Page is loading ...
HPE FlexFabric 5710 Switch Series
Network Management and Monitoring
Configuration Guide
P
art number: 5200-4998b
Software
version: Release 2612 and later
Document version: 6W102-20200310
© Copyright 2020 Hewlett Packard Enterprise Development LP
The information contained herein is subject to change without notice. The only warranties for Hewlett Packard
Enterprise products and services are set forth in the express warranty statements accompanying such
products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett
Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or
copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software
Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s
standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise
website.
Acknowledgments
Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the
United States and other countries.
Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java and Oracle are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
i
Contents
Using ping, tracert, and system debugging ···················································· 1
Ping ···································································································································································· 1
Using a ping command to test network connectivity ·················································································· 1
Ping example ············································································································································· 1
Tracert ································································································································································ 3
Prerequisites ·············································································································································· 4
Using a tracert command to identify failed or all nodes in a path ······························································· 4
Tracert example ········································································································································· 4
System debugging ············································································································································· 5
Debugging information control switches ···································································································· 6
Debugging a feature module ······················································································································ 6
Configuring NQA ··························································································· 7
Overview ···························································································································································· 7
NQA operation ··········································································································································· 7
Collaboration with Track ····························································································································· 8
Threshold monitoring ································································································································· 9
NQA configuration task list ································································································································· 9
Configuring the NQA server ······························································································································· 9
Enabling the NQA client ··································································································································· 10
Configuring NQA operations on the NQA client ······························································································· 10
NQA operation configuration task list ······································································································· 10
Configuring the ICMP echo operation ······································································································ 11
Configuring the ICMP jitter operation ······································································································· 12
Configuring the DHCP operation·············································································································· 13
Configuring the DNS operation ················································································································ 14
Configuring the FTP operation ················································································································· 14
Configuring the HTTP operation ·············································································································· 15
Configuring the UDP jitter operation ········································································································ 16
Configuring the SNMP operation ············································································································· 18
Configuring the TCP operation ················································································································· 18
Configuring the UDP echo operation ······································································································· 19
Configuring the UDP tracert operation ····································································································· 20
Configuring the voice operation ··············································································································· 21
Configuring the DLSw operation ·············································································································· 23
Configuring the path jitter operation ········································································································· 23
Configuring optional parameters for the NQA operation ·········································································· 25
Configuring the collaboration feature ······································································································· 26
Configuring threshold monitoring ············································································································· 26
Configuring the NQA statistics collection feature ····················································································· 29
Configuring the saving of NQA history records ························································································ 29
Scheduling the NQA operation on the NQA client ··················································································· 30
Configuring NQA templates on the NQA client ································································································ 30
NQA template configuration task list ········································································································ 31
Configuring the ICMP template ················································································································ 31
Configuring the DNS template ················································································································· 32
Configuring the TCP template ·················································································································· 33
Configuring the TCP half open template ·································································································· 34
Configuring the UDP template ················································································································· 35
Configuring the HTTP template ················································································································ 36
Configuring the HTTPS template ············································································································· 37
Configuring the FTP template ·················································································································· 38
Configuring the RADIUS template ··········································································································· 39
Configuring the SSL template ·················································································································· 40
Configuring optional parameters for the NQA template ··········································································· 41
Displaying and maintaining NQA ····················································································································· 41
NQA configuration examples ··························································································································· 42
ii
ICMP echo operation configuration example ··························································································· 42
ICMP jitter operation configuration example ···························································································· 44
DHCP operation configuration example ··································································································· 46
DNS operation configuration example ····································································································· 47
FTP operation configuration example ······································································································ 48
HTTP operation configuration example ···································································································· 49
UDP jitter operation configuration example······························································································ 50
SNMP operation configuration example ··································································································· 53
TCP operation configuration example ······································································································ 54
UDP echo operation configuration example····························································································· 55
UDP tracert operation configuration example ·························································································· 56
Voice operation configuration example ···································································································· 58
DLSw operation configuration example ··································································································· 60
Path jitter operation configuration example ······························································································ 62
NQA collaboration configuration example ································································································ 63
ICMP template configuration example ····································································································· 65
DNS template configuration example ······································································································· 66
TCP template configuration example ······································································································· 67
TCP half open template configuration example ······················································································· 68
UDP template configuration example ······································································································· 69
HTTP template configuration example ····································································································· 69
HTTPS template configuration example ·································································································· 70
FTP template configuration example ······································································································· 71
RADIUS template configuration example ································································································· 72
SSL template configuration example ······································································································· 73
Configuring NTP ·························································································· 74
Overview ·························································································································································· 74
How NTP works ······································································································································· 74
NTP architecture ······································································································································ 75
Association modes ··································································································································· 76
NTP security ············································································································································· 77
Protocols and standards ·························································································································· 78
Configuration restrictions and guidelines ········································································································· 78
Configuration task list ······································································································································· 79
Enabling the NTP service································································································································· 79
Configuring NTP association mode·················································································································· 79
Configuring NTP in client/server mode ···································································································· 79
Configuring NTP in symmetric active/passive mode ················································································ 80
Configuring NTP in broadcast mode ········································································································ 81
Configuring NTP in multicast mode ·········································································································· 81
Configuring access control rights ····················································································································· 82
Configuring NTP authentication ······················································································································· 82
Configuring NTP authentication in client/server mode ············································································· 83
Configuring NTP authentication in symmetric active/passive mode ························································ 84
Configuring NTP authentication in broadcast mode ················································································· 85
