sends an Internet Control Message Protocol (ICMP) Request message to the destination and the destination returns an ICMP Response message to the source.

Context

Ping is a common debugging tool used to test the reachability of devices. It uses ICMP Echo messages to determine the following:
  • Whether the remote device is available.

  • Round-trip delay of the communication with the remote host.

  • Whether packet loss occurs.

The ping command labels each ICMP Echo Request message with a sequence ID that starts from 1 and is increased by 1. The number of ICMP Echo Request messages to be sent is determined by the device, and the default number is 5. The number of ICMP Echo Request messages to be sent can also be set. If the destination is reachable, it sends five ICMP Echo Reply messages to the source, with their sequence numbers identical with that of ICMP Echo Request messages.

Perform the following steps in any view on the NQA client:

Procedure

  1. Check whether network connectivity is proper. Run either of the following commands depending on the primary or secondary path.

    • If the path is a primary one, run:
      ping [ ip ] { [ -a source-ip-address | -c count | { -f | ignore-mtu } | -h ttl-value | { { -i interface-type interface-number | -nexthop nexthop-address } * | -si source-interface-type source-interface-number } | -m time | -p pattern | -q | -r | { -s packetsize | -range [ [ min min-size | max max-size | step step-size ] * ] } | -name | -system-time | -t timeout | { -tos tos-value | -dscp dscp-value } | -v | -vpn-instance vpn-instance-name | -ri | -8021p 8021p-value | -detail ] * host [ ip-forwarding ] }
    • If the path is a secondary one, run:
      ping [ ip ] { [ -c count | { -s packetsize | -range [ [ min min-value | max max-value | step step-value ] * ] } | -t timeout | -m time | -a source-ip-address | -h ttl-value | -p pattern | { -tos tos-value | -dscp dscp-value } | { -f | ignore-mtu } | -q | -vpn-instance vpn-instance-name | -v | -system-time | -ri | -name | -detail ] * host } [ bypass -si { interface-name | interface-type interface-number } ]
    ping [ ip ] { [ -a source-ip-address | -c count | { -f | ignore-mtu } | -h ttl-value | { { -i interface-type interface-number | -nexthop nexthop-address } * | -si source-interface-type source-interface-number } | -m time | -p pattern | -q | -r | { -s packetsize | -range [ [ min min-size | max max-size | step step-size ] * ] } | -name | -system-time | -t timeout | { -tos tos-value | -dscp dscp-value } | -v | -vpn-instance vpn-instance-name | -ri | -8021p 8021p-value | -detail ] * host [ ip-forwarding ] }

    Link connectivity is checked.

    The ping command output includes the following:

    • Response to each ping packet: If no ICMP Echo Reply message is received within a specified period of time, the message reading "Request time out" is displayed. If a Reply message is received, the data bytes, packet sequence number, TTL value, and response time carried in the message are displayed.

    • Final statistics: The number of ICMP Echo Request messages, number of ICMP Echo Reply messages, percentage of non-response packets, and the minimum, maximum, and average values of the response time are displayed.

    <HUAWEI> ping 10.1.1.2 
      PING 10.1.1.2 : 56 data bytes , press CTRL_C to break 
        Reply from 10.1.1.2 : bytes=56 sequence=1 ttl=255 time = 1ms 
        Reply from 10.1.1.2 : bytes=56 sequence=2 ttl=255 time = 2ms 
        Reply from 10.1.1.2 : bytes=56 sequence=3 ttl=255 time = 1ms 
        Reply from 10.1.1.2 : bytes=56 sequence=4 ttl=255 time = 3ms 
        Reply from 10.1.1.2 : bytes=56 sequence=5 ttl=255 time = 2ms 
    
      --10.1.1.2 ping statistics-- 
        5 packet(s) transmitted 
        5 packet(s) received 
        0.00% packet loss 
        round-trip min/avg/max = 1/2/3 ms
    NOTE:

    The ping ipv6 command is available for IPv6 networks.

