No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring an IPv4 Address Pool and an Address Pool Group

Configuring an IPv4 Address Pool and an Address Pool Group

After an IPv4 address pool is configured, users can obtain IPv4 addresses from the IPv4 address pool.

Usage Scenario

A BAS-side address pool needs to be configured to assign IP addresses to access users. If the NE40E needs to allocate IP addresses to users, you must configure a local address pool on the NE40E, as shown in Figure 4-1; if a DHCPv4 or BOOTP server needs to allocate IP addresses to users, you must configure a remote address pool on the NE40E, as shown in Figure 4-2.

Figure 4-1 Networking diagram for address assignment from the local address pool

Figure 4-2 Networking diagram for address assignment from the remote address pool

Pre-configuration Tasks

Before configuring an IP address pool, complete the following task:

NOTE:

If two remote address pools are bound to the same DHCP server, whereas configurations of the DHCP server are not consistent with both remote address pools, either of the remote address pools becomes invalid. Therefore, ensure that configurations of the DHCP server and two address pools are consistent, or each remote address pool is bound to a DHCP server.

Creating an Address Pool

It is essential to configure the type, name, gateway, and address segment of an address pool.

Context

Perform the following steps on the router: Either configure a dynamic address pool or a non-dynamic address pool.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run access wait-request-time dhcpv4 time-value

    The timeout period for a router to wait for a Request message from a client in response to an Offer message sent to the client is set.

  3. Perform the corresponding steps according to the type of the address pool to be created.

    • Create a dynamic address pool.
      1. Run ip pool pool-name bas dynamic

        A dynamic address pool is created, and the dynamic address pool view is displayed.

      2. Run radius-server group group-name

        A RADIUS server group is bound to the dynamic address pool.

      3. Run authentication-name authentication-name password cipher password

        An authentication name and a password are configured for the BRAS to apply to a RADIUS server for dynamic address segments.

      4. Run subnet length initial { length | gateway-mask } [ extend { length | gateway-mask } ]

        The mask lengths are configured for the initial and subsequent address segments being applied for a dynamic address pool.

      5. (Optional) Run ip used-thresholdupper-limitupper-valuelower-limitlower-value

        The upper and lower address usage thresholds are configured for the dynamic address pool. The lower threshold for address segment release must be less than the upper threshold for address segment application.

        By default, the upper threshold for address segment application is 80%, and the lower threshold for address segment release is 20%.

        The BRAS checks the dynamic address pool usage every 10 minutes. If the BRAS detects that the dynamic address pool usage reaches the upper threshold, the BRAS applies to the RADIUS server for new address segments. If the BRAS detects that the dynamic address pool usage falls below the lower threshold, the BRAS applies to the RADIUS server for releasing address segments.

      6. (Optional) Run detect retransmit retransmit-value interval days hours minutes

        The number of retransmission times and a retransmission interval for detecting address segment availability are configured for the dynamic address pool.

        By default, the number of retransmission times is 3, and the retransmission interval is 3 days.

    • Create a non-dynamic address pool.
      1. Run ip pool pool-name [ bas { local | remote } [ rui-slave ] | server ]

        An non-dynamic address pool is created and the address pool view is displayed.

        Up to 4096 address pools can be configured in the system, including access-side address pools and network-side address pools. The address pool names must be unique.

      2. Run gateway ip-address mask

        The gateway address and mask of the pool are configured.

        The subnet mask and gateway address are used to determine whether the IP addresses in the address segments are in the same subnet with the gateway. Therefore, you must configure the gateway address and mask before configuring the address segments.

        Or run:gateway unnumbered interface interface-type interface-number

        An unnumbered interface gateway is configured for an address pool.

        Before configuring gateway in an IP address pool, ensure that the gateway address and a user address must be on the same network segment, but the gateway address cannot be assigned to users. Otherwise, many IP addresses are wasted. The command makes the loopback address of the device as the gateway for the IP address of all users. This prevents IP addresses from being wasted in each address pool.

        NOTE:
        • The borrowed interface must be configured with an IP address.

        • The gateway unnumbered interface interface-type interface-number command can only be configured in the IPv4 local address pool.

