Sjzl20060311-ZXR10 26092818S2826S2852S Access Switch Users Manual

ZXR10
2609/2818S/2826S/2852S Access Switch
Users Manual
Version 1.0
ZTE CORPORATION ZTE Plaza, Keji Road South, Hi-Tech Industrial Park, Nanshan District, Shenzhen, P. R. China 518057 Tel: (86) 755 26771900 800-9830-9830 Fax: (86) 755 26772236 URL: http://support.zte.com.cn E-mail: doc@zte.com.cn
LEGAL INFORMATION Copyright 2005 ZTE CORPORATION. The contents of this document are protected by copyright laws and international treaties. Any reproduction or distribution of this document or any portion of this document, in any form by any means, without the prior written consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by contractual confidentiality obligations. All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE CORPORATION or of their respective owners. This document is provided as is, and all express, implied, or statutory warranties, representations or conditions are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose, title or noninfringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the use of or reliance on the information contained herein. ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications covering the subject matter of this document. Except as expressly provided in any written license between ZTE CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter herein. The contents of this document and all policies of ZTE CORPORATION, including without limitation policies related to support or training are subject to change without notice.
Revision History Date 2005/11/01 Revision No. R1.3 Serial No. sjzl20060311 Description
ZTE CORPORATION Values Your Comments & Suggestions!

Your opinion is of great value and will help us improve the quality of our product documentation and offer better services to our customers. Please fill out the following questionnaire and fax to: (86) 755-26772236; Or mail to: Publications R&D Department, ZTE CORPORATION, ZTE Plaza, A Wing, Keji Road South, Hi-Tech Industrial Park, Shenzhen, P. R. China 518057. Thank you for your cooperation!
Your Comments & Suggestions

Document Name Product Version ZXR10 2609/2818S/2826S/2852S Access Switch Users Manual V1.0 Document Revision Number R1.3
Equipment Installation Date Presentation: (Introductions, Procedures, Illustrations, Completeness, Level of Detail, Organization, Appearance) Good Your evaluation of this document Accessibility: (Contents, Index, Headings, Numbering, Glossary) Good Fair Average Poor Bad N/A Fair Average Poor Bad N/A
Intelligibility: (Language, Vocabulary, Readability & Clarity, Technical Accuracy, Content) Good Fair Average Poor Bad N/A
Please check the suggestions which you feel can improve this documentation: Improve the overview/introduction Improve the Contents Improve the organization Your suggestions for improvement of this document Include more figures Add more examples Add more detail Other suggestions ____________________________________________________________________ ____________________________________________________________________ ____________________________________________________________________ ____________________________________________________________________ ____________________________________________________________________ # Please feel free to write any comments on an attached sheet. If you wish to be contacted regarding your comments, please complete the following: Name Postcode Telephone Company Address E-mail Make it more concise/brief Add more step-by-step procedures Add more troubleshooting information Make it less technical Add more/better quick reference aids Improve the index
Contents
About this Users Manual.................................................. xxiii
Purpose of this Users Manual........................................................ xxiv Typographical Conventions ............................................................ xxv Mouse Operation Conventions....................................................... xxvi Safety Signs ................................................................................xxvii How to Get in Touch.................................................................... xxviii
Customer Support ...................................................................................xxviii Documentation Support ...........................................................................xxviii
Chapter 1..............................................................................29 Safety Description ...............................................................29

Safety Instructions..........................................................................29 Sign Description..............................................................................30
Chapter 2..............................................................................31 System Overview.................................................................31

Product Overview............................................................................31 Functions .......................................................................................32 Networking Mode............................................................................33
Workgroup Networking Mode ...................................................................... 33 MAN Broadband Access Networking Mode.................................................... 34
Technical Features and Parameters ..................................................36
Chapter 3..............................................................................37 Structure & Principle ...........................................................37
Working Principle ............................................................................37 Hardware Structure.........................................................................39

ZXR10 2609................................................................................................ 39 ZXR10 2818S ............................................................................................. 40 ZXR10 2826S ............................................................................................. 42 ZXR10 2852S ............................................................................................. 43
Sub-boards ....................................................................................45
FFEI............................................................................................................ 45 FGEI........................................................................................................... 46 FGFI ........................................................................................................... 47 FGFE .......................................................................................................... 48
Power Supply Module ......................................................................48

ZXR10 2609................................................................................................ 48 ZXR10 2818S/2826S .................................................................................. 49 ZXR10 2852S ............................................................................................. 49
Chapter 4 ............................................................................. 51 Installation and Debugging ................................................ 51

Installing the Equipment..................................................................51
Installing the Switch on Desktop .................................................................. 51 Installing the Switch onto a Cabinet ............................................................. 52
Installation of Cables.......................................................................56
Installing Power Cables................................................................................ 56 Installing Configuration Cables ..................................................................... 58 Installing Network Cables ............................................................................ 59 Installing Fibers........................................................................................... 60 Labels......................................................................................................... 61
Cable Lightning Protection Requirements ..........................................65 System Debugging..........................................................................68

Connection Configuration............................................................................. 68
Power-on Procedure.................................................................................... 71 Indicator Status .......................................................................................... 73 System Boot Procedure............................................................................... 74
Chapter 5..............................................................................77 Usage and Operation ...........................................................77

Configuration Modes........................................................................77
Configuration Through Console Port Connection ........................................... 78 Configuration Through TELNET Session........................................................ 78 Configuration Through SNMP Connection ..................................................... 80
Command Mode .............................................................................81

User Mode.................................................................................................. 81 Global Configuration Mode........................................................................... 82 SNMP Configuration Mode ........................................................................... 82 Layer 3 Configuration Mode......................................................................... 83 File System Configuration Mode................................................................... 83 NAS Configuration Mode ............................................................................. 84 Cluster Management Configuration Mode ..................................................... 84
Usage of Command Line..................................................................85

Online Help................................................................................................. 85 Command Abbreviations ............................................................................. 87 History Command....................................................................................... 87 Functional Key............................................................................................ 87
Chapter 6..............................................................................89 System Management...........................................................89

File System Management.................................................................89
File system Introduction.............................................................................. 89 File System Operations ............................................................................... 90
TFTP Configuration..........................................................................91 Import and Export of Configuration ..................................................93
Backup and Recovery of Files...........................................................94 Software Version Upgrade ...............................................................96

Viewing the Version Information .................................................................. 96 Version Upgrade When the System is Normal............................................... 97 Version Upgrade When the System is Abnormal ........................................... 98
Chapter 7 ........................................................................... 105 Service Configuration........................................................ 105

Port Configuration .........................................................................105
Basic Configuration.................................................................................... 105 Port Information........................................................................................ 111
Port Mirroring ...............................................................................113

Introduction .............................................................................................. 113 Basic Configuration.................................................................................... 114 Configuration Example .............................................................................. 115
VLAN Configuration .......................................................................115

MAC Table Operations ...................................................................120

Introduction .............................................................................................. 120 Basic Configuration.................................................................................... 121
LACP Configuration .......................................................................122

Introduction .............................................................................................. 122 Basic Configurations .................................................................................. 122 Configuration Example .............................................................................. 124
IGMP Snooping Configuration.........................................................126

MSTP Configuration.......................................................................131
Introduction...............................................................................................131 Basic Configuration ....................................................................................133 Configuration Example ...............................................................................135
QoS Configuration.........................................................................138
PVLAN Configuration .....................................................................143

802.1x Transparent Transmission Configuration ..............................145 Layer 3 Configuration ....................................................................146

Introduction...............................................................................................146 IP Port Configuration..................................................................................147 Static Route Configuration..........................................................................148 ARP Table Entry Configuration ....................................................................149
Access Service Configuration..........................................................150

QinQ Configuration........................................................................164
Chapter 8............................................................................169 Network Management .......................................................169

Remote-Access.............................................................................169
SSH.............................................................................................171
SNMP...........................................................................................177
RMON ..........................................................................................181
Cluster Management .....................................................................187

Introduction .............................................................................................. 187 ZDP Configuration ..................................................................................... 190 ZTP Configuration...................................................................................... 192 Cluster Configuration................................................................................. 194 Configuration Example .............................................................................. 197
Chapter 9 ........................................................................... 203 Maintenance ...................................................................... 203

Routine Maintenance.....................................................................203
Items of Daily Maintenance........................................................................ 203 Items of Monthly Maintenance ................................................................... 204 Maintenance Period ................................................................................... 205
Common Test Methods..................................................................206

Single-Port Loop Test ................................................................................ 206
Virtual Circuit Test......................................................................................207
Common Troubleshooting..............................................................208
Failed to Configure through the Console Port...............................................208 Failed to Connect Through Telnet................................................................210 Failed to Log In to the Switch Through Telnet..............................................211 Missing User Name or Password .................................................................211 Missing enable Password ............................................................................215 Failed to Interconnect Two Devices in the Same VLAN.................................215
Chapter 10 .........................................................................217 Command Reference .........................................................217

Introduction .................................................................................217 Management Commands...............................................................218
adminpass.................................................................................................218 config router..............................................................................................219 config snmp...............................................................................................219 config tffs ..................................................................................................219 create User................................................................................................220 delete User................................................................................................220 enable.......................................................................................................221 exit ...........................................................................................................221 hostname..................................................................................................221 line-vty......................................................................................................222 list.............................................................................................................222 loginpass...................................................................................................222 ping ..........................................................................................................223 readconfig .................................................................................................223 reboot .......................................................................................................223 saveconfig .................................................................................................224 set date.....................................................................................................224 set loginauth..............................................................................................224
set specialVlan1 ........................................................................................ 225 show date-time......................................................................................... 225 show loginauth.......................................................................................... 225 show running-config.................................................................................. 226 show specialVlan1 ..................................................................................... 226 show start-config....................................................................................... 226 show terminal ........................................................................................... 227 show vct ................................................................................................... 227 show user ................................................................................................. 227 sysLocation............................................................................................... 228 terminal log .............................................................................................. 228 terminal monitor ....................................................................................... 228 version ..................................................................................................... 229
File System ..................................................................................229

cd............................................................................................................. 229 copy ......................................................................................................... 230 format ...................................................................................................... 230 ls.............................................................................................................. 231 md ........................................................................................................... 231 remove..................................................................................................... 231 rename..................................................................................................... 232 tftp ........................................................................................................... 232
Port Configuration .........................................................................233

clear port .................................................................................................. 233 create port name ...................................................................................... 234 set port..................................................................................................... 234 set port auto ............................................................................................. 235 set port bandwidth .................................................................................... 235 set port dscp-priority ................................................................................. 236 set port default-priority.............................................................................. 237
set port description ....................................................................................237 set port duplex ..........................................................................................238 set port flowcontrol ....................................................................................238 set port ingress_limit_mode .......................................................................239 set port macaddress ..................................................................................240 set port multicast-filter...............................................................................240 set port poe...............................................................................................241 set port priority..........................................................................................241 set port remapping-tag ..............................................................................242 set port sa-priority .....................................................................................243 set port security.........................................................................................243 set port speed ...........................................................................................244 set port speedadvertise..............................................................................244 set port user-priority ..................................................................................245 set port vlan-priority ..................................................................................246 set trunk multicast-filter .............................................................................246 show port..................................................................................................247 show port qos............................................................................................247 show port statistics ....................................................................................248 show trunk ................................................................................................248
Port Mirroring ...............................................................................249

set mirror add source-port .........................................................................249 set mirror delete source-port......................................................................249 set mirror dest-port ...................................................................................250 show mirror...............................................................................................250
VLAN Configuration .......................................................................251

clear vlan name .........................................................................................251 create vlan name.......................................................................................251 set port pvid ..............................................................................................252 set trunk pvid ............................................................................................252
set vlan..................................................................................................... 253 set vlan add port ....................................................................................... 253 set vlan add trunk ..................................................................................... 254 set vlan delete port.................................................................................... 255 set vlan delete trunk.................................................................................. 255 set vlan fid ................................................................................................ 256 set vlan priority ......................................................................................... 256 show vlan ................................................................................................. 257
MAC Address Table Configuration ...................................................258

set fdb add................................................................................................ 258 set fdb agingtime ...................................................................................... 259 set fdb delete ............................................................................................ 259 set fdb filter .............................................................................................. 260 show fdb................................................................................................... 260 show fdb agingtime................................................................................... 261 show fdb dynamic port .............................................................................. 261 show fdb mac ........................................................................................... 262 show fdb port............................................................................................ 262 show fdb vlan............................................................................................ 262 show fdb vlan port..................................................................................... 263
LACP Configuration .......................................................................263

set lacp..................................................................................................... 263 set lacp aggregator add port ...................................................................... 264 set lacp aggregator delete port................................................................... 264 set lacp aggregator mode .......................................................................... 265 set lacp port mode .................................................................................... 266 set lacp port timeout ................................................................................. 266 set lacp priority ......................................................................................... 267 show lacp.................................................................................................. 267 show lacp aggregator ................................................................................ 267
show lacp port ...........................................................................................268
IGMP Snooping Configuration.........................................................269

set igmp snooping .....................................................................................269 set igmp snooping add vlan........................................................................269 set igmp snooping crossvlan.......................................................................270 set igmp snooping delete vlan ....................................................................270 set igmp snooping fastleave .......................................................................271 set igmp snooping lastmember_query ........................................................271 set igmp snooping query vlan.....................................................................272 set igmp snooping query_interval ...............................................................272 set igmp snooping response_interval ..........................................................273 set igmp snooping timeout .........................................................................274 set igmp snooping vlan add group ..............................................................274 set igmp snooping vlan delete group...........................................................275 show igmp snooping ..................................................................................276 show igmp snooping vlan...........................................................................276
MSTP Configuration.......................................................................277
clear stp instance.......................................................................................277 clear stp name...........................................................................................277 set stp.......................................................................................................278 set stp agemax..........................................................................................278 set stp edge-port .......................................................................................279 set stp forceversion....................................................................................279 set stp forwarddelay ..................................................................................280 set stp hellotime ........................................................................................280 set stp hmd5-digest...................................................................................281 set stp hmd5-key.......................................................................................281 set stp hopmax..........................................................................................281 set stp instance bridgeprio..........................................................................282 set stp instance port cost............................................................................282
set stp instance port priority....................................................................... 283 set stp instance trunk cost ......................................................................... 284 set stp instance trunk priority..................................................................... 284 set stp instance vlan.................................................................................. 285 set stp name............................................................................................. 286 set stp port ............................................................................................... 286 set stp port linktype................................................................................... 287 set stp port packettype.............................................................................. 287 set stp relay.............................................................................................. 288 set stp revision.......................................................................................... 288 set stp trunk ............................................................................................. 288 set stp trunk linktype................................................................................. 289 set stp trunk packettype ............................................................................ 289 show stp................................................................................................... 290 show stp instance...................................................................................... 290 show stp port............................................................................................ 291 show stp trunk .......................................................................................... 292
QoS Configuration.........................................................................292
set qos queue-schedule ............................................................................. 292 set qos priority-map user-priority............................................................... 293 set qos priority-map ip-priority................................................................... 293 show qos queue-schedule.......................................................................... 294 show qos priority-map............................................................................... 294
PVLAN Configuration .....................................................................294

set pvlan session....................................................................................... 294 show pvlan ............................................................................................... 295
802.1x Transparent Transmission Configuration ..............................296

set 802.1xrelay ......................................................................................... 296 show 802.1xrelay...................................................................................... 296
Layer 3 Configuration ....................................................................297
arp add .....................................................................................................297 arp delete..................................................................................................298 arp ipport timeout......................................................................................298 clear arp....................................................................................................299 clear ipport ................................................................................................299 clear iproute ..............................................................................................300 iproute ......................................................................................................301 set ipport...................................................................................................302 set ipport ipaddress....................................................................................302 set ipport mac ...........................................................................................303 set ipport vlan............................................................................................304 show arp ...................................................................................................305 show ipport ...............................................................................................306 show iproute..............................................................................................306
Access Service Configuration..........................................................307

aaa-control port accounting........................................................................307 aaa-control port dot1x ...............................................................................307 aaa-control port keepalive..........................................................................308 aaa-control port keepalive period................................................................308 aaa-control port max-hosts ........................................................................309 aaa-control port multiple-hosts...................................................................309 aaa-control port port-mode ........................................................................310 aaa-control port protocol ............................................................................310 dot1x max-request ....................................................................................311 dot1x quiet-period .....................................................................................311 dot1x re-authenticate ................................................................................312 dot1x re-authenticate period ......................................................................312 dot1x server-timeout .................................................................................312 dot1x supplicant-timeout............................................................................313 dot1x tx-period..........................................................................................313
clear client ................................................................................................ 314 clear client index ....................................................................................... 314 clear client port ......................................................................................... 314 clear client vlan ......................................................................................... 315 radius isp .................................................................................................. 315 radius isp add accounting .......................................................................... 316 radius isp add authentication ..................................................................... 316 radius isp defaultisp................................................................................... 317 radius isp delete accounting....................................................................... 317 radius isp delete authentication.................................................................. 317 radius isp description................................................................................. 318 radius isp client ......................................................................................... 318 radius isp fullaccount ................................................................................. 319 radius isp sharedsecret.............................................................................. 319 radius nasname ........................................................................................ 320 radius retransmit....................................................................................... 320 radius timeout........................................................................................... 320 show aaa-control port................................................................................ 321 show dot1x............................................................................................... 321 show client................................................................................................ 321 show client index....................................................................................... 322 show client mac ........................................................................................ 322 show client port......................................................................................... 322 show radius .............................................................................................. 323
QinQ Configuration........................................................................323
set qinq customer port............................................................................... 323 set qinq tpid.............................................................................................. 324 set qinq uplink port.................................................................................... 324 show qinq ................................................................................................. 325
Remote-access Configuration.........................................................325
clear remote-access all...............................................................................325 clear remote-access ipaddress....................................................................325 set remote-access......................................................................................326 set remote-access ipaddress ......................................................................326 show remote-access ..................................................................................327
SSH Configuration.........................................................................327
set ssh ......................................................................................................327 show ssh ...................................................................................................327
SNMP Configuration ......................................................................328

clear community........................................................................................328 clear traphost ............................................................................................328 clear view..................................................................................................329 create community......................................................................................329 create view................................................................................................330 set community view...................................................................................331 set trap .....................................................................................................331 set traphost...............................................................................................332 show snmp................................................................................................333
RMON Configuration......................................................................333
set alarm...................................................................................................333 set event...................................................................................................336 set history .................................................................................................337 set rmon ...................................................................................................339 set statistics...............................................................................................339 show alarm ...............................................................................................341 show event................................................................................................341 show history..............................................................................................342 show rmon ................................................................................................343 show statistics ...........................................................................................343
Cluster Management Configuration.................................................343
erase member .......................................................................................... 343 reboot member......................................................................................... 344 save member............................................................................................ 344 set group add device ................................................................................. 345 set group add mac .................................................................................... 345 set group candidate................................................................................... 346 set group commander ipport...................................................................... 346 set group delete member .......................................................................... 347 set group independent............................................................................... 347 set group handtime ................................................................................... 347 set group holdtime .................................................................................... 348 set group name......................................................................................... 349 set group tftpsvr........................................................................................ 349 set zdp ..................................................................................................... 350 set zdp holdtime........................................................................................ 350 set zdp port .............................................................................................. 350 set zdp timer............................................................................................. 351 set zdp trunk............................................................................................. 352 set ztp ...................................................................................................... 352 set ztp hop................................................................................................ 353 set ztp hopdelay........................................................................................ 353 set ztp port ............................................................................................... 354 set ztp portdelay ....................................................................................... 354 set ztp timer ............................................................................................. 355 set ztp trunk ............................................................................................. 356 set ztp vlan ............................................................................................... 356 show group............................................................................................... 357 show group candidate ............................................................................... 357 show group member ................................................................................. 357 show zdp .................................................................................................. 358 show zdp neighbour .................................................................................. 358
show ztp ...................................................................................................358 show ztp device .........................................................................................359 show ztp mac ............................................................................................359 ztp start ....................................................................................................360
Single-port Loop Test ....................................................................360

set loopDetect blockDelay ..........................................................................360 set loopDetect port ....................................................................................360 set loopDetect port protect.........................................................................361 set loopDetect trunk...................................................................................361 set loopDetect trunk protect .......................................................................362 show loopDetect ........................................................................................363
Appendix A.........................................................................365 Abbreviations.....................................................................365 Figures ...............................................................................371 Tables .................................................................................373
This page is intentionally blank.
About this Users Manual

This manual applies to the following access switch models: ZXR10 2609 access switch ZXR10 2818S access switch ZXR10 2826S access switch ZXR10 2852S access switch ZXR10 2609/2818S/2826S/2852S (V1.0) access switch is also referred to as ZXR10 2609/2818S/2826S/2852S for short, or switch in the universal part. ZXR10 2609LE/2818SLE/2826SLE/2852SLE access switch series are a simplified version of the ZXR10 2609/2818S/2826S/2852S access switch. Their functions are simplified on the basis of functions of the ZXR10 2609/2818S/2826S/2852S. But the hardware structure of ZXR10 2609LE/2818SLE/2826SLE/2852SLE access switch series is the same as ZXR10 2609/2818S/2826S/2852S. The function simplification involves the following parts:
1. QoS functions
Cancel the function of determining priority of data packet based on static resource MAC address (SA) and VLAN priority. Cancel the support to the 802.1p subscriber priority remap function on the port. Cancel the support to the OUT port speed restriction function.
2. Cancel the support to the QINQ function. 3. Reduce eight LACP groups of 2852SLE (On the 2852S, 16 groups are supported.) 4. Only the Spanning Tree Protocol (STP) and RSTP are supported. The MSTP is not supported now.
Confidential and Proprietary Information of ZTE CORPORATION
xxiii
ZXR10 2609/2818S/2826S/2852S Access Switch Users Manual
Except for those specified as the contents for LE serial switches, the rest common contents are applicable to all switches.
Purpose of this Users Manual