Configuring NTP authentication in multicast mode ·················································································· 87
Configuring NTP optional parameters ·············································································································· 88
Specifying the source interface for NTP messages ················································································· 88
Disabling an interface from receiving NTP messages ············································································· 89
Configuring the maximum number of dynamic associations ···································································· 89
Setting a DSCP value for NTP packets···································································································· 90
Configuring the local clock as a reference source ··························································································· 90
Displaying and maintaining NTP ······················································································································ 91
NTP configuration examples ···························································································································· 91
NTP client/server mode configuration example ······················································································· 91
IPv6 NTP client/server mode configuration example ··············································································· 92
NTP symmetric active/passive mode configuration example ··································································· 93
IPv6 NTP symmetric active/passive mode configuration example ··························································· 95
NTP broadcast mode configuration example ··························································································· 96
NTP multicast mode configuration example ····························································································· 98
IPv6 NTP multicast mode configuration example ·················································································· 101
iii
Configuration example for NTP client/server mode with authentication················································· 104
Configuration example for NTP broadcast mode with authentication ···················································· 105
Configuring SNTP ······················································································ 109
Configuration restrictions and guidelines ······································································································· 109
Configuration task list ····································································································································· 109
Enabling the SNTP service ···························································································································· 109
Specifying an NTP server for the device ········································································································ 109
Configuring SNTP authentication ··················································································································· 110
Displaying and maintaining SNTP·················································································································· 111
SNTP configuration example ························································································································· 111
Network requirements ···························································································································· 111
Configuration procedure ························································································································· 111
Configuring SNMP ····················································································· 113
Overview ························································································································································ 113
SNMP framework ··································································································································· 113
MIB and view-based MIB access control ······························································································· 113
SNMP operations ··································································································································· 114
Protocol versions ···································································································································· 114
Access control modes ···························································································································· 114
SNMP silence ········································································································································· 114
FIPS compliance ············································································································································ 115
Configuring SNMP basic parameters ············································································································· 115
Configuring SNMPv1 or SNMPv2c basic parameters ············································································ 115
Configuring SNMPv3 basic parameters ································································································· 117
Configuring SNMP logging ····························································································································· 120
Configuring SNMP notifications ····················································································································· 121
Enabling SNMP notifications ·················································································································· 121
Configuring parameters for sending SNMP notifications ······································································· 122
Displaying the SNMP settings ························································································································ 123
SNMPv1/SNMPv2c configuration example ···································································································· 124
Network requirements ···························································································································· 124
Configuration procedure ························································································································· 124
Verifying the configuration ······················································································································ 125
SNMPv3 configuration example ····················································································································· 125
Network requirements ···························································································································· 125
Configuration procedure ························································································································· 126
Verifying the configuration ······················································································································ 127
Configuring RMON ···················································································· 129
Overview ························································································································································ 129
RMON groups ········································································································································ 129
Sample types for the alarm group and the private alarm group ····························································· 131
Protocols and standards ························································································································ 131
Configuring the RMON statistics function ······································································································ 131
Creating an RMON Ethernet statistics entry ·························································································· 131
Creating an RMON history control entry ································································································ 132
Configuring the RMON alarm function ··········································································································· 132
Displaying and maintaining RMON settings ··································································································· 133
RMON configuration examples ······················································································································ 133
Ethernet statistics group configuration example ···················································································· 133
History group configuration example ······································································································ 134
Alarm function configuration example ···································································································· 135
Configuring the Event MIB ········································································· 137
Overview ························································································································································ 137
Monitored objects ··································································································································· 137
Object owner ·········································································································································· 137
Trigger test ············································································································································· 137
Event actions ·········································································································································· 138
Prerequisites ·················································································································································· 139
iv
Event MIB configuration task list ···················································································································· 139
Configuring Event MIB sampling ···················································································································· 139
Configuring Event MIB object lists ················································································································· 139
Configuring an event ······································································································································ 140
Creating an event ··································································································································· 140
Configuring a set action for an event ····································································································· 140
Configuring a notification action for an event ························································································· 141
Configuring a trigger······································································································································· 141
Configuring a Boolean trigger test·········································································································· 142
Configuring an existence trigger test ······································································································ 143
Configuring a threshold trigger test ········································································································ 143
Enabling SNMP notifications for Event MIB ··································································································· 144
Displaying and maintaining the Event MIB····································································································· 145
Event MIB configuration examples················································································································· 145
Existence trigger test configuration example ························································································· 145
Boolean trigger test configuration example ···························································································· 147
Threshold trigger test configuration example ························································································· 150
Configuring NETCONF ·············································································· 153
Overview ························································································································································ 153
NETCONF structure ······························································································································· 153
NETCONF message format ··················································································································· 154
How to use NETCONF ··························································································································· 155
Protocols and standards ························································································································ 155
FIPS compliance ············································································································································ 155
NETCONF configuration task list ··················································································································· 156
Configuring NETCONF over SOAP ··············································································································· 156
Enabling NETCONF over SSH ······················································································································ 157
Enabling NETCONF logging ·························································································································· 157
Configuring NETCONF to use module-specific namespaces ········································································ 158
Overview ················································································································································ 158
Configuration restrictions and guidelines ······························································································· 158
Configuration procedure ························································································································· 159
Establishing a NETCONF session ················································································································· 159
Setting the NETCONF session idle timeout time ··················································································· 159