        • If an IP address pool is bound to a domain, the interface gateway can be configured, deleted or changed only after the address pool is unbound from the domain.

        • The gateway route's mask length of the remote address pool must be the same as the gateway route's mask length of the server address pool on the DHCP server.

        The ppp-gateway unnumbered loopback command is used in AAA view when a PPP user who receives a Framed-Ip-Address from the RADIUS server needs to choose a loopback interface address as the gateway address.

      3. Run section section-num start-ip-address [ end-ip-address ]

        An address segment is configured.

        A maximum of 256 address segments can be configured in an address pool. An address segment contains at most 65536 IP addresses. The address segments cannot overlap each other.

      4. (Optional) Run wait-request-time time-value

        The timeout period for a router to wait for a Request message from a client in response to an Offer message sent to the client is set.

        NOTE:
        The wait-request-time time-value command is run in the IP address pool view whereas the access wait-request-time dhcpv4 time-value command is run in the system view. If the two commands are both run, the wait-request-time time-value command takes effect.
      5. (Optional) Run weight weight-value

        A weight is configured for an IPv4 address pool.

        NOTE:
        • After the weight is configured for the IPv4 address pool, you must run the ip-pool algorithm loading-share remote command in the system view to configure the device to assign addresses from IPv4 remote address pools based on their weights.
        • The ip-pool algorithm loading-share remote command applies only to IPv4 remote address pools.
      6. (Optional) Run ip-pool algorithm loading-share remote [ chasten { restrain-period period-value | timeout-threshold threshold-value } * ]

        A period during which a remote address pool is suppressed and a threshold for the number of NAK packets in a suppressed remote address pool are configured.

      7. (Optional) Run dhcp-server check-remote-ip loose

        The BRAS is disabled from checking whether the IP addresses assigned by the DHCP server are on the network segment to which the gateway address of the remote address pool belongs.

        NOTE:

        The dhcp-server check-remote-ip loose command takes effect for remote address pools and remote RUI address pools only.

  4. (Optional) Run ip-attribute public

    The public network attribute is configured for an IP address pool or an IP address pool group. After the configuration is complete, the IP address pool or the IP address pool group is used for the calculation of public IP address pool status.

    By default, IP address pools or IP address pool groups have no public network attribute. They are not used for the calculation of public IP address pool status.

    To use the public IP address pool for the calculation of public IP address pool status, run the ip-pool usage-status threshold command to configure the upper and lower thresholds for IP address pool usage in a domain to calculate public IP address pool status.

    The ip-attribute public command takes effect only on local address pools.

  5. (Optional) Run lease days [ hours [ minutes ] ]

    The lease of the address pool is configured.

    By default, the lease of the IP addresses in an address pool is three days. If the lease is set to 0, the lease of the IP addresses is not limited.

  6. (Optional) Run rebinding-time days [ hours [ minutes ] ]

    The rebinding time of IP addresses is set.

    By default, the rebinding time of IP addresses is 87.5% of the lease of the address pool.

  7. (Optional) Run renewal-time days [ hours [ minutes ] ]

    The renewal time of IP addresses is set.

  8. (Optional) Run recycle start-ip-address [ end-ip-address ]

    The status of these IP addresses is set to Idle.

    When the user is not online, you can reclaim the occupied IP address manually by running this command.

  9. (Optional) Run conflict auto-recycle interval interval-time

    The interval at which conflicting addresses are automatically reclaimed is set.

    By default, conflicting addresses are automatically recycled at an interval of 30 minutes.

    If the interval-time value is set to 0, the automatic address reclaim function is disabled. Conflicting addresses will not be assigned to users. You must run the reset conflict-ip-address command to reclaim conflicting addresses.

    If the interval-time value is not set to 0, the usage of IP addresses in the address pool exceeds the alarm threshold, and the address conflict time exceeds the interval-time value, the router automatically reclaims some conflicting addresses and assigns them to users.

    This command is valid only in the view of the local or server address pool.

  10. (Optional) Run reserved ip-address { lease | mac }

    The reservation type of an IP address for a user is configured.