  2. (Optional) The fast ICMP reply function is enabled.
    1. Run the icmp-reply fast command in the system view to enable the fast ICMP reply function on a device.
    2. Run the icmp-reply fast command in the slot view to enable the fast ICMP reply function on a specified the interface board.
    3. Run the commit command to commit the configuration.

    The jitter time and delay time in ping processes are great. This is because the ICMP packets used in ping operations need to be processed by the CPUs of devices and the processing produces great delays. The details are as follows:
    • To minimize the impact of ping attacks on itself, the NE40E reduces the ICMP packet processing priority to the lowest level.
    • The NE40E uses a distributed processing system. ARP and ICMP packets and routing information are processed on the interface board. In a ping operation, the interface board sends ICMP packets to the interface board for processing, and then the interface board returns the processed ICMP packets to the interface board. Due to their low processing priority, ICMP packets are always transmitted and processed after other packets. Their transmission is delayed.

    To resolve ping delay and jitter issues, devices provide the ICMP fast reply function. After this function is enabled, received ICMP request packets are not sent to the CPU for processing. Instead, the PFE of the interface board responds to the source end with ICMP reply packets, greatly shortening the ping delay.

    NOTE:

    After the undo icmp-reply fast command is run in the system or slot view, the fast ICMP reply function is disabled on the interface board. After the fast ICMP reply function is disabled on the interface board, the fast ICMP reply function takes effect on the interface board only after the icmp-reply fast command is run in both the system and slot views.

Using Ping to Monitor the Reachability of Layer 3 Trunk Member Interfaces

A ping command can be run to test the reachability of trunk member interfaces, which helps you learn about a physical link's status and locate faulty links.

Context

Multiple physical interfaces can be bundled into a logical trunk interface, and these physical interfaces are trunk member interfaces. A specific transmission path is used by each member interface. The path-specific service parameters, such as delay time, jitter time, and packet loss ratio, are also different. Therefore, you cannot determine which member interface is faulty when the quality of services on a trunk interface deteriorates. To resolve this problem, perform a ping test to detect each physical link to help locate the faulty link.

NOTE:

The ping test applies when two devices are directly connected through trunk interfaces or Eth-Trunk sub-interfaces.

Procedure

  1. Enable the receive end to monitor Layer 3 trunk member interfaces.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      trunk member-port-inspect

      The receive end is enabled to monitor Layer 3 trunk member interfaces.

    3. Run:

      commit

      The configuration is committed.

  2. Ping Layer 3 trunk member interfaces from the transmit end.
    1. Run:

      ping [ ip ] { [ -a source-ip-address | -c count | -d | { -f | ignore-mtu } | -h ttl-value | { { -i interface-type interface-number | -nexthop nexthop-address } * | -si source-interface-type source-interface-number } | -m time | -p pattern | -q | -r | { -s packetsize | -range [ [ min min-size | max max-size | step step-size ] * ] } | -system-time | -t timeout | { -tos tos-value | -dscp dscp-value } | -v | -vpn-instance vpn-instance-name | -ri | -8021p 8021p-value | -detail ] * host [ ip-forwarding ] }

      The transmit end is enabled to monitor the reachability of a Layer 3 trunk member interface.

      The ping command output contains the following information:

      • Response to each ping message: If an echo response message is not received after the corresponding timer expires, a message reading "Request time out" is displayed; if an echo response message is received, the data bytes, message sequence number, and response time are displayed.

      • Final statistics: include the number of sent and received packets, percentage of failure response packets, and minimum, maximum, and average response time.