Entering XML view ································································································································· 159
Exchanging capabilities ·························································································································· 160
Subscribing to event notifications··················································································································· 160
Overview ················································································································································ 160
Subscribing to syslog events ·················································································································· 160
Subscribing to events monitored by NETCONF····················································································· 161
Subscribing to events reported by modules ··························································································· 163
Example for subscribing to event notifications ······················································································· 163
Locking/unlocking the configuration ··············································································································· 164
Locking the configuration ······················································································································· 165
Unlocking the configuration ···················································································································· 165
Example for locking the configuration ···································································································· 165
Performing service operations ······················································································································· 166
Performing the <get>/<get-bulk> operation ··························································································· 167
Performing the <get-config>/<get-bulk-config> operation ······································································ 169
Performing the <edit-config> operation ·································································································· 169
All-module configuration data retrieval example ···················································································· 170
Syslog configuration data retrieval example ·························································································· 172
Example for retrieving a data entry for the interface table ····································································· 173
Example for changing the value of a parameter ···················································································· 174
Saving, rolling back, and loading the configuration ························································································ 175
Saving the configuration ························································································································· 175
Rolling back the configuration based on a configuration file ·································································· 176
Rolling back the configuration based on a rollback point ······································································· 176
Loading the configuration ······················································································································· 180
Example for saving the configuration ····································································································· 181
Filtering data ·················································································································································· 181
v
Table-based filtering ······························································································································· 182
Column-based filtering ··························································································································· 182
Example for filtering data with regular expression match ······································································· 185
Example for filtering data by conditional match ······················································································ 186
Performing CLI operations through NETCONF······························································································ 187
Configuration procedure ························································································································· 187
CLI operation example ··························································································································· 188
Retrieving NETCONF information ·················································································································· 189
Retrieving YANG file content ························································································································· 189
Retrieving NETCONF session information····································································································· 190
Terminating another NETCONF session ······································································································· 191
Configuration procedure ························································································································· 191
Configuration example ··························································································································· 192
Returning to the CLI ······································································································································· 192
Appendix ··································································································· 193
Appendix A Supported NETCONF operations ······························································································· 193
Configuring CWMP ···················································································· 202
Overview ························································································································································ 202
CWMP network framework ···················································································································· 202
Basic CWMP functions ··························································································································· 202
How CWMP works ································································································································· 203
Configuration task list ····································································································································· 205
Enabling CWMP from the CLI ························································································································ 206
Configuring ACS attributes····························································································································· 206
Configuring the preferred ACS attributes ······························································································· 206
Configuring the default ACS attributes from the CLI ·············································································· 207
Configuring CPE attributes····························································································································· 208
Configuring ACS authentication parameters ·························································································· 208
Configuring the provision code ··············································································································· 208
Configuring the CWMP connection interface ························································································· 209
Configuring autoconnect parameters ····································································································· 209
Enabling NAT traversal for the CPE ······································································································· 210
Specifying an SSL client policy for HTTPS connection to ACS ····························································· 211
Displaying and maintaining CWMP ················································································································ 211
CWMP configuration example························································································································ 211
Network requirements ···························································································································· 211
Configuration procedure ························································································································· 212
Verifying the configuration ······················································································································ 213
Configuring EAA ························································································ 214
Overview ························································································································································ 214
EAA framework ······································································································································ 214
Elements in a monitor policy ·················································································································· 215
EAA environment variables ···················································································································· 216
Configuring a user-defined EAA environment variable ·················································································· 217
Configuring a monitor policy··························································································································· 218
Configuration restrictions and guidelines ······························································································· 218
Configuring a monitor policy from the CLI ······························································································ 218
Configuring a monitor policy by using Tcl ······························································································ 220
Suspending monitor policies ·························································································································· 220
Displaying and maintaining EAA settings······································································································· 221
EAA configuration examples ·························································································································· 221
CLI event monitor policy configuration example ···················································································· 221
Track event monitor policy configuration example ················································································· 222
CLI-defined policy with EAA environment variables configuration example ·········································· 224
Tcl-defined policy configuration example ······························································································· 225
Monitoring and maintaining processes ······················································· 227
Displaying and maintaining processes ··········································································································· 227
Displaying and maintaining user processes ··································································································· 227
vi
Starting or stopping a third-party process ······································································································ 228
Starting a third-party process ················································································································· 228
Stopping a third-party process ··············································································································· 228
Monitoring kernel threads······························································································································· 229
Configuring kernel thread deadloop detection ······················································································· 229
Configuring kernel thread starvation detection······················································································· 229
Displaying and maintaining kernel threads ···························································································· 230
Configuring port mirroring ·········································································· 231
Overview ························································································································································ 231
Terminology ··········································································································································· 231
Port mirroring classification and implementation ···················································································· 232
Configuring local port mirroring ······················································································································ 235
Local port mirroring configuration task list······························································································ 235
Creating a local mirroring group ············································································································· 235
Configuring source ports for the local mirroring group ··········································································· 235
Configuring source CPUs for the local mirroring group·········································································· 236
Configuring the monitor port for the local mirroring group ······································································ 237
Configuring Layer 2 remote port mirroring ····································································································· 237
Layer 2 remote port mirroring with reflector port configuration task list ················································· 238
Layer 2 remote port mirroring with egress port configuration task list ···················································· 238
Configuring a remote destination group on the destination device ························································ 239
Configuring a remote source group on the source device ····································································· 240
Configuring local mirroring group with multiple monitor ports ········································································ 243
Configuration restrictions and guidelines ······························································································· 244