    By default, IP addresses are not reserved. When a user goes offline, the IP address is reclaimed.

    If a user is assigned a lease of four days during the first login, the user can still use the originally-allocated IP address provided that he goes online for the second time within four days. This is called lease-based IP address reservation.

    If a user's MAC address and the allocated IP address are recorded during the first login, the user can still use the originally-allocated IP address when he goes online for the second time. This is called MAC-address-based IP address reservation.

  11. (Optional) Run vpn-instance instance-name

    A VPN instance is bound to the address pool.

  12. (Optional) Run warning-threshold threshold-value

    The alarm threshold for the address usage of an address pool is set. If the address usage exceeds the threshold, an alarm is generated on the router.

    By default, the alarm threshold for the address usage of an address pool is set to 80%.

  13. (Optional) Run warning-exhaust

    The address exhaustion alarm function is enabled for the address pool.

    After this command is executed, the system generates an address exhaustion alarm when IP addresses in the address pool are exhausted, prompting the administrator to plan the IP addresses. When IP addresses in the address pool are exhausted, users cannot go online.

    When IP address usage of the address pool falls below 90%, the address exhaustion alarm is cleared.

  14. (Optional) Run frame-ip lease manage

    The lease management function of IP addresses delivered by the RADIUS server is enabled in an IP address pool.

    By default, the lease management function for IP addresses delivered by the RADIUS server is disabled.

  15. (Optional) Run option33 route dest-ip gateway

    IP addresses in this address pool are configured as the destination IP address and gateway IP addresses.

  16. (Optional) Run option router disable

    The device is disabled from sending DHCP packets carrying Option 3 (network gateway address) to the client.

  17. (Optional) Enable the automatic recycling of IP addresses assigned in RADIUS authentication responses.
    1. Run quit

      Return to the system view.

    2. Run aaa

      The AAA view is displayed.

    3. Run framed-ip conflict auto-recycle

      The automatic recycling of IP addresses assigned in RADIUS authentication responses is enabled.

      By default, IPv4 addresses, IPv6 addresses, or IPv6 prefixes assigned in RADIUS authentication responses are not recycled automatically.

  18. Run commit

    The configuration is committed.

(Optional) Configuring Static IP Address Binding

The IP address pool configured for static address bindings contains special IP addresses, which are assigned to servers in need of fixed IP addresses or users with particular requirements.

Context

Based on the clients' needs, you can adopt either static address binding or dynamic address assignment.

When dynamic address assignment is used, a range of IP addresses to be assigned needs to be specified; when static address binding is used, it can be considered to be a special DHCPv4 address pool with only one address.

Perform the following steps on the router that functions as a DHCPv4 server:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name bas local

    An IP address pool is created and the IP address pool view is displayed.

  3. (Optional) Run static-bind ip-address ip-address mac-address mac-address

    Certain IP-MAC addresses are statically bound.

  4. Run commit

    The configuration is committed.

Follow-up Procedure

Some clients may need fixed IP addresses that are bound to their MAC addresses. When the client with a specific MAC address uses DHCPv4 to apply for an IP address, the DHCPv4 server finds out the fixed IP address bound to the MAC address and assigns it to the client.

(Optional) Configuring DNS Services for the DHCPv4 Client

You can configure DNS server parameters for the DHCPv4 client. This allows the DHCPv4 client to automatically obtain DNS services automatically. Then, users can use easy-to-memorize domain names that mean a lot to them rather than complicated IP addresses.

Context

Perform the following steps on the DHCPv4 server that provides DNS services for the DHCPv4 clients:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas { local | remote } | server ]

    An IP address pool is created and the IP address pool view is displayed.

  3. Run dns-suffix suffix-name

    The DNS suffix of the IP address pool is configured.

    NOTE:

    This command is valid for only the local address pool and server address pool.

  4. Run dns-server ip-address &<1-8>

    The IP address of the DNS server of the address pool is configured.

    NOTE:

    If IP addresses are automatically allocated from the BAS address pool, the DNS server can be configured in both the domain view and the address pool view, but the configuration in the domain view takes precedence.