This manual consists of ten chapters and one appendix. Chapter 1 Safety Instructions introduces the safety signs and their meanings. Chapter 2 System Overview introduces 2609/2818S/2826S/2852S system briefly. the ZXR10
Chapter 3 Structure & Principles introduces the structure and working principles of the ZXR10 2609/2818S/2826S/2852S. Chapter 4 Installation and Debugging introduces the installation and debugging methods of the ZXR10 2609/2818S/2826S/2852S. Chapter 5 Usage & Operations introduces the configuration methods, command mode, and usage of command line. Chapter 6 System Management introduces the system management of the ZXR10 2609/2818S/2826S/2852S. Chapter 7 Basic Configuration introduces the configuration of ZXR10 2609/2818S/2826S/2852S. service data
Chapter 8 Network Management introduces the network management configuration of the ZXR10 2609/2818S/2826S/2852S. Chapter 9 Maintenance introduces the routine maintenance of the ZXR10 2609/2818S/2826S/2852S. Chapter 10 Command Reference introduces the supported by the ZXR10 2609/2818S/2826S/2852S. commands
xxiv
Appendix A Abbreviations
Typographical Conventions
ZTE documents employ the following typographical conventions.
TABLE 1 TYPOGRAPHICAL CONVENTIONS
Typeface
Meaning References to other guides and documents; parameter values Links on screens Menus, menu options, input fields, radio button names, check boxes, drop-down lists, dialog box names, window names Keys on the keyboard and buttons on screens and company name Text that you type, program code, files and directory names, and function names Optional parameters Mandatory parameters Select one of the parameters that are delimited by it Note: Provides additional information about a certain topic Checkpoint: Indicates that a particular step needs to be checked before proceeding further Tip: Indicates a suggestion or hint to make things easier or more productive for the reader
Italics
Quotes Bold
CAPS
Constant width
[] {} |
xxv
Mouse Operation Conventions

TABLE 2 MOUSE OPERATION CONVENTIONS
Typeface Click Double-click Right-click Drag
Meaning Refers to clicking the primary mouse button (usually the left mouse button) once. Refers to quickly clicking the primary mouse button (usually the left mouse button) twice. Refers to clicking the secondary mouse button (usually the right mouse button) once. Refers to pressing and holding a mouse button and moving the mouse.
xxvi
Safety Signs
TABLE 3 S AFETY SIGNS
Safety Signs
Meaning Danger: Indicates an imminently hazardous situation, which if not avoided, will result in death or serious injury. This signal word should be limited to only extreme situations. Warning: Indicates a potentially hazardous situation, which if not avoided, could result in death or serious injury. Caution: Indicates a potentially hazardous situation, which if not avoided, could result in minor or moderate injury. It may also be used to alert against unsafe practices. Erosion: Beware of erosion. Electric shock: There is a risk of electric shock. Electrostatic: The device may be sensitive to static electricity. Microwave: Beware of strong electromagnetic field. Laser: Beware of strong laser beam. No flammables: No flammables can be stored. No touching: Do not touch. No smoking: Smoking is forbidden.
xxvii
How to Get in Touch

The following sections provide information on how to obtain support for the documentation and the software.
Customer Support
If you have problems, questions, comments, or suggestions regarding your product, contact us by e-mail at support@zte.com.cn. You can also call our customer support center at (86) 755 26771900 and (86) 800-9830-9830.
Documentation Support
ZTE welcomes your comments and suggestions on the quality and usefulness of this document. For further questions, comments, or suggestions on the documentation, you can contact us by e-mail at doc@zte.com.cn; or you can fax your comments and suggestions to (86) 755 26772236. You can also explore our website at http://support.zte.com.cn, which contains various interesting subjects like documentation, knowledge base, forum and service request.
xxviii
Chapter
Safety Description
In this chapter, you will learn about:
Safety instructions Sign description
Safety Instructions
Only the properly trained professional personnel are qualified for the installation, operation, and maintenance of this equipment. Observe the local safety specifications and relevant operating procedures in equipment installation, operation and maintenance, to avoid personal injury or damage to the equipment. The safety precautions in this manual can only be used as a supplement to local safety regulations. ZTE Corporation assumes no responsibility for consequences resulting from violation of general specifications for safety operations or of safety rules for design, production and use of equipment.
29
Sign Description
Contents deserving special attention when configuring the equipment are explained in the following format: Caution: Ignoring safety precautions may result in equipment faults.
Note: Contents that you need to pay special attention to besides the safety precautions.
30
Chapter
System Overview
An overall introduction to the ZXR10 2609/2818S/2826S/2852S Rich software/hardware functions of the ZXR10 2609/2818S/2826S/2852S Networking mode of the ZXR10 2609/2818S/2826S/2852S Technical features of the ZXR10 2609/2818S/2826S/2852S Parameters of the ZXR10 2609/2818S/2826S/2852S
Product Overview
ZXR10 2609/2818S/2826S/2852S access switches are located at the access layer of the enterprise network and broadband IP metropolitan area network (MAN), providing different number of Ethernet ports. They can serve as the access equipment at the subscriber side in the information intelligent residential areas, commercial buildings, hotels, campus networks, enterprise (government) network or the convergence equipment of small-size network to provide fast, efficient, and cost-effective access and convergence solutions.
31
Functions
The ZXR10 2609/2818S/2826S/2852S adopts the Store and Forward mode and supports the layer-2 switching at wire-speed. Full wirespeed switching is implemented at all ports. The ZXR10 2609/2818S/2826S/2852S has the following functions:
1. MAC address self-learning capability. The size of the MAC address table is 8K. 2. Port MAC address bundling and address filtering. 3. Support the 802.1q-compliant VLAN and private border VLAN. The maximum number of VLANs can be up to 4094. The VLAN stacking function is also supported. 4. Priority classification by DA, SA, VID, or TOS/DSCP, multiqueue, fixed priority scheduling, weighted priority scheduling, and port multi-queue at the switch. 5. Support the STP defined in the 802.1d, RSTP defined in the 802.1w, and MSTP defined in the 802.1s. 6. Support LACP port bundling defined in 802.3ad and port static bundling. At most 16 port groups can be bundled and each group contains at most eight ports. 7. Multi-VLAN IGMP snooping. 8. Port ingress and egress mirroring. 9. 802.3x-compliant flow control (full duplex) and backpressure flow control (half duplex). 10. Port ingress and egress bandwidth restriction. 11. Single port loop test. 12. VCT function and faulty circuit test. 13. Detailed port flow statistics. 14. Broadcast storm suppression. 15. Configuration of NM static route.
32 Confidential and Proprietary Information of ZTE CORPORATION
Chapter 2 - System Overview
16. 802.1x transparent transmission and authentication. 17. Support the Console configuration, Telnet remote login, SNMP network management, centralized network management of ZXNM01, trunking management technology ZGMP, and Secure shell V2.0. 18. Uploading and downloading of TFTP version.
Networking Mode
The ZXR10 2609/2818S/2826S/2852S features flexible networking mode. The following introduces two typical network modes.
Workgroup Networking Mode

The ZXR10 2609/2818S/2826S/2852S can be flexibly employed in workgroup-level networks like enterprise and department networks. The ZXR10 2609/2818S/2826S/2852S provides 8 to 48 10/100M interfaces and the number of interfaces can be extended through cascading of the switches. The extension slot can provide the 100M or 1000M high-speed optical interface to connect with backbone network or high-speed server. Figure 1 shows the typical networking structure.
33
FIGURE 1 TYPICAL WORKGROUP NETWORKING STRUCTURE
IP backbone network
100M/1000M
ZXR10 2609/2818S/2826S/2852S Server

10/100M 10/100M
ZXR10 2609/2818S/2826S/2852S
10/100M
10/100M 10/100M 10/100M 10/100M 10/100M
MAN Broadband Access Networking Mode

In the construction of broadband MAN, the ZXR10 2609/2818S/2826S/2852S can be equipped at the access layer of the residential blocks or the convergence layer of the buildings and directly provide 10/100M access of subscribers or connect to the switch at the access layer such as ZXR10 1816. With the flexible uplink port of the ZXR10 2609/2818S/2826S/2852S, 100M/1000M optical interface can be configured to connect to the convergence node of the residential block and build a broadband service network for an information residential block together with the network management systems such as Broadband Access Server (BRAS), and AAA server.
34
Chapter 2 - System Overview
The ZAN (Customer Premises Network) equipment can be included via in-band or out-band mode into the NMS of the entire MAN, or managed with the network management and service management system independently established in the residential complex. Figure 2 shows the typical networking structure.
F I G U R E 2 T Y P I C A L N E T W O R K I N G O F M AN B R O A D B A N D A C C E S S
AAA server IP backbone network
BRAS
Email/DNS/ DHCP server

100M/1000M
ZXR10 3906
100M
N 10/100M
ZXR10 2609
100M
ZXR10 2818S
10/100M 10/100M
ZXR10 2826S
Network/Property management server
1000M
ZXR10 2852S/2826S
35
Technical Features and Parameters

The ZXR10 2609/2818S/2826S/2852S is in compliance with the following standards: Q/SZX 193-2005 ZXR10 2609/2818S/2826S/2852S Access Switch Table 4 lists the techincal features and parameters of the ZXR10 2609/2818S/2826S/2852S.
TABLE 4 TECHINCAL FE ATURES AND P AR AMETERS
Item
Model ZXR10 2609 35 21 130
ZXR10 2818S 43.6 436 200 2
ZXR10 2826S 43.6 436 200 2
ZXR10 2852S 43.6 442 280 2.5
Dimensions (HxWxD, mm) Weight
(Fully equipped, 1 kg) Maximum power consumption (W) Power supply
14
19
AC power supply: 100V~240V, 48Hz~62Hz. Wave shape distortion <5% DC power supply: 57V to 40V
36
Chapter
Structure & Principle

Structure and working 2609/2818S/2826S/2852S principles of of the the ZXR10 ZXR10
System hardware structure 2609/2818S/2826S/2852S
Working Principle
The ZXR10 2609/2818S/2826S/2852S is a series of layer-2 NMenabled low and medium-range Ethernet switching products launched by ZTE Corporation. They are intended for the access layer of the networks in the commercial buildings, residential areas, campus, and enterprise to meet users diversified requirements on the number of interfaces. This series of products features powerful functions and outstanding performance. Functionally, the switch consists of control module, switching module, interface module, and power supply module. Figure 3 shows the system principle.
1. Control module: It consists of main processor and some external functional chips. The control module controls and manages the switching module to meet the requirements of different network applications. It provides an external serial port for the data operation and maintenance.
Confidential and Proprietary Information of ZTE CORPORATION 37
2. Switching module. It consists of dedicated Ethernet switching processing chips. The switching module processes and exchanges the data packets sent by each port. In addition, the chip is integrated with data packet transceiver and can directly provide hundred megabit or gigabit service interface for users. 3. Interface module: It consists of interface board. (The interface module is used in the ZXR10 2818S and ZXR10 2826S only.) The interface module completes connection with external users and transceiving of data packets. The standard interface is used to connect the interface module and the switching module. 4. Power supply module. It adopts the 220V AC or 48V DC power supply. The power supply module supplies power for other modules of the system.
FIGURE 3 ZXR10 2609/2818S/2826S/2852S WORKING PRINCIPLE
Interface module (hundred megabit or gigabit interface)
Switching module
Hundred megabit or gigabit service interface of the customer
Power module
Control module
The ZXR10 2609/2818S/2826S/2852S (except the ZXR10 2609) uses the 19 subrack that is in compliance with the international
38
Chapter 3 - Structure & Principle
standard. The subrack can be used as standalone equipment or installed in a standard cabinet.
Hardware Structure
The ZXR10 2609/2818S/2826S/2852S adopts the box structure, which is 1U high. It employs independent power supply and natural dissipation method. It has vents on the rear, right, and left sides of the box. The box is composed of a bottom case and a shell. It features light weight and simple structure. All the components or parts are installed on the bottom case, which allows easy installation and uninstallation. The interface board is inserted from the front side and is fixed with two captive screws. The insertion and removal is convenient and flexible. On the front panel or the top of the shell of the ZXR10 2609/2818S/2826S/2852S, there are power indicators, RUN indicators, fixed Ethernet electrical interfaces, Ethernet optical interfaces, and one serial configuration port. The AC or DC power socket and power switch are located on the rear panel. The major hardware of the ZXR10 2609/2818S/2826S/2852S is the Ethernet switching main board, which is indispensable in any type of configuration. The uplink port on the expansion slot of the ZXR10 2818S and ZXR102826S can be configured with different sub-boards as needed.
ZXR10 2609
Figure 4 shows the front panel of the ZXR10 2609.
FIGURE 4 FRONT P ANEL OF THE ZXR10 2609
39
The Ethernet switching main board of ZXR10 2609 is FEBN.
Interfa ces
ZXR10 2609 provides the following types of access ports:
1. Nine fixed 10/100 Base-T Ethernet ports. These ports support full duplex/half duplex and 10/100M and MDI/MDIX auto-sensing function. Except the 9th port, other ports are also equipped with VCT auto detection function. 2. One Console port, used to realize the management and configuration of various services.
Indicators
There are 11 indicators on the top of the shell of the ZXR10 2609, including two system indicators and nine interface indicators.
1. The system indicators include power indicator (PWR) and running indicator (RUN). The following explains their status:
After the system is powered up, the PWR indicator is on and the RUN indicator is off. The BootROM starts to load the version. If the version is unavailable, the states of indicators do not change. If the version is loaded normally, the RUN indicator flashes at 1Hz.
2. The nine interface indicators correspond to the nine fixed Ethernet electrical interfaces. When the indicator is on, it indicates that the LINK is normal. If the indicator is flashing, it indicates that data sending or receiving is underway.
ZXR10 2818S
Figure 5 shows the front panel of the ZXR10 2818S.
40
FIGURE 5 FRONT P ANEL OF THE ZXR10 2818S
The Ethernet switching main board of the ZXR10 2818S is FEBE. The ZXR10 2818S can also be configured with the following sub-boards: FFEI, FGEI, FGFI, and FGFE. For the description of the sub-boards, see Sub-boards.
Interfa ces
ZXR10 2818S provides the following types of access ports. They can be configured according to the actual application.
1. Sixteen fixed 10/100 Base-T Ethernet ports. These ports support full duplex/half duplex, 10/100M and MDI/MDIX auto-sensing function, and VCT auto detection function. 2. One expansion slot for the uplink sub-boards that can provide single/double-channel 100M optical interface, 2channel 1000M optical interface, 2-channel 1000M electrical interface, or 1000M optical-electrical interface. 3. One Console port, used to realize the management and configuration of various services.
Indicators
On the top of the shell and front panel of the ZXR10 2818S, there are 18 indicators, including 2 system indicators and 16 interface indicators. The indicators on the top of the shell and the front panel of the FEBE are the same.
1. The system indicators include power indicator (PWR) and running indicator (RUN). The following explains their states:
After the system is powered up, the PWR indicator is on and the RUN indicator is off.
41
The BootROM starts to load the version. If the version is unavailable, the states of indicators do not change. If the version is loaded normally, the RUN indicator flashes at 1Hz.
2. The 16 interface indicators correspond to the 16 fixed Ethernet electrical interfaces. When the indicator is on, it indicates that the LINK is normal. If the indicator is flashing, it indicates that data sending or receiving is underway.
ZXR10 2826S
The Ethernet switching main board of ZXR10 2818S is FEBT. The ZXR10 2818S can also be configured with the following sub-boards: FFEI, FGEI, FGFI, and FGFE. For introduction to the sub-boards, see Sub-boardsSub-boards.
Interfa ces
The ZXR10 2826S provides the following types of access ports. They can be configured flexibly according to the actual application.
1. Twenty four fixed 10/100 Base-T Ethernet ports. These ports support full duplex/half duplex, 10/100M and MDI/MDIX auto-sensing function, and VCT auto detection function. 2. One expansion slot for the uplink sub-boards that can provide single/double-channel 100M optical interface, 2channel 1000M optical interface, 2-channel 1000M electrical interface, or 1000M optical-electrical interface.
42
3. One Console port, used to realize the management and configuration of various services.
Indicators
On the front panel of the ZXR10 2826S, there are 50 indicators, including 2 system indicators and 48 interface indicators.
1. The system indicators include power indicator (PWR) and operation indicator (RUN). The following explains their states:
After the system is powered on, the PWR indicator is on and the RUN indicator is off. The BootROM starts to load the version. If the version is unavailable, the states of indicators do not change. If the version is loaded normally, the RUN indicator flashes at 1Hz.
2. There are two indicators on each fixed Ethernet electrical port. The left one is the half/full duplex indicator and the right one is the link activation indicator.
The half/full duplex indicator is on when the Ethernet electrical port works in the full duplex mode, off when the Ethernet electrical port works in the half duplex mode, and flashes when there is conflict. The link activation indicator flashes when the link is activated.
ZXR10 2852S
The Ethernet switching main board of the ZXR10 2852S is FEBF.
43
Interfa ces
ZXR10 2852S provides the following types of access ports. They can be configured flexibly according to the actual application.
1. Forty eight fixed 10/100 Base-T Ethernet ports. These ports support full duplex/half duplex, 10/100M and MDI/MDIX auto-sensing function, and VCT auto detection function. 2. Two fixed 10/100/1000 Ethernet electrical ports and two fixed 1000 Ethernet electrical ports. 3. One Console port, used to realize the management and configuration of various services.
Indicators
On the front panel of the ZXR10 2852S, there are 56 indicators, including four system indicators and 52 interface indicators.
1. The system indicators include two CONSOLE port indicators, one power indicator (PWR), and one running indicator (RUN). The following explains their status:
After the system is powered up, the PWR indicator is on and the RUN indicator is off. The BootROM starts to load the version. If the version is unavailable, the states of indicators do not change. If the version is loaded normally, the RUN indicator flashes at 1Hz.
2. The interface indicators include: i. The 48 round indicators on the upper part of the front panel correspond to 48 fixed Ethernet electrical ports. When the indicator is on, it indicates that the LINK is normal. If the indicator is flashing, it indicates that data sending or receiving is underway.
ii. The ACT1 and ACT2 on the left correspond to two fixed gigabit optical interfaces. When the indicator is on, it indicates that the LIKK is normal. If the indicator is
44
flashing, it indicates that data sending or receiving is underway. iii. Each fixed gigabit Ethernet port has two indicators. The left one is the half/full duplex indicator and the right one is the link activation indicator.
The half/full duplex indicator is on when the Ethernet electrical port works in the full duplex mode, off when the Ethernet electrical port works in the half duplex mode, and flashes when there is conflict. The link activation indicator flashes when the link is activated.
Sub-boards
The ZXR10 2816S and ZXR10 2826S can be configured with the following sub-boards according to the actual networking requirements: FFEI, FGEI, FGFI, and FGFE.
FFEI
The FFEI provides one channel of 100M Ethernet uplink optical interface for the ZXR10 2818S/2826S. There are three FFEI models, providing different types of interface and transmission distance:
1. SF-1FE-S40KSC: Extend distance to 40 km over singlemode fiber cable. Figure 8 shows this sub-board.
FIGURE 8 SF-1FE-S40KSC SUB-BOARD
45
2. SF-1FE-S15KSC Extend distance to 15 km over singlemode fiber cable. Figure 9 shows this sub-board.
FIGURE 9 SF-1FE-S15KSC SUB-BOARD
3. SF-1FE-M02KSC Extend distance to 2 km over dual-mode fiber cable. Figure 10 shows this sub-board.
FIGURE 10 SF-1FE-M02KSC SUB-BOARD
On the front panel of FFEI, there are two indicators: link activation indicator (ACT) and link status indicator (LNK). The ACT indicator flashes when data sending or receiving is underway. The LNK indicator is on when the link is normal.
FGEI
The FGEI provides two channels of gigabit Ethernet uplink electrical ports for the ZXR10 2818S/2826S. Its model number is SF-2GE2RJ45, as shown in Figure 11.
46
FIGURE 11 SF-2GE-2RJ45 SUB-BOARD (FGEI)
On the panel of the FGEI, there are four indicators. Each gigabit electrical port has two indicators: link activation indicator and link status indicator The link activation indicator flashes when data sending or receiving is underway. The link status indicator is on when the link is normal.
FGFI
The FGFI provides two channels of gigabit Ethernet uplink optical ports for the ZXR10 2818S/2826S. Its model number is SF-2GE2SFP, as shown in Figure 12.
FIGURE 12 SF-2GE-2SFP SUB-BOARD (FGFI)
On the panel of the FGFI, there are two indicators: ACT1 and ACT2. They correspond to two gigabit optical interfaces. When the indicator is on, it indicates that the LIKK is normal. If the indicator is flashing, it indicates that data sending or receiving is underway.
47
FGFE
The FGFE provides one channel of gigabit Ethernet uplink electrical port and one channel of gigabit Ethernet uplink optical port for the ZXR10 2818S/2826S. Its model number is SF-2GE-SFPRJ45, as shown in Figure 13.
FIGURE 13 SF-2GE-SFPRJ45 SUB-BOARD (FGFE)
On the panel of the FGFE, there are three indicators. The gigabit optical port has an ACT indicator. When the indicator is on, it indicates that the LIKK is normal. If the indicator is flashing, it indicates that data sending or receiving is underway. The gigabit electrical port has two indicators: link activation indicator and link status indicator. The link activation indicator flashes when data sending or receiving is underway. The link status indicator is on when the link is normal.
Power Supply Module

ZXR10 2609
ZXR10 2609 supports two power supply modes: 110V/220V AC power supply and POE powered mode. When the AC power supply is used, the self-contained AC adapter can be directly used to convert the AC power into 5V DC power.
48
When the POE powered mode is used, a dedicated POE device is needed to split the RJ45 signals of the 48V power provided by the POE power sourcing equipment into Ethernet signal and 48V power signal and convert the power into 5V DC power needed by the ZXR10 2609.
ZXR10 2818S/2826S
ZXR10 2818S/2826S supports two power supply modes: -48V DC power supply and 110V/220V AC power supply. When the -48V DC power supply is adopted, use the 48V DC power cables. When the AC power supply is adopted, use the AC power cables. Figure 14 and Figure 15 respectively show the rear panel of the swtich when the 48V DC power supply and 110V/220V AC power supply are adopted. ZXR10 2818S also supports the POE power mode, but the powered device must be the first Ethernet port.
FIGURE 14 SUPPLY)
REAR PANEL OF THE ZXR10 2818S/2826S (DC POWER
-48VGND
GNDP
-48V
FIGURE 15 REAR PANEL OF THE ZXR10 2818S/2826S (AC POWER SUPPLY)
100-240V~ 60-50Hz
ZXR10 2852S
ZXR10 2852S supports two power supply modes: -48V DC power supply and 110V/220V AC power supply. When the -48V DC power supply is adopted, use the 48V DC power cables. When the AC power supply is adopted, use the AC power cables. Figure 16 and
Figure 17 respectively show the rear panel of the swtich when the 48V DC power supply and 110V/220V AC power supply are adopted.
FIGURE 16 REAR PANEL OF THE ZXR10 2852S (DC POWER SUPPLY)

-48VGND GNDP -48V
OFF
ON
FIGURE 17 REAR P ANEL OF THE ZXR10 2852S (AC POWER SUPPLY)
OFF
ON
100-240V~ 60-50Hz
50
Chapter
Installation and Debugging

Installation and debugging procedures of the ZXR10 2609/2818S/2826S/2852S Installation of Cables Cable Lightning Protection Requirements
Installing the Equipment