Configuration procedure ························································································································· 244
Configuring Layer 3 remote port mirroring (in tunnel mode) ·········································································· 245
Layer 3 remote port mirroring configuration task list ·············································································· 245
Configuration restrictions and guidelines ······························································································· 245
Configuration prerequisites ···················································································································· 246
Creating local mirroring groups ·············································································································· 246
Configuring source ports for a local mirroring group ·············································································· 246
Configuring source CPUs for a local mirroring group············································································· 247
Configuring the monitor port for a local mirroring group ········································································· 247
Configuring Layer 3 remote port mirroring (in ERSPAN mode) ····································································· 248
Layer 3 remote port mirroring configuration task list ·············································································· 248
Configuration restrictions and guidelines ······························································································· 249
Creating a local mirroring group ············································································································· 249
Configuring source ports for the local mirroring group ··········································································· 249
Configuring source CPUs for the local mirroring group·········································································· 250
Configuring the monitor port for the local mirroring group ······································································ 250
Displaying and maintaining port mirroring ······································································································ 251
Port mirroring configuration examples ··········································································································· 251
Local port mirroring configuration example (in source port mode) ························································· 251
Local port mirroring configuration example (in source CPU mode) ······················································· 252
Layer 2 remote port mirroring configuration example (reflector port) ····················································· 253
Layer 2 remote port mirroring configuration example (with egress port) ················································ 256
Local port mirroring with multiple monitor ports configuration example ················································· 258
Layer 3 remote port mirroring configuration example (in tunnel mode) ················································· 259
Layer 3 remote port mirroring configuration example (in ERSPAN mode) ············································ 261
Configuring flow mirroring ·········································································· 263
Flow mirroring configuration task list ·············································································································· 263
Configuring match criteria ······························································································································ 263
Configuring a traffic behavior ························································································································· 264
Configuring a QoS policy ······························································································································· 264
Applying a QoS policy ···································································································································· 265
Applying a QoS policy to an interface ···································································································· 265
Applying a QoS policy to a VLAN ··········································································································· 265
Applying a QoS policy globally ··············································································································· 265
Applying a QoS policy to the control plane ···························································································· 266
Flow mirroring configuration example ············································································································ 266
vii
Network requirements ···························································································································· 266
Configuration procedure ························································································································· 267
Verifying the configuration ······················································································································ 267
Configuring sFlow ······················································································ 268
Protocols and standards ································································································································ 268
sFlow configuration task list ··························································································································· 268
Configuring the sFlow agent and sFlow collector information ········································································ 269
Configuring flow sampling ······························································································································ 269
Configuring counter sampling ························································································································ 270
Displaying and maintaining sFlow ·················································································································· 270
sFlow configuration example·························································································································· 270
Network requirements ···························································································································· 270
Configuration procedure ························································································································· 271
Verifying the configurations ···················································································································· 271
Troubleshooting sFlow configuration ············································································································· 272
The remote sFlow collector cannot receive sFlow packets ···································································· 272
Configuring the information center ····························································· 273
Overview ························································································································································ 273
Log types ················································································································································ 273
Log levels ··············································································································································· 273
Log destinations ····································································································································· 274
Default output rules for logs ··················································································································· 274
Default output rules for diagnostic logs ·································································································· 274
Default output rules for security logs ······································································································ 274
Default output rules for hidden logs ······································································································· 275
Default output rules for trace logs ·········································································································· 275
Log formats ············································································································································ 275
FIPS compliance ············································································································································ 277
Information center configuration task list ······································································································· 278
Outputting logs to the console ······················································································································· 278
Outputting logs to the monitor terminal ·········································································································· 279
Outputting logs to log hosts···························································································································· 279
Outputting logs to the log buffer ····················································································································· 280
Saving logs to the log file ······························································································································· 280
Managing security logs ·································································································································· 281
Saving security logs to the security log file ···························································································· 281
Managing the security log file ················································································································· 282
Saving diagnostic logs to the diagnostic log file ····························································································· 282
Configuring the maximum size of the trace log file ························································································ 283
Setting the minimum storage period for logs ································································································· 283
Enabling synchronous information output ······································································································ 284
Enabling duplicate log suppression ··············································································································· 284
Configuring log suppression for a module······································································································ 284
Disabling an interface from generating link up or link down logs ··································································· 285
Enabling SNMP notifications for system logs································································································· 285
Displaying and maintaining information center ······························································································ 285
Information center configuration examples ···································································································· 286
Configuration example for outputting logs to the console ······································································ 286
Configuration example for outputting logs to a UNIX log host ······························································· 287
Configuration example for outputting logs to a Linux log host ······························································· 288
Configuring the packet capture ·································································· 290
Overview ························································································································································ 290
Packet capture modes ··························································································································· 290
Filter elements ········································································································································ 290
Building a capture filter ··························································································································· 296
Building a display filter ··························································································································· 297
Packet capture configuration task list············································································································· 298
Configuring local packet capture ···················································································································· 298
Configuring remote packet capture ················································································································ 298
viii
Configuring feature image-based packet capture ·························································································· 299
Saving captured packets to a file ··········································································································· 299
Filtering packet data to display··············································································································· 300
Displaying the contents in a packet file ·········································································································· 300
Displaying and maintaining packet capture···································································································· 300
Packet capture configuration examples ········································································································· 300
Remote packet capture configuration example ······················································································ 300
Feature image-based packet capture configuration example ································································ 302
Configuring VCF fabric ·············································································· 305
Overview ························································································································································ 305
VCF fabric topology ································································································································ 305
Automated VCF fabric provisioning and deployment ····················································································· 306
Topology discovery ································································································································ 306
Automated underlay network provisioning ····························································································· 306