    If the RADIUS server is used to deliver IP addresses and gateway addresses, the following situations are available:
    • If the RADIUS server also delivers the DNS server address, the DNS server address delivered by the RADIUS server takes precedence.
    • If the RADIUS server does not deliver the DNS server address, the DNS server must be configured in the domain view, and this configuration does not take effect for the address pool.

  5. Run domain-search-list domain-name

    The search domain is configured.

    If a client sends a packet carrying the Option 119 field to request search domain information from the DHCP server, the domain-search-list command can be used to configure search domains so that the DHCP server can send required search domain information to the user.After the domain-search-list command is run and the first domain name resolution fails, the configured search domain is used for resolution.

  6. Run commit

    The configuration is committed.

Follow-up Procedure

On the DHCPv4 server, designate a DNS suffix for each address pool used to assign IP addresses to clients.

When a host accesses the Internet by using the DNS suffix, the DNS server resolves the DNS suffix into an IP address. Therefore, to ensure that the client successfully accesses the Internet, the DHCPv4 server also needs to specify the DNS server address for the client when it assigns IP addresses.

To improve network reliability, you can configure several DNS servers.

(Optional) Configuring NetBIOS Services for the DHCPv4 Client

You can configure NetBIOS services for the DHCPv4 client to enable users to obtain NetBIOS services automatically. Then, users can use easy-to-memorize host names rather than complicated IP addresses.

Context

Perform the following steps on the router that provides NetBIOS services for the DHCPv4 clients:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas { local | remote } | server ]

    An address pool is created and the address pool view is displayed.

  3. Run netbios-name-server ip-address &<1-8>

    The IP address of the NetBIOS server of the DHCPv4 client is configured.

  4. Run netbios-type { b-node | h-node | m-node | p-node }

    The NetBIOS node type of the DHCPv4 client is configured.

  5. Run commit

    The configuration is committed.

Follow-up Procedure

For the client using the operating system of Microsoft, Windows Internet Naming Service (WINS) server provides resolution from the host name to the IP address. This is given to the host that uses NetBIOS protocol for communication. Most of the Windows clients need to be configured with WINS.

When a DHCPv4 client communicates in a WAN by adopting the NetBIOS protocol, a mapping between the host name and the IP address should be set up. The following lists the types of NetBIOS nodes for obtaining mappings:

  • Type b nodes (b-node): "b" stands for broadcast. That is, type b nodes obtain the mapping relationship by means of broadcast.

  • Type h nodes (h-node): "h" stands for hybrid. Type h nodes are type b nodes owning the "peer-to-peer" communicating mechanism.

  • Type m nodes (m-node): "m" stands for mixed. Type m nodes are the type p nodes owning part of the broadcasting features.

  • Type p nodes (p-node): "p" stands for peer-to-peer. That is, type p nodes obtain the mapping by communicating with NetBIOS servers.

(Optional) Configuring SIP Services for the DHCPv4 Client

You can configure SIP services for the DHCPv4 client to implement multimedia communications such as multimedia conferences, Internet phones, distance education, and distance medical treatment.

Context

Perform the following steps on the router that provides SIP services for the DHCPv4 clients:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas local | server ]

    An address pool is created and the address pool view is displayed.

  3. Run sip-server { { ip-address ip-address } &<1~2> | { list server-name } &<1~2> }

    The IP address or name of the SIP server is specified.

  4. Run commit

    The configuration is committed.

(Optional) Configuring DHCPv4 Self-Defined Options

You can configure DHCPv4 self-defined options to provide more control information and parameters for the clients.

Context

If both dhcp option125 and option 125 commands are used, only the dhcp option125 command takes effect.

Performs the following steps on the router that functions as a DHCPv4 server:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas local | server ]

    An IP address pool is created and the IP address pool view is displayed.

  3. Run option code { { ip ip-address } &<1-2> | string string | hex hex-string &<1-160>| { suboption subcode { ip ip-address | string sub-string } } &<1-16> }

    A DHCPv4 option is configured.

  4. (Optional) Run dhcp option125 [ enterprise-code enterprise-code ] option125-string

    The enterprise code and description encapsulated into DHCP Option 125 for a telecom equipment supplier are configured.