The ZXR10 2609/2818S/2826S/2852S can be installed either on the desktop or a 19 standard cabinet (except the ZXR10 2609). The 19 standard cabinet can be provided by the customer. If ZTE provides the cabinet, install the cabinet as per 19 Standard Cabinet Installation Manual.
Installing the Switch on Desktop

If the switch is placed on the desktop, install four plastic feet (the plastic feet and screws are delivered with the switch) on the bottom plate of the switch. The four feet support the switch and form a lower air exhaust vent for the dissipation of the power supply module. Figure 18 shows the installation method.
51
FIGURE 18 INSTALLING PLASTIC FEET

ZXR10 2609
DC 5V
Console
10
12
14
16 SF-2GE-2RJ45
ZXR10 2818S
ESD 2 RUN PWR Console 1 3 5 4 6
LNK/ACT 8 10 12 14 16
9 11 13 15
11
13
15
10
12
14
16
18
20
22
24 SF-2GE-2RJ45
ZXR10 2826S
ESD RUN PWR Console 1 3 5 7 9 11 13 15 17 19 21 23
ZXR10 2852S
TX RX TX RX
CONSOLE
52
51
50/49
2/1
4/3
6/5
8/7
10/9
12/11
14/13
16/15
18/17
20/19
22/21
24/23
26/25
28/27
30/29
32/31
34/33
36/35
38/37
40/39
42/41
44/43
46/45
48/47
1 - Box 2 - Foot
Installing the Switch onto a Cabinet

To install the switch onto a 19 cabinet, two flanges should be installed on both sides of the box of the switch (the flanges and screws come with the equipment), as shown in Figure 19.
52
Chapter 4 - Installation and Debugging
FIGURE 19 INSTALLING FL ANGES
10
12
14
16 SF-2GE-2RJ45
ZXR10 2818S
LNK/ACT 8 10 12 14 16
9 11 13 15
11
13
15
10
12
14
16
18
20
22
24 SF-2GE-2RJ45
ZXR10 2826S
ZXR10 2852S
TX RX TX RX
CONSOLE
52
51
50/49
2/1
4/3
6/5
8/7
10/9
12/11
14/13
16/15
18/17
20/19
22/21
24/23
26/25
28/27
30/29
32/31
34/33
36/35
38/37
40/39
42/41
44/43
46/45
48/47
1 - Box 2 - Flange 3 - Screw
On both sides of the 19 cabinet, install two symmetric holders to support the switch, as shown in Figure 20.
53
FIGURE 20 INSTALLING HOLDERS
2 1
1 - Holder 2 - Cabinet 3 - Screw
After the holders are installed, push the switch along the holders and fix the flanges onto the cabinet, as shown in Figure 21.
54
FIGURE 21 FIXING EQUIPMENT
10
12
14
16 SF-2GE-2RJ45
ZXR10 2818S
LNK/ACT 8 10 12 14 16
9 11 13 15
11
13
15
10
12
14
16
18
20
22
24 SF-2GE-2RJ45
ZXR10 2826S
ZXR10 2852S
TX RX TX RX
CONSOLE
52
51
50/49
2/1
4/3
6/5
8/7
10/9
12/11
14/13
16/15
18/17
20/19
22/21
24/23
26/25
28/27
30/29
32/31
34/33
36/35
38/37
40/39
42/41
44/43
46/45
48/47
1 Cabinet 2 Box 3 Screw
55
Installation of Cables
Cables of the ZXR10 2609/2818S/2826S/2852S include power cables, configuration cables, network cables, and fibers.
Installing Power Cables

Power cables are classified into AC power cables and DC power cables according to the type of power supply module:
1. Install AC power cables. AC power cables look basically the same as the standard printer power cables, except that the core diameter is smaller. Figure 22 shows the AC power cable.
FIGURE 22 AC POWER CABLE
One end of the AC power cable is connected to the AC power socket on the AC power supply module of the ZXR10 2818S/2826S/2852S, and the other end to the 220V AC power socket. For the ZXR10 2609, directly use the self-contained AC adapter connection equipment and socket. 2. Install DC power cables. Figure 23 shows the 48 power socket on the DC power supply module of the ZXR10 2609/2818S/2826S/2852S.
56
FIGURE 23 48 POWER SOCKET
The DC power cable is a 3-core power cable, as shown in Figure 24.
FIGURE 24 DC POWER CABLE
-48VGND -48V GNDP
Label End B End A
Where, the plug is on end A. On end B:

The blue wire is connected to -48V power supply. The brown wire is connected with -48VGND. The yellow-green wire is connected with GNDP.
One end of the DC power cable is connected to the power socket on the DC power supply module of the ZXR10 2818S/2826S/2852S, and the other end to the corresponding terminal of 48V DC power supply.
57
Installing Configuration Cables

The serial port configuration cable is used for the configuration and routine maintenance of the ZXR10 2609/2818S/2826S/2852S. The ZXR10 2609/2818S/2826S/2852S is delivered with serial port configuration cable. One end of the cable is a DB9 serial port, which is connected with the serial port on the computer. The other end is an RJ45 port, which is connected to the Console port on the ZXR10 2609/2818S/2826S/2852S. Figure 25 shows the appearance of a configuration cable and Table 5 provides the cable pinout.
FIGURE 25 SERIAL PORT CONFIGURATION CABLE
Magnified view of end A
TABLE 5 PINOUT OF SERIAL PORT CONFIGURATION CABLE
End A 2 3 5 4 6 7 8
58
Color White Blue White Orange White Green White Brown
End B 3 6 4 5 7 2 8 1
Installing Network Cables

Both ends of the network cable are crimped with RJ45 connectors, as shown in Figure 26. Name of the cable connector: 8P8C straight cable crimping connector Model: E5088-001023 Technical parameters: Rated current 1.5A, rated voltage 125V, and crimping round wire AWG24-28#.
FIGURE 26 STRUCTURE OF NETWORK CABLE
End A
By the sequence of crimping the lines in the connector, the cables can be classified into: Straight-through cable RJ45, with one-to-one connection correspondence at two ends of the cable. The specific pinout is shown in Table 6.
TABLE 6 RJ45 PINOUT OF STRAIGHT-THROUGH CABLE
A End 1 2 3 6
Cable Colors White/orange Orange White/green Green
B End 1 2 3 6
59
A End 4 5 7 8
Cable Colors Blue White/blue White/brown Brown
B End 4 5 7 8
Crossover cable RJ45J with two twisted pairs at two ends of the cable corresponding to each other in the crossover mode. The specific pinout is shown in Table 7.
TABLE 7 RJ45J PINOUT OF CROSSOVER CABLE
A End 1 2 3 6 4 5 7 8
Cable Colors White/orange Orange White/green Green Blue White/blue White/brown Brown
B End 3 6 1 2 4 5 7 8
Installing Fibers
Each optical port of the ZXR10 2609/2818S/2826S/2852S is connected to two fibers: one for receiving and one for transmission. They are respectively marked as TX and RX on the panel. Note not to mis-insert the fibers. Fibers are classified into single-mode and multi-mode fibers. You can configure 6 types of fibers as listed in Table 8 according to your application requirements.
60
TABLE 8 FIBER TYPES
Mode
Type of Connector on the Switch SC-PC connector (square and flat head)
Type of Connector on the Peer End FC/PC connector
Single-mode fiber
SC/PC connector ST/PC connector FC/PC connector
multi-mode fiber
SC-PC connector (square and flat head)
SC/PC connector ST/PC connector
For fiber layout out of the cabinet, make sure to protect the fibers against any damages with plastic corrugated protection tubes. Optical fibers inside the protection tube should not entangle with one another, and they shall be bent into a round shape at the bending position, if any. The labels at the two ends of the optical fiber shall be clear and legible. The meanings of the labels shall clearly reflect the corresponding numbers and relationship between cabinets and between rows.
Labels
1. The pattern and meanings of the labels attached to the connector The label attached to the connector is called transverse English label on panels and connectors. Figure 27 shows the structure and dimensions of the label.
61
FIGURE 27 TRANSVERSE ENGLISH LABEL ON P ANELS AND CONNECTORS
Meanings of the contents on the labels are as follows: RJ45Cable code Port AEnd A of the cable connector, corresponding to End B or another end. 5mLength of the finished cable. It refers to the straight line length of the cable from the connector at one end to the connector at the other end. TIC 10/100Base-T 1Connection position, the first 10/100Base-T network port of the TIC board. 2. The pattern and meanings of the label attached to the cable The label attached to the cable is called roll-type selfcover laser print label model II. Figure 28 shows the structure and dimensions of the label.
62
FIGURE 28 ROLL-TYPE SELF-COVER LASER PRINT LABEL MODEL II
Transparent area
Transparent area
Printable area
HD182 Port B 1.30m #1-L5-DTI1 D25~32
The contents of the label in the above figure have the same meanings as those of the label in Figure 27. These two types of label are used in different places. The transverse English label on panels and connectors is only applicable to the connectors where the attachment area is larger than the label area or to panels. The roll-up selfmulching laser printing label is rolled around the cable with its own scotch adhesive tapes. It is used when the horizontal English label cannot be used because the cable connector is small or the cable does not look nice with a horizontal English label. 3. Before the cabinet equipment is delivered, all the internal interconnected cables shall be attached with flag-type direction labels. This label attached to the cable is called Transverse English Type I Label. Figure 29 shows the structure and dimensions of the label. The contents of the label in the above figure have the same meanings as those of the label in Figure 27
63
FIGURE 29 TRANSVERSE ENGLISH TYPE I LABEL
4. The meaning of the content and the structure of a fiber engineering label are as shown in Figure 30.
FIGURE 30 P ATTERN AND MEANINGS OF THE ENGINEERING LABEL ON THE OPTICAL FIBER
Optical fible(R)
Optical fible(L)
The side marked with "L" must be filled in

Fill in the ODF. Row No.
The side marked with "R" must be filled in
Row No. Rack No.
Serial No. Layer No.
Serial No. Column No
The two sides of the engineering label on the optical fiber are marked L and R with the specific meanings as follows:
When the label is pasted on the fiber at the ZXR10 2609/2818S/2826S/2852S side, the row number and column number of the cabinet at the side of the connected remote optical interface device as well as the layer No. of the fiber in
the cabinet and the fiber No. should be filled in the R area of the label. In this case, the row No. and column No. of ZXR10 2609/2818S/2826S/2852S where the fiber is located as well as the layer No. of the fiber and fiber number shall be filled in the L area of the label. If the label is attached on the optical interface equipment of the customer, contents filled on the label are just contrary to those at the ZXR10 2609/2818S/2826S/2852S side.
Cable Lightning Protection Requirements

According to the degree of hazard, lightning is classified into direct lightning strike and lightning induction. The damage of direct lightning strike is hard to avoid. But proper lightning protection measure can effectively prevent the lightning induction. The following lightning protection requirements are proposed to reduce the equipment failure rate in the areas where lightning is frequent.
1. The Ethernet switch shall be placed in the corridor, preferably on the first floor. To avoid the direct sunshine, rains, and lightning, the switch cannot stay in an outdoor place where no weather-proof measures are taken. Ensure that all subscriber lines, except the uplink, downlink, and cascading lines, are distributed inside the building to avoid the attack of lightning induction. Figure 31 shows the cabling of Ethernet switch in a fourfloor building with three units. Where, switch A in Unit 1 is the convergence switch of the whole building, and switches B and C are access switches. Switches A, B, and C are cascaded. That is, the cascading cable of switch A is the uplink cable of switch B, and the cascading cable of switch B is the uplink cable of switch C. The rest subscriber lines are distributed inside the building and connected to the subscriber terminals from bottom to top in the corridor.
FIGURE 31 CABLING OF THE ETHERNET SWITCH IN A BUILDING
Unit 1
Corridor 4st floor 7 8
Unit 2
Corridor
Unit 3
Corridor
3st floor
2st floor
Switch ...
Switch ...
Switch ...
1st floor
1 Uplink cable
2 Cascading cable
B Cascading cable
In the above figure, 1 to 8 stands for subscribers. The cascading cable refers to the cable connecting two switches. 2. Reinforced lightning protection measures must be taken and lightning protection bars must be added for the uplink, downlink, and cascading Ethernet ports that are led outdoors. In special case when the common subscriber lines must be distributed outdoors, lightning protection bars must also be added. The lightning protection capability of the lightning protection bar must reach 6 KV or above and the current discharge capability must reach 5 KA. The grounding cable of the lightning protection bar must have a diameter of 16 mm2 and a length less than 30 cm. It is recommended to use the optical port as the uplink port of the convergence switch in the building. If the electrical port is used, lightning protection bars must be added.
66
Figure 32 shows the cabling of a convergence switch. Where, the uplink port is the optical port and lightning protection bars are added for the downlink or cascaded cables. The lightning bars are connected to the earth through the shell. The rest subscriber lines are distributed inside the building.
FIGURE 32 CABLING OF A CONVERGENCE SWITCH
Ethernet switch
Lightning protection bar Uplink cable (optical interface) Subscriber line
Shell ground
Less than 30 cm Uplink cable or cascading cable
3. The grounding system with good ground grid is preferred for the switch. A lot of residential buildings with proper grounding have a grounding resistance of 1 ohm. If the test shows that grounding system is not satisfied, it is recommended to equip an independent grounding post and the grounding cable must be 16 mm2 in diameter and as short as possible. Whichever grounding method is used, the grounding resistance must be less than 5 ohm and cannot exceed 10 ohm. 4. It is prohibited that the switch directly gets the power from the outdoor overhead power cable. If the switch must directly get the power from the outdoor overhead power cable, special lightning protection measures, such as lightning protection socket and lightning protection bar, must be added to the power supply. The lightning
protection bar for the power supply must have better lightning protection index than that for the port cable. 5. Whether the Ethernet switch will suffer lightning strike is affected by a lot of factors, including grounding, power supply, and wiring. The lightning strike lead-in mechanism also varies a lot. Taking one measure is far from enough to prevent the lightning strike. Therefore, several measures must be implemented at the same time. Proper grounding, appropriate power supply, reasonable wiring, and suitable lightning protection measures will definitely reduce the chance of the switch damage resulted from lighting strike.
System Debugging
Connection Configuration
The ZXR10 2609/2818S/2826S/2852S debugging is implemented through the Console. The Console port connection configuration adopts the VT100 terminal mode. The following takes the configuration of HyperTerminal provided by the Windows operating system as an example.
1. Connect the PC to the ZXR10 2609/2818S/2826S/2852S. Click Start > Programs > Accessories > Communication > HyperTerminal to connect the HyperTerminal, as shown in Figure 33.
68
FIGURE 33 CREATING A CONNECTION
2. Select COM1 or COM2 according to the serial port connected to the configuration cable. See Figure 34.
69
FIGURE 34 CONNECTION CONFIGURATION INFORM ATION
3. Set the attributes of the selected serial port, as shown in Figure 35. Port attribute settings include the following contents:
Baud rate: 9600 Data bit: 8 Parity: None Stop bit: 1 Data flow control: None
70
FIGURE 35 PORT ATTRIBUTE SETTINGS
Check that all settings are correct. Then power on the ZXR10 2609/2818S/2826S/2852S to initialize the system and then enter the configuration mode.
Power-on Procedure
Before powering on the ZXR10 2609/2818S/2826S/2852S, check the environment in the equipment room and the hardware installation.
1. Check whether the temperature, humidity, and voltage of the power supply in the equipment room meet the requirements listed in Table 9.
TABLE 9 TEMPERATURE AND HUMIDITY TABLE
Temperature (oC) Check Item
Relative Humidity (%) Short-term Working Condition (note 2) Long Term Operatin g Conditio n 30% 70% to Short Term Operatin g Conditio n 20% 90% to
Long-term Working Condition (note 1)
Range Notes:
15C to 30C
-5C to 45C
In normal working environment of the ZXR10 2609/2818S/2826S/2852S, the temperature and humidity are measured 2m above the floor and 0.4m in front of the equipment when the front and rear protection boards are removed. The short-term working condition means that the continuous running period is no more than 48 hours, and the accumulated running period in a year is no more than 15 days.
2. Check whether the power cables and other cables are correctly and reliably connected. 3. Check other hardware conditions.
i. Equipment labels shall be complete, correct and legible. ii. Equipment is installed reliably in the 19 standard cabinet. iii. The power switch of the equipment is turned off. iv. The rack is properly grounded, with the grounding resistance meeting relevant technical requirements.
To power on the ZXR10 2852S, do as follows: 1. Turn on the external power supply. 2. Turn on the power switch at the back of the switch.
To power on the ZXR10 2609\2818S\2826S, do as follows: 1. Connect the power cable at the back of the Ethernet switch. 2. Turn on the external power supply.
The power-down procedure is on contrary to the power-on procedure.
To power down the ZXR10 2852S, do as follows: 1. Turn off the power switch at the back of the switch. 2. Turn off the external power supply.
To power down the ZXR10 2609/2818S/2826S, do as follows: 1. Turn off the external power supply. 2. Remove the power cable at the back of the Ethernet switch.
Indicator Status
After the switch is powered on, the system indicators change in the following way:
1. After the system is powered on, the PWR indicator is on and the RUN indicator is off. 2. The BootROM starts to load the version. If the version is unavailable, the states of indicators do not change. If the version is loaded normally, the RUN indicator flashes at 1 Hz.
73
System Boot Procedure

The procedure to start the system is as follows: After the system is powered on, start the hardware. After the hardware test is passed, the following information appears on the management terminal: Welcome to use ZTE eCarrier!!
Copyright(c) 2004-2006, ZTE Co., Ltd. System Booting...... CPU: WindBond ARM7TDMI Version: VxWorks5.5.1 BSP version: 1.2/0 Creation date: May 23 2005, 00:07:21
Press any key to stop auto-boot... 7
After the above information appears, wait for about 7 seconds and then press any key to enter the boot status. Then modify the startup parameters. If the system does not detect any input within the specified time, the system begins to automatically load the version and displays the following information: auto-booting...
boot device unit number processor number

74
: wbdEnd : 1 : 0
host name : tiger file name : vxWorks inet on ethernet (e) : 10.40.89.106 host inet (h) : 10.40.89.78 gateway inet (g) : 10.40.89.78 flags (f) : 0x80 Attaching to TFFS... done. Loading file :kernel Uncompressing... Uncompressed 2310452 bytes Ok. Loading image... 7018512 Starting at 0x108000...
(Omitted) Welcome ! ZTE Corporation. All rights reserved.
login :
After the system is started successfully, the prompt character login: is displayed, requesting you to input the login user name and password. The default user name is admin and password is zhongxing.
75
76
Chapter
Usage and Operation

Common configuration 2609/2818S/2826S/2852S methods of the ZXR10
Command mode of the ZXR10 2609/2818S/2826S/2852S Command line usage of the ZXR10 2609/2818S/2826S/2852S
Configuration Modes
The ZXR10 2609/2818S/2826S/2852S provides several configuration modes. As shown in Figure 36, you can select a configuration mode according to the network connected.
1. Configuration through serial port connection 2. Configuration through TELNET session 3. Configuration through SNMP connection
77
FIGURE 36 ZXR10 2609/2818S/2826S/2852S CONFIGURATION MODES
FTP/TFTP server Telnet host SNMP network management system
Serial port HyperTerminal ZXR10
Configuration Through Console Port Connection

Configuration through console port connection is the main configuration mode of the ZXR10 2609/2818S/2826S/2852S. For the operation procedure, refer to Connection. You can also configure the connection when the equipment is running.
Configuration Through TELNET Session

Telnet mode is often used for configuring a remote switch. You can log in to the remote switch through the Ethernet port of the local host. The login username and password must be configured on the switch and you can ping the IP address of the layer 3 port on the switch successfully on the local host. (For configuration of IP address of the layer 3 port, see Layer 3 Configuration.) Use the command create user to create a user and the same command to set the login password.
Chapter 5 - Usage and Operation
Note: The default username is admin and the password is zhongxing.
Suppose the IP address of the layer 3 port is 192.168.3.1 and this address can be pinged from the local host. Then perform the remote configuration as follows:
1. Run the Telnet command on the host, as shown in Figure 37.
FIGURE 37 RUN THE TELNET
79
2. Click OK. A Telnet window appears, as shown in Figure 38.
FIGURE 38 SWITCH REMOTE LOGIN WINDOW
3. Enter the username and password to enter the user mode of the switch.
Configuration Through SNMP Connection

Simple Network Management Protocol (SNMP) is the most popular network management protocol. You can use one NM server to manage all the equipment on the network through this protocol. SNMP adopts the server/client-based management mode. The background NM server serves as an SNMP server, and the foreground network equipment. The ZXR10 2609/2818S/2826S/2852S serves as the SNMP client. The
80
foreground and background share the same MIB management database and communicate with each other via the SNMP. The background NM server must be installed with the NM software that supports SNMP. The management and configuration of the ZXR10 2609/2818S/2826S/2852S are implemented through the NM software. For the SNMP configuration on the ZXR10 2609/2818S/2826S/2852S, refer to SNMP.
Command Mode
To facilitate the configuration and management of the switch, the commands of the ZXR10 2609/2818S/2826S/28502S are allocated to different modes according to the functions and authorities. A command can be executed only in the specified mode. The ZXR10 2609/2818S/2826S/2852S command modes include:
1. User mode 2. Global configuration mode 3. SNMP configuration mode 4. Layer 3 configuration mode 5. File system configuration mode 6. NAS configuration mode 7. Cluster management configuration mode
User Mode
When you log in to the switch through the HyperTerminal or Telnet, you can enter the user mode after entering the login username and password. The prompt character in the user mode is the host name followed by >, as shown below: zte>
81
The default host name is zte. You can modify the host name by using the command hostname. In the user mode, you can execute the command exit to exit the switch configuration or execute the command show to display the system configuration and operation information. Note: The command Show can be executed in any mode.
Global Configuration Mode

In the user mode, enter the enable command and the corresponding password to enter the global configuration mode, as follows: zte>enable password :**** zte(cfg)# In the global configuration mode, you can configure various functions of the switch. Thus, you need to use the command adminpass to set the password for entering the global configuration mode to prevent the login of unauthorized users. To return to the user mode from the global configuration mode, use the exit command.
SNMP Configuration Mode

In the global configuration mode, you can use the command config snmp to enter the SNMP configuration mode, as shown below: zte(cfg)#config snmp zte(cfg-OSPF)#?
82
In the SNMP configuration mode, you can set the SNMP and RMON parameters. To return to the global configuration mode from the SNMP configuration mode, use the command exit or press Ctrl+Z.
Layer 3 Configuration Mode

In the global configuration mode, execute the command config router to enter the Layer 3 configuration mode, as shown in the following example: zte(cfg)#config router zte(cfg-OSPF)#? In the Layer 3 configuration mode, you can configure the Layer 3 port, static router, and ARP entities. To return to the global configuration mode from the Layer 3 configuration mode, use the command exit or press Ctrl+Z.
File System Configuration Mode

