Professional Documents
Culture Documents
DSLAM SmartAX
MA5616 Operation &
Administration (CLI)
www.huawei.com
Huawei Confidential
Huawei Confidential
Objectives
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Contents
1.
Huawei Confidential
Management Entities
management entities
TL1
agent
SNMP
Agent
CLI
Agent
MIB
System Platform
Huawei Confidential
Management Access
TL1/EMS Cient/CLI
uses
TL1/EMS Client/CLI
EMS
EMS
LAN/WAN
LAN/WAN
CLI
F
A
N
Huawei Confidential
Consol
ETH
GE1
GE0
RS232
MA5616
Management Strategy
Outband:
Outband
Ethernet port.
Inband
Inband
User Data
OAM Data
Huawei Confidential
Contents
1.
Huawei Confidential
CLI
CLI access
Serial link
Telnet session
LAN/WAN
LAN/WAN
RS232
Ethernet Cable
Serial link
Ethernet Cable
Telnet session
Huawei Confidential
Physical connection:
Software:
Hyper terminal
RS232
Huawei Confidential
Telnet Access
Start-> Run->RUN cmd
Physical connection:
Telnet:
telnet interface ip address
Ethernet cable
Software:
telnet
PC
LAN/WAN
Huawei Confidential
LAN/WAN
Ethernet
Ethernet
Cable
Cable
How to Log in ?
Username: root
Password: mduadmin
quit
Huawei Confidential
Contents
1.
Huawei Confidential
MA5616(BTV)#
Login
BTV
quit
quit
return
Port/Interface mode
MA5616(config-if-...)#
Huawei Confidential
MA5616(config)#interface ?
--------------------------------------------
adsl
eth
meth
MEth interface
vlanif
VLAN interface
... ...
---------------------------------------------
Huawei Confidential
incomplete keyword.
MA5616>ena <space>
MA5616>enable
MA5616#con <Tab>
MA5616#config
Press Enter
MA5616config-if-meth0)#
Huawei Confidential
Huawei Confidential
Meaning
<K>
Keyword
<E>
<U>
<L>
<S>
Character string. Information following it is the length of the character string to be entered.
<I>
IP address
<M>
<PA>
MAC address
<H>
Hexadecimal number.
The system supports the input of "0x". By default, the system supports decimal numbers.
<D>
<yyyy-mm-dd> Date
<T>
<hh:mm:ss> Time
Huawei Confidential
Description
Boldface
Italics
[]
{ x | y | ... }
Alternative items are grouped in braces and separated by vertical bars. One is
selected.
[ x | y | ... ]
Alternative items that are optional are grouped in square brackets and separated
by vertical bars. One or none is selected.
{ x | y | ... } *
[ x | y | ... ] *
Huawei Confidential
Cause
Incomplete command
Ambiguous command
Huawei Confidential
Questions
A. CLI
B. GUI
C. TL1
D. TFTP
A. CLI agent
B. SNMP agent
C. IGMP agent
A. Press question
B. Press enter
C. Press space
D. Press tab
A. User mode
B. Privilege mode
C. Global configure mode
D. diagnose mode
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff
Huawei Confidential
PC
PC
Ethernet Cable
port.
Ethernet Cable
LAN/WAN
LAN/WAN
Outband
ETH or GE
Inband
Huawei Confidential
Physical connection:
Software:
Hyper terminal
RS232
Password: mduadmin
Huawei Confidential
Data Bit:8
Parity: None
Stop Bit:1
WAN?
No
Yes
Add IP route
Remote login
Huawei Confidential
Item
WAN
Remote terminal IP
10.10.21.1/24
Management IP
192.168.3.250/24
gateway
192.168.3.1/24
PC
Data
Huawei Confidential
MA5616(config)#interface meth 0
MA5616(config-if-MEth0)#quit
Interface meth 0
MA5616
Huawei Confidential
Remote login
telnet 192.168.3.250
Username: root
Password: mduadmin
Huawei Confidential
Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff
Huawei Confidential
Remote EMS
Client/CLI
Inband management
Management interface
EMS
Management VLAN
Management IP
LAN/WAN
IP
VLAN
Huawei Confidential
Provision Management IP
standard }
port vlan vlanid [ to end-vlanid ] frameid/slotid
portlist
WAN?