    After this command is used, the enterprise code and description will be encapsulated into the DHCP Option 125 field of each DHCP Reply packet.

  5. Run option force-reply { code }&<1-16>

    The DHCP option forcibly replied to a client by a DHCP server is configured.

    Some DHCP option information is not replied by a server if a client does not initiate a request. However, without this DHCP option information, such as an IP address, the client cannot access the Internet. The option force-reply command is run to configure the server to forcibly reply a specified DHCP option to the client.

    NOTE:
    • A maximum of 16 forcibly replied DHCP options can be configured in an IP address pool.

    • Information about the configured DHCP option code must be supported by the DHCP server. Otherwise, the server cannot forcibly reply the DHCP option to the client.

  6. Run commit

    The configuration is committed.

Follow-up Procedure

The Option field in DHCPv4 packets carries control information and parameters that are not defined in common protocols. If the DHCPv4 server is configured with an Option, the DHCPv4 client obtains the configuration information saved in the Option field of DHCPv4 response packets.

You need to add the options to the attribute list of the DHCPv4 servers. For example,

  • To configure the IP address of a log server to 10.110.204.1, use the option 7 ip 10.110.204.1 command.

  • To configure the Option 129 field to represent "huawei", use the option 129 string huawei command.

NOTE:

The value of a common option for the DNS or lease, is determinate. The common option codes include 3, 6, 15,44, 46, 50 to 54, and 57 to 59, 82, 119. When the value is re-set, the system prompts that re-setting the value is not allowed.

The option command enables DHCPv4 response packets to carry specific options.

Before using this command, you need to know the function of each option. Option 77 identifies client types or applications of DHCPv4 clients. Based on User Class in the Option field, the DHCPv4 server selects a proper address pool and configuration parameters. Option 77 is commonly configured on the client.

(Optional) Configuring Address Protection

Address protection is implemented in special circumstances by locking an IP address pool, excluding an IP address or an IP address segment, setting a conflict flag, or reclaiming an IP address.

Context

Methods of protecting addresses in an address pool are as follows:

  • Locking the IP address pool

    You can lock an IP address pool by running commands. When an IP address pool is locked, IP addresses in the address pool cannot be assigned to users.

    This method is used when the address pool needs to be deleted but there are users using IP addresses in the address pool. If you lock the address pool, no more IP addresses will be assigned. After all users log out and the occupied IP addresses are released, you can delete the address pool.

  • Excluding the IP address

    You can use this method on a complex network to exclude certain IP addresses.

  • Reclaiming the IP address

    If an IP address in the address pool is in the Occupied state but no user is using it, you can reclaim the IP address by running the related command.

Perform the following steps on the router:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas { local | remote } | server ]

    An IP address pool is created and the IP address pool view is displayed.

  3. Run lock

    The address pool is locked.

    Or run excluded-ip-address start-ip-address [ end-ip-address ]:

    An IP address or an address segment is excluded.

    NOTE:

    This command is required when you configure static IP addresses.

    Or run recycle start-ip-address [ end-ip-address ]:

    An IP address or an address segment is reclaimed.

  4. Run commit

    The configuration is committed.

(Optional) Configuring a Constant Index for an IPv4 Address Pool

By default, the IPv4 address pool, IPv6 prefix pool, and IPv6 address pool do not have constant indexes. The indexes for these pools automatically change after the device where these pools reside restarts. After a device where IP pools reside restarts, the NMS loses all IP pool statistics and can no longer monitor these IP pools. This problem can be solved by configuring constant indexes for IP pools.

Context

After the ip-pool constant-index enable command is used, the index of the IPv4 address pool, IPv6 prefix pool, or IPv6 address pool does not change after the device restarts. The constant-index index command is automatically generated in the views of all the IPv4 address pools, IPv6 prefix pools, and IPv6 address pools configured on the device for users to check the constant index value. But the constant-index command cannot be used to change the automatically generated constant index for an IP pool.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip-pool constant-index enable

    The constant index function is enabled for IPv4 address pools, IPv6 prefix pools, and IPv6 address pools.

