You are on page 1of 115

Security Level:

DSLAM SmartAX
MA5616 Operation &
Administration (CLI)
www.huawei.com

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

About This Course

This course provides basic operation and administration


of MA5616 such as log in and log out, CLI features,
operation security management, alarm and log

management, database management, hardware


management based on CLI.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Objectives

Upon completion of this course, you will be able to:

Connect the LCT to equipment and Login to system

Describe the operational features of CLI

Perform the initial setup mode

Create, query and maintain management user account

Query and maintain alarm and log information

Backup and restore database

Maintain and manage system frame and board

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview


1.1 General Management
1.2 CLI Terminal Access
1.3 CLI Features and Functions

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Management Entities

The MA5616 supports two

management entities

TL1

CLI (command Line Interface )

agent

SNMP (Simple Network

Management Protocol) agent

SNMP
Agent

CLI
Agent

MIB
System Platform

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Management Access

Logical access to the MA5616 node

TL1/EMS Cient/CLI

uses

TL1/EMS Client/CLI

CLI - command Line Interface

GUI- Graphic user interface

TL1- Transaction Language number

EMS
EMS

LAN/WAN
LAN/WAN

CLI

F
A
N

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Consol
ETH

GE1

GE0

RS232

MA5616

Management Strategy

Management the MA5616 use:

Outband:

The maintenance information


goes through the maintenance

Outband

Ethernet port.

Inband

The maintenance information


goes through the service channel.

Inband

User Data
OAM Data

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview


1.1 General Management
1.2 CLI Terminal Access
1.3 CLI Features and Functions

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

CLI Based Management


CLI

CLI

CLI access

Serial link

Telnet session

LAN/WAN
LAN/WAN
RS232

Ethernet Cable

Serial link

HUAWEI TECHNOLOGIES CO., LTD.

Ethernet Cable

Telnet session

Huawei Confidential

Serial Link Access

Physical connection:

Start-> All Programs->Accessories->


Communication-> Hyper terminal

RS232 serial cable

Software:

Hyper terminal parameters:

Hyper terminal

RS232

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Bit per Second :9600


Data Bit:8
Parity: None
Stop Bit:1
Flow Control: None

Telnet Access
Start-> Run->RUN cmd

Physical connection:

Telnet:
telnet interface ip address

Ethernet cable

Software:

telnet
PC

LAN/WAN

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

LAN/WAN

Ethernet

Ethernet

Cable

Cable

Logging and out

How to Log in ?

Username: root

Password: mduadmin

How to Log out ?

quit

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview


1.1 General Management
1.2 CLI Terminal Access
1.3 CLI Features and Functions

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Command Line Modes

The MA5616 provides multiple


BTV mode

command modes to implement

MA5616(BTV)#

hierarchical protection for preventing


any unauthorized access.

Login

BTV

quit

config Global config mode


User mode enable Privilege mode
MA5616#
MA5616(config)#
MA5616>
quit
quit
disable
interface...

quit

return
Port/Interface mode
MA5616(config-if-...)#

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

CLI Command Features (1/2)

Obtain help information and view the prompt to find the

current available commands

Press question mark <?>

MA5616(config)#interface ?
--------------------------------------------

Command of config Mode:

adsl

Change into ADSL command mode

eth

Change into ETH command mode

meth

MEth interface

vlanif

VLAN interface

... ...
---------------------------------------------

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

CLI Command Features (2/2)

Intelligent matching to the entire keyword when you enter an

incomplete keyword.

Press Space or Tab

MA5616>ena <space>

MA5616>enable

MA5616#con <Tab>

MA5616#config

Run the command after input the complete command

Press Enter

MA5616(config)#interface meth 0 <Enter>

MA5616config-if-meth0)#

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

CLI Command Control Characters

Delete the characters before the cursor

Press <Backspace >


Move the cursor to the left / right of one character

Press <Left arrow key or Ctrl A>

Press <Right arrow key or Ctrl D>


Display history commands

Press <Up/Down arrow key / >

Enter display history command

Move the cursor to the beginning / end of the line

Press <Ctrl F / Ctrl B>


Suspend the display and the running of commands

Press < Ctrl C>

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Command Syntax and Format (1/2)


Character

Meaning

<K>

Keyword

<E>

Enumeration. Items following it are the available options.