In the global configuration mode, execute the command config tffs to enter the file system configuration mode, as shown below: zte(cfg)#config tffs zte(cfg-typenum)# In the file system configuration mode, you can operate on the switch file system, including adding file directory, deleting file or directory, modifying file name, displaying file or directory, changing file directory, uploading/downloading files through TFTP, copying files, formatting Flash, and so on. To return to the global configuration mode from the file system configuration mode, use the command exit or press Ctrl+Z.
83
NAS Configuration Mode

In the global configuration mode, execute the command config nas to enter the NAS configuration mode, as shown below: zte(cfg)#config nas zte(cfg-OSPF)#? In the NAS configuration mode, you can configure the switch access service, including the user access authentication and management. To return to the global configuration mode from the configuration mode, use the command exit or press Ctrl+Z. NAS
Cluster Management Configuration Mode

In the global configuration mode, execute the command config group to enter the cluster management configuration mode, as shown below: zte(cfg)#config group zte(cfg-OSPF)#? In the cluster management configuration mode, you can configure the switch cluster management service. To return to the global configuration mode from the cluster management configuration mode, use the command exit or press Ctrl+Z.
84
Usage of Command Line

Online Help
In any command mode, enter a question mark (?) behind the DOS prompt of the system, a list of available commands in the command mode will appear. You can use the online help to get keywords and parameter list of any command.
1. In any command mode, enter a question mark "?" behind the DOS prompt of the system, and a list of all commands in the mode and the brief description of the commands will appear. For example:
zte>? enable exit help system show zte> show config information enable configure mode exit from user mode Description of the interactive help
2. Input a question mark behind a character or string, commands or a list of keywords starting with the character or string can be displayed. Note that there is no space between the character (string) and the question mark. For example:
zte(cfg)#? config clear create
zte(cfg)#
3. Input a question mark behind a command, a keyword or a parameter, the next keyword or parameter to be input will be listed, and also a brief explanation will be given. Note
that a space must be entered before the question mark. For example:
zte(cfg)#? snmp router tffs nas group mode zte(cfg)# enter SNMP config mode enter router config mode enter file system config mode enter nas config mode enter group management config
4. If you enter a wrong command, keyword, or parameter and press Enter, the message Command not found will be displayed on the interface. For example:
zte(cfg)#conf ter % Command not found (0x40000066)
zte(cfg)# In the following example, the online help is used to help create a username. zte(cfg)#? create zte(cfg)#? port vlan user zte(cfg)#create user % Parameter not enough (0x40000071) create descriptive name for port create descriptive name for vlan create user
zte(cfg)#create user ? <name> user name
zte(cfg)#create user wangkc

zte(cfg)#
Command Abbreviations
In the ZXR10 2609/2818S/2826S/2852S, a command or keyword can be shortened into a character or string that can uniquely identify this command or keyword. For example, the command exit can be shortened as ex, and the command show port shortened as sh po.
History Command
The user interface supports the function of recording input commands. A maximum of 20 history commands can be recorded. The function is very useful in re-invoking of a long or complicated command. To re-invoke a command from the record buffer, do one of the following. Press Ctrl+P or Ctrl+N or To Recover the last command (Roll back in the historical records of commands) Recover the next command (Roll forward in the historical records of commands)
Functional Key
The ZXR10 2609/2818S/2826S/2852S provides a lot of functional keys for the user interface to facilitate user operations. Table 10 lists the functional keys.
TABLE 10 FUNCTIONAL KEYS
Functional Key Ctrl-P or
Usage Recover the last command (Roll back in the historical

Functional Key
Usage records of commands). Recover the next command (Roll forward in the historical records of commands). Move left in the command line currently indicated by the prompt. Move right in the command line where the prompt is currently located. Display commands starting with the character or string. If there is only one command, make this command a complete one. Skip to the beginning of the command line. Skip to the end of the command line. Delete the characters from the cursor to the end.
Ctrl-N or Ctrl-B or Ctrl-F or
Tab Ctrl-A Ctrl-E Ctrl-K Ctrl-H Backspace Ctrl-C Ctrl-L Ctrl-Y Ctrl-Z or
Delete the character on the left of the cursor. Cancel the command and display the prompt character. Clear screen. Recover the last command executed. Return to the global configuration mode.
When the command output exceeds one page, the output is split into several pages automatically and the prompt ----- more ----- Press Q or Ctrl+C to break ----- appears at the bottom of the current page. You can press any key to turn pages or press Q or Ctrl+C to stop the output.
88
Chapter
System Management
File System Management File system and related operations TFTP Configuration Import and Export of Configuration Backup and Recovery of Files Software Version Upgrade
File System Management

File system Introduction
In the ZXR10 2609/2818S/2826S/2852S, the FLASH memory is the major storage device. Both the version file and configuration file of the switch are saved in the FLASH memory. Operations, such as version upgrading and configuration saving, should be conducted in the FLASH memory. The name of the version file is kernel.z. The name of the configuration file is running.cfg.
89
File System Operations

The ZXR10 2609/2818S/2826S/2852S provides a lot commands for file system operations. The frequently-used commands include:
1. Enter the file system configuration mode. config tffs 2. Create a directory. md 3. Delete a file or directory. remove 4. Renaming a File rename 5. Modify the current directory. cd 6. Display the current directory list. ls 7. Upload or download a version through TFTP. tftp 8. Copy a file. copy 9. Format the FLASH memory. format
90
Chapter 6 - System Management
TFTP Configuration
The switch version file and configuration file can be backed up or restored by using TFTP. The TFTP server application software is started at the background to communicate with the ZXR10 2609/2818S/2826S/2852S (TFTP client) to implement the file backup and recovery. In the following, the FTP Server software "tftpd" is taken as an example to describe the configuration of the background FTP Server.
1. Run the tftpd software at the background host. The interface as shown in Figure 39 appears.
FIGURE 39 TFTPD SERVER INTERFACE
91
2. Click Tftpd90 > Configure. In the dialog box that appears, click Browse and select the directory for the version file or configuration file, for example, D:\IMG. Figure 40 shows the dialog box after the setting is completed.
FIGURE 40 TFTPD SETTINGS DIALOG BOX
3. Click the first Browse to select the home directory for the version file or configuration file, for example, G:\Switch. Click the second Browse to select the file. Click OK to complete the setting.
After the TFTP configuration is completed, you can perform the TFTP operations on the switch. For details, see the later sections.
92
Import and Export of Configuration

The ZXR10 2609/2818S/2826S/2852S provides the import and export functions of configuration information, which makes it easy to configure and manage the switch.
1. Export the configuration information. You can use the command show running-config toFile to export the execution result of show running-config to a config.txt and save it in the FLASH memory. This file can also be uploaded to the TFTP server for viewing.
zte(cfg-tffs)#tftp 192.168.1.102 upload config.txt
2. Import the configuration information. You can use the command readconfig to read the configuration commands in the config.txt in the FLASH and send them to the switch for resolution and execution. Contents of the config.txt can be edited manually as needed and then downloaded to the switch by using the command tftp.
zte(cfg-tffs)#tftp 192.168.1.102 download config.txt
93
Note: It is recommended to use the command readconfig when the switch configuration is null. If the configuration command in the config.txt conflicts with the existing one of the switch, execution of the command in the config.txt will encounter errors and abort. When manually editing the config.txt, note the execution sequence of commands. (Some commands follow a certain sequence upon execution). Otherwise, the execution of readconfig may encounter errors and abort when a certain command in the config.txt is read.
Backup and Recovery of Files

The files mentioned here refer to the configuration file and version file in the FLASH memory.
1. Back up the configuration file. When a command is used to modify the switch configuration, the data is running in the memory in real time. When the switch is restarted, all the contents newly configured will be lost. Thus, you need to execute the command saveconfig to save the current configuration into the FLASH memory. The following shows the saveconfig command:
zte(cfg)#saveconfig
To prevent damage to the configuration data, back up the configuration data using the command tftp.
94
The following command can be used to back up a configuration file in the FLASH memory to the background TFTP Server:
zte(cfg-tffs)#tftp 192.168.1.102 upload running.cfg
You can also use the command show running-config toFile to write the configuration information into the config.txt and then back up the file to the TFTP server. For detailed method, refer to Import and Export of Configuration. 2. Recover the configuration file. You can execute the following command to download the configuration file in the background TFTP server to the FLASH memory:
zte(cfg-tffs)#tftp 192.168.1.102 download running.cfg
3. Back up the version file. Similar to the configuration file, you can use the command tftp to upload the foreground version file to the background TFTP server. For example:
zte(cfg-tffs)#tftp 192.168.1.102 upload kernel.z
4. Recover the version file. Version file recovery is used to retransmit the background backup version file to the foreground through TFTP. Recovery is very important in the case of upgrade failure. The version recovery operation is basically the same with the version upgrade procedure. For details, refer to Software Version Upgrade.
95
Software Version Upgrade

Normally, version upgrading is needed only when the original version does not support some functions or the equipment cannot run normally due to some special reasons. Improper version upgrade operation may result in upgrade failure and startup failure of the system. Therefore, before version upgrading, the maintenance personnel shall be familiar with the principles and operations of the ZXR10 2609/2818S/2826S/2852S and master the upgrading procedure. Version upgrade can be carried out in one of the following cases: When the operation of switch system is normal and when the operation of the switch system is abnormal.
Viewing the Version Information

If the system state allows, check the version information before and after the upgrade. In the global configuration mode, you can execute the command version to display the system hardware and software version information. The displayed contents are as follows: zte(cfg)# The System's Hardware Info: Switch's Mac Address: 00.d0.d0.f0.12.23
Module 0 :
ZXR10 2818s; fasteth: 16; gbit : 0;
The System's Software Info: Version number : 1.0
version make date : May 30 2005 version make time : 09:24:51
96
System has run 0 years 0 days 0 hours 0 minutes 52 seconds
zte(cfg)#
Version Upgrade When the System is Normal

If the switch runs normally, upgrade the version as follows:
1. Connect Console port of the switch to the serial port of the background host using the self-contained configuration cable. Connect an Ethernet port of the switch to the network port of the background host using a network cable. Check whether the connections are correct. 2. Set the IP address of the Ethernet port on the switch. Set the IP address of the background host used for upgrade. The two IP addresses must be in the same network segment so that the host can ping the switch. 3. On the background host, start the TFTP server software and set the TFTP server as per instructions in
97
TFTP Configuration. 4. On the switch, use the command version to check the information of current operating version. 5. Enter the file system configuration mode and execute the command remove to delete the old version file in the FLASH memory. If the FLASH memory has sufficient space, change the name of the old version file and keep it in the FLASH memory.
zte(cfg)#config tffs zte(cfg-tffs)#remove kernel.z
6. Use the command tftp to upgrade the version. The following shows how to download the version file from the TFTP server to the FLASH memory:
zte(cfg-tffs)#tftp 192.168.1.102 download kernel.z ........................................................ .................................................. 1,979,157 bytes downloaded zte(cfg-typenum)#
7. Restart the switch. After successful startup, check the version under running and confirm whether the upgrading is successful.
Version Upgrade When the System is Abnormal

When the switch cannot be started normally or runs abnormally, upgrade the version as follows:
1. Connect Console port of the switch to the serial port of the background host using the self-contained configuration cable. Connect an Ethernet port of the switch to the
network port of the background host using a network cable. Check whether the connections are correct. 2. Restart the switch. At the HyperTerminal, press any key as prompted to enter the [VxWorks Boot] state.
Welcome to use ZTE eCarrier!!
Copyright(c) 2004-2006, System Booting...... CPU: WindBond ARM7TDMI Version: VxWorks5.5.1 BSP version: 1.2/0
ZTE Co., Ltd.
Creation date: Jul 29 2005, 09:05:12
[ZxR10 Boot]:
3. Enter c in the [ZxR10 Boot] state and press Enter to enter the parameter modification status. Set the IP addresses of the Ethernet port and the TFTP server. Generally, these two addresses are set to the same network segment.
[ZxR10 Boot]: c
'.' = clear field; quit
'-' = go to previous field;
^D =
99
boot device
: wbdEnd1
*/Use the default value./* */ Use the default value./* */Use the default value./* */Use the default value./* */ IP address of
processor number: 0 host name file name : tiger : vxWorks
inet on ethernet (e) : 10.40.89.106 the Ethernet port /* inet on backplane (b): host inet (h) TFTP server/* gateway inet (g) value./* user (u) : 10.40.89.78
*/Use the default value./* */IP address of the
: 10.40.89.78
*/Use the default
:(Use the default value) (Use the default
ftp password (pw) (blank = use rsh): value) flags (f) target name (tn) startup script (s) other (o) [ZxR10 Boot]: : 0x80 : : :
*/Use the default value./* */Use the default value./* */Use the default value./* */Use the default value./*
4. Set the IP address of the background host as the same with the IP address of the above TFTP server. 5. Start the TFTP server software on the background server and configure the TFTP server as per description in
100
TFTP Configuration. 6. In the [ZxR10 Boot] state, input zte to enter the [BootManager] state of the switch. Input ? to display the command list for this state.
[ZxR10 Boot]: zte Load wbdEnd Begin W90N740 MAC0: 10MB - Full Duplex
Board 2818s ! Marvell has been initialized ! boot device unit number processor number host name file name : wbdEnd : 0 : 0 : tiger : vxWorks
inet on ethernet (e) : 10.40.89.106 host inet (h) gateway inet (g) flags (f) : 10.40.89.78 : 10.40.89.78 : 0x80
Attached TCP/IP interface to wbdEnd0. Warning! no netmask specified. Attaching network interface lo0... done. Attaching to TFFS... test flash passed perfectly! Welcome to boot manager! Type for help
[BootManager]:?
ls directory list./*
*/Display the current
101
pwd absolution path. /* devs information. /* show mac address./* reboot format del file_name
*/Display the current
*/Display the FLASH
*/Display the switch type and
*/Restart the switch./* */Format the FLASH./* */Delete the specified
file./* md mf cd dir_name file_name absolue-pathname */Create a directory./* */Create a file./* */Change the current
directory./* tftp ip_address file_name */Download/upload a version
file through TFTP /* update file_name rename */Upgrade boot/*
file_name newname */Rename the file./*
[BootManager]:
7. In the [BootManager] state, use the command tftp to upgrade the version. The following shows how to download the version file from the TFTP server to the FLASH memory:
[BootManager]:tftp 10.40.89.78 kernel.z Loading... done! [BootManager]:ls RUNNING.CFG KERNEL.Z [BootManager]:
102
In the [BootManager] state, execute the command reboot to restart the switching by using the new version. If the switch is started normally, use the command version to check whether the new version is running in the memory. If the switch cannot be started normally, it indicates the version upgrade fails. In this case, repeat the above upgrade procedure.
103
104
Chapter
Service Configuration
Configuration methods for various services of the ZXR10 2609/2818S/2826S/2852S
Port Configuration
Basic Configuration
On the ZXR10 2609/2818S/2826S/2852S, you can configure the following port parameters: auto negotiation, duplex mode, rate, flow control, port priority, MAC address number restriction, and so on. Port parameters are configured in the global configuration mode. The configuration includes the following contents:
1. Set the port status. set port 2. Set the port auto-sensing function. set port auto The auto-sensing function is enabled by default. After the duplex mode or rate of the port is set, the auto-sensing function is disabled automatically.
3. Set the duplex mode of the port. set port duplex For all the Ethernet optical port and the Ethernet electrical port working at 1000 Mbps, the duplex mode can only be full duplex and cannot be changed. 4. Set the port rate. set port speed The rate of 100M/1000M Ethernet optical port cannot be changed. 5. Set the port bandwidth. set port bandwidth The port bandwidth restriction is set by the unit of kbps. The ingress bandwidth and egress bandwidth of the port can be set separately according to actual requirements. There are three methods to set the ingress bandwidth restriction:
To restrict the rate of connectionless data packets, for example, filtering the broadcast packets, the granularity shall be 1K when the configured value is relatively small. To restrict the rate of connection-oriented data packets, for example, data packets of TCP connection, the granularity of rate restriction shall be 64K and the range shall be from 64K to 1536K. If the flow control is used to restrict the rate of connectionless or connection-oriented data packets, the port must be set to the 10M half duplex mode and the granularity shall be 1K when the configured value is relatively small.
For the ingress rate restriction, you can use the command set port ingess_limit_mode to select the type of the filtering data packets for the rate restriction.
106
Chapter 7 - Service Configuration
Note: Setting the type of filtering packet of ingress bandwidth restriction to the broadcast packets can be use to perform the broadcast suppression function. When the ingress or egress bandwidth restriction is set, the rate restriction range is between 64k and 256M. For a 100M port, the maximum bandwidth is 100M. When the rate configured is relatively small, the accuracy of bandwidth restriction is rather high. As the restriction rate increases, the accuracy of bandwidth restriction decreases gradually. When the restriction rate configured is larger than the maximum bandwidth of the port, the port rate becomes the maximum rate of the port. The port egress bandwidth restriction function is not supported on the ZXR10 2609/2818SLE/2826SLE/2852SLE.
Configuration example (use the port bandwidth restriction to realize the suppression of broadcast storm): Set the broadcast suppression function for port 1, and restrict the broadcast packet to 500K.
zte(cfg)# set port 1 bandwidth ingress on rate 500 zte(cfg)# set port 1 ingess_limit_mode broadcast zte(cfg)# show port 1 qos Port: 1
PortQoSParams: IngressRateLimit : 500 IngressType broadcast SAPriority disable UserPriority disable DefaultPriority : 0
EgressRateLimit: 0 RateLimitMode :
: normal
: disable
VlanPriority
: enable
DscpPriority
PortPriorityRemapTable: COS(802.1p user priority), RMP(Remapped priority) COS 0 RMP 0 zte(cfg)# 1 1 2 2 3 3 4 4 5 5 6 6 7 7
6. Set the flow control of a port. set port flowcontrol 7. Set the priority of a port. set port default-priority 8. Set the address learning function of a port. set port security When the setting is enable, the MAC address learning function is disabled. When the setting is disable, the MAC address learning function is enabled. 9. Set the multicast filter of a port. set port multicast-filter 10. Set the external power supply mode of a port. set port poe 11. Set the port rate advertisement. set port speedadvertise 12. Set the number of MAC addresses. set port macaddress By default, the number of MAC addresses is 0, that is, no restriction. 13. Create a port name. create port name 14. Add the port description.
set port description 15. Port QOS function Each port supports the configuration of data packet priority. The priority of the data packets entering the port is determined by the parameters of the data packets and settings of the port. You can enable or disable any type of priority determination mechanism on the port. The priority determination mechanism of the received data packets on the port can be different. (The sequence of various priority determination modes is described in QoS Configuration.
Enable/Disable port source MAC priority function
set port sa-priority The configured source MAC address priority can be used to determine the priority of the data packets when and only when the source MAC address of the received data packets is a static MAC address, and the source MAC priority determination function is enabled. The queue priority of data packets is mapped with the SA priority in the following way: (0,1) 0; (2,3) 1; (4,5) 2; (6,7) 3
Enable/Disable the port VLAN priority.
set port vlan -priority The configured VLAN priority can be used to determine the priority of data packets when and only when the priority of VLAN of the received data packets is enabled, and the port VALN priority determination function is enabled. The queue priority of data packets is mapped with the SA priority in the following way: (0,1) 0; (2,3) 1; (4,5) 2; (6,7) 3
Enable/Disable the port 802.1P user priority.
set port user -priority The port 802.1P user priority can be used to determine the priority of data packets when and only when the
received data packets are TAG ones and the port 802.1P user priority determination function is enabled. The queue priority of data packets is determined by the 802.1P user priority and queue priority mapping table.
Enable/Disable the port layer 3 DSCP priority.
set port dscp -priority The port layer 3 DSCP priority can be used to determine the priority of data packets when and only when the received data packets are IP ones and the layer 3 DSCP determination function is enabled. The queue priority of data packets is determined by the IP DSCP priority and queue priority mapping table.
Set the port 802.1P user priority remapping table.
set port remapping-tag When the data packets received by the port are TAG data packets, the switch first uses this mapping table to re-map the priority in the data packets, and then use this priority as the new 802.1P user priority for future priority determination. The default value of this mapping table is: 0 0, 1 1, 2 2, 3 3, 4 4, 5 5, 6 6, 7 7 It is not recommended to change the default values.
Note: The ZXR10 2609/2818SLE/2826SLE/ 2852SLE does not support the sa-priority, vlanpriority, and remapping-tag functions.
Table 11 lists the default settings of port parameters.
110
TABLE 11 DEFAULT SETTINGS OF PORT P ARAMETERS
Parameter Port status Auto-sensing function Flow control Bandwidth restriction Port priority
Default Configuration enable enable disable disable 0
Port Information
You can use the command show to view the port information.
1. Display the configuration and duplex mode of the port. show port View the configuration and current duplex mode of the port 1.
zte(cfg)#show port 1 Port: 1 PortParams: PortEnable DefaultVlanId : enabled : 1 PortAutoNeg FlowControl Security : enabled : disabled : disabled MediaType : 100BaseT
Multicastfilter: disabled SpeedAdvertise : MaxSpeed PortMacLimit PortStatus: PortClass Duplex : 802.3 : half : disabled
Link Speed
: down : 10 Mbps
zte(cfg)#
111
2. Display the QoS configuration data of the port. show port qos View the QoS configuration data of port 1.
zte(cfg)#show port 1 qos Port: 1
PortQoSParams: IngressRateLimit: 0 IngressType SAPriority UserPriority : normal : disable : enable : 0 EgressRateLimit: 0 RateLimitMode VlanPriority DscpPriority : broadcast : disable : disable
DefaultPriority
PortPriorityRemapTable: COS(802.1p user priority), RMP(Remapped priority) COS 0 RMP 0 zte(cfg)# 1 1 2 2 3 3 4 4 5 5 6 6 7 7
Note: If the IngressRateLimit or EgressRateLimit is set to 0, it indicates that the port is not configured with the bandwidth restriction function.
3. Display the statistics data of the port. show port statistics View the statistics data of port 24 (port name: uplink)
zte(cfg)#show port 1 statistics Port: 1 PortName: ReceivedBroadcastFrames: 0 ReceivedMulticastFrames: 0 InPause : 0
ReceivedFrames : 0 ReceivedBytes CrcError : 0 : 0
112
InMACRcvErr Fragments Frames64Bytes Frames65_127Bytes
: 0 : 0
Jabber UndersizeFrames
: 0 : 0 : 0
: 0 Frames256_511Bytes Frames1024_UpBytes : 0 : 0
Frames128_255Bytes: 0 Frames512_1023Bytes: 0 OversizeFrames SendUnicastFrames : 0 : 0
SendBytes SendFrames SendMulticastFrames SendMultiCollision SendExcessCollision SendDefferTrans
: 0 : 0 : 0 : 0 : 0 : 0
SendNoneUnicastFrames:0 SendBroadcastFrames: 0 SendSingleCollision: 0 SendLateCollision: 0 SendCollision OutPause : 0 : 0
zte(cfg)#
4. Remove the statistics data of the port. You can use the command clear por to remove the statistics data of the port. After the command is executed, all the statistics data of the port will be cleared.
Port Mirroring
Introduction
Port mirroring is used to mirror the data packets of the switch port (ingress mirroring port) to an ingress destination port (ingress monitoring port), or mirror the data packets of the switch port (egress mirroring port) to an egress destination port (egress monitoring port).
Through mirroring, the data packets flowing in or out of a certain port can be monitored. Port mirroring provides an effective tool for the maintenance and monitoring of the switch. The switch can be configured with only one ingress monitoring port and one egress monitoring port. The ingress monitoring port and the egress monitoring port can be configured on the same port. But multiple source ingress monitoring ports and source egress monitoring ports can be configured at the same time.
Note: In the default case, the switch does not have the mirroring port. Port 1 is the ingress and egress monitoring ports. The GOOD data packets received by the ingress mirroring port are mirrored onto the monitoring ports. But the data packets directly discarded on the ingress port (for example, because of CRC errors) are not mirrored.
Basic Configuration
The configuration of the port mirroring function includes the following contents:
1. Set a monitoring port. set mirror dest-port 2. Add a mirroring port. set mirror add source-port 3. Delete a mirroring port set mirror delete source-port 4. Display the port mirroring configuration. show mirror
114
Configuration Example
To mirror the data packets received by port 1 and port 16 onto the monitoring port 10, configure as follows: zte(cfg)# set mirror dest-port 10 ingress zte(cfg)# set mirror add source-port 1,16 ingress Use the command show mirror to view the port mirroring configuration. zte(cfg)#show mirror Ingress mirror information: source-port: 1,16 destination -port: 10 Egress mirror information: source-port: none destination -port: 1 zte(cfg)# To mirror the data packets received by port 2 and port 3 onto the monitoring port 4, configure a follows: zte(cfg)# set mirror dest-port 4 ingress zte(cfg)# set mirror add source-port 2,3 egress
VLAN Configuration
Introduction
The Virtual Local Area Network (VLAN) protocol is a basic protocol of layer-2 switching equipment, which enables the administrator to
divide a physical LAN to multiple VLANs. Each VLAN has a VLAN ID to identify it uniquely in the entire LAN. Multiple VLANs share the switching equipment and links of the physical LAN. Logically, a VLAN is like an independent LAN. All frame flows in the same VALN are restricted in this VLAN. Cross-VLAN visit can only be implemented through forwarding on layer 3. Direct multi-VLAN visit is impossible. In this way, the network performance is improved, and the overall flow in the physical LAN is effectively lowered. The VLAN has the following functions: Reduce the broadcast storms of network. Enhance the network security. Provide centralized management and control. The ZXR10 2609/2818S/2826S/2852S also supports the taggedbased VLAN. This is a mode defined in IEEE 802.1Q and also is a universal working mode. In this mode, the division of VLAN is based on the VLAN information about the port (PVID: port VLAN ID) or the information in the VLAN tag.
Basic Configuration
The VLAN configuration on the switch includes the following contents:
1. Enable/Disable the VLAN. set vlan 2. Add a specified port to the VLAN. set vlan add port 3. Delete a specified port to the VLAN. set vlan delete port 4. Add a specified trunk to the VLAN. set vlan add trunk
116
5. Delete a specified trunk to the VLAN. set vlan delete trunk 6. Set the port PVID. set port pvid 7. Set the trunk PVID. set trunk pvid 8. Set the VLAN priority. set vlan priority 9. Set the VLAN FID. set vlan fid VLANs with the same FID can share the forwarded items. Most equipment suppliers do not provide the configuration of FID and use the VID as the default FID. 10. Create a VLAN name. create vlan name 11. Remove a VLAN name. clear vlan name 12. Display the VLAN information. show vlan
Note: It is recommended to delete the default VLAN before the configuration.
1. Configure a VLAN.
Configure VLAN 100. Add untagged ports 1 and 2 and tagged ports 11 and 12. The detailed configuration is as follows:
zte(cfg)#set vlan 100 add port 1,2 untag zte(cfg)#set vlan 100 add port 7,8 tag zte(cfg)#set port 1,2 pvid 100 zte(cfg)#set vlan 100 enable zte(cfg)#show vlan 100 VlanId : 100 Fid : 100 Priority: off
VlanStatus: enabled VlanName: Tagged ports : 7-8
Untagged ports: 1-2
zte(cfg)#
2. Configure overlapping VLAN. As shown in Figure 41, port 16 of the switch is connected to the server and ports 1 to 3 are connected to the clients. It is required that ports 1 to 3 are isolated from each other, but all three ports can access the server.
FIGURE 41 EXAMPLE OF OVERLAPPING VL AN
Switch p1 p2 p3 p16 Server
118
The detailed configuration is as follows:

