CloudEngine S5700 and S6700 V600R022C00 Configuration Guide - High Availability
About This Document
Intended Audience
This document is intended for network engineers responsible for switch management and maintenance. You should be familiar with basic Ethernet knowledge and have extensive network management experience. In addition, you should understand your network well, including the network topology and deployed network services.
Symbol Conventions
The symbols used in this document are described in the following table. They are defined as follows.
Symbol |
Description |
|---|---|
|
Indicates a hazard with a high level of risk which, if not avoided, will result in death or serious injury. |
|
Indicates a hazard with a medium level of risk which, if not avoided, could result in death or serious injury. |
|
Indicates a hazard with a low level of risk which, if not avoided, could result in minor or moderate injury. |
|
Indicates a potentially hazardous situation which, if not avoided, could result in equipment damage, data loss, performance deterioration, or unanticipated results. NOTICE is used to address practices not related to personal injury. |
|
Supplements the important information in the main text. NOTE is used to address information not related to personal injury, equipment damage, and environment deterioration. |
Command Conventions
Convention |
Description |
|---|---|
Boldface |
The keywords of a command line are in boldfaces. |
Italic |
Command arguments are in italic. |
[ ] |
Items (keywords or arguments) in square brackets [ ] are optional. |
{ x | y | ... } |
Alternative items are grouped in braces and separated by vertical bars. One is selected. |
[ x | y | ... ] |
Optional alternative items are grouped in square brackets and separated by vertical bars. One or none is selected. |
{ x | y | ... } * |
Alternative items are grouped in braces and separated by vertical bars. A minimum of one or a maximum of all can be selected. |
[ x | y | ... ] * |
Optional alternative items are grouped in square brackets and separated by vertical bars. Many or none can be selected. |
&<1-n> |
This parameter before the & sign can be repeated 1 to n times. |
# |
This parameter before the # sign can be repeated 1 to n times. |
Interface Numbering Conventions
Interface numbers used in this manual are examples. In device configuration, use the existing interface numbers on devices.
Security Conventions
- Password setting
- Configuring a ciphertext password is recommended. For security purposes, do not disable password complexity check, and change the password periodically.
- When configuring a cleartext password, do not start and end the password with %@%# because this will allow the password to be considered as a valid ciphertext that can be decrypted by the device and make it visible in the configuration file.
- Multiple features cannot use the same ciphertext password. For example, the ciphertext password set for the AAA feature cannot be used for other features.
- Encryption algorithms
Currently, the device supports the following encryption algorithms: DES, 3DES, AES, DSA, RSA, DH, ECDH, HMAC, SHA1, SHA2, and MD5. Select an encryption algorithm according to the application scenario. Use the recommended encryption algorithm; otherwise, security protection requirements may not be met.
- Personal data
Some personal data (such as MAC or IP addresses of terminals) may be obtained or used during operation or fault locating of your purchased products, services, or features, so you have an obligation to make privacy policies and take proper measures according to applicable laws of the country to fully protect personal data.
- The terms mirrored port, port mirroring, flow mirroring, and mirroring in this document are mentioned only to describe the purpose of detecting faults and errors in communication transmission. They do not involve collection or processing of any personal information or communication data of users.
- Reliability design declaration
Network planning and site design must comply with reliability design principles and provide device- and solution-level protection. Device-level protection includes planning principles of dual-network and inter-card dual-link to avoid single point or single link of failure. Solution-level protection refers to fast convergence protection mechanisms such as FRR and VRRP. If solution-level protection is used, ensure that the primary and backup paths do not share links or transmission devices. Otherwise, solution-level protection may fail to take effect.
Reference Standards and Protocols
To obtain reference standards and protocols, log in to Huawei official website, search for "standard and protocol compliance list", and download the Huawei S-Series Switch Standard and Protocol Compliance List.
Disclaimer
This document is designed as a reference for you to configure your devices. Its contents, including web pages, command line input and output, are based on laboratory conditions. It provides instructions for general scenarios, but does not cover all use cases of all product models. The examples given may differ from your use case due to differences in software versions, models, and configuration files. When configuring your device, alter the configuration depending on your use case.
The specifications provided in this document are tested in a lab environment (for example, a certain type of cards have been installed on the tested device or only one protocol is run on the device). Results may differ from the listed specifications when you attempt to obtain the maximum values due to factors such as differences in hardware configurations and carried services.
In this document, public IP addresses may be used in feature introduction and configuration examples and are for reference only unless otherwise specified.