Configuration restrictions and guidelines ······································································································· 309
VCF fabric configuration task list···················································································································· 309
Enabling VCF fabric topology discovery ········································································································ 309
Configuration restrictions and guidelines ······························································································· 309
Configuration procedure ························································································································· 309
Configuring automated underlay network provisioning ·················································································· 309
Configuration restrictions and guidelines ······························································································· 309
Configuration procedure ························································································································· 310
Displaying and maintaining VCF fabric ·········································································································· 310
Configuring Puppet ···················································································· 311
Overview ························································································································································ 311
Puppet network framework ···················································································································· 311
Puppet resources ··································································································································· 312
Configuring Puppet ········································································································································ 312
Configuration prerequisites ···················································································································· 312
Starting Puppet ······································································································································ 313
Shutting down Puppet on the device······································································································ 313
Puppet configuration example ······················································································································· 314
Network requirements ···························································································································· 314
Configuration procedure ························································································································· 314
Puppet resources······················································································· 315
netdev_vlan ···················································································································································· 315
Attributes ················································································································································ 315
Resource example ································································································································· 315
netdev_device ················································································································································ 315
Attributes ················································································································································ 316
Resource example ································································································································· 316
netdev_interface············································································································································· 316
Attributes ················································································································································ 317
Resource example ································································································································· 318
netdev_l2_interface ········································································································································ 318
Attributes ················································································································································ 318
Resource example ································································································································· 319
netdev_lagg···················································································································································· 319
Attributes ················································································································································ 319
Resource example ································································································································· 320
netdev_l2vpn ·················································································································································· 320
Attributes ················································································································································ 321
Resource example ································································································································· 321
netdev_vsi ······················································································································································ 321
Attributes ················································································································································ 321
Resource example ································································································································· 321
netdev_vte······················································································································································ 322
Attributes ················································································································································ 322
Resource example ································································································································· 323
ix
netdev_vxlan ·················································································································································· 323
Attributes ················································································································································ 323
Resource example ································································································································· 324
Configuring Chef ························································································ 325
Overview ························································································································································ 325
Chef network framework ························································································································ 325
Chef resources ······································································································································· 326
Chef configuration file ···························································································································· 326
Configuring Chef ············································································································································ 328
Configuration prerequisites ···················································································································· 328
Starting Chef ·········································································································································· 328
Shutting down Chef ································································································································ 329
Chef configuration example ··························································································································· 329
Network requirements ···························································································································· 329
Configuration procedure ························································································································· 329
Chef resources ·························································································· 332
netdev_vlan ···················································································································································· 332
Properties and action ····························································································································· 332
Resource example ································································································································· 332
netdev_device ················································································································································ 332
Properties and action ····························································································································· 332
Resource example ································································································································· 333
netdev_interface············································································································································· 333
Properties ··············································································································································· 333
Resource example ································································································································· 334
netdev_l2_interface ········································································································································ 335
Properties ··············································································································································· 335
Resource example ································································································································· 335
netdev_lagg···················································································································································· 336
Properties and action ····························································································································· 336
Resource example ································································································································· 336
netdev_l2vpn ·················································································································································· 337
Properties ··············································································································································· 337
Resource example ································································································································· 337
netdev_vsi ······················································································································································ 337
Properties and action ····························································································································· 337
Resource example ································································································································· 338
netdev_vte······················································································································································ 338
Properties and action ····························································································································· 338
Resource example ································································································································· 339
netdev_vxlan ·················································································································································· 339
Properties and action ····························································································································· 340
Resource example ································································································································· 340
Document conventions and icons ······························································ 341
Conventions ··················································································································································· 341
Network topology icons ·································································································································· 342
Support and other resources ····································································· 343
Accessing Hewlett Packard Enterprise Support····························································································· 343
Accessing updates ········································································································································· 343
Websites ················································································································································ 344
Customer self repair ······························································································································· 344
Remote support ······································································································································ 344
Documentation feedback ······················································································································· 344
Index ·········································································································· 346
1
Using ping, tracert, and system
debugging
This chapter covers ping, tracert, and information about debugging the system.
Ping
Use the ping utility to determine if an address is reachable.
Ping sends ICMP echo requests (ECHO-REQUEST) to the destination device. Upon receiving the
requests, the destination device responds with ICMP echo replies (ECHO-REPLY) to the source
device. The source device outputs statistics about the ping operation, including the number of
packets sent, number of echo replies received, and the round-trip time. You can measure the
network performance by analyzing these statistics.