zte(cfg)#set vlan 2 add port 1,16 untag zte(cfg)#set vlan 3 add port 2,16 untag zte(cfg)#set vlan 4 add port 3,16 untag zte(cfg)#set vlan 100 add port 1-3,16 untag zte(cfg)#set port 1 pvid 2 zte(cfg)#set port 2 pvid 3 zte(cfg)#set port 3 pvid 4 zte(cfg)#set port 16 pvid 100 zte(cfg)#set vlan 2-4,100 fid 5 zte(cfg)#set vlan 2-4,100 enable
3. Configure the VLAN transparent transmission. As shown in Figure 42, switch A is connected to switch B through port 16. Port 1 of switch A and port 2 of switch B belong to VLAN2, and port 3 of switch A and port 4 of switch B belong to VLAN3. Members of the same VLAN can communicate with each other.
FIGURE 42 EXAMPLE OF VLAN TR ANSP ARENT TRANSMISSION
Switch A p1 p16 p16
Switch B p2
p3
p4
The detailed configuration on the switch A is as follows:

zte(cfg)#set vlan 2 add port 16 tag zte(cfg)#set vlan 2 add port 1 untag
zte(cfg)#set vlan 3 add port 16 tag zte(cfg)#set vlan 3 add port 3 untag zte(cfg)#set port 1 pvid 2 zte(cfg)#set port 3 pvid 3 zte(cfg)#set vlan 2-3 enable
The detailed configuration on the switch B is as follows:

zte(cfg)#set vlan 2 add port 16 tag zte(cfg)#set vlan 2 add port 2 untag zte(cfg)#set vlan 3 add port 16 tag zte(cfg)#set vlan 3 add port 4 untag zte(cfg)#set port 2 pvid 2 zte(cfg)#set port 4 pvid 3 zte(cfg)#set vlan 2-3 enable
MAC Table Operations

Introduction
MAC table operations include the configuration of MAC filter function, static address binding function, and MAC table aging time. MAC filter function is to enable the switch to discard the received data packets whose source or destination MAC address is the specified MAC address. Static address binding function is to bind the specified MAC address with the switch port. After the binding, this MAC is kept away from the dynamic study. MAC table aging time refers to the period from the latest update of dynamic MAC address in the FDB table to the deletion of this address.
120
Configuration of the MAC filter function and static address binding function can effectively prevent the illegal access to the network and fraudulent use of key MAC addresses, and play an important role in ensuring the network security.
Basic Configuration
1. Set the filter address of fdb. set fdb filter 2. Add the static binding address to the address table. set fdb add 3. Delete a record in the table. set fdb delete 4. Set the aging time of MAC address. set fdb agingtime 5. Display the aging time of fdb address. show fdb agingtime 6. Display the fdb information. show fdb dynamic port 7. Display the MAC-based fdb information. show fdb mac 8. Display the port-based fdb information. show fdb port 9. Display the VLAN-based fdb information. show fdb vlan
121
LACP Configuration
Introduction
Link Aggregation Control Protocol (LACP) is a standard protocol defined in IEEE 802.3ad. Link aggregation means that physical links with the same transmission media and transmission rate are bound together, making them look like one link logically. This concept is also known as Trunking. It allows parallel physical links between the switches or between the switch and the server to increase the bandwidth in multiples and simultaneously. As a result, it becomes an import technology in broadening link bandwidth and creating link transmission flexibility and redundancy. Aggregated link is also called trunk. If a port of the trunk is blocked or faulty, the data packets will be distributed to other ports of this trunk for transmission. If this port recovers, the data packets will be re-distributed to all the normal ports of this trunk for transmission. The ZXR10 2609/2818S/2826S/2852S supports a maximum of 16 aggregation groups. In each aggregation group, the number of links participating in the aggregation does not exceed eight. Links participating in the aggregation must have the same transmission media type and the same transmission rate. Note: The ZXR10 2852SLE supports a maximum of eight aggregation groups.
Basic Configurations
LACP configuration on the switch includes the following contents:
1. Enable/Disable the LACP function. set lacp

By default, the LACP function is disabled. 2. Add a specified port to the aggregation group. set lacp aggregator add port 3. Delete a specified port to the aggregation group. set lacp aggregator delete port If the port is in the self-negotiation mode or in the duplex mode, the aggregation is allowed. If the port is in the half duplex mode, the aggregation is prohibited. 4. Set aggregation mode of the aggregation group. set lacp aggregator mode If the aggregation group is set to the dynamic mode, the switch can only be connected with the in-service LACP device. If the aggregation group is set to the static mode, and the peer end is the static trunk that does not run the LACP protocol, the static aggregation is performed. If both the static trunk and LACP exist on the peer end, the LACP aggregation is preferred. 5. Configure the timeout information of the port participating in the aggregation. set lacp port timeout The timeout information refers to the expiration time, after which the port in the aggregation state exits the aggregation if it does not receive the LACP protocol packets from the peer end. The short timeout time is 3 seconds and the long timeout time is 90 seconds. 6. Set the mode used by the port to participate in the aggregation. set lacp port mode When the aggregation group is set to the dynamic mode, the switch can only be connected with the in-service LACP device. If the aggregation group is set to the static mode, the switch and the peer end use the static mode for
aggregation. In this case, more than two switches in the static mode are aggregated. If the aggregation group is set to the hybrid mode, and the peer end is the static trunk that does not run the LACP protocol, the static aggregation is performed. If both the static trunk and LACP exist on the peer end, the LACP aggregation is preferred. 7. Set the priority of LACP. set lacp priority 8. Display the LACP configuration information. show lacp 9. Display the aggregation information about the LACP aggregation group. show lacp aggregator 10. Display the information of the port where the LACP is involved in the aggregation. show lacp port
After the configuration of the aggregation group, you can perform various settings on it, such as setting the PVID, adding it to the VLAN, setting the static binding MAC address, and so on.
As shown in Figure 43, switch A and switch B are connected through the aggregation port (binding the port 15 and port 16). Port 1 of swtich A and port 2 of swtich B belong to VLAN2. Port 3 of swtich A and port 4 of swtich B belong to VLAN2. Members of the same VLAN can communicate with each other.
124
FIGURE 43 EXAMPLE OF LACP CONFIGURATION
Switch A p1
p15 p16
p15 p16 p2
Switch B
p3
p4
The detailed configuration of switch A is as follows: zte(cfg)#set lacp enable zte(cfg)#set lacp aggregator 3 add port 15-16 zte(cfg)#set lacp aggregator 3 mode dynamic zte(cfg)#set vlan 2 add trunk 3 tag zte(cfg)#set vlan 2 add port 1 untag zte(cfg)#set vlan 2 add trunk 3 tag zte(cfg)#set vlan 3 add port 3 untag zte(cfg)#set port 1 pvid 2 zte(cfg)#set port 3 pvid 3 zte(cfg)#set vlan 2-3 enable The detailed configuration of switch B is as follows: zte(cfg)#set lacp enable zte(cfg)#set lacp aggregator 3 add port 15-16 zte(cfg)#set lacp aggregator 3 mode dynamic zte(cfg)#set vlan 2 add trunk 3 tag zte(cfg)#set vlan 2 add port 2 untag zte(cfg)#set vlan 3 add trunk 3 tag zte(cfg)#set vlan 3 add port 4 untag zte(cfg)#set port 2 pvid 2
125
zte(cfg)#set port 4 pvid 3 zte(cfg)#set vlan 2-3 enable
IGMP Snooping Configuration

Introduction
Because the multicast address cannot appear in the source address of the packet, the switch cannot learn the multicast address. When the switch receives a multicast message, it broadcasts the message to all the ports in the same VLAN. If no measure is taken, unwanted multicast message may be spread to each node of the network, thus causing a great waste of network bandwidth resource. With the IGMP Snooping function, the IGMP communication between the host and router is snooped, so that the multicast packets are sent to the ports in the multicast forwarding table, instead of all ports. This restricts the wide spread of multicast messages in the LAN switch, reduces the waste of network bandwidth, and improves the utilization rate of the switch.
Basic Configuration
Configuration of IGMP Snooping on the switch includes the following contents:
1. Enable/Disable the IGMP Snooping function. set igmp snooping By default, the IGMP Snooping function is disabled. When the IGMP Snooping is disabled, you can use the command set port multicast to handle the multicast flow. If the parameter forward is selected, the multicast
messages will be forwarded to the corresponding port. If the parameter discard is selected, the multicast messages will be discarded on the corresponding port After the IGMP Snooping function is enabled, the multicast flow is first forwarded according to the snooped multicast forwarding table. If the multicast forwarding table is not found, use the above configuration to determine whether to forward or discard the multicast messages for the port.
Note: When the IGMP Snooping function is disabled, it is recommended to disable the multicast forwarding function for the non-router ports and enable the multicast forwarding function for the router ports.
2. Add the IGMP Snooping function for the specified VLAN. set igmp snooping add vlan 3. Delete the IGMP Snooping function for the specified VLAN. set igmp snooping delete vlan The multicast forwarding table can be snooped only when the IGMP Snooping function is added for the specified VLAN. The switch can support the snooping of up to 256 VLANs simultaneously. 4. Enable/Disable the specified VLAN. IGMP snooping function for the
set igmp snooping query vlan After the IGMP Snooping function is enabled, if the IGMP snooping router does not exist, the normal IGMP Snooping function cannot be completed. In this case, enable the IGMP snooping function of the switch. If the snooped VLAN has the IGMP snooping router, it is recommended to disable the IGMP snooping function of the switch. The switch runs the IGMP snooping V2.0,
which supports the V2.0 IGMP snooping router election function. If the layer 3 IP address and MAC address are set, the source IP address and source MAC address of the IGMP snooping are determined by the layer 3 configuration. Otherwise, use 0.0.0.0 and the MAC address of the switch as the source of the IGMP snooping. 5. Add a static multicast group. set igmp snooping vlan add group 6. Delete a static multicast group. set igmp snooping vlan delete group After the IGMP Snooping function is running, the static multicast group can be registered in the name of the local switch. The switch supports the registration of up to 64 static multicast groups.
Note: The register multicast groups can only use the user multicast group address, which ranges from 224.x.x.x to 239.x.x.x, instead of the reserved multicast addresses. It is prohibited to register the following multicast addresses: 224.0.0.x.
7. Set multicast member/route timeout. set igmp snooping timeout 8. Set the snooping interval. set igmp snooping query_interval 9. Set the snooping response interval. set igmp snooping response_interval 10. Set the last member snooping interval. set igmp snooping lastmember_query 11. Enable/Disable the IGMP fastleave function.
set igmp snooping fastleave After the IGMP Snooping is running and the correct port that the host is added in can be snooped, if the IGMP fastleave function is disabled when this port receives the IGMP fastleave message, the switch will send a specified group snooping message to this port twice to confirm that this port is removed from the multicast forwarding table. If the IGMP fastleave function is enabled, the specified group snooping is not performed and the port is directly removed from the multicast forwarding table. If the state of multi-VLAN multicast snooping is changed from enabled to disabled, some snooping results of the multi-VLAN multicast snooping can be deleted after the related timeout period. 12. Enable/Disable the multi-VLAN IGMP snooping function. set igmp snooping crossvlan After the IGMP Snooping function is running and the PVID (default vlan_id) is used to correctly configure the one-tomultiple port forwarding mode, the multi-VLAN IGMP snooping function of the local switch can be used to snoop the IGMP information between VLANs and to carry out the multi-VLAN multicast forwarding. 13. Display the configuration of IGMP snooping. show igmp snooping 14. Display the multicast snooping results. show igmp snooping vlan
As shown in Figure 44, ports 1, 3, and 5 are connected to the host. Port 10 is connected to the router. The one-to-multiple communication mode is implemented. That is, port 10 can communicate with ports 1, 3, and 5, but ports 1, 3, and 5 cannot communicate with each other. The IGMP Snooping function of the switch is enabled and the snooping results are displayed.
FIGURE 44 NETWORK TOPOLOGY FOR ONE-TO-M ANY COMMUNICATION

IGMP Router p10 Switch p1 p3 p5
The detailed configuration is as follows: zte(cfg)#set vlan 200 add port 1,3,5,10 untag zte(cfg)#set vlan 210 add port 1,10 untag zte(cfg)#set vlan 230 add port 3,10 untag zte(cfg)#set vlan 250 add port 5,10 untag zte(cfg)#set port 10 pvid 200 zte(cfg)#set port 1 pvid 210 zte(cfg)#set port 3 pvid 230 zte(cfg)#set port 5 pvid 250 zte(cfg)#set vlan 200,210,230,250 fid 200 zte(cfg)#set vlan 200,210,230,250 enable zte(cfg)#set igmp snooping enable zte(cfg)#set igmp snooping add vlan 200,210,230,250 zte(cfg)#set igmp snooping crossvlan disable Display the multicast snooping results: zte(cfg)#show igmp snooping vlan
Num
VlanId
Group
Last_Report
PortMember 1
130
210
224.1.1.1
192.168.1.1
2 3
230 250
224.1.1.1 224.1.1.1
192.168.1.2 192.168.1.3
3 5
Enable the multi-VLAN IGMP snooping function of the switch and display the snooping results: zte(cfg)#set igmp snooping crossvlan enable zte(cfg)#show igmp snooping vlan Num VlanId Group Last_Report
PortMember 1 2 3 4 210 230 250 200 224.1.1.1 224.1.1.1 224.1.1.1 224.1.1.1 192.168.1.1 192.168.1.2 192.168.1.3 192.168.1.3 1 3 5 1,3,5,10
MSTP Configuration
Introduction
The Spanning Tree Protocol (STP) applies to the network with loops. A path is obtained by using some algorithms and the redundant path is blocked. In this way, the network with loops is trimmed into a tree network without loops, and the growth and infinite circulation of packets in the network with loops are avoided. When this path works normally, other paths are blocked. When this path is faulty, a new path is obtained through re-calculation. Rapid Spanning Tree Protocol (RSTP) is on the basis of common STP, added with the mechanism that the port state can be rapidly changed from Blocking to Forwarding, which increases the topology convergence speed. Multiple Spanning Tree Protocol (MSTP) is on the basis of RSTP and STP, added with the forwarding processing of frames with VLAN ID. The whole network topology structure can be planned into a
Common and Internal Spanning Tree (CIST), which is divided into Common Spanning Tree (CST) and Internal Spanning Tree (IST), as shown in Figure 45.
FIGURE 45 MSTP TOPOLOGICAL STRUCTURE
CST
IST
In the whole MSTP topology structure, an IST can serve as a single bridge (switch). In this way, the CTS can serve as an RSTP for the interaction of configuration information (BPDU). Multiple instances can be created in an IST area and these instances are valid only in this area. An instance is equivalent to an RSTP, except that the instance needs to perform BPDU interaction with bridges outside this area. When creating an instance, you must include one or more VLAN IDs into this instance. The ports that are on the bridge in this IST area and belong to these VLANs finally form an STP structure through the BPDU interaction. (Each instance corresponds to a STP structure.)
132
In this way, the bridge in this area forwards the data frames with thee VLAN IDs according to the STP structure of the corresponding instance. For data frames that shall be forwarded out of this area, no matter what VLAN ID they carry, these data frames will be forwarded according to the RSTP structure of CST. Compared with the RSTP, the MSTP has the following advantages: In a certain IST area, the data frames carrying a VLAN ID can be forwarded according to the spanning tree structure set by the user and no loop will be resulted.
Note: The ZXR10 2609/2818SLE/2826SLE/2852SLE supports the STP and RSTP, instead of the MSTP.
Basic Configuration
In the default configuration, the MSTP only has the instance with ins_id as 0. This instance always exists and you cannot manually delete it. This instance is mapped with VLANs 1 to 4094.
1. Enable/Disable the STP. set stp 2. Set the STP forced version. set stp forceversion 3. Set the mapping relation between the VLAN and instance. set stp instance vlan You can use this command to create an instance and set the mapping between the VLAN and this instance. These VLANs will be removed automatically from the VLAN mapping table of instance 0 and added to the VLAN mapping of the new instance. 4. Set the bridge priority. set stp instance bridgeprio
133
5. Set the port priority of the instance. set stp instance port priority 6. Set the trunk priority of the instance. set stp instance trunk priority 7. Set port cost of the instance. set stp instance port cost 8. Set trunk cost of the instance. set stp instance trunk cost 9. Set the port Link type of the instance set stp port linktype 10. Set the trunk Link type of the instance set stp trunk linktype 11. Set the port packet type of the instance set stp instance port packettype 12. Set the trunk packet type of the instance set stp instance trunk packettype 13. Set the MSTP time parameters.
Set the STP hello time.
set stp hellotime

Set the STP forwarding delay.
set stp forwarddelay

Set the STP aging time.
set stp agemax 14. Set the maximum number of hop between any two terminals of MST. set stp hopmax 15. Set the MST area name.
set stp name 16. Set the MST version. set stp revision The versions of MSTs in the same area must be the same. 17. Enable/Disable the STP relay. set stp relay 18. Set the edge port. set stp egde-port port 19. Display related STP information.
Display the STP information.
show stp
Display the STP instance information.
show stp instance

Display the STP port information.
show stp port

Display the STP trunk information.
show stp trunk

Display the STP relay information.
show stp relay
The following is an example of MSTP configuration.
1. Create instance 1, set up mapping relations with VLANs 10 to 20, and set the name as zte. The MST version is 10.
zte(cfg)#set stp instance 1 add vlan 10-20 zte(cfg)#set stp name zte zte(cfg)#set stp revision 10
zte(cfg)#show stp The STP ForceVersion is MSTP ! Revision: 10 Cisco key: Cisco digest: Huawei key: Huawei digest: Instance VlanMap -------- ------------------0 1 zte(cfg)# 1-9,21-4094 10-20 Name: zte 0x13ac06a62e47fd51f95d2ba243cd0346 0x00000000000000000000000000000000 0x13ac06a62e47fd51f95d2ba243cd0346 0x00000000000000000000000000000000
2. Set the bridge priority and port priority of the instance.