No
Yes
Add IP route
Remote login
[ preference preference-value ]
Huawei Confidential
Item
Data
Remote terminal IP
10.50.1.1/24
Remote terminal
10.50.1.254/24
gateway
WAN
Management VLAN
1000
Management IP
10.10.21.1/24
gateway
10.10.21.2/24
PC
Huawei Confidential
MA5616(config-if-vlanif1000)#quit
MA5616(config)#ip route-static 10.10.21.0 24 10.10.20.2
Huawei Confidential
Remote login
telnet 10.10.21.1
Username: root
Password: mduadmin
Huawei Confidential
Contents
2. Initial Setup
2.1 Outband Management
2.2 Inband Management
2.3 Miscellaneous Stuff
Huawei Confidential
MA5616(config)#time
{time<T><hh:mm:ss>|date<D>
<yyyy-mm-dd>}:11:15:59 2009-05-30
MA5616(config)#display time
{<cr>|dst<K>|time-stamp<K>}:
command: display time 2009-05-30 11:16:00 +08:00
MA5616(config)#sysname
{prompt<S><Length 1-50>}: LA_s1
LA_s1 (config)#
Huawei Confidential
Questions
1. What are the necessary prerequisites when the first time login?
A. management VLAN
B. management IP
C. IP route
D. user name and password
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
User
Security
Security
Management
Firewall
Huawei Confidential
Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall
Create User
Maintaining User
Modify user->
Create user
Delete user->
Lock/unlock user
Huawei Confidential
User Level
Super User
Administrator
Operator
Configure some
services
Common user
Only query the
basic settings
Huawei Confidential
Huawei Confidential
User's Level:
Huawei Confidential
Query Users
Level
root
Super
Online
MA5616(config)#display client
Huawei Confidential
Maintaining Users
MA5616(config)#terminal hold
MA5618(config)#client kickoff
Huawei Confidential
Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall
Huawei Confidential
What is ACL
ACL (access control list) is used to filter the specific data packets based
After the filtering objects are identified, the corresponding data packets
Input packet
stream
Match the
packets with
the ACL
Matching?
Yes
No
Discard or
forward packets
Discarded
packets
Huawei Confidential
Implement
actions
Forwarded
packets
Output packet
stream
Create ACL
Query ACL
Maintain ACL
Create ACL->
Query ACL
Huawei Confidential
MA5618(config)#acl 2001
LAN/WAN
0/1/0
MA5616
10.20.20.2
10.10.10.2
Huawei Confidential
LAN/WAN
0/1/0
MA5616
10.20.20.2
10.10.10.2
Packe-filter enable in port 0/1/0 of inbound direction
Huawei Confidential
Query ACL
Huawei Confidential
Maintain ACL
MA5616(config)#undo packet-filter { inbound | outbound } { user-group accesslist-number1 [ rule rule-id ] | { ip-group access-list-number2 [ rule rule-id ] | linkgroup access-list-number3 [ rule rule-id ] } * } port frameid/slotid/portid
MA5616(config-acl-basic-2001)#undo rule 10
Huawei Confidential
Contents
3. Operation Security Management
3.1 User Security
3.2 ACL
3.3 Firewall
Huawei Confidential
Enable Firewall
Query Firewall
Disable Firewall
Apply package
Delete firewall
configuration
filtering rules to an
interface
Huawei Confidential
Enable Firewall
MA5616(config)#firewall enable
LAN/WAN
0/1/0
MA5616
10.20.20.2
10.10.10.2
Enable firewall to block unauthenticated user attack
And permit PC 10.10.10.2 can access PC 10.20.20.2 through port 0/1/0 based on ACL 2001
Huawei Confidential
Query Firewall
Huawei Confidential
Disable Firewall
Huawei Confidential
Questions
B. display client
A. firewall enable
B. firewall packet-filter
C. firewall output
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Huawei Confidential
Alarm ID
Alarm serial number
Alarm level
Critical/Major/Minor/Warning
Alarm parameter
Shelf ID, Shelf ID/slot ID, Shelf ID/slot ID/port ID, and VLAN interface ID
Alarm time
Alarm SN
Alarm Name
Alarm Parameter
Huawei Confidential
Remark
alarmlevel level | alarmtype type | alarmclass class | alarmtime start startdate start-time end end-date end-time } [ start-number number ] } [ detail |
list ] [ | { begin | include | exclude } text ]
HUAWEI TECHNOLOGIES CO., LTD.
Huawei Confidential
Delete the alarm whose signal is output through the alarm interface
Huawei Confidential
Questions
A. alarm ID
B. alarm SN
C. alarm level
D. alarm type
E. alarm class
A. alarm ID
B. alarm SN
C. alarm level
D. alarm type
E. alarm class
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Log Management
Log Server
Management
Log
Statistics
Log Host
Management
Log
Management
Huawei Confidential
Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management
Huawei Confidential
Query Log
71
Domain
root
--
IP-Address
192.168.3.210
Log IP address
---------------------------------------------------------------------------
No. UserName
Log No.