Using a ping command to test network connectivity
Execute ping commands in any view.
Task
Command
Remarks
Determine if an address in
an IP network is
reachable.
• For IPv4 networks:
ping [ ip ] [ -a source-ip | -c count | -f | -h
ttl | -i interface-type interface-number | -m
interval | -n | -p pad | -q | -r | -s
packet-size | -t timeout | -tos tos | -v |
-vpn-instance vpn-instance-name ] *
host
• For IPv6 networks:
ping ipv6 [ -a source-ipv6 | -c count | -i
interface-type interface-number | -m
interval | -q | -s packet-size | -t timeout | -v
| -tc traffic-class | -vpn-instance
vpn-instance-name ] * host
Increase the timeout time
(indicated by the -t keyword)
on a low-speed network.
Ping example
Network requirements
As shown in Figure 1, determine if Device A and Device C can reach each other. If they can reach
each other, get detailed information about routes from Device A to Device C.
2
Figure 1 Network diagram
Configuration procedure
# Use the ping command on Device A to test connectivity to Device C.
Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=2.137 ms
56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=2.051 ms
56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=1.996 ms
56 bytes from 1.1.2.2: icmp_seq=3 ttl=254 time=1.963 ms
56 bytes from 1.1.2.2: icmp_seq=4 ttl=254 time=1.991 ms
--- Ping statistics for 1.1.2.2 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.963/2.028/2.137/0.062 ms
The output shows the following information:
•
Device A sends five ICMP packets to Device C and Device A receives five ICMP packets.
•
No ICMP packet is lost.
•
The route is reachable.
# Get detailed information about routes from Device A to Device C.
<DeviceA> ping -r 1.1.2.2
Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=4.685 ms
RR: 1.1.2.1
1.1.2.2
1.1.1.2
1.1.1.1
56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=4.834 ms (same route)
56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=4.770 ms (same route)
56 bytes from 1.1.2.2: icmp_seq=3 ttl=254 time=4.812 ms (same route)
56 bytes from 1.1.2.2: icmp_seq=4 ttl=254 time=4.704 ms (same route)
--- Ping statistics for 1.1.2.2 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 4.685/4.761/4.834/0.058 ms
The test procedure of ping –r is as shown in Figure 1:
1. The source device (Device A) sends an ICMP echo request to the destination device (Device C)
with the RR option blank.
Device A Device B Device C
1.1.1.1/24
1.1.1.2/24
ECHO-REQUEST
(NULL) ECHO-REQUEST
1st=1.1.2.1
1.1.2.1/24
1.1.2.2/24
ECHO-REPLY
1st=1.1.2.1
2nd=1.1.2.2
ECHO-REPLY
1st=1.1.2.1
2nd=1.1.2.2
3rd=1.1.1.2
ECHO-REPLY
1st=1.1.2.1
2nd=1.1.2.2
3rd=1.1.1.2
4th=1.1.1.1
3
2. The intermediate device (Device B) adds the IP address of its outbound interface (1.1.2.1) to
the RR option of the ICMP echo request, and forwards the packet.
3. Upon receiving the request, the destination device copies the RR option in the request and
adds the IP address of its outbound interface (1.1.2.2) to the RR option. Then the destination
device sends an ICMP echo reply.
4. The intermediate device adds the IP address of its outbound interface (1.1.1.2) to the RR option
in the ICMP echo reply, and then forwards the reply.
5. Upon receiving the reply, the source device adds the IP address of its inbound interface (1.1.1.1)
to the RR option. The detailed information of routes from Device A to Device C is formatted as:
1.1.1.1 <-> {1.1.1.2; 1.1.2.1} <-> 1.1.2.2.
Tracert
Tracert (also called Traceroute) enables retrieval of the IP addresses of Layer 3 devices in the path
to a destination. In the event of network failure, use tracert to test network connectivity and identify
failed nodes.
Figure 2 Tracert operation
Tracert uses received ICMP error messages to get the IP addresses of devices. Tracert works as
shown in Figure 2:
1. The source device sends a UDP packet with a TTL value of 1 to the destination device. The
destination UDP port is not used by any application on the destination device.
2. The first hop (Device B, the first Layer 3 device that receives the packet) responds by sending a
TTL-expired ICMP error message to the source, with its IP address (1.1.1.2) encapsulated. This
way, the source device can get the address of the first Layer 3 device (1.1.1.2).
3. The source device sends a packet with a TTL value of 2 to the destination device.
4. The second hop (Device C) responds with a TTL-expired ICMP error message, which gives the
source device the address of the second Layer 3 device (1.1.2.2).
5. This process continues until a packet sent by the source device reaches the ultimate
destination device. Because no application uses the destination port specified in the packet, the
destination device responds with a port-unreachable ICMP message to the source device, with
its IP address encapsulated. This way, the source device gets the IP address of the destination
device (1.1.3.2).
6. The source device determines that:
The packet has reached the destination device after receiving the port-unreachable ICMP
message.
The path to the destination device is 1.1.1.2 to 1.1.2.2 to 1.1.3.2.