zte(cfg)#set vlan 10 add port 2 untag zte(cfg)#set stp instance 1 bridgeprio 7 zte(cfg)#set stp instance 1 port 2 priority 112
zte(cfg)#show stp instance 0 MST00 Spanning tree enable protocol mstp Root: Priority Address :00.d0.d0.f0.12.35 :2 MaxAge(s) MaxHops : 20 :20 :32768
HelloTime(s)
ForwardDelay(s):15 Reg RootID: Priority BridgeID: Priority

136
:32768
Address
:00.d0.d0.f0.12.39
:32768
Address
:00.d0.d0.f0.12.39
HelloTime(s)
:2
MaxAge(s) MaxHops Status
: 20 :20
ForwardDelay(s):15 Interface PortId Cost Pkt PortEdged
Role
Bound Linktype
------- ------ ------ ------- ------- ----- -------- ---- --------2 IEEE 128.2 Disabled 200000 Forward Root MSTP P2P
zte(cfg)#show stp instance 1 MST01 Spanning tree enable protocol mstp RootID: Priority HelloTime(s) : 28672 :2 Address MaxAge(s) MaxHops :00.d0.d0.f0.12.39 : 20 :20
ForwardDelay(s):15 BridgeID: Priority HelloTime(s) :28672 :2
Address MaxAge(s) MaxHops Status Role
:00.d0.d0.f0.12.39 : 20 :20 Bound Linktype Pkt
ForwardDelay(s):15 Interface PortId Cost PortEdged
------- ------ ------ ------- ------- ----- -------- ---- --------2 IEEE 112.2 Disabled 200000 Forward Designated MSTP P2P
zte(cfg)#show stp port 2 Only the following port is physical up! MstInstance PortId Cost PortEdged -------- ------ ------- ------- --------- -------- ----Confidential and Proprietary Information of ZTE CORPORATION 137
Status
Role
Linktype
Pkt
-- --------MST00 Disabled MST01 Disabled 112.2 200000 Forward Designated P2P IEEE 128.2 200000 Forward Root P2P IEEE
QoS Configuration
Introduction
The switch provides the QoS function and the priority control function. The priority of the data packets can be determined by the source MAC address priority of the data packets, VLAN priority, 802.1P user priority, layer 3 DSCP priority, or the default port priority. The priority of a data packet is determined in the following sequence:
1. Priority of the data packets sent by CPU (determined by CPU). 2. Priority of the MGMT data packets (management data packets such as the BPDU packets). The priority of the management packets is determined by the initialization. 3. Priority of the static source MAC address. 4. VLAN priority. 5. 802.1P user priority. 6. Layer 3 DSCP priority. 7. Default port priority.
After the data packet priority is determined by the previous priority determination policy, the later policies are ignored. To use the default port priority to decide the priority of the data packets received by the port, all the following conditions shall be satisfied.
138
The data packets are not management data packets.
data
packets
sent
by
CPU
or
The source MAC address of the data packets cannot be the static address or the port source priority function is disabled. Priority of the VLAN that the data packets belong to is disabled, or Priority of the VLAN of the port belongs to is disabled. The 802.1P user priority of the port is disabled, or the data packets are not TAG data packets. Port DSCP priority is disabled. After the priority control policy of the switch is configured, if the switch receives the data frames, the data frames with higher priority can be transmitted first to ensure the key applications.
Note: By default, the port DSCP priority is enabled and other priority determination policies are disabled. You can enable or disable other priority determination policy according to the actual requirements. If both the port 802.1P user priority and layer 3 DSCP priority policies are enabled, and the data packets received by the ports contain the IP data packet with 802.1P user priority, the switch uses the port 802.1P user priority to decide the priority of the data packets. The ZXR10 2609/2818SLE/2826SLE/2852SLE does not support the static source MAC address priority and VLAN priority.
Basic Configuration
QoS configuration of the switch includes the following contents:
1. Set the queue scheduling mode. set qos queue-schedule

If the queue scheduling mode is set to wfq, the weights of four egress queues are as Follows:
Priority Queue 0 1 2 3 Weight 1 2 4 8
2. Set the mapping of the 802.1P user priority into the queue priority. set qos priority-map user-priority Be default, the mapping from the 802.1P user priority to the queue priority is as follows: (0,3) 1; (1, 2) 0: (4,5) 2: (6,7) 3 This mapping is used to determine the queue for the data packets when the 802.1P user priority or the default priority is used to decide the priority of the data packets. 3. Set the mapping of the IP DSCP priority into the queue priority. set qos priority-map ip-priority Be default, the mapping from the IP DSCP priority to the queue priority is as follows: (015) 0; (16-31) 1; (3247) 2; (48~63) 3 This mapping table is used to determine the queue for the data packets when the layer 3 DSCP priority is used to decide the priority of the data packets. 4. Display the queue scheduling configuration. show qos queue-schedule
140
5. Display the QoS mapping of the 802.1P user priority into the queue priority and that of the IP DSCP priority into the queue priority. show qos priority-map
Set the QoS mode to sp. The detailed configuration is as follows: Zte(cfg)#set qos queue-mode sp zte(cfg)#sho qos queue-schedule
Queue-schedule mode is SP(Strict Priority). zte(cfg)# Configure the mapping of 802.1P user priority into the queue priority as follows: (06) 0, 7 2. If the port UserPriority is enabled, the data packets received on the port are TAG data packets, and the TAG priority is 0-6, the data packets will go to the queue 0 on the egress. If the TAG priority is 7, the data packets will go to the queue 2 on the egress. The detailed configuration is as follows: zte(cfg)# set qos priority-map user-priority 0 trafficclass 0 zte(cfg)# set qos priority-map user-priority 1 trafficclass 0 zte(cfg)# set qos priority-map user-priority 2 trafficclass 0 zte(cfg)# set qos priority-map user-priority 3 trafficclass 0 zte(cfg)# set qos priority-map user-priority 4 trafficclass 0 zte(cfg)# set qos priority-map user-priority 5 trafficclass 0 zte(cfg)# set qos priority-map user-priority 6 trafficConfidential and Proprietary Information of ZTE CORPORATION 141
class 0 zte(cfg)# set qos priority-map user-priority 7 trafficclass 2 zte(cfg)#sho qos priority-map user-priority
Map of user priority to traffic class: COS(802.1p user priority), TC(Traffic-Class) COS 0 TC 0 1 0 2 0 3 0 4 0 5 0 6 0 7 2
Configure the mapping of IP DSCP priority into the queue priority as follows: (031) 1, (32,33) 3. Use default values for other mappings. If the port IpPriority is enabled, the data packets received on the port are IP data packets, and the DSCP priority is 0-31, the data packets will go to the queue 1 on the egress. If the DSCP priority is 32 or 33, the data packets will go to the queue 2 on the egress. The detailed configuration is as follows: Zte(cfg)# set qos priority-map ip-priority 0-31 trafficclass 1 Zte(cfg)# set qos priority-map ip-priority 32,33
traffic-class 2 zte(cfg)#sho qos priority-map ip-priority
Map of ip dscp priority to traffic class: DSCP(ip dscp priority), TC(Traffic-Class) DSCP 0 13 14 1 1 15 1 1 1 1 1 1 1 1 1 1 1 1 1 2 3 4 5 6 7 8 9 10 11 12
TC 1 1
DSCP 16 17 29 30 1 1 31 1
18
19
20
21
22
23
24
25
26
27
28
TC 1 1
142
DSCP 32 33 45 46 47 3 2 3
34
35
36
37
38
39
40
41
42
43
44
TC 2 2
DSCP 48 49 61 62 63 3 3 3
50
51
52
53
54
55
56
57
58
59
60
TC 3 3
PVLAN Configuration
Introduction
Private VLAN (PVLAN) is a port-based VLAN. PVLAN consists of several shared ports and several isolated ports. Isolated ports cannot visit each other. But an isolated and a shared port can visit each other. At present, the switch supports one PVLAN. The PVLAN can be applied if the users are only allowed to visit the server and prohibited to visit other subscribers. Thus, the PVLAN configuration can only be valid in a complete PVLAN that contains both shared and isolated ports. If only the shared or isolated ports are configured, the PVLAN configuration is invalid. On the ZXR10 2609/2818S/2826S/2852S, setting of shared ports is restricted by the following condition: All shared ports must be in the same group. The ZXR10 2609 only has one group. Thus, all ports are in the same group. The ZXR10 2818S has two groups. Ports 1 to 8, and port 18 belong to the first group, and ports 9 to 16 and port 17 belong to the second group.
The ZXR10 2826S has three groups. Ports 1 to 8 belong to the first group. Port 9 to 16, and port 25 belong to the second group. Ports 17 to 24, and 26 belong to the third group. The ZXR10 2852S has three groups. Ports 1 to 8 belong to the first group. Port 9 to 16 belong to the second group. Ports 17 to 24 belong to the third group. Ports 25 to 32 belong to the fourth group. Ports 33 to 40 belong to the fifth group. Port 44 to 48 belong to the sixth group. Ports 49 to 52 belong to the seventh group.
Basic Configuration
PVLAN configuration on the switch includes the following contents:
1. Add/delete an isolated/shared port to the PVLAN. set pvlan session 2. Show the PVLAN configuration. show pvlan
As shown in Figure 46, add shared port 16 and isolated ports 1, 2, and 3 to the PVLAN.
FIGURE 46 PVL AN CONFIGURATION EXAMPLE
Switch p1 p2 p3 p16 Server
144
The detailed configuration is as follows: zte(cfg)#set pvlan session 1 add promiscuous-port 16 zte(cfg)#set pvlan session 1 add isolated-port 1-3 zte(cfg)#show pvlan pvlan session : 1
promiscuous-port : 16 isolated-port : 1-3
802.1x Transparent Transmission Configuration

IEEE 802.1x is a port-based network access control protocol. Portbased network access control is a way to authenticate and authorize the users connected to the LAN equipment. This type of authentication provides a point-to-pint subscriber identification method in the LAN. The ZXR10 2609/2818S/2826S/2852S provides the 802.1x transparent transmission function that allows the transparent transmission of 802.1x protocol packets from the client to the authentication server for authentication. The Configuration of 802.1x transparent transmission includes the following contents:
1. Enable/Disable function. set dot1xrelay 2. Display the transmission.
the
802.1x
transparent
transmission
configuration
of
802.1x
transparent
show dot1xrelay
145
Layer 3 Configuration
Introduction
The ZXR10 2609/2818S/2826S/2852S provides a few layer 3 functions for the remote configuration and management. To realize the remote access, an IP port must be configured on the switch. If the IP port of the remote configuration host and that of the switch are not in the same network segment, it is also necessary to configure the static route. Static route is a simple unicast route protocol. The next-hop address to a destination network segment is specified by the user, where next hop is also called bridge. Static route involves destination address, destination address mask, next-hop address, and egress interface. The destination address and destination address mask describe the destination network information. The next-hop address and egress interface describe the way that the switch forwards the destination packet. The ZXR10 2609/2818S/2826S/2852S allows the addition and deletion of entries in the static ARP table.The ARP table records the mapping between the IP address of each node in the same network and the MAC address. When sending the IP packets, the switch first checks whether the destination IP address is in the same network segment. If yes, the switch checks whether there is a peer end IP address and MAC address mapping entry in the ARP table.
1. If yes, the switch directly sends the IP packets to this MAC address. 2. If the MAC address corresponding to the peer end IP address cannot be found in the ARP table, an ARP Request broadcast packet is sent to the network to query the peer end MAC address.
Generally, entries of the ARP table on the switch are dynamic. The static ARP table entry is configured only when the connected host cannot respond to the ARP Request.
146
To configure the Layer 3 function, you need to use the command config router to enter the Layer 3 configuration mode first.
IP Port Configuration
IP port configuration of the switch includes the following contents:
1. Set the IP address and mask of the layer 3 port. set ipport ipaddress 2. Bind the VLAN for the layer 3 port. set ipport vlan 3. Set the MAC address of the layer 3 port set ipport mac If the MAC address is not set, the MAC address of the switch is used instead. 4. Enable/Disable the layer 3 port. set ipport
When modifying the configuration of an IP port, you need to set the port to disabled state first, and then modify the configuration. The new settings will overwrite the original ones. You can use the command clear ipport to clear one or all the parameters of the port. Before clearing parameters, you need to set the port to disabled state first. For example: Configure an IP port on the switch. Set the IP address of the port to 192.1.1.1 and the mask to 24 digits. Bind the port to VLAN 100. The port uses the default address of the switch. The detailed configuration is as follows: zte(cfg)#config router zte(cfg-router)#set ipport 1 ipaddress 192.1.1.1/24 zte(cfg-router)#set ipport 1 vlan 100
zte(cfg-router)#set ipport 1 enable zte(cfg-VLAN2)#exit zte(cfg)# After the configuration is completed, you can use the command show ippor to view the IP port configuration.
Static Route Configuration

After an IP port is configured, if the remote user to be connected is not in the network segment of the interface, you need to use the command iproute to set a static route to the remote network.
FIGURE 47 CONFIGURATION EXAMPLE OF STATIC ROUTE
Switch
192.1.1.1/24 192.1.1.2/24
Router
192.1.2.0/24
As shown in Figure 47, the remote host is located in the network segment 192.1.2.0/24, which is not the same as the switch. To enable the communication between the switch and the host on the network segment 192.1.2.0/24, configure the following static route. zte(cfg)#config router zte(cfg-router)#iproute 192.1.2.0/24 192.1.1.2 You can use the command show iproute to view the direct routes and static routes on the switch.
148
The command result displays the destination network segment, next-hop address, route metric and egress interface of the static route. The following shows the result. zte(cfg-router)#show iproute Type IpAddress Mask Gateway
Metric IPport ------ --------------- ------------- --------------- ----- -----direct 192.1.1.0 static 192.1.2.0 Total 2 You can use the command clear iproute to delete one or more static routes. 255.255.252.0 255.255.255.0 192.1.1.1 192.1.1.2 0 0 0 0
ARP Table Entry Configuration

The Configuration of ARP table entry on the switch includes the following contents:
1. Add a static ARP table entry. arp add 2. Delete a static ARP table entry. arp delete 3. Delete all static ARP table entries. clear arp 4. Set the ARP table entry aging time of the IP port. arp ipport timeout If the existence period (during this period, packet of this IP address is not received) of an ARP table entry on the switch is larger than the aging time on the IP port, the switch will delete this ARP table entry.
5. View ARP table entries. show arp
Access Service Configuration

Introduction
With the rapid expansion of Ethernet construction scale, to meet the fast increase of subscribers and requirement of diversified broadband services, Network Access Service (NAS) is embedded on the switch to improve the authentication and management of access subscribers and better support the billing, security, operation, and management of the broadband network. NAS uses the 802.1x protocol and RADIUS protocol to realize the authentication and management of access subscribers. It is highly efficient, safe, and easy to operate. IEEE 802.1x is called port-based network access control protocol. Its protocol system includes three key parts: client system, authentication system, and authentication server.
1. The client system is generally a user terminal system installed with the client software. A subscriber originates the IEEE802.1x protocol authentication process through this client software. To support the port-based network access control, the client system must support the Extensible Authentication Protocol Over LAN (EAPOL). 2. The authentication system is generally network equipment that supports the IEEE802.1x protocol, for example, the switch. Corresponding to the ports of different subscribers (the ports could be physical ports or MAC address, VLAN, or IP address of the user equipment), the authentication
system has two uncontrolled port.
logical
ports:
controlled
port
and
The uncontrolled port is always in the state that the bidirectional connections are available. It is used to transfer the EAPOL frames and can ensure that the client can always send or receive the authentication. The control port is enabled only when the authentication is passed. It is used to transfer the network resource and services. The controlled port can be configured as bidirectional controlled or input controlled to meet the requirement of different applications. If the subscriber authentication is not passed, this subscriber cannot visit the services provided by the authentication system.
The controlled port and uncontrolled port in the IEEE 802.1x protocol are logical ports. There are no such physical ports on the equipment. The IEEE 802.1x protocol sets up a local authentication for each subscriber that other subscribers cannot use. Thus, there will not be such a problem that the port is used by other subscribers after the port is enabled. 3. The authentication server is generally a RADIUS server. This server can store a lot of subscriber information, such as VLAN that the subscriber belongs to, CAR parameters, priority, subscriber access control list, and so on. After the authentication of a subscriber is passed, the authentication server will pass the information of this subscriber to the authentication system, which will create a dynamic access control list. The subsequent flow of the subscriber will be monitored by the above parameters. The authentication system communicates with the RADIUS server through the RADIUS protocol.
RADIUS is a protocol standard used for the authentication, authorization, and exchange of configuration data between the Radius server and Radius client. RADIUS adopts the Client/Server mode. The Client runs on the NAS. It is responsible for sending the subscriber information to the
151
specified Radius server and carrying out operations according to the result returned by the server. The Radius Authentication Server is responsible for receiving the subscriber connection request, verifying the subscriber identity, and returning the configuration information required by the customer. A Radius Authentication Server can serve as a RADIUS customer proxy to connect to another Radius Authentication Server. The Radius Accounting Server is responsible for receiving the subscriber billing start request and subscriber billing stop request, and completing the billing function. The NAS communicates with the Radius Server through RADIUS packets. Attributes in the RADIUS packets are used to transfer the detailed authentication, authorization, and billing information. The attributes used by this switch are primarily standard attributes defined in the rfc2865, rfc2866, and rfc2869. The EAP protocol is used between the switch and the subscriber. Three types of identity authentication methods are provided between the RADIUS servers: PAP, CHAP, and EAP-MD5. Any of the methods can be used according to different service operation requirements. Password Authentication Protocol (PAP)
PAP is a simple plain text authentication mode. NAS requires the subscriber to provide the username and password and the subscriber returns the subscriber information in the form of plain text. The server checks whether this subscriber is available and whether the password is correct according to the subscriber configuration and returns different responses. This authentication mode features poor security and the username and password transferred may be easily stolen. Figure 48 shows the process of using the PAP mode for identity authentication.
152
F I G U R E 4 8 U S I N G P AP M O D E F O R I D E N T I T Y A U T H E N T I C A T I O N
Switch User terminal system EAPOL EAPOL-Start EAP-Request/Identity Connection setup EAP-Response/Identity EAP-Request/PAP EAP-Response/PAP Successful access EAP-Success Access-Request/PAP Access-Accept RADIUS RADIUS server
Challenge Handshake Authentication Protocol (CHAP)
CHAP is an encrypted authentication mode and avoids the transmission of the users real password upon the setup of connection. NAS sends a randomly generated Challenge string to the user. The user encrypts the Challenge string by using the own password and MD5 algorithm and returns the username and encrypted Challenge string (encrypted password). The server uses the user password it stores and the MD5 algorithm to encrypt the Challenge string. Then it compares this Challenge string with the encrypted password of the server and returns a response accordingly. Figure 49 shows the process of using the CHAP mode for identity authentication.
153
FIGURE 49 USING CHAP MODE FOR IDENTITY AUTHENTICATION
Switch User terminal system EAPOL EAPOL-Start EAP-Request/Identity Connection setup EAP-Response/Identity EAP-Request/Challenge EAP-Response/MD5Challenge Successful access EAP-Success Access-Request/CHAP Access-Accept RADIUS RADIUS server
Extensible Authentication Protocol - Message Digest 5 (EAP-MD5)
EAP-MD5 is a CHAP identity authentication mechanism used in the EAP framework structure. Figure 50 shows the process of using the EAP-MD5 mode for identity authentication.
154
F I G U R E 5 0 U S I N G E AP - M D 5 M O D E F O R I D E N T I T Y A U T H E N T I C A T I O N
Switch User terminal system EAPOL EAPOL-Start EAP-Request/Identity Connection setup EAP-Response/Identity Access-Request Access-Challenge EAP-Request/Challenge EAP-Response/MD5Challenge Successful access EAP-Success Access-Request Access-Accept RADIUS server RADIUS
Basic Configuration
The 802.1x configuration on the switch includes the following contents:
1. Enable/Disable the port 802.1x function. aaa-control port dot1x 2. Configure the authentication control mode of the port. aaa-control port port-mode The available modes include:
155
auto: Subscriber access from the port configured as auto must go through the authentication. The subscriber access is successful only when the authentication is successful. force-authorized: The subscriber can be connected to the network through this port without authentication. force-unauthorized: The subscriber cannot be connected to the network through this port.
The default authentication control mode is auto. 3. Allow/Prohibit multi-subscriber access of the port. aaa-control port multiple-host 4. Set the maximum number of subscribers connected through the port. aaa-control port max-hosts A port can allow the access of multiple subscribers and each subscriber has own independent authentication and billing processes. The aaa-control port max-hosts command is valid only when the port allows the access of multiple subscribers. 5. Enable/Disable re-authentication mechanism. dot1x re-authenticate 6. Set the re-authentication interval. dot1x re-authenticate period To judge whether the accessed subscriber maintains the connection all the time, the NAS can periodically request the re-authentication of this subscriber. Re-authentication needs to initiate a complete authentication process for each on-line subscriber. If the number of subscribers is large, there will be a lot of authentication packets, which brings a heavy burden to the switch. 7. Enable/Disable the abnormal off-line detection mechanism of the port. aaa-control port keepalive
8. Set the abnormal off-line detection period of the port. aaa-control port keepalive period Besides the re-authentication mechanism, the NAS module also introduces the abnormal off-line detection mechanism to judge whether the subscriber still keeps the connection. The abnormal off-line detection mechanism only requires a few packet interactions to determine whether the subscriber is still on line. The abnormal off-line detection mechanism is implemented in this way: The device takes the initiative to send a detection request periodically to the client. The EAPOL/EAP RepId packet defined in the 802.1x protocol is used as the request packet. If the EAPOL/EAP RepId response is received from the client, it means that the subscriber is still on line. Otherwise, the subscriber is off line. 9. Set the authentication mode of the port. aaa-control port protocol During the subscriber access authentication, there are three subscriber identity authentication methods between the authentication server and the authentication system: PAP, CHAP, and EAP-MD5. The default one is EAP-MD5. 10. Set the protocol parameters.
Set the interval between the first authentication failure of the authentication system and the next authentication request.
dot1x quiet-period
Set the time that the authentication system needs to wait before it can resend the EAPOL data packet because it does not receive the response from the client.
dot1x tx-period
Set the timeout time for the authentication system to receive the data packets from the authentication client system.
dot1x supplicant-timeout
Set the timeout time for the authentication system to receive the data packets from the authentication server.
dot1x server-timeout
Set the maximum times of request resending when the timer expires before the authentication system receives the Challenge response from the client.
dot1x max-request The 802.1x realizes the access control by exchanging EAPOL data packets between the client system and authentication system and the RADIUS data packets between the authentication system and authentication server. During the exchange of data packets, the following parameters are used for control purpose:
quietPeriod refers to the period before which the authentication system will not receive the authentication request from the client system after the first authentication failure. This function can prevent the subscribers continuous authentication attempts. txPeriod refers to the time after which the authentication system will resend the EAPOL data packets to the client system when it does not receive the response from the client system. supplicant Timeout and serverTimeout respectively refer to the time during which the authentication system shall receive the data packet from the client system and the authentication server. max-request refers to the maximum times of request resending when the timer expires before the authentication system receives the Challenge response from the client system.
11. Display the 802.1x configuration of the port. show aaa-control port 12. Display the 802.1x protocol parameters. show dot1x
158
RADIUS configuration on the switch includes the following contents; Add/Delete an ISP domain.
radius isp In the RADIUS configuration, the concept of isp-domain is introduced. Different domains may be operated by different ISPs. The access equipment identifies the domain that the subscriber belongs to according to the domain name in the subscriber name (username@DomainName) input by the subscriber and sends the authentication and billing requests of the subscriber to the authentication server and billing server of the corresponding domain. Each domain has its own RADIUS server. After a domain is deleted, all the configurations related to this domain are deleted. 13. Add the authentication server to the domain. radius isp add authentication 14. Delete the authentication server from the domain. radius isp delete authentication A domain can be configured with up to three authentication servers. The priority of the server is determined by the configuration order. The first server configured enjoys the highest priority, and the last server has the lowest priority. When a server is deleted, the priorities of the related servers rise in sequence. 15. Add an accounting server to the domain. radius isp add accounting 16. Delete an accounting server from the domain. radius isp delete accounting A domain can be configured with up to three accounting servers. The priority of the server is determined by the configuration order. The first server configured enjoys the highest priority, and the last server has the lowest priority.
When a server is deleted, the priorities of the related servers rise in sequence. 17. Set the IP address of the client in the domain. radius isp client The IP address of the client in the domain must be the IP address of an interface on the switch. 18. Set the shared password. radius isp sharedsecret The shared password is used for the data encryption between the RADIUS client and RADIUS server. The setting of shared password must be consistent on the client and the server. 19. Specify a default domain. radius isp defaultisp Only one domain can be specified as the default domain in the system. The system will send the subscriber authentication requests without the domain name specified on the RADIUS authentication server in the default domain. 20. Set the full account of the domain. radius isp fullaccount When it is specified to use the full account, the RADIUS client uses username@DomainName as the subscriber name to request the authentication of the RADIUS server. If it is not specified to use the full account, the subscriber name will not contain the domain name. 21. Configure the domain description. radius isp description 22. Configure the RADIUS parameters.
Set the server response timeout time.
radius timeout
Set the number of retransmissions upon server response timeout.
radius retransmit
Set the NAS server name.
radius nasname 23. Enable/Disable the billing function of the port. aaa-control port accounting 24. Display the RADIUS configuration. show radius
1. Enable the 802.1x function of port 1. Set the quiet-period to 5 seconds, tx-period to 5 seconds, supp-timeout to 3 seconds, and server-timeout to 3 seconds. Enable the keepalive function and set the keepalive interval to 180 seconds.
zte(cfg-nas)#aaa-control port 1 dot1x enable zte(cfg-nas)#dot1x quiet-period 5 zte(cfg-nas)#dot1x tx-period 5 zte(cfg-nas)#dot1x supplicant-timeout 3 zte(cfg-nas)#dot1x server-timeout 3 zte(cfg-nas)#aaa-control port 1 keepalive enable zte(cfg-nas)#aaa-control port 1 keepalive period 180
zte(cfg-nas)#show aaa-control 1 PortId Dot1x KeepAlive : 1 : enabled : enabled PortControl : auto
AuthenticationProtocol : eapMd5 KeepAlivePeriod MultipleHosts HistoryHostsTotal : 180 : disabled : 0
Accounting : disabled MaxHosts OnlineHosts : 0 : 0
161
zte(cfg-nas)#show dot1x TxPeriod :5 QuietPeriod ServerTimeout : 5 : 3
SuppTimeout :3 ReAuthPeriod:3600 MaxReq : 2
ReAuthenticate : disabled
zte(cfg-OSPF)#?
2. Enable the re-authentication function and set the reauthentication period to 60 seconds.
zte(cfg-nas)#dot1x re-authenticate enable zte(cfg-nas)#dot1x re-authenticate period 60
zte(cfg-nas)#show dot1x TxPeriod 5 SuppTimeout 3 ReAuthPeriod : 60 enabled MaxReq : 2 ReAuthenticate : : 3 ServerTimeout : : 5 QuietPeriod :
zte(cfg-OSPF)#?
3. Set the authentication control state of port 1 to auto and authentication mode to CHAP. Enable the multi-subscriber access. The maximum number of subscriber accessed is 5.
zte(cfg-nas)#aaa-control port 1 port-mode auto zte(cfg-nas)#aaa-control port 1 protocol chap zte(cfg-nas)#aaa-control port 1 multiple-hosts enable zte(cfg-nas)#aaa-control port 1 max-hosts 5
162
zte(cfg-nas)#show aaa-control 1 PortId Dot1x : 1 : enabled PortControl AuthenticationProtocol KeepAlivePeriod : auto : chap: : 180 : enabled : 0
KeepAlive: enabled
Accounting: disabled MultipleHosts MaxHosts: 5 OnlineHosts : 0 HistoryHostsTotal
4. Configure the RADIUS domain 188 according to the following requirements: Authentication server address and accounting server address: 10.40.92.212 and 10.40.92.215 Share Password: 123456 Client IP address: 10.40.92.100. Use the default domain.
zte(cfg-nas)#radius isp 188 enable zte(cfg-nas)#radius 10.40.92.212 zte(cfg-nas)#radius 10.40.92.215 zte(cfg-nas)#radius isp 188 add accounting 10.40.92.215 zte(cfg-nas)#radius isp 188 add accounting 10.40.92.212 zte(cfg-nas)#radius isp 188 sharedsecret 123456 zte(cfg-nas)#radius isp 188 client 10.40.92.100 zte(cfg-nas)#radius isp 188 defaultisp enable isp 188 add authentication isp 188 add authentication
zte(cfg-nas)#show radius 188 Client DefaultIsp FullAccounts : 10.40.92.100 : Yes : No IspName Description : 188 :
SharedSecret : 123456 Auth-port --------163
Authentication servers ----------------------
10.40.92.212 10.40.92.215 Accounting servers ---------------------10.40.92.215 10.40.92.212
1812 1812 Acct-port --------1813 1813
zte(cfg-OSPF)#?
QinQ Configuration
Introduction
QinQ is the IEEE 802.1Q tunneling protocol and is also called VLAN stacking. QinQ technology is the addition of one more VLAN tag (outer tag) to the original VLAN tag (inner tag). The outer tag can shield the inner tag. QinQ does not need the protocol support. The simple Layer 2 Virtual Private Network (L2VPN) can be realized through QinQ. The QinQ is especially suitable for the small-size LAN that takes the layer 3 switch as its backbone. Figure 51 shows the typical networking of the QinQ technology. The port connected to the user network is called Customer port. The port connected to the ISP network is called Uplink port. The edge access equipment of the ISP network is called Provider Edge (PE).
164
FIGURE 51 TYPICAL QINQ NETWORKING