<U>

ULONG. Information following it is the range of the value to be entered

<L>

LONG. Information following it is the range of the value to be entered.

<S>

Character string. Information following it is the length of the character string to be entered.

<I>

IP address

<M>

MASK, such as the mask of an IP address.

<PA>

MAC address

<H>

Hexadecimal number.
The system supports the input of "0x". By default, the system supports decimal numbers.

<D>

<yyyy-mm-dd> Date

<T>

<hh:mm:ss> Time

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Command Syntax and Format (2/2)


Format

Description

Boldface

The keywords of a command are in boldface.

Italics

Command parameters are in italics.

[]

Items in square brackets [ ] are optional.

{ x | y | ... }

Alternative items are grouped in braces and separated by vertical bars. One is
selected.

[ x | y | ... ]

Alternative items that are optional are grouped in square brackets and separated
by vertical bars. One or none is selected.

{ x | y | ... } *

Alternative items are grouped in braces and separated by vertical bars. A


minimum of one or a maximum of all can be selected.

[ x | y | ... ] *

Optional alternative items are grouped in square brackets and separated by


vertical bars. Multiple or none is selected.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

CLI Error Prompts


Error Message
Unknown command

Cause

The entered command or keyword is not found, the


parameter type is incorrect or the parameter value
exceeds the threshold.

Incomplete command

The entered command is incomplete.

Too many parameters

You have entered too many parameters.

Ambiguous command

The entered command is ambiguous.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. How many management entities builded-in MA5816 to support the system


management ?

2. Which management methods are used to access MA5616?

A. CLI
B. GUI
C. TL1
D. TFTP

3. How to get the help prompt information from the CLI ?

A. CLI agent
B. SNMP agent
C. IGMP agent

A. Press question
B. Press enter
C. Press space
D. Press tab

4. In which command mode, we can configure the ADSL service ?

A. User mode
B. Privilege mode
C. Global configure mode
D. diagnose mode

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Outband and Inband Access

PC

PC

When initial setup, inband and

outband management mode should


be configured first through console

Ethernet Cable

port.

Ethernet Cable

LAN/WAN

LAN/WAN

Outband

Telnet IP Address of Interface

ETH or GE

Inband

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Prerequisites + First time login

Physical connection:

RS232 serial cable

Software:

Start-> All Programs->Accessories->


communication-> Hyper terminal

Hyper terminal parameters:

Hyper terminal

CLI account (default) :

User name: root

RS232

Password: mduadmin

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Bit per Second :9600

Data Bit:8

Parity: None

Stop Bit:1

Flow Control: None

Outband Initial Setup Procedures and Commands


First Time Login
ip address ip-addr { mask-length | mask-ipaddr }

Configure the IP address of


maintenance network port

[ sub ] [ description text ]

WAN?
No

Yes
Add IP route
Remote login

HUAWEI TECHNOLOGIES CO., LTD.

ip route-static ip_addr { mask-ip-addr | masklength } { gateway-addr | interface-type


interface-number | gateway-addr }
[ preference preference-value ]

Huawei Confidential

Outband Initial Setup Example


Remote CLI

Item

WAN

Remote terminal IP

10.10.21.1/24

Management IP

192.168.3.250/24

gateway

192.168.3.1/24

PC

HUAWEI TECHNOLOGIES CO., LTD.

Data

Huawei Confidential

Outband IP Address Configuring

Step1:Login to the outband mode

Step2:Configure the IP address of the ETH

MA5616(config)#interface meth 0

MA5616config-if-MEth0)#ip address 192.168.3.250 24

Step3:Add a route( WAN if needed )

MA5616(config-if-MEth0)#quit

MA5616(config)#ip route-static 10.10.21.0 24 192.168.3.1

Query the IP address

Interface meth 0

MA5616(config)#display ip interface meth 0

MA5616

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Remote login

Telnet to the management IP from the remote side

telnet 192.168.3.250

Username: root

Password: mduadmin

CLI remote access to the system

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

VLAN Used for Management

Remote EMS
Client/CLI

Inband management

Management interface

EMS

Management VLAN

Uplink port GE0/GE1

Any VLAN ID in the range of 2-4096

Management IP

L3 IP address of management VLAN

LAN/WAN

IP

VLAN

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Inband Initial Setup Procedures and Commands


