No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Network Management and Monitoring

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of Network Management and Monitoring, including SNMP, RMON, NETCONF, OpenFlow, LLDP, NQA, Mirroring, Packet Capture, Packet Trace, Path and Connectivity Detection Configuration, NetStream, sFlow, and iPCA.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Enabling NETCONF

Enabling NETCONF

Context

A switch functions as an SSH server to connect to the client through the following two ports:
  • Known port 22: When the NETCONF connection is set up using this port, the snetconf server enable command must be run on the SSH server.

  • Known port 830: Only the protocol inbound ssh port 830 command needs to be run on the SSH server, but the snetconf server enable command does not need to be run.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Enable NETCONF.

    Both the snetconf server enable and protocol inbound ssh port 830 commands can enable the NETCONF function. If both commands are run, the client can use either port 22 or port 830 to set up a NETCONF connection with the server.

    • Enable the NETCONF service of SSH server on TCP port 22.

      Run snetconf [ ipv4 | ipv6 ] server enable

      The NETCONF service of SSH server on TCP port 22 is enabled.

      By default, the NETCONF service of SSH server is disabled on TCP port 22.

    • Enable the NETCONF service of SSH server on port 830.

      • Run netconf

        The NETCONF user interface view is displayed.

      • Run protocol inbound ssh [ ipv4 | ipv6 ] port 830

        The NETCONF service of SSH server is enabled on port 830.

        By default, the NETCONF service of SSH server is disabled on port 830.

      • Run quit

        Exit from the NETCONF user interface view.

    After the NETCONF service of SSH server is disabled on TCP port 22 or 830, all clients connecting to port 22 or 830 through NETCONF are disconnected.

  3. Run commit

    The configuration is committed.

Follow-up Procedure

Set correct NETCONF parameters to ensure secure NETCONF session connections.

  1. Run netconf

    The NETCONF user interface view is displayed.

  2. Perform one or more operations in Table 3-18 to set the desired NETCONF parameters.

    Table 3-18 Server parameters

    Server Parameter

    Operation

    Description

    Maximum number of NETCONF users supported by the NETCONF user interface

    max-sessions

    The default maximum number of NETCONF users is 5.

    To prevent unauthorized users from logging in to the device using NETCONF, set the maximum number of NETCONF users. After the maximum number of NETCONF users is reached, subsequent users are not allowed to log in to the device. This mechanism ensures network management security.

    Timeout period of an idle NETCONF connection

    idle-timeout (NETCONF user interface view)

    The default timeout period is 10 minutes.

    If no timeout period is set for an idle NETCONF connection, the idle NETCONF connection cannot be released in time to be used by other authorized users.

  3. Run commit

    The configuration is committed.

Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100075365

Views: 41547

Downloads: 129

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next