  3. Run commit

    The configuration is committed.

(Optional) Allocating IP Addresses Based on Option60 values

When there is no relay device between a DHCP client and a DHCP server, the DHCP server allocates different network segments and VPN addresses based on Option 60 values carried in user packets.

Context

Perform the following steps on the router.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run dhcp server base-option60 enable

    # A network-side DHCP server is enabled to allocate IP addresses based on Option60 values.

  3. Run ip pool pool-name server

    An address pool is created and the address pool view is displayed.

  4. Run client-option60 option60-value

    Option 60 values carried in user packets in a specified address pool are configured.

    NOTE:
    • After the command is used, IP addresses can be allocated by the address pool only when Option 60 values in the option60–value command matches Option 60 values carried in user packets.

    • The command can only be configured in the address pool on the DHCP server.

  5. Run commit

    The configuration is committed.

(Optional) Locking an IP Address Pool

This section describes how to lock an IP address pool so that the address pool cannot be used to assign IP addresses to new users.

Context

An IP address pool with an in-use IP address cannot be deleted. Therefore, configure the drain function to lock the address pool before you delete the address pool. After an IP address pool is locked using the lock drain command, DHCP Request messages for lease renewal from online users will be discarded. The address pool can be deleted after all online users using the address pool go offline upon lease expiry. If you only need to disable an IP address pool so that the address pool will not be used to assign IP addresses to new users but online users can still use assigned IP addresses, configure the lock function to lock the address pool using the lock command.

Perform the following steps on the router.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool pool-name [ bas { local | remote } ]

    The IP address pool view is displayed.

  3. Perform either of the following configurations as needed:

    • Configure the drain function to lock the address pool.

      1. Run lock drain

        The IP address pool is locked so that the address pool cannot be used to assign IP addresses to new users and Request messages for lease renewal from online users using the address pool are discarded.

      2. Run commit

        The configuration is committed.

    • Configure the lock function to lock the address pool.

      1. Run lock

        The IP address pool is locked so that the address pool cannot be used to assign IP addresses to new users but Request messages for lease renewal from online users can still be processed.

      2. Run commit

        The configuration is committed.

Configuring an Address Pool Group

An address pool group is a set of address pools sharing specified attributes. An address pool group simplifies configuration in some situations.

Context

An address pool group can be created if either of the following conditions is met:
  • Multiple domains share some address pools.
  • A RADIUS server is able to deliver address pool names.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip pool-group group-name [ bas ]

    An address pool group is created and the address pool group view is displayed.

  3. (Optional) Run vpn-instance vpn-instance-name

    An address pool group is bound to a VPN instance.

    The address pool group and its address pools must be bound to the same VPN instance.

    The address pool group in a domain and the domain must be bound to the same VPN instance.

  4. (Optional) Run ip-attribute public

    The public network attribute is configured for an IP address pool or an IP address pool group. After the configuration is complete, the IP address pool or the IP address pool group is used for the calculation of public IP address pool status.

    To use the public IP address pool for the calculation of public IP address pool status, run the ip-pool usage-status threshold command to configure the upper and lower thresholds for IP address pool usage in a domain to calculate public IP address pool status.

    The ip-attribute public command takes effect only on local address pools.

  5. Run ip-pool pool-name

    An address pool is added to an address pool group.

  6. (Optional) Run quit

    Return to the system view.

  7. (Optional) Run warning-exhaust

    The address exhaustion alarm function is enabled for the address pool group.

    After this command is executed, the system generates an address exhaustion alarm when IP addresses in the address pool group are exhausted, prompting the administrator to plan the IP addresses. When IP addresses in the address pool group are exhausted, users cannot go online.

    When IP address usage of the address pool group falls below 90%, the address exhaustion alarm is cleared.

  8. Run commit

    The configuration is committed.

Follow-up Procedure

You can run the ip-pool-group group-name [ move-to new-position ] command in AAA domain view to bind an address pool group to a domain.

Specifying an IPv4 Address Pool for a Domain

An IPv4 address pool configured for a domain is used to assign IPv4 addresses to all users in this domain.