      <HUAWEI> ping -a 192.168.1.1 -i gigabitethernet 2/0/0 10.1.1.2
       PING 10.1.1.2: 56 data bytes, press CTRL_C to break
          Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=170 ms
          Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
          Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms
          Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=50 ms
          Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=50 ms    
      
        --- 10.1.1.2 ping statistics ---
          5 packet(s) transmitted
          5 packet(s) received
          0.00% packet loss
          round-trip min/avg/max = 30/66/170 ms 
      

Using Tracert to Monitor the Forwarding Path on an IPv4 or IPv6 Network

The tracert command is used to monitor link connectivity and locate network faults.

Context

The tracert command is used to discover gateways through which a message passes from the source to the destination. The maximum TTL value set for the UDP packet is 30. Each time the source does not receive a reply after the configured time elapses, it displays the TTL of the UDP packet as expired and sends another UDP packet with the TTL value increasing by 1. If the TTL value remains expired for 30 times, the source considers that the UDP packet cannot reach the destination and the trace test fails.

To reduce exposure of the IP addresses of device interfaces in order to prevent against detection through ICMP Port Unreachable or Time Exceeded messages, specify the source IP address of ICMP Port Unreachable or Time Exceeded messages in the loopback interface view. If the tracert command is run to detect a remote IP address, the device uses the IP address of the loopback interface to function as the source IP address of ICMP Port Unreachable or Time Exceeded messages.

Procedure

  • On an IPv4 network:

    1. (Optional) Configure the IP address of the loopback interface as the source IP address of ICMP Port Unreachable or Time Exceeded messages.

      1. Run:

        system-view

        The system view is displayed.

      2. Run:

        interface loopback loopback-number

        A loopback interface is created, and the loopback interface view is displayed.

      3. (Optional) Run:

        ip binding vpn-instance vpn-instance-name

        The interface is bound to a VPN instance.

      4. Run:

        ip icmp { ttl-exceeded | port-unreachable } source-address

        The IP address of the loopback interface is configured as the source IP address of ICMP Port Unreachable or Time Exceeded messages.

      5. Run:

        commit

        The configuration is committed.

    2. Run:

      tracert [ -a source-ip-address | -f first-TTL | -m max-TTL | -p port | -q nqueries | -vpn-instance vpn-instance-name | -w timeout | -v | -name | -s size ] * host

      The fault position is tested.

      The following example uses the tracert command to analyze the network.

      <HUAWEI> tracert -m 10 10.1.1.1
      traceroute to 10.1.1.1 (10.1.1.1), max hops: 10 ,packet length: 40,press CTRL_C to break
      1  172.16.112.1   19 ms   19 ms   1 ms
      2  172.16.216.1   39 ms   39 ms   19 ms
      3  172.16.136.23   39 ms   40 ms   39 ms
      4  172.16.168.22   39 ms   39 ms   39 ms
      5  172.16.197.4   40 ms   59 ms   59 ms
      6  172.16.221.5   59 ms   59 ms   59 ms
      7  172.31.70.13   99 ms   99 ms   80 ms
      8  172.31.71.6   139 ms   239 ms   319 ms
      9  172.31.81.7   220 ms   199 ms   199 ms
      10 10.1.1.1   239 ms   239 ms   239 ms
      

  • On an IPv6 network:

    Run:

    tracert ipv6 [ -f first-hop-limit | -m max-hop-limit | -p port-number | -q probes | -w timeout | vpn-instance vpn-instance-name | -s size | -a source-ipv6-address | -name | -v ] * host-name

    The fault position is tested.

    The following example uses the tracert ipv6 command to analyze the network.

    <HUAWEI> tracert ipv6 -q 5 -w 8000 2001:db8:100::3
    traceroute to 2001:db8:100::3 30 hops max,60 bytes packet
    1 2001:db8:200::2 26 ms 23 ms 26 ms 30 ms 29 ms 
    2 2001:db8:100::3 3020 ms 3024 ms 4040 ms 6820 ms 5584 ms
    

    The command output displays the gateways through which the message passes from the source host to the destination.

Download
Updated: 2018-07-12

Document ID: EDOC1100028538

Views: 29071

Downloads: 220

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next