First Time Login
Provision Management VLAN
Provision uplink port of
Management VLAN

Provision Management IP

vlan vlanid [ to end-vlanid ] { mux | smart |

standard }
port vlan vlanid [ to end-vlanid ] frameid/slotid
portlist

ip address ip-addr { mask-length | mask-ipaddr }


[ sub ] [ description text ]

WAN?
No

Yes
Add IP route
Remote login

HUAWEI TECHNOLOGIES CO., LTD.

ip route-static ip_addr { mask-ip-addr | masklength } { gateway-addr | interface-type


interface-number | gateway-addr }

[ preference preference-value ]

Huawei Confidential

Inband Initial Setup Example


Remote CLI

Item

Data

Remote terminal IP

10.50.1.1/24

Remote terminal

10.50.1.254/24

gateway
WAN

Management VLAN

1000

Management IP

10.10.21.1/24

gateway

10.10.21.2/24

PC

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Inband IP Address Configuring

Step1:Create the management VLAN

Step2:Configure the uplink port of management VLAN

MA5616(config)#interface vlanif 1000


MA5616(config-if-Vlanif1000)#ip address 10.10.21.1 24

Step4: Add a route ( WAN if needed )

MA5616(config)#port vlan 1000 0/0 0

Step3:Configure the Layer3 address of management VLAN

MA5616(config)#vlan 1000 standard

MA5616(config-if-vlanif1000)#quit
MA5616(config)#ip route-static 10.10.21.0 24 10.10.20.2

Query the IP address

MA5616(config)#display ip interface vlanif 1000


MA5616

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Interface vlanif 1000

Remote login

Telnet to the management IP from the remote side

telnet 10.10.21.1

Username: root

Password: mduadmin

CLI remote access to the system

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Configure Miscellaneous Stuff

Set the system time

MA5616(config)#time
{time<T><hh:mm:ss>|date<D>
<yyyy-mm-dd>}:11:15:59 2009-05-30

Query system time

MA5616(config)#display time
{<cr>|dst<K>|time-stamp<K>}:
command: display time 2009-05-30 11:16:00 +08:00

Set the system identity

MA5616(config)#sysname
{prompt<S><Length 1-50>}: LA_s1

LA_s1 (config)#

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. What are the necessary prerequisites when the first time login?

2. How to establish the outband management ?

A. RS232 serial cable


B. Hyper terminal
C. IP address
D. User name and password
A. management VLAN
B. management IP
C. IP route
D. user name and password

3. How to establish the inband management ?

A. management VLAN
B. management IP
C. IP route
D. user name and password

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Operation Security Management Overview


ACL

User
Security

ACL is used to filter the specific data


packets based on a series of matching
rules contained in the ACL, and identify
the filtering objects.
After the filtering objects are identified,
the corresponding data packets are
permitted to pass or are discarded
according to the preset rules.

User security maintains the


management user who need the
authority for configuring and
maintaining the MA5616
through CLI.

Security
Management

HUAWEI TECHNOLOGIES CO., LTD.

Firewall

Huawei Confidential

The firewall feature


enables the MA5616 to
filter data packets based
on an ACL rule. This
prevents unauthorized
users from accessing the
MA5616.

Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall

Copyright 2009 Huawei Technologies Co., Ltd. All rights reserved.

User Management Overview


Query User

Create User

Maintaining User

Create user profile->

Query user configuration

Modify user->

Create user

Query online user

Delete user->
Lock/unlock user

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

User Level
Super User

Administrator
Operator
Configure some
services

Manage all the


functions and
services, and can
manage all the
lower level users

Common user
Only query the
basic settings

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

The highest authority,


manage all the
functions and
services and for
managing all the
lower level users

Create an User (1/2)

Step 1 Add a new user-profile

MA5616(config)#terminal user-profile add


User profile name(<=15 chars): LA
Min. length of user name(6--15)[6]:8
Min. length of password(6--15)[6]:8
Validity period of the user name(0--999 days)[30]:
Validity period of the password(0--999 days)[30]:
Permitted start time of logon by a user(hh:mm):09:00
Permitted end time of logon by a user(hh:mm):19:00
Repeat this operation? (y/n)[n]:

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Create an User (2/2)

Step2 Add a new user

MA5616(config)#terminal user name

User profile name(<=15 chars)[root]: root

User Name(<=15 chars):test

User Password(<=15 chars):

Confirm Password(<=15 chars):

User's Level:

1. Common User 2. Operator 3. Administrator:3

Permitted Reenter Number(0--4):4

User's Appended Info(<=30 chars):

This user has been added

Repeat this operation? (y/n)[n]:

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Users

Query all the user profile

MA5616(config)#display terminal user-profile

Query all the terminal user

MA5616(config)#display terminal user


{all | online | name username}:all
---------------------------------------------- Name

Level

Status ReenterNum AppendInfo

test Operator Offline

root

Super

Online

Query the online terminal user

MA5616(config)#display client

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Maintaining Users

Modify the user password/Level/Reenter/ information

MA5616config)#terminal user password

MA5616(config)#terminal user level

MA5616(config)#terminal user reenter

MA5616(config)#terminal user apdinfo

Delete the user

Lock a terminal user

MA5616(config)#terminal hold

Unlock a terminal user

MA5616(config)#undo terminal user name

MA5616(config)#undo terminal hold

Kick off the online user

MA5618(config)#client kickoff

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

What is ACL

ACL (access control list) is used to filter the specific data packets based

on a series of matching rules contained in the ACL, and therefore identify


the filtering objects.

After the filtering objects are identified, the corresponding data packets

are permitted to pass or are discarded according to the preset rules.

Input packet
stream

Match the
packets with
the ACL

Matching?
Yes
No
Discard or
forward packets
Discarded
packets

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Implement
actions
Forwarded
packets

Output packet
stream

ACL Management Overview

Create ACL

Query ACL

Maintain ACL

Create ACL->

Query ACL

Delete the filter->

Create ACL rule->

Query the filter

Delete ACL rule->


Delete ACL

Bind the ACL to filter

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Create ACL (1/2)

Step1: Create an ACL

MA5616(config)#acl { basic-acl-number | adv-acl-number | link--acl-number |


user-acl-number }

MA5618(config)#acl 2001

Step2: Create an ACL rule

MA5616(config-acl-basic-2001 )#rule [ rule-id ] { permit | deny } protocol


[ established | source { sour-addr { sour-wildcard | 0 } | any } | destination
{ dest-addr dest-mask | any } | source-port operator port1 [ port2 ] | destinationport operator port1 [ port2 ] | icmp-type icmp-type icmp-code | precedence
precedence | tos tos | dscp dscp | time-range time-range-name | fragment ]

MA5616(config-acl-basic-2001)#rule 10 permit ip source 10.10.10.2 0 destination


10.20.20.2 0 tos max -reliability time-range worktime

LAN/WAN

0/1/0

MA5616

10.20.20.2

10.10.10.2

ACL2001(rule 10): Permit access in time-range worktime, tos max-reliability


HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Create ACL (2/2)

Step3: Enable an ACL filtering rule for a specific port

MA5616(config)#packet-filter { inbound | outbound } { user-group


access-list-number1 [ rule rule-id ] | { ip-group access-list-number2
[ rule rule-id ] | link-group access-list-number3 [ rule rule-id ] } * }
port frameid/slotid/portid

MA5616(config)#packet-filter inbound ip-group 2001 port 0/1/0

LAN/WAN

0/1/0

MA5616

10.20.20.2

10.10.10.2
Packe-filter enable in port 0/1/0 of inbound direction

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query ACL

Query ACL configuration

MA5616(config)#display acl { all | basic-acl-number | adv-acl-number |


link-acl-number | user-acl-number }

MA5616(config)#display acl 2001

Query the filter

MA5616(config)#display packet-filter { all | port frameid/slotid/portid }

MA5616(config)#display packet-filter statistics 2001

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Maintain ACL

Step1: Delete the filter

MA5616(config)#undo packet-filter { inbound | outbound } { user-group accesslist-number1 [ rule rule-id ] | { ip-group access-list-number2 [ rule rule-id ] | linkgroup access-list-number3 [ rule rule-id ] } * } port frameid/slotid/portid