Context

The IPv4 address pool for a domain can be a local or remote address pool.

A maximum of 1024 IPv4 address pools can be specified for a domain, and one IPv4 address pool can be used for multiple domains. The IPv4 address pools configured for a domain can be moved. The range in which the IPv4 address pool can be moved is associated with the number of address pools configured in the domain. For example, if 10 address pools are configured in the domain, the address pool can move in the range between 1 and 10.

Perform the following steps on the router:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run aaa

    The AAA view is displayed.

  3. Run domain domain-name

    The domain view is displayed.

  4. Run ip-pool pool-name [ move-to position ]

    IPv4 address pools are specified for the domain.

  5. (Optional) Run ip-pool-group group-name

    Configurations of the IP address pool group are displayed.

  6. Run commit

    The configuration is committed.

(Optional) Configuring the Thresholds for public IP Address Pool Usage in a Domain

This section describes how to configure the upper and lower thresholds for public IP address pool usage in a domain to calculate public IP address pool status, which is sent to a Remote Authentication Dial-In User Service (RADIUS) server.

Context

A domain has public and private network users. A Broadband Remote Access Server (BRAS) sends public IP address pool status to a RADIUS server. The RADIUS server determines whether a user is a public or private network user based on user information and the public IP address pool status. The RADIUS server then sends the corresponding user group name and IP address pool name or IP address pool group name to the BRAS. The BRAS determines whether the user is a public or private network user based on the received user group name and assigns an IP address to the user from the received IP address pool or IP address pool group.

Perform the following steps on the NE40E.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run aaa

    The AAA view is displayed.

  3. Run domain domain-name

    The AAA domain view is displayed.

  4. Run ip-pool usage-status threshold low low-threshold high high-threshold

    The upper and lower thresholds are configured for public IP address pool usage in an AAA domain to calculate public IP address pool status, which is sent to a RADIUS server.

    NOTE:

    This command needs to be used with the ip-attribute public command.

    In IP address pool view or IP address pool group view, run the ip-attribute public command to configure the public network attribute of an IP address pool or an IP address pool group. After the configuration is complete, the IP address pool or the IP address pool group is used for the calculation of public IP address pool status.

  5. Run commit

    The configuration is committed.

Verifying the Configuration of the IPv4 Address Pool and Address Pool Group

After configuring IP address pools, you can view the configurations of all IP address pools or a specified IP address pool.

Prerequisites

IP address pool has been configured.

Procedure

  • Run the display ip pool [ name pool-name [ section-num [ start-ip-address [ end-ip-address ] ] | all | used ] ] [ vpn-instance instance-name ] command to check the configuration of the IP address pool.
  • Run the display ip pool-group [ name group-name ] [ vpn-instance instance-name ] command to check IP address pool configurations.
  • Run the display ip-pool pool-usage [ domain dname | pool-name [ pool-name ]] command to check the usage of the address pool of every domain.
  • Run the display ip-pool max-ratio domain command to check IP address pool usage in all domains on the device.
  • Run the display ip-pool pool-usage { upper-threshold | lower-threshold | all-threshold } command to check information about domains whose IP address pool usage exceeds a specified threshold.

Example

Run the display ip pool command, and you can view information about all the address pools configured in the system.

<HUAWEI> display ip pool
-----------------------------------------------------------------------
  Pool-Name      : huawei
  Pool-No        : 0 
  Pool-constant-index: - 
  Position       : Local          Status           : Unlocked 
  RUI-Flag       : - 
  Gateway        : 10.16.16.1      Mask             : 255.255.255.0
  Vpn instance   : --              Unnumbered gateway: -
  IP address Statistic
    Total       :4
    Used        :0          Free      :4
    Conflicted  :0          Disable   :0
    Designated  :0          Gateway   :0
    Ratio       :0% 
    Isolated    :0

  -----------------------------------------------------------------------
  Pool-Name      : test
  Pool-No        : 1 
  Pool-constant-index: - 
  Position       : Local           Status           : Unlocked 
  RUI-Flag       : - 
  Gateway        : 10.15.15.1      Mask             : 255.255.255.0
  Vpn instance   : --              Unnumbered gateway: -
  IP address Statistic
    Total       :9
    Used        :0          Free      :9
    Conflicted  :0          Disable   :0
    Designated  :0          Gateway   :0
    Ratio       :0% 
    Isolated    :0