Log Domain
Huawei Confidential
Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management
Huawei Confidential
Maintaining Log
Server
configuration->
output to server
output configuration
Huawei Confidential
Huawei Confidential
system automatically
backs up or loads files
to server
MA5616
Server
Huawei Confidential
MA5616(config)#display file-server { { auto-load program } | { autobackup { data | board-info | alarm-event | cdr | configuration | data |
debug | log } } }
Huawei Confidential
Huawei Confidential
Contents
5. Log Management
5.1 Log Query
5.2 Log Server Management
5.3 Log Host Management
Huawei Confidential
Maintaining Log
Host
Huawei Confidential
MA5616
PC 10.11.136.56
Huawei Confidential
Huawei Confidential
Maintaining Host
Huawei Confidential
Questions
B. log time
C. log domain
D. log command
A. log name
B. log time
C. log level
D. log type
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Database Management
Backup
Management
Save
Management
Loading
Management
Database
Management
Huawei Confidential
Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management
Huawei Confidential
FLASH
SDRAM
1: Save
Database file
2: Backup
Configuration file
2
3: Load
File Server
Huawei Confidential
MA5616(config)#save data
The data is being saved, please wait a moment...
MA5616(config)#save configuration
It will take several minutes to save configuration file, please wait...
Huawei Confidential
MA5616(config)#save
{<cr>|configuration<K>|data<K>}:
CCUB
FLASH
SDRAM
Database file
Configuration
file
save
Huawei Confidential
MA5616(config)#autosave time on
System autosave time switch: on
Autosave time: 12:20:30
Autosave type: data
Huawei Confidential
MA5616(config)#autosave interval on
System autosave interval switch: on
Autosave interval: 1440 minutes
Autosave type: data
System autosave modified configuration switch: on
Huawei Confidential
Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management
Huawei Confidential
MA5616(config)#display saved-configuration
Huawei Confidential
FLASH
CCUB
File Server
Backup
Huawei Confidential
IP 1.1.1.1
Contents
6. Database Management
6.1 Save Management
6.2 Backup Management
6.3 Loading Management
Huawei Confidential
Loading Management
MA5616(config)#load configuration {tftp server-ipaddr filename | ftp serveripaddr filename | sftp server-ipaddr filename }
FLASH
CCUB
HUAWEI TECHNOLOGIES CO., LTD.
File Server
Load
Huawei Confidential
IP 1.1.1.1
System Rebooting
MA5616(config)#reboot system
Caution:
Huawei Confidential
Loading Maintenance
Huawei Confidential
MA5616(config)#save data
MA5616(config)#backup data
tftp 192.168.1.139 20090511
Huawei Confidential
MA5616(config)#reboot system
Huawei Confidential
Questions
2. MA5618 supports backup and load files operation, by which protocol the
file can transferred between MA5618 and file server?
A. ftp
B. tftp
C. sftp
D. xmodem
Huawei Confidential
Contents
1.
2.
Initial Setup
3.
4.
Alarm Management
5.
Log Management
6.
Database Management
7.
Hardware Management
Huawei Confidential
Contents
7. Hardware Management
7.1 Shelf Management
7.2 Board Management
Huawei Confidential
Shelf Management
Set a frame
Huawei Confidential
Huawei Confidential
Contents
7. Database Management
7.1 Shelf Management
7.2 Board Management
Huawei Confidential
Board Statuses
Board
Status
Main Control
Active-Normal
Board
Standby-Normal
Auto_find
Normal
Failed
Service Board
failed
Huawei Confidential
MA5616(config)#display board 0
Huawei Confidential
Delete board
Reset board
Huawei Confidential
Questions
A. board add
B. board confirm
C. board active
D. board delete
A. normal
B. auto-find
C. fault
D. active-normal
Huawei Confidential
Summary (1/2)
The CLI terminal can access the device through local consol port or
the telnet session.
Operation Security:
Alarm Management
Query alarms can according to alarm SN, alarm ID, alarm level, alarm
type,alarm class and alarm time.
Huawei Confidential
Summary (2/2)
Log Management:
Database Management:
To query the operation log of a user can get the information of the name and IP address of
the user who performs operations on the system, the time when the user performs
operations on the system.
To put the system logs to log server or log host, the server or host should be created in
MA5616 first, and system can automatically dump logs.
Database Management includes save, backup and load system configuration or database
file.
Save system configuration or database file can be manual operation or automatic
operation based on system command
Backup operation indicates put the files from MA5616 to file server through tftp, ftp or sftp.
Loading operation indicates take the files from file server to MA5616 through tftp, ftp or
sftp
Hardware Management
Huawei Confidential
Glossary
Huawei Confidential
Thank you
www.huawei.com