SPVLAN 10 customer port User network 1 CVLAN 1~100 Switch A PE SPVLAN 10 uplink port ISP network SPVLAN 10 uplink port SPVLAN 10 customer port PE Switch B User network 2 CVLAN 1~100
SPVLAN: Service Provider VLAN CVLAN: Customer VLAN
The user network is generally connected to the PE through the Trunk VLAN mode. The internal Uplink ports of the ISP network are symmetrically connected through the Trunk VLAN mode.
1. When a packet is sent form user network 1 to the customer port of switch A, because the PORTBASE VLANbased customer port does not identify the tag when receiving the packet, the customer port processes the packet as an untagged packet no matter whether this data packet is attached with the VLAN tag or not. The packet is forwarded by the VLAN 10, which is determined by the PVID. 2. The uplink port of switch A inserts the outer tag (VLAN ID: 10) when forwarding the data packet received from the customer port. The tpid of this tag can be configured on the switch. Inside the ISP network, the packet is broadcast along the port of VLAN 10 until it reaches the switch B. 3. Switch B finds out that the port connected to user network 2 is a customer port. Thus, it removes the outer tag in compliance with the conventional 802.1Q protocol to
recover the original packet and sends the packet to user network 2. 4. In this way, data between user network 1 and user network 2 can be transmitted transparently. The VLAN IDs of the user network can be planned regardless of the conflict with the VLAN IDs in the ISP network.
Note: ZXR10 2609/2818SLE/2826SLE/2852SLE does not support this function.
Basic Configuration
The PVLAN configuration on the switch includes the following contents:
1. Add/Delete a Customer port. set qinq customer port 2. Add/Delete an Uplink port. set qinq uplink port 3. Set the tpid of the outer tag. set qinq tpid 4. Display the QinQ configuration. show qinq
Note: When the QinQ is configured, the customer port and the uplink port of the SPVLAN can be set as an untagged port, or as a tagged port.
166
As show in Figure 51, suppose that the customer port of swtich A is port 1 and the uplink port is port 24. The customer port of swtich B is port 1 and the uplink port is port 24. The configuration of switch A is as follows: zte(cfg)#set vlan 10 enable zte(cfg)#set vlan 10 add port 1,24 zte(cfg)#set port 1,24 pvid 10 zte(cfg)#set qinq customer port 1 enable zte(cfg)#set qinq uplink port 24 enable The configuration of switch B is the same as that of switch A.
167
168
Chapter
Network Management
Network management functions of the ZXR10 2609/2818S/2826S/2852S, such as Remote-Access, SSH, SNMP, RMON and cluster management.
Remote-Access
Introduction
Remote-Access is a restrictive mechanism used for network management users to log in through Telnet, that is, it is used to restrict the access. This function is to enhance the security of the network management system. After this function is enabled, you can specify a network management user to access the switch only from a specified IP address by configuring the related parameters. In this case, the user cannot access the switch from other IP addresses. When this function is disabled, the network management user can access the switch through Telnet from any IP address.
Basic Configuration
The Remote-Access following contents: configuration on the switch includes the
1. Disable/enable the restrictive access. set remote-access By default, the restrictive access is disabled. 2. Configure the IP address that allows for access. set remote-access ipaddress 3. Delete all IP addresses that allow for access. clear remote-access all 4. Delete an IP address that allows for access. clear remote-access ipaddress 5. Display the Remote-Access configuration information. show remote-access
Example 1: Only allow the network management user to access the switch from 10.40.92.0/24 through Telnet. zte(cfg)#set remote-access specific zte(cfg)#set remote-access ipaddress 10.40.92.0 255.255.255.0 zte(cfg)#show remote-access Whether check remote manage address: YES Allowable remote manage address list: 10.40.92.0/255.255.255.0 zte(cfg)#
Example 2: Only allow the network management user to access the switch from 10.40.92.212 through Telnet. zte(cfg)#set remote-access specific zte(cfg)#set remote-access ipaddress 10.40.92.212 zte(cfg)#show remote-access
Chapter 8 - Network Management
Whether check remote manage address: YES Allowable remote manage address list: 10.40.92.212/255.255.255.255 zte(cfg)# Example 3: Allow the network management user to access the switch from any IP address through Telnet. zte(cfg)#set remote-access any zte(cfg)#show remote-access Whether check remote manage address: NO Allowable remote manage address list: none zte(cfg)#
SSH
Introduction
The secure shell (SSH) is a protocol created by Network Working Group of the IETF, which is used to offer secure remote access and other secure network services over an insecure network. The purpose of the SSH protocol is to solve the security problems in interconnected networks, and to offer a securer substitute for Telnet and Rlogin (Although the present development of the SSH protocol has far exceeded the remote access function scope), therefore, the SSH connection protocol shall support interactive session. The SSH can be used to encrypt all transmitted data. Even if these data is intercepted, no useful information can be obtained.
171
At present, the SSH protocol has two incompatible versions: SSH v1.x and SSH v2.x. This switch only supports SSH v2.0 and uses the password authentication mode. The SSH uses port 22.
Basic Configuration
The SSH configuration on the switch includes the following contents:
1. Enable or disable SSH. set ssh By default, the SSH function is disabled. The SSH is generally used for configuring remote access to the switch. The user name and password for login (or remote RADIUS login mode) shall be configured on the switch, and the local host shall be able to ping the IP port address on the switch normally. This switch only supports SSH login of a single user, allowing for three login attempts. After three login attempts, the connection with the user is automatically terminated. After user login, the set ssh disable command can be used to terminate the connection with the user and prohibit the user from logging in through SSH. However, if the user is in Diffie-Hellman key exchange state, the command is disabled. 2. Display the SSH configuration and user login status. show ssh
As shown in Figure 52, one host attempts to access the switch through SSH. The switch is configured with a layer 3 port. The IP address of the port is 192.1.1.1/24, and the IP address of the host is 192.1.1.100/24.
172
FIGURE 52 SSH CONFIGURATION EXAMPLE
Switch
192.1.1.1/24
192.1.1.100/24
The specific configuration of the switch is as follows: zte(cfg)#creat user zte zte(cfg)#loginpass zte zte(cfg)#set ssh enable
The client using SSH v2.0 can use the free software Putty developed by Simon Tatham to access the switch. The required settings are as follows.
1. Set the IP address and port number of the SSH Server, as shown in Figure 53.
173
FIGURE 53 SETTING IP ADDRESS AND PORT NUMBER OF THE SSH SERVER
174
2. Set the SSH version number, as shown in Figure 54.
FIGURE 54 SETTING SSH VERSION NUMBER
3. For the first time to log in, the user confirmation is needed, as shown in Figure 55.
175
FIGURE 55 USER CONFIRMATION REQUIRED IN THE FIRST LOGIN
4. The SSH login result is shown in Figure 56.
FIGURE 56 SSH LOGIN RESULT
176
SNMP
Introduction
SNMP is the most popular network management protocol currently. It involves a series of protocol suite and specifications: MIB SMI SNMP They offer the means to collect network management information from network devices. SNMP also enables devices to report problems and errors to network management stations. Any network administrator can use SNMP to manage switches. SNMP adopts the Management processAgent process model to monitor and control all types of managed network devices. The SNMP network management needs three key elements:
1. Managed devices, which can communicate over the Internet. Each device contains an agent. 2. Network Management Station (NMS). The network management process shall be able to communicate over the Internet. 3. The protocol used for the exchange of management information between the switching agent process and the NMS, that is, SNMP.
An NMS collects data by polling the agents that reside in the managed devices. The agents in the managed devices can report errors to NMSs at any time before the NMSs poll them. These errors are called traps. When a trap occurs to a device, the NMS can be used to query the device (suppose it is reachable) and obtain more information. All variables in the network are stored in the MIB. SNMP monitors network device status by querying the related object values in the
agent MIB.ZXR10 2609/2818S/2826S/2852S implements standard MIB defined in rfc1213, rfc1493, rfc2674 and rfc2819.
the
Basic Configuration
The SNMP configuration includes the following contents:
1. Create communication name and set the access authority. create community The community string offers a user confirmation mechanism for remote network administrators to configure switches. The public indicates that the switch only allows for read only access, while private indicates that the read/write authority to the switch is permitted. If the community string created with this command already exists, the newly created string overwrites the original one. 2. Create a view and specify whether the view contains a mib subtree. create view A view is an object subset of the MIB. The parameter <mib-oid> specifies the mib subtree. If the excluded or included mib subtree is not specified, it includes 1.3.6.1 by default. If the view created with this command already exists, the newly created view overwrites the original one. 3. Set specific community name that the view contains. set community view The community and view must be created. One community can only correspond to one view, but one view can correspond to multiple communities. 4. Set the IP address, community name and version of the trap host.
set traphost The trap host is the destination host to which the traps are sent. 5. Delete a community name. clear community 6. Delete a view name. clear view 7. Enable/disable the SNMP trap. set trap If it is enabled, and the operation as described in 5) above occurs, a trap is sent to the management console. The cold start and warm start traps are sent to the management console only after the system is started. In general, there is a delay of several minutes. 8. Display SNMP information Show snmp
Suppose that the IP address of the network management server is 10.40.92.105, the switch has a layer 3 port with the IP address of 10.40.92.200, and the switch is managed through the network management server. Create a community named zte with the read/write authority and the view named zteview, and then associate the community zte with the view zteview. Specify the IP address of the host receiving traps as 10.40.92.105, and the community as zte. zte(cfg)#config router zte(cfg-router)#set ipport 0 ipaddress 10.40.92.200 255.255.255.0 zte(cfg-router)#set ipport 0 vlan 2
179
zte(cfg-router)#set ipport 0 enable zte(cfg-router)#exit
zte(cfg)#config snmp zte(cfg-snmp)#create community zte private zte(cfg-snmp)#create view zteview zte(cfg-snmp)#set community zte view zteview zte(cfg-snmp)#set traphost 10.40.92.105 zte
zte(cfg-snmp)#show snmp community CommunityName Level ViewName
-------------- --------- -----------zte private zteview
zte(cfg-snmp)#show snmp view ViewName Exc/Inc MibFamily
----------- -------- -----------------------zteview Include 1.3.6.1
zte(cfg-snmp)#show snmp host HostIpAddress Community SNMPVersion
---------------- ----------- ----------10.40.92.105 zte(cfg-snmp)# zte Ver.1
180
RMON
Introduction
The Remote Monitoring (RMON) defines standard network monitoring function and the communication interface between the management console and the remote monitor. RMON offers an efficient and high availability method to monitor the behaviors of subnets in case of reducing the load of other agents and management stations. RMON specifications refer to the definition of RMON MIB.ZXR10 2609/2818S/2826S/2852S supports four groups of RMON MIB. History: records the periodic statistics sample of the information that can be obtained from the statistics group. Statistics: maintains the basic application and error statistics of each subnet that the agent monitors. Event: it is a table related to all events generated by RMON agents. Alarm: allows operators of the management console to set sampling interval and alarm threshold for any count or integer recorded by RMON agents. All these groups are used to store the data collected by the monitor and the derived data and statistics. The alarm group is based on the implementation of the event group. These data can be obtained through the MIB browser. The RMON control information can be configured through the MIB browser, and a HyperTerminal or remote Telnet command line. The RMON sampling information and statistics are obtained through the MIB browser.
Basic Configuration
The following describes how to configure RMON control information through a HyperTerminal or remote Telnet.
1. Enable/disable the RMON function.

set rmon By default, the RMON function is disabled. The sampling of etherStatsTable information in the etherHistoryTable and statistics groups in the history group can be implemented only when the RMON function is enabled. During the sampling, the data sampling stops if the RMON function is disabled. 2. Create or configure instances of the history group. set history The command line configuration of the history group is to configure the historyControlTable in the history group. The configuration involves:
historyControlDataSource: It is the ifIndex oid in the rfc1213 interface group, for example, the oid of port 16 is 1.3.6.1.2.1.2.2.1.1.16. In command line configuration, enter the port number 16 directly. historyControlBucketsRequested: By default, it is 50. historyControlOwner. historyControlInterval. By default, it is 1,800 seconds. historyControlStatus: It can be valid, underCreation, createRequest and invalid. When it is set to invalid, the instance is deleted. The control status can be set to valid only when the data source is specified.
3. Create or configure instances of the statistics group. set statistics The command line configuration of the statistics group is to configure the etherStatsTable in the statistics group. The configuration involves:
etherStatsDataSource: It is the same as that of the history group. When configuring the data source through the command line, enter the port number directly. etherStatsOwner
182
etherStatsStatus: It can be valid, underCreation, createRequest and invalid. When it is set to invalid, the instance is deleted. The control status can be set to valid only when the data source is specified.
4. Create or configure instances of the event group. set event The command line configuration of the event group is to configure the eventTable in the event group. The configuration involves:
eventDescription. eventType: It can be none(1), log(2), snmp-trap(3) and log-and-trap(4).When the log is selected, a log instance is created for each event in the logTable. When the snmp-trap is selected, for each event, the monitor sends an SNMP trap to one or more management stations. When the log-and-trap is selected, the log is created and a trap is sent. eventOwner. eventCommunity. eventStatus: It can be valid, underCreation, createRequest and invalid. When it is set to invalid, the event instance is deleted.
5. Create or configure instances of the alarm group. set alarm The command line configuration of the alarm group is to configure the alarmTable in the alarm group. The configuration involves:
alarmInterval. alarmVariable: It indicates the object identifier of a specific variable to be sampled in the local mib, for example, for sampling the etherHistoryBroadcastPkts, the variable value shall be 1.3.6.1.2.1.16.2.2.1.7.x.x, where, x.x indicates the sampling bucket of an instance of the history group. alarmSampleType: The absolute indicates the absolute value, and delta indicates the relative value.
alarmStartupAlarm: It can be risingAlarm(1), fallingAlarm(2) and risingOrFallingAlarm(3), which indicate that, after the instance becomes effective, the first sampling starts when the rising sampling value exceeds the threshold, the falling sampling value is lower than the threshold or both cases occur simultaneously. alarmRisingThreshold. alarmFallingThreshold. alarmRisingEventIndex. alarmFallingEventIndex. alarmOwner. alarmStatus: It can be valid, underCreation, createRequest and invalid. When it is set to invalid, the alarm instance is deleted.
The alarm variable can be configured only when the object to be sampled specified by the alarm variable can sample data. The status can be set to valid only when the alarm variable is configured successfully. 6. Query the RMON status and configuration information.
Display the RMON status.
show rmon
Display the configuration information about the history group.
show history
Display the configuration information about the statistic group.
show statistic
Display the configuration information about the event group.
show event
Display the configuration information about the alarm group.
show alarm
184
The following examples describe how to set event 2, history 2, alarm 2 and statistics 1 respectively. zte(cfg-snmp)#set event 2 description It'sJustForTest!! zte(cfg-snmp)#set event 2 type logandtrap zte(cfg-snmp)#set event 2 community public zte(cfg-snmp)#set event 2 owner zteNj zte(cfg-snmp)#set event 2 status valid
zte(cfg-snmp)#set history 2 datasource 16 zte(cfg-snmp)#set history 2 bucket 3 zte(cfg-snmp)#set history 2 interval 10 zte(cfg-snmp)#set history 2 owner zteNj zte(cfg-snmp)#set history 2 status valid
zte(cfg-snmp)#set rmon enable
zte(cfg-snmp)#set alarm 2 interval 10 zte(cfg-snmp)#set 1.3.6.1.2.1.2.2.1.1.16 zte(cfg-snmp)#set alarm 2 sample absolute zte(cfg-snmp)#set alarm 2 startup rising zte(cfg-snmp)#set rising zte(cfg-snmp)#set falling zte(cfg-snmp)#set alarm 2 owner zteNj zte(cfg-snmp)#set alarm 2 status valid alarm 2 threshold 15 eventindex 2 alarm 2 threshold 8 eventindex 2 alarm 2 variable
zte(cfg-snmp)#set statistics 1 datasource 16
185
zte(cfg-snmp)#set statistics 1 owner zteNj zte(cfg-snmp)#set statistics 1 status valid Query configuration information about event 2: zte(cfg-snmp)#show event 2 EventIndex Community : 2 : public Type : log-and-trap
Status: valid Owner : zteNj
LastTimeSent: 0
Description : It'sJustForTest!! zte(cfg-snmp)# Query configuration information about history 2: zte(cfg-snmp)#show history 2 ControlIndex : 2 Interval : 10 BucketsRequest: 3 BucketsGranted: 3 ControlOwner : zteNj
ControlStatus: valid DataSource zte(cfg-snmp)#
: 1.3.6.1.2.1.2.2.1.1.16
Query configuration information about alarm 2: zte(cfg-snmp)#show alarm 2 AlarmIndex Interval : 2 : 10 SampleType: absolute Value Startup Status : 0 : risingAlarm : valid
Threshold(R) : 8 Threshold(F) : 15 EventIndex(R): 2
Variable :
1.3.6.1.2.1.16.2.2.1.6.2.1 EventIndex(F): 2 zte(cfg-snmp)#