MA5616(config)#undo packet-filter inbound ip-group 2001 port 0/1/0

Step2: Delete an ACL rule

MA5616(config-acl-basic-2001)#undo rule rule-id [ [ source ] | [ time-range ] |


[ fragment ] ]

MA5616(config-acl-basic-2001)#undo rule 10

Step3: Delete an ACL

MA5616(config)#undo acl { all | basic-acl-number | adv-acl-number | link--aclnumber | user-acl-number }

MA5616(config)#undo acl 2001

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Firewall Management Overview

Enable Firewall

Query Firewall

Disable Firewall

Enable Firewall ->

Query firewall blacklist

Delete the filter->

Apply package

Query the firewall filter

Delete firewall
configuration

filtering rules to an
interface

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Enable Firewall

Step1: Enable the firewall function

MA5616(config)#firewall enable

Step2: Apply package filtering rules to an interface

MA5616(config)#firewall packet-filter{ basic-acl-number | adv-aclnumber } { inbound | outbound }

MA5618(config)#firewall packet-filter 2001 inbound

LAN/WAN

0/1/0

MA5616

10.20.20.2

10.10.10.2
Enable firewall to block unauthenticated user attack

And permit PC 10.10.10.2 can access PC 10.20.20.2 through port 0/1/0 based on ACL 2001

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Firewall

Query the firewall blacklist

MA5616(config)#display firewall blacklist { config | item [ ip-addr ] }

MA5616(config)#display firewall blacklist config


Blacklist is Enabled

Query the packet filtering statistics of firewall

MA5616(config)#display firewall packet-filter statistics { all | interface


{ meth | vlanif } interface-number }

MA5616(config)#display firewall packet-filter statistics all

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Disable Firewall

Cancel the application of package filtering rules

MA5616(config)#undo firewall packet-filter{ basic-acl-number | advacl-number } { inbound | outbound }

MA5618(config)#undo firewall packet-filter 2001 inbound

Disable the firewall function

MA5616(config)#undo firewall enable

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. Which command can query the online management user?

A. display terminal user all

B. display client

C. display terminal user online

2. When configure ACL, whats the sequence of the configuration?

A. Configure ACL->Configure ACL rule-> Configure filter

B. Configure ACL rule-> Configure ACL- > Configure filter

C. Configure filter-> Configure ACL rule-> Configure ACL

3. Which command can enable system firewall?

A. firewall enable

B. firewall packet-filter

C. firewall output

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Alarm Management Overview


Query Alarm

Alarm output management

Query alarm based on alarm

Alarm output management

ID, alarm SN, etc.

Alarm export management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Alarm (1/2)

An alarm record contains the following information:

Alarm ID
Alarm serial number
Alarm level

Critical/Major/Minor/Warning
Alarm parameter

Shelf ID, Shelf ID/slot ID, Shelf ID/slot ID/port ID, and VLAN interface ID
Alarm time

E.G.: MA5618(config)# display alarm history alarmtime start 2008-3-27 10:00:00


Alarm level
end 2008-4-20 10:00:00 detail

Alarm SN
Alarm Name
Alarm Parameter

ALARM 174 EVENT MAJOR 0x0b20000c ----- 2008-04-17 21:48:21


Alarm Time
ALARM NAME : Backup failure
Alarm ID
PARAMETERS : FrameID: 0, SlotID: 0, Backup type: Host program, Failure cause:
Failed to transfer the file
DESCRIPTION : Failed in backuping files to maintenance terminal
CAUSE
: Backup failure
ADVICE
: Check according to failure cause and back it up again
END

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Alarm (2/2)


Command

Remark

display alarm history all

Query all the alarm

display alarm history alarmsn

Query an alarm record by alarm serial number

display alarm history alarmid

Query an alarm record by alarm ID

display alarm history alarmlevel

Query an alarm record by alarm level

display alarm history alarmtype

Query an alarm record by alarm type

display alarm history alarmclass

Query an alarm record by alarm class

display alarm history alarmtime start end

Query an alarm record by alarm generation time

MA5616(config)#display alarm history { alarmsn sn |all | alarmid id |

alarmlevel level | alarmtype type | alarmclass class | alarmtime start startdate start-time end end-date end-time } [ start-number number ] } [ detail |
list ] [ | { begin | include | exclude } text ]
HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Alarm Output and Export Management