  IP address pool Statistic
    Local       :2          Remote    :0          Server    :0

  IP address Statistic
    Total       :13
    Used        :0          Free      :13
    Conflicted  :0          Disable   :0
    Designated  :0          Gateway   :0                         
    Ratio       :0% 
    Isolated    :0

Run the display ip pool [ name pool-name [ section-num [ start-ip-address [ end-ip-address ] ] | all | used ] ] [ vpn-instance instance-name ] command, and you can view detailed information about the specified address pool.

<HUAWEI> display ip pool name huawei
  Pool-Name      : huawei
  Pool-No        : 2
  Pool-constant-index: -
  Lease          : 3 Days 0 Hours 0 Minutes
  Frameip-Lease-Manage: disable
  NetBios Type   : N-Node
  Auto recycle   : 30
  Force-reply Option: 38 45
  Option 3       : Enable
  DNS-Suffix     : -
  Dom-Search-List0: -
  Dom-Search-List1: -
  Dom-Search-List2: -
  Dom-Search-List3: -
  Option-Code 125 : enterprise-code : 2011, string: -
  Position       : Local          Status           : Unlocked
  RUI-Flag       : -
  Attribute      : Private
  Gateway        : 10.16.16.1      Mask             : 255.255.255.0
  Vpn instance   : --              Unnumbered gateway: -
  Profile-Name   : -               Server-Name     : -
  UNR-Tag : 123
  Total Idle     : 4               Have Dhcp IP     : 1
  Timeouts       : 0
  Timeout Count  : 0               Sub Option Count : 0
  Option Count   : 0               Force-reply Count: 2
  Loading-share   : Enable           Weight        : 5
  Codes: CFLCT(conflicted)         Wait-Request-Time: --
  IP Loose Check : 1               Blocked Times : 0
  ---------------------------------------------------------------------------------------
  ID           start             end total  used  idle CFLCT disable reserved static-bind
  ---------------------------------------------------------------------------------------
   0      10.16.16.2      10.16.16.5     4     0     4     0       0        0        0
  ---------------------------------------------------------------------------------------
Run the display ip pool-group [ name group-name ] [ vpn-instance instance-name ] to check IP address pool configurations.
<HUAWEI> display ip pool-group
-----------------------------------------------------------------------------   
 Pool-Group name : ty                                                           
 Index     :    0         Vpn instance    : -                                   
 Bind pool :    1         Bound by domain :    0                                
 Attribute :Private 
 IP address Statistic                                                           
   Total       :65534                                                           
   Used        :0          Free      :65534                                     
   Conflicted  :0          Disable   :0                                         
   Designated  :0          Ratio     :0%                                        
-----------------------------------------------------------------------------   
                                                                                
 Total: 1                                                                      
Run the display ip-pool max-ratio domain command to view IP address pool usage in all domains on the device.
<BASE_VNFC1> display ip-pool max-ratio domain
  --------------------------------------------------------------------
  Domain name                        Current    Max              Time
  --------------------------------------------------------------------
  default0                             0       0                    -
  default1                             0       0                    -
  default_admin                        0       0                    -
  ppp                                 2%       10%  2012-08-07 15:28:30
  isp1                                9%       19%  2012-08-07 14:32:40
  isp2                                 0       0                    -
  test1                                0       0                    -
  test2                                0       0                    -
  isp                                  0       0                    -
  --------------------------------------------------------------------
Run the display ip-pool pool-usage { upper-threshold | lower-threshold | all-threshold } command to view information about domains whose IP address pool usage exceeds a specified threshold.
<BASE_VNFC1> display ip-pool pool-usage all-threshold
  -------------------------------------
  Domain name             PoolLen  Used  Ratio 
  -------------------------------------------
  Lsh(up)                      10     9    90%
  Isp(up)                      10     9    90%
  Test(low)                    10     0     0%
  ------------------------------------------
Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17178

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next