Device A Device B Device D
Device C
1.1.1.1/24
1.1.1.2/24
Hop Limit=1
TTL exceeded
1.1.2.1/24 1.1.3.1/24
1.1.2.2/24 1.1.3.2/24
Hop Limit=2
TTL exceeded
UDP port unreachable
Hop Limit=n
4
Prerequisites
Before you use a tracert command, perform the tasks in this section.
For an IPv4 network:
•
Enable sending of ICMP timeout packets on the intermediate devices (devices between the
source and destination devices). If the intermediate devices are HPE devices, execute the ip
ttl-expires enable command on the devices. For more information about this command, see
Layer 3—IP Services Command Reference.
•
Enable sending of ICMP destination unreachable packets on the destination device. If the
destination device is an HPE device, execute the ip unreachables enable command. For more
information about this command, see Layer 3—IP Services Command Reference.
For an IPv6 network:
•
Enable sending of ICMPv6 timeout packets on the intermediate devices (devices between the
source and destination devices). If the intermediate devices are HPE devices, execute the ipv6
hoplimit-expires enable command on the devices. For more information about this command,
see Layer 3—IP Services Command Reference.
•
Enable sending of ICMPv6 destination unreachable packets on the destination device. If the
destination device is an HPE device, execute the ipv6 unreachables enable command. For
more information about this command, see Layer 3—IP Services Command Reference.
Using a tracert command to identify failed or all nodes in a
path
Execute tracert commands in any view.
Task
Command
Remarks
Display the routes
from source to
destination.
• For IPv4 networks:
tracert [ -a source-ip | -f first-ttl | -m max-ttl | -p
port | -q packet-number | -t tos | -vpn-instance
vpn-instance-name [ -resolve-as { global |
none | vpn } ] | -w timeout ] * host
• For IPv6 networks:
tracert ipv6 [ -a source-ip | -f first-hop | -m
max-hops | -p port | -q packet-number | -t
traffic-class | -vpn-instance
vpn-instance-name [ -resolve-as { global |
none
|
vpn
} ] |
-w
timeout ] * host
The -a source-ip option is
available in the tracert ipv6
command in Release 2612P06
and later.
Tracert example
Network requirements
As shown in Figure 3, Device A failed to Telnet to Device C.
Test the network connectivity between Device A and Device C. If they cannot reach each other,
locate the failed nodes in the network.
Figure 3 Network diagram
Device A Device B Device C
1.1.1.1/24 1.1.1.2/24 1.1.2.1/24 1.1.2.2/24
5
Configuration procedure
1. Configure the IP addresses for devices as shown in Figure 3.
2. Configure a static route on Device A.
<DeviceA> system-view
[DeviceA] ip route-static 0.0.0.0 0.0.0.0 1.1.1.2
[DeviceA] quit
3. Use the ping command to test connectivity between Device A and Device C.
<DeviceA> ping 1.1.2.2
Ping 1.1.2.2(1.1.2.2): 56 -data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
Request time out
--- Ping statistics for 1.1.2.2 ---
5 packet(s) transmitted,0 packet(s) received,100.0% packet loss
The output shows that Device A and Device C cannot reach each other.
4. Use the tracert command to identify failed nodes:
# Enable sending of ICMP timeout packets on Device B.
<DeviceB> system-view
[DeviceB] ip ttl-expires enable
# Enable sending of ICMP destination unreachable packets on Device C.
<DeviceC> system-view
[DeviceC] ip unreachables enable
# Execute the tracert command on Device A.
<DeviceA> tracert 1.1.2.2
traceroute to 1.1.2.2 (1.1.2.2) 30 hops at most,40 bytes each packet, press CTRL_C
to break
1 1.1.1.2 (1.1.1.2) 1 ms 2 ms 1 ms
2 * * *
3 * * *
4 * * *
5
<DeviceA>
The output shows that Device A can reach Device B but cannot reach Device C. An error has
occurred on the connection between Device B and Device C.
5. To identify the cause of the problem, execute the following commands on Device A and Device
C:
Execute the debugging ip icmp command and verify that Device A and Device C can send
and receive the correct ICMP packets.
Execute the display ip routing-table command to verify that Device A and Device C have a
route to each other.
System debugging
The device supports debugging for the majority of protocols and features, and provides debugging
information to help users diagnose errors.
6
Debugging information control switches
The following switches control the display of debugging information:
•
Module debugging switch—Controls whether to generate the module-specific debugging
information.
•
Screen output switch—Controls whether to display the debugging information on a certain
screen. Use terminal monitor and terminal logging level commands to turn on the screen
output switch. For more information about these two commands, see Network Management
and Monitoring Command Reference.
As shown in Figure 4, the device can provide debugging for the three modules 1, 2, and 3. The
debugging information can be output on a terminal only when both the module debugging switch and
the screen output switch are turned on.
Debugging information is typically displayed on a console. You can also send debugging information
to other destinations. For more information, see "Configuring the information center."
Figure 4 Relationship between the module and screen output switch
Debugging a feature module
Output of debugging commands is memory intensive. To guarantee system performance, enable
debugging only for modules that are in an exceptional condition. When debugging is complete, use
the undo debugging all command to disable all the debugging functions.
To debug a feature module:
Step
Command
Remarks
1. Enable debugging for a
module in user view. debugging module-name
[ option ] By default, all debugging
functions are disabled.