Alarm output Management

Enable alarm output

Disable alarm output

MA5616(config)#alarm output all

MA5616(config)#undo alarm output

Alarm export Management

Add an alarm whose signal is output through the alarm interface

MA5616(config)#alarm export alarmid id

MA5616(config)#alarm export alarmid 0x0121a001

Delete the alarm whose signal is output through the alarm interface

MA5616(config)#undo alarm export alarmid

MA5616(config)#undo alarm export alarmid 0x0121a001

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. An alarm record contains the following information:

A. alarm ID

B. alarm SN

C. alarm level

D. alarm type

E. alarm class

2. To query alarm, we can based on ( ) to query the corresponding


alarm?

A. alarm ID

B. alarm SN

C. alarm level

D. alarm type

E. alarm class

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Log Management
Log Server
Management

MA5616 can be configured log server


to dump logs as references for system
maintenance and troubleshooting.

Log
Statistics

Log Host
Management

A fault can be located through


the system log information. You
can set and query the log buffer
on the MA5616.

Log
Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

The MA5616 can log


important operations in the
UNIX or Windows host (also
referred to as the log server)
of the internal network
through the syslog
mechanism.

Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Log

Query the operation log

MA5616(config)#display log [ cli | snmp | tl1 ] { name username | all }


[ start-date [ start-time ] [ - end-date [ end-time ] ] ]

MA5616(config)#display log memory

MA5616(config)#display log failure

E.g. MA5616(config)#display log all 2008-3-27 10:00:00 - 2008-4-20


10:00:00

71

Domain

root

--

IP-Address
192.168.3.210

Time: 2009-06-11 02:07:30


Log Time
Log command

Log IP address

---------------------------------------------------------------------------

No. UserName
Log No.

Log Domain

Log User Name

Cmd: ftp set


---------------------------------------------------------------------------

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Log Server Management Overview

Create Log Server

Query Log Server

Maintaining Log
Server

Create Log Server->

Query Log Server

Delete the system log

Configure system log

Query the system log

configuration->

output to server

output configuration

Delete log server

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Create Log Server (1/2)

Configure the primary and secondary file servers

MA5616(config)#file-server { { auto-load program } | { auto-backup

{ alarm-event | cdr | configuration | data | debug | log } } } { primary |


secondary } ip-address { tftp | ftp { user username | path pathname
user username } { password | nopassword } | sftp { user username |
path pathname user username | path pathname port portid user
username } { password | nopassword } }

MA5616(config)#file-server auto-backup cdr primary 10.10.10.1 ftp


path abc user
User Name(<=40 chars):a

HUAWEI TECHNOLOGIES CO., LTD.

User Password(<=40 chars):

Huawei Confidential

Create Log Server (2/2)

Configure system log output to server

MA5616(config)#syslog output { sizevalue | all }

MA5616(config)#syslog output debug

system automatically
backs up or loads files
to server

MA5616

HUAWEI TECHNOLOGIES CO., LTD.

Server

Huawei Confidential

Query Log Server

Query the operation log

MA5616(config)#display file-server { { auto-load program } | { autobackup { data | board-info | alarm-event | cdr | configuration | data |
debug | log } } }

MA5618(config)#display file-server auto-backup cdr

Query the level-based output status of the system log

MA5616(config)#display syslog output configuration

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Maintaining Log Server

Delete the system log configuration

MA5616(config)#undo syslog output { sizevalue | all }

MA5616(config)#undo syslog output debug

Delete the primary and secondary file servers

MA5616(config)#undo file-server { { auto-load program } | { auto-

backup { alarm-event | board-info | cdr | configuration | data | debug |


log } } } { primary | secondary }

MA5616(config)#undo file-server auto-backup cdr primary

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Log Host Management Overview

Create Log Host


Create Log Host->

Query Log Host


Query Log Host

Log Host Deactivate->


Delete log host

Log Host activate

HUAWEI TECHNOLOGIES CO., LTD.

Maintaining Log
Host

Huawei Confidential

Create Log Host

Step1: Add a log host

MA5616(config)#loghost add ip-addr hostname

MA5616(config)#loghost add 10.11.136.56 log

Step2: Activate a log host

MA5616(config)#loghost activate {ip ip-addr| name hostname}

MA5616(config)#loghost activate ip 10.11.136.56

collecting and storing


the log information

MA5616

HUAWEI TECHNOLOGIES CO., LTD.

PC 10.11.136.56

Huawei Confidential

Query Log Host

Query the configuration of the log host

MA5616(config)#display loghost list [ ip ip-addr | name hostname ]

MA5616(config)#display loghost list ip 10.11.136.56

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Maintaining Host

Deactivate a log host

MA5616(config)#loghost deactivate { ip ip-addr | name hostname }

MA5616(config)#loghost deactivate ip 10.11.136.56

Delete a log host

MA5616(config)#loghost delete { ip ip-addr | name hostname }

MA5616(config)#loghost delete ip 10.11.136.56

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. An log record contains the following information:

A. log user name

B. log time

C. log domain

D. log command

2 . When query log, we can based on ( ) to query the


corresponding log?

A. log name

B. log time

C. log level

D. log type

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Database Management
Backup
Management

MA5616 support s backuping the


configuration and database files
into file server through ftfp,ftp,sftp.

Save
Management

Loading
Management

MA5616 supports two save


modes: auto-save and manual
save. You can save the data
files and the configuration file.

Database
Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

The MA5616 supports


loading the configuration
and data files from file
server through tftp, ftp, sftp.

Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Data Management Conceptions


CCUB

FLASH

SDRAM

1: Save

Database file

2: Backup
Configuration file
2

3: Load

File Server

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Save Management (1/4)

To save the database file manually .

MA5616(config)#save data
The data is being saved, please wait a moment...

To save the current configuration file of the system

MA5616(config)#save configuration
It will take several minutes to save configuration file, please wait...

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Save Management (2/4)

To save the database file and the configuration file at the


same time.

MA5616(config)#save
{<cr>|configuration<K>|data<K>}:

CCUB

FLASH

SDRAM

Database file

Configuration
file

save

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Save Management (3/4)

To save the database file automatically at the present time.

MA5616(config)#autosave time on
System autosave time switch: on
Autosave time: 12:20:30
Autosave type: data

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Save Management (4/4)

To save the database file automatically at intervals

MA5616(config)#autosave interval on
System autosave interval switch: on
Autosave interval: 1440 minutes
Autosave type: data
System autosave modified configuration switch: on

Autosave interval: 30 minutes


Autosave type: data

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Backup Management (1/2)

Query the system current configuration.

MA5616(config)#display current-configuration [ section string ] [ |

{ begin | include | exclude } text ]

MA5616(config)#display current-configuration section dev

Query the data configuration saved in memory

MA5616(config)#display saved-configuration

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Backup Management (2/2)

Back up the configuration file to the server .

MA5616(config)#backup configuration {tftp server-ipaddr filename | ftp


server-ipaddr filename | sftp server-ipaddr filename }

MA5616(config)#backup configuration tftp 1.1.1.1 config.txt

FLASH

CCUB

HUAWEI TECHNOLOGIES CO., LTD.

File Server
Backup

Huawei Confidential

IP 1.1.1.1

Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Loading Management

Load the configuration file .

MA5616(config)#load configuration {tftp server-ipaddr filename | ftp serveripaddr filename | sftp server-ipaddr filename }

MA5616(config)#load configuration tftp 1.1.1.1 config.txt

Load the data configuration.

MA5616(config)#load data { xmodem | tftp ServerIpAddress filename | sftp

ServerIpAddress filename | ftp ServerIpAddress filename }

MA5616(config)#load data ftp 1.1.1.1 db_ccuh.dat

FLASH

CCUB
HUAWEI TECHNOLOGIES CO., LTD.

File Server
Load
Huawei Confidential

IP 1.1.1.1

System Rebooting

After loading configuration or database file successfully,

system will remind the next step is system rebooting.

Rebooting the system

MA5616(config)#reboot system

Caution:

Rebooting the system interrupts the ongoing services. Therefore, run


this command with caution.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Loading Maintenance

Load the configuration file .

MA5616(config)#display progress { load | backup }

MA5616(config)#display progress load

Activate a configuration file .