2. (Optional.) Display the
enabled debugging in any
view. display debugging
[ module-name ] N/A
13
123
13
13
Debugging
information
Protocol
debugging
switch
Screen
output switch
Debugging
information
Protocol
debugging
switch
Screen
output switch
ON OFF ON
OFF
123
ON OFF ON
ON
7
Configuring NQA
Overview
Network quality analyzer (NQA) allows you to measure network performance, verify the service
levels for IP services and applications, and troubleshoot network problems. It provides the following
types of operations:
•
ICMP echo.
•
ICMP jitter.
•
DHCP.
•
DLSw.
•
DNS.
•
FTP.
•
HTTP.
•
Path jitter.
•
SNMP.
•
TCP.
•
UDP echo.
•
UDP jitter.
•
UDP tracert.
•
Voice.
As shown in Figure 5, the NQA source device (NQA client) sends data to the NQA destination device
by simulating IP services and applications to measure network performance. The obtained
performance metrics include the one-way latency, jitter, packet loss, voice quality, application
performance, and server response time.
All types of NQA operations require the NQA client, but only the TCP, UDP echo, UDP jitter, and
voice operations require the NQA server. The NQA operations for services that are already provided
by the destination device such as FTP do not need the NQA server.
You can configure the NQA server to listen and respond to specific IP addresses and ports to meet
various test needs.
Figure 5 Network diagram
NQA operation
The following describes how NQA performs different types of operations:
•
A TCP or DLSw operation sets up a connection.
•
An ICMP jitter, UDP jitter, or voice operation sends a number of probe packets. The number of
probe packets is set by using the probe packet-number command.
•
An FTP operation uploads or downloads a file.
IP network
NQA source device/
NQA client NQA destination device
8
•
An HTTP operation gets a Web page.
•
A DHCP operation gets an IP address through DHCP.
•
A DNS operation translates a domain name to an IP address.
•
An ICMP echo operation sends an ICMP echo request.
•
A UDP echo operation sends a UDP packet.
•
An SNMP operation sends one SNMPv1 packet, one SNMPv2c packet, and one SNMPv3
packet.
•
A path jitter operation is accomplished in the following steps:
a. The operation uses tracert to obtain the path from the NQA client to the destination. A
maximum of 64 hops can be detected.
b. The NQA client sends ICMP echo requests to each hop along the path. The number of
ICMP echo requests is set by using the probe packet-number command.
•
A UDP tracert operation determines the routing path from the source to the destination. The
number of the probe packets sent to each hop is set by using the probe count command.
Collaboration with Track
NQA can collaborate with the Track module to notify application modules of state or performance
changes so that the application modules can take predefined actions.
The NQA + Track collaboration is available for the following application modules:
•
VRRP.
•
Static routing.
•
Policy-based routing.
•
Smart Link.
Figure 6 Collaboration
The following describes how a static route destined for 192.168.0.88 is monitored through
collaboration:
1. NQA monitors the reachability to 192.168.0.88.
2. When 192.168.0.88 becomes unreachable, NQA notifies the Track module of the change.
3. The Track module notifies the static routing module of the state change.
4. The static routing module sets the static route to invalid according to a predefined action.
Application modules
VSRP
Detection
module
NQA
Sends the
detection results Sends the track
entry status
Track
module
Associates with a
detection entry Associates with
a track entry
Traffic redirecting
VRRP
Static routing
Policy-based
routing
Interface backup
WLAN uplink
detection
Smart Link
9
For more information about collaboration, see High Availability Configuration Guide.
Threshold monitoring
Threshold monitoring enables the NQA client to take a predefined action when the NQA operation
performance metrics violate the specified thresholds.
Table 1 describes the relationships between performance metrics and NQA operation types.
Table 1 Performance metrics and NQA operation types
Performance metric NQA operation types that can gather the
metric
Probe duration All NQA operation types except UDP jitter, UDP
tracert, path jitter, and voice
Number of probe failures All NQA operation types except UDP jitter, UDP
tracert, path jitter, and voice
Round-trip time ICMP jitter, UDP jitter, and voice
Number of discarded packets ICMP jitter, UDP jitter, and voice
One-way jitter (source-to-destination or
destination-to-source) ICMP jitter, UDP jitter, and voice
One-way delay (source-to-destination or
destination-to-source) ICMP jitter, UDP jitter, and voice
Calculated Planning Impairment Factor (ICPIF) (see
"Configuring the voice operation") Voice
Mean Opinion Scores (MOS) (see "Configuring the
voice operation") Voice
NQA configuration task list
Tasks at a glance
Remarks
Configuring the NQA server Required for TCP, UDP echo, UDP jitter, and
voice operations.
(Required.) Enabling the NQA client N/A
(Required.) Perform at least one of the following tasks:
• Configuring NQA operations on the NQA client
• Configuring NQA templates on the NQA client
When you configure an NQA template to
analyze network performance, the feature
that uses the template performs the NQA
operation.
Configuring the NQA server
To perform TCP, UDP echo, UDP jitter, and voice operations, you must enable the NQA server on the
destination device. The NQA server listens and responds to requests on the specified IP addresses
and ports.
You can configure multiple TCP or UDP listening services on an NQA server, where each
corresponds to a specific IP address and port number. The IP address and port number for a
listening service must be unique on the NQA server and match the configuration on the NQA client.
To configure the NQA server:
/