MA5616(config)#active configuration system

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Example: System Data Backup

Step1: Confirm PC can ping MA5616

Step2: start-up the TFTP server software of PC

Step3: Save the data

MA5616(config)#save data

Step4: Backup to file server

MA5616(config)#backup data
tftp 192.168.1.139 20090511

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Example: Restoration of the System Data

Step1: Confirm PC can ping MA5616

Step2: Start-up the TFTP server software of PC

Step3: Restoration data to MA5616 and reboot system

MA5616(config)#load data tftp 192.168.1.139 20090511

MA5616(config)#reboot system

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. Please outline the difference between backup and load.

2. MA5618 supports backup and load files operation, by which protocol the
file can transferred between MA5618 and file server?

A. ftp

B. tftp

C. sftp

D. xmodem

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
1.

CLI Management Overview

2.

Initial Setup

3.

Operation Security Management

4.

Alarm Management

5.

Log Management

6.

Database Management

7.

Hardware Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
7. Hardware Management
7.1 Shelf Management
7.2 Board Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Shelf Management

Set a frame

MA5616(config)#frame set frameid desc description

MA5616(config)#frame set 0 desc test

Delete the description of a shelf

MA5616(config)#undo frame desc frameid

MA5616(config)#undo frame desc 0

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Query Shelf Information

Query the description of a shelf

MA5616(config)#display frame desc { frameid | bydesc description }

MA5616(config)#display frame desc 0

Query the basic information about a shelf

MA5616(config)#display frame info [ frameid ]

MA5616(config)#display frame info 0

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Contents
7. Database Management
7.1 Shelf Management
7.2 Board Management

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Board Statuses
Board

Status

Main Control

Active-Normal

Board

Standby-Normal

Auto_find

1 The board can be automatically found


after inserted into the slot but not
registered in the system

Config (transition status)


2

Normal

Confirm the board, the status


becomes normal, the config status is a
transitional status

Failed

3 Faults happen, the status becomes

Service Board

failed

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Board Management (1/2)

Step1: Add a board

MA5616(config)#board add frameid/slotid board-type

MA5616(config)#board add 0/3 VSNK

Step2: Confirm a board

MA5616(config)#board confirm frameid [/slotid ]

MA5616(config)#board confirm 0/1

Query all the boards in the frame

MA5616(config)#display board frameid [ /slotid ]

MA5616(config)#display board 0

MA5616(config)#display board 0/0

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Board Management (2/2)

Delete board

MA5616(config)#board delete 0/3

Reset board

MA5616(config)#board reset 0/3

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Questions

1. When initial setup, what configuration should be run to active the


service board ?

A. board add

B. board confirm

C. board active

D. board delete

2. What status the MA5616 service board can have?

A. normal

B. auto-find

C. fault

D. active-normal

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Summary (1/2)

CLI Management Access:

The CLI terminal can access the device through local consol port or
the telnet session.

Operation Security:

Management user can be created in MA5616, and can be maintained


according to user level, password, reenter time and description
information.

The access security is guaranteed by ACL and firewall.

Alarm Management

Query alarms can according to alarm SN, alarm ID, alarm level, alarm
type,alarm class and alarm time.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Summary (2/2)

Log Management:

Database Management:

To query the operation log of a user can get the information of the name and IP address of
the user who performs operations on the system, the time when the user performs
operations on the system.
To put the system logs to log server or log host, the server or host should be created in
MA5616 first, and system can automatically dump logs.
Database Management includes save, backup and load system configuration or database
file.
Save system configuration or database file can be manual operation or automatic
operation based on system command
Backup operation indicates put the files from MA5616 to file server through tftp, ftp or sftp.
Loading operation indicates take the files from file server to MA5616 through tftp, ftp or
sftp

Hardware Management

MA5616 frame information can be described through command line.


MA5616 service board has four status: Auto_find,Config,Normal,Failed. To provide
services through MA5616, the service board should be Normal status.

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Glossary

ACL: Access Control List


CLI: Command Line Interface
EMS: Element Management System
FTP: File Transfer Protocol
GUI: Graphic User Interface
LAN: Local Area Network
MIB: Management Information Base
TFTP: Trivial File Transfer Protocol
TL1: Transaction Language Number 1
SFTP: SSH File Transfer Protocol
VLAN: Virtual Local Area Network
WAN: Wide Area Network

HUAWEI TECHNOLOGIES CO., LTD.

Huawei Confidential

Thank you
www.huawei.com