Owner
: zteNj
Query configuration information about statistics 1: zte(cfg-snmp)#show statistics 1 StatsIndex: 1 Pkts :16 CRCAlignErrors : 0 DropEvents: 0 BroadcastPkts :1 Pkts65to127Octets : 0 Octets : 2236 MulticastPkts:15 Pkts128to255Octets : 15 Fragments : 0 UndersizePkts:0 Pkts256to511Octets : 1 Jabbers : 0 OversizePkts :0 Pkts512to1023Octets : 0 Collisions: 0 Pkts64Octets :0 kts1024to1518Octets: 0 Status : valid Owner : zteNj DataSource: 1.3.6.1.2.1.2.2.1.1.16 zte(cfg-snmp)# After the above configuration, when the number of etherHistoryPkts of the first bucket of port 16 rises over 8 or the number falls below 15, the event with the index of 2 is triggered. The event with the index of 2 sends a trap to the management station, and creates a log simultaneously. This log can be queried in the logTable of the event group.
Cluster Management
Introduction
A cluster is a combination consisting of a set of switches in a specific broadcast domain. This set of switches forms a unified management domain, providing an external public network IP address and
187
management interface, as well as the ability to manage and access each member in the cluster. The management switch which is configured with a public network IP address is called a command switch. Other switches serve as member switches. In normal cases, a member switch is not configured with a public network IP address. A private address is allocated to each member switch through the class DHCP function of the command switch. The command switch and member switches form a cluster (private network). It is recommended that you isolate the broadcast domain between the public network and the private network on the command switch and shield direct access to the private address. The command switch provides an external management and maintenance channel to manage the cluster in a centralized manner. In general, the broadcast domain where a cluster is located consists of switches in these roles: Command switch, member switches, candidate switches and independent switches. One cluster has only one command switch. The command switch can automatically collect the device topology and set up a cluster. After a cluster is set up, the command switch provides a cluster management channel to manage member switches. Member switches serve as candidate switches before they join the cluster. The switches that do not support cluster management are called independent switches. Figure 57 shows the cluster management networking.
188
FIGURE 57 CLUSTER M AN AGEMENT NETWORKING
TFTP Server 110.1.1.2
NM console 110.1.1.1
Public network
100.1.1.10
Cluster internal address pool 192.168.1.0/24
Command switch
Cluster internal network
Member switch
Member switch
Member switch Member switch Member switch
Independent switch
Outside the cluster
Candidate switch
189
Figure 58 shows the changeover rule of the four roles of switches within a cluster.
FIGURE 58 SWITCH ROLE CHANGEOVER RULE
Member switch Specified as a command switch Delete from the cluster Add to the cluster Specified as a candidate switch Candidate switch Specified as an independent switch Specified as a command switch Specified as a candidate switch (without member) Specified as an independent switch (without member) Command switch Specified as a command switch
Independent switch
To configure the cluster management function, first use the config group command to enter the cluster management configuration mode.
ZDP Configuration
ZDP (Discovery Protocol) is a protocol used to discover the related information about the direct neighbor node, including the adjacent device ID, device type, version and port information. This protocol supports the refreshing and aging of the neighbor device information table. The ZDP configuration on the switch includes the following contents:
1. Enable/disable the system ZDP function.

set zdp By default, the system ZDP function is enabled. When the system ZDP function is disabled, the contents of the neighbor device information table are cleared, and the ZDP packets processing is suspended. 2. Enable/disable the port ZDP function. set zdp port 3. Enable/disable the trunk ZDP function. set zdp trunk By default, the ZDP functions of all ports/trunks are enabled. When the ZDP function of a port/trunk is disabled, the contents of the neighbor device information table of the port/trunk are cleared, and the ZDP packets processing is suspended.
Note: A port/trunk can collect and send ZDP information normally only when both the ZDP function of the port/trunk and the system ZDP function are enabled.
4. Set the valid time for holding ZDP information. set zdp holdtime 5. Set the time interval for sending ZDP packets. set zdp timer 6. Display the ZDP configuration. show zdp 7. Display the neighbor device information table. show zdp neighbour
191
ZTP Configuration
The topology protocol (ZTP) is a protocol used to collect network topology information. With the neighbor device information table collected through ZDP, ZTP sends and forwards ZTP topology collection packets through the relevant port in the specified VLAN to collect the topology information in the network (hop count) within a specific range and to create a topology information table which is used for knowing network topology status and managing the cluster. The ZTP configuration on the switch includes the following contents:
1. Enable/disable the system ZTP function. set ztp By default, the system ZTP function is enabled. When the system ZTP function is disabled, the contents of the switch topology information table are cleared, and the ZTP packets processing is suspended. 2. Enable/disable the port ZTP function. set ztp port 3. Enable/disable the trunk ZTP function set ztp trunk By default, the ZTP function of all ports/trunks is enabled. If the ZTP function of a port/trunk is disabled, the ZTP packets processing of the port/trunk is suspended.
Note: A port/trunk can collect and send ZTP information normally only when both the ZTP function of the port/trunk and the system ZTP function are enabled.
4. Configure ZTP parameters.

Configure a VLAN for collecting topology information.
set ztp vlan

Set the range (hop count) of collecting topology information.
set ztp hop

Set the time interval for collecting topology information periodically.
set ztp timer

Set the hop delay for forwarding topology requests.
set ztp hopdelay

Set the port delay for forwarding topology requests.
set ztp portdelay By default, the specified VLAN for collecting topology information is VLAN 1, and the topology collecting range is four hops. By default, the time interval for collecting topology information is 0 minute, that is, the topology information is not collected periodically. When the switch is configured to be a command switch, the VLAN for collecting topology information serves as the management VLAN of the command switch. In this case, it is not allowed to change the specified VLAN for collecting topology information. When the network delay is high, the hop delay and port delay of topology forwarding shall be modified to adapt the current network status. To collect network topology information within a larger range, the administrator can increase the hop counts. 5. Manually start collecting topology information. ztp start To make it easy to know the network topology information at any time, the user can manually start the topology information collection procedure, without depending on the automatic topology information collection. 6. Display ZTP configuration.
show ztp 7. Display details of the specified device according to the MAC address. show ztp mac 8. Display the topology information table. show ztp device
Note: The device ID offered by the topology information table is the temporary ID generated based on the current topology information collection result. With the purpose of facilitating the display and cluster management, it is effective to the current topology information collection result only.
Cluster Configuration
After the command switch is specified, you can know the network topology information through ZDP/ZTP, and then manage and monitor the cluster. The unique ID of a cluster consists of the VLAN where the cluster is located and the MAC address of the command switch.
1. Set switch roles.

Set candidate switches.
set group candidate

Set independent switches.
set group independent

Set a command switch, specify a layer 3 port number for cluster management and set the IP address pool for user cluster management.
set group commander ipport After a candidate switch is added to the cluster by the command switch and becomes a member switch, the member switch cannot change itself to a candidate switch or command switch. In setting the command switch, the VLAN to which the layer 3 port is bound shall be the specified VLAN for collecting topology information. Once a switch is configured to be a command switch, the specified VLAN for collecting topology information cannot be changed. The command switch is allowed to be a candidate switch or independent switch only when the cluster has no member switch. 2. Add/delete a cluster member.
Add a member based on the device MAC address.
set group add mac

Add a member based on the device MAC address and specify the member ID.
set group add mac

Add a member based on the temporary device ID obtained from the collected topology information.
set group add device

Delete a device with the specified member ID from the cluster.
set group delete member When a device is added to the cluster but the member ID is not specified, the system automatically allocates a unique ID to the member. 3. Configure cluster parameters.
Set cluster name.
set group name

Set a time interval for the handshake between the command switch and the member switch.
set group handtime

Set the effective holding time of information about switches in the cluster.
set group holdtime

Set the IP address of the internal public TFTP Server of the cluster.
set group tftpsvr The above parameters can be configured for the command switch only. The effective holding time of the cluster means that when the command switch detects the communication failure of a member switch (or a member switch detects that of the command switch), and the communication is recovered within the effective holding time, the member status is normal; if the communication is not recovered after the effective holding time, the command switch displays that the member is in DOWN state. After the communication is recovered, the member is added to the cluster automatically and is displayed in UP status. If the IP address of the TFTP Server of the cluster is configured, the member switch can access the TFTP Server by directly accessing the command switch. 4. Access and control cluster members.
Switch from the command switch to a specified member switch.
rlogin member
Switch from a member switch to the command switch.
rlogin commander
Download/upload versions through TFTP on the command switch.
tftp
Save the configuration of the specified member switch.
save member
Delete the configuration of the specified member switch.
erase member
Restart the specified member switch.
reboot member 5. Display the cluster configuration and cluster member information.
Display the cluster configuration information.
show group
Display candidate switches that can be added to the cluster.
show group candidate

Display cluster member information.
show group member
As shown in Figure 57, the initial configuration of the switches is the default configuration. Here, set the VLAN where the public network IP address of the command switch in the cluster is located to 2525, the IP address to 100.1.1.10/24, the gateway address to 100.1.1.1, the cluster management VLAN to 4000, the private address pool to 192.168.1.0/24, and the IP address of the TFTP Server of the whole cluster to 110.1.1.2. The detailed configuration is as follows:
1. Configure the public network IP address of the command switch and the gateway.
WYXX(cfg)#set vlan 2525 enable WYXX(cfg)#set vlan 2525 add port 1-16 tag
197
WYXX(cfg)#config router WYXX(cfg-router)#set ipport 25 ipaddress 100.1.1.10/24 WYXX(cfg-router)#set ipport 25 vlan 2525 WYXX(cfg-router)#set ipport 25 enable
WYXX(cfg-router)#iproute 0.0.0.0/0 100.1.1.1
2. Create a cluster on layer 3 port 1 of the command switch and VLAN 1 (default VLAN).
WYXX(cfg)#config group WYXX(cfg-group)#set 192.168.1.1/24 group commander ipport 1 ip-pool
Cmdr.WYXX(cfg-group)#ztp start Cmdr.WYXX(cfg-group)#show ztp device Last collection vlan : 1 Last collection time : 188 ms. Id --0 1 2 3 4 5 MacAddress Hop Role ----cmdr candi candi candi candi candi Platform --------ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S
------------------ --00.d0.d0.fc.08.6c 00.d0.d0.fc.08.d6 00.d0.d0.fc.08.cf 00.d0.d0.fc.08.fa 00.d0.d0.fc.08.d5 00.d0.d0.fc.09.3a 0 1 1 1 1 1
Cmdr.WYXX(cfg-group)#set group add device 1-5 Adding device id : 1 Adding device id : 2 Adding device id : 3 Adding device id : 4
198
... ... ... ...
Successed to add member! Successed to add member! Successed to add member! Successed to add member!
Adding device id : 5
...
Successed to add member!
Cmdr.WYXX(cfg-group)#show group member MbrId MacAddress IpAddress Status
----- ----------------- ------------------- ---------1 2 3 4 5 00.d0.d0.fc.08.d6 192.168.1.2/24 00.d0.d0.fc.08.cf 192.168.1.3/24 00.d0.d0.fc.08.fa 192.168.1.4/24 00.d0.d0.fc.08.d5 192.168.1.5/24 00.d0.d0.fc.09.3a 192.168.1.6/24 Up Up Up Up Up
3. Switch to each member switch and add all ports to VLAN 4000 (taking member 4 as an example)
Cmdr.WYXX(cfg)#set vlan 4000 enable Cmdr.WYXX(cfg)#set vlan 4000 add port 1-16 tag
Cmdr.WYXX(cfg)#rlogin member 4 Trying ...Open
Connecting ...
Membr_4.zte>enable
Membr_4.zte(cfg)#set vlan 4000 enable Membr_4.zte(cfg)#set vlan 4000 add port 1-16 tag
4. Delete the cluster created on VLAN 1.

Cmdr.WYXX(cfg-group)#set group delete member 1-5 Deleting member id : 1 Deleting member id : 2 Deleting member id : 3 Deleting member id : 4 ... ... ... ... Successed to del member! Successed to del member! Successed to del member! Successed to del member!
199
Deleting member id : 5
...
Successed to del member!
Cmdr.WYXX(cfg-group)#set group candidate WYXX(cfg-group)#
5. Create a cluster on VLAN 4000.

WYXX(cfg-group)#set ztp vlan 4000
WYXX(cfg-group)#set 192.168.1.1/24
group
commander
ipport
ip-pool
Cmdr.WYXX(cfg-group)#ztp start Cmdr.WYXX(cfg-group)#show ztp device Last collection vlan : 4000 Last collection time : 176 ms. Id --0 1 2 3 4 5 MacAddress Hop Role ----cmdr candi candi candi candi candi Platform --------ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S ZXR10 2818S
------------------ --00.d0.d0.fc.08.6c 00.d0.d0.fc.08.d6 00.d0.d0.fc.08.cf 00.d0.d0.fc.08.fa 00.d0.d0.fc.08.d5 00.d0.d0.fc.09.3a 0 1 1 1 1 1
Cmdr.WYXX(cfg-group)#set group add device 1-5 Adding device id : 1 Adding device id : 2 Adding device id : 3 Adding device id : 4 Adding device id : 5 ... ... ... ... ... Successed to add member! Successed to add member! Successed to add member! Successed to add member! Successed to add member!
200
Cmdr.WYXX(cfg-group)#show group member MbrId MacAddress IpAddress Status
----- ---------------- ----------------- ---------1 2 3 4 5 00.d0.d0.fc.08.d6 192.168.1.2/24 00.d0.d0.fc.08.cf 192.168.1.3/24 00.d0.d0.fc.08.fa 192.168.1.4/24 00.d0.d0.fc.08.d5 192.168.1.5/24 00.d0.d0.fc.09.3a 192.168.1.6/24 Up Up Up Up Up
6. Set the IP address of the TFTP Server in the cluster to 110.1.1.2.

Cmdr.WYXX(cfg-group)#set group tftpsvr 110.1.1.2
7. Download version kernel.Z on member 4.

Membr_4.zte(cfg-tffs)#tftp commander download kernel.Z
201
202
Chapter
Maintenance
Routine maintenance of the ZXR10 2609/2818S/2826S/2852S Common test methods of the ZXR10 2609/2818S/2826S/2852S Troubleshooting methods of the ZXR10 2609/2818S/2826S/2852S
Routine Maintenance
Routine maintenance generally refers to daily maintenance and monthly maintenance. The following describes them in detail.
Items of Daily Maintenance

1. Check the running status of the switch. i. Query whether the background terminal interface can operate normally.
ii. Query whether the status of indicators of the switch is normal. iii. Check whether the fan of the switch runs normally. iv. Check whether the temperature of the switch is normal and whether there is any strange smell in the equipment room.
v. Check system alarm information. 2. Check the communication status between the switch and each connected device. Log in to the switch through a HyperTerminal or Telnet, and then use the ping command to test different network segments and check the connectivity. 3. Check whether the switch related services are normal. 4. Record the intraday operations and phenomenon. Intraday operations refer to the operations performed on that day, and phenomenon shall include the status of the switch and environment of the equipment room.
Items of Monthly Maintenance

1. Summarize daily operations once a month. i. Summarize questions encountered in routine operations and please discuss with ZTE maintenance personnel if necessary.
ii. Summarize and accumulate maintenance experiences in routine maintenance to conduct more efficient maintenance. 2. Clean the equipment room. i. Pay attention to the cleanness of air conditioners and check the performance of the air conditioners at the same time.
ii. Clean the cabling trough, check whether the relevant lines are in poor contact and make adjustment in time. 3. Clean the switch. Do not overwet the cleaning cloth. Make sure that the interfaces are not affected. 4. Back up the alarm data, statistic data and configuration data.
Chapter 9 - Maintenance
Maintenance Period
Table 12 shows the maintenance and test period of the Ethernet switch system for the reference of the maintenance personnel.
TABLE 12 M AINTENANCE AND TEST PERIOD OF THE ETHERNET SWITCH SYSTEM
No. 1 2 3 4 5 6 7 8 9 10
Maintenance & Test Item Check the running status of the switch. Check the temperature and humidity in the equipment room and check the power supply. Check the communication status between the switch and each connected device. Check whether developed. the relevant of of services are well
Test Period Daily Daily Daily Daily Monthly Monthly Monthly Monthly Yearly Yearly
Monthly summarization problems. Monthly summarization experience. Clean the equipment room. Clean the switch. Yearly summarization.
routine routine
maintenance maintenance
Completely maintain and check the equipment in the monitoring room.
205
Common Test Methods

Single-Port Loop Test
The single-port loop test is to check whether a loop exists in the ports of the switch. If such a loop exists, it may result in errors in learning MAC addresses and may easily cause a broadcast storm. In worse cases, the switch and network may be down. Starting the single-port loop test and disabling the port with loop can efficiently avoid the influence caused by port loop. The principle of the single-port loop test is as follows: The switch sends a test packet through a port. If this test packet is received through the port without any change (or only a tag is attached), it indicates that a loop exists in this port. The test packet sent by the switch includes the following three parameters: Source MAC address: It indicates the MAC address of the switch. The MAC address of each switch is unique. Port number: Port numbers correspond to the numbers of the ports on the switch one by one. Discrimination field: For each switch, the digital signature of each port is different. If the three parameters in the test packet sent through the port are the same as those in the test packet received through the port, a port loop absolutely exists. The single-port loop test configuration on the switch involves:
1. Enable or disable the loop test function of the specified port. set loopdetect port By default, the port loop test function is disabled. 2. Enable or disable the loop test function of a trunk.
set loopdetect trunk By default, the loop test function of a trunk is disabled. 3. Enable or disable the loop test protection function of the specified port. set loopdetect port protect The loop test protection function means that the port is automatically blocked when it detects a loop. In this way, the influence caused by port loop is avoided. 4. Enable or disable the loop test protection function of a trunk. set loopdetect trunk protect 5. Set the time for blocking the port with loop. set loopdetect blockDelay The time for blocking the port with loop refers to the time for blocking the port when a loop is detected, that is, the port protection time. The protection takes effect only when the loop test protection function of the port is enabled. 6. Display the port loop test configuration and port detection status. show loopdetect If the port cannot work normally, you can use show loopdetect to observe whether a port loop exists. If no loop is detected and the spanning tree of the port is enabled, you can eliminate the fault according to the status of the spanning status.
Virtual Circuit Test

The virtual circuit test (VCT) uses the time domain reflectometer (TDR) to diagnose the circuit. This test enables you to diagnose the circuit error status, such as Open, Short, Impedance Mismatch and
207
Good termination, and to obtain the distance of the errored circuit with the fitted empirical formula. You can use the show vct port command on the switch to query the VCT result of the specified port. For interface modules in extended slots, this switch only supports the VCT of the gigabit electrical interface. For other interface modules, the VCT is not supported.
Common Troubleshooting
By type, the faults include software faults and hardware faults. Hardware faults, if accurately located, usually can be cleared by replacing the hardware. Software and configuration faults can be cleared through proper operations. In troubleshooting, check whether the device configuration is correct, whether the cables are connected correctly and whether the required environment is satisfied according to the related description in the above sections. The following describes the common faults of the ZXR10 2609/2818S/2826S/2852S and relevant troubleshooting methods in detail.
Failed to Configure through the Console Port

1. Fault symptom The switch cannot be configured through the console port. 2. Related components check Check the configuration cable, the serial port of the HyperTerminal and the console port of the switch. 3. Fault analysis and location
i.
The configuration cable connection is incorrect.
ii. The serial port attributes of the HyperTerminal are configured incorrectly, and the serial port fails. iii. The console port of the switch fails. 4. Troubleshooting i. Use proper configuration cables. For the connections of configuration cables, see
209
Installing Configuration Cables. ii. Check the settings of serial port attributes of the HyperTerminal. The correct settings shall be as follows: Bit/s (baud rate): 9600. Data bit: 8. Parity check: none. Stop bit: 1. Data stream control: none. Check whether the serial port of the HyperTerminal is normal, and replace the configuration terminal. iii. Check whether the console port of the switch is normal.
Failed to Connect Through Telnet

1. Fault symptom The switch cannot to be accessed through Telnet. 2. Fault analysis and location i. The PVID of the port is configured incorrectly. ii. The port is disabled. iii. The VLAN bound with the IP port is disabled. iv. No valid IP address, subnet mask and default gateway are configured for the switch. v. The IP address of the switch conflicts with the IP address of another device in the network. 3. Troubleshooting i. Modify the PVID of the port to be consistent with the related VLAN ID.
ii. Enable the port. iii. Enable the VLAN bound with the IP port.
iv. Configure a valid IP address, subnet mask and default gateway for the switch. v. Modify the IP address of the switch or that of the other device to eliminate the IP address conflict.
Failed to Log In to the Switch Through Telnet

1. Fault symptom The remote terminal can access but cannot log in to the switch through Telnet, and the system prompts the user that no password is configured. 2. Fault analysis and location The login password of the switch is set to null. 3. Troubleshooting Set a non-null login password.
Missing User Name or Password

1. Fault symptom The user cannot log in to the switch after entering the user name and password. 2. Fault analysis and location In logging in to the switch, the entered user name or password is incorrect. 3. Troubleshooting First, confirm whether the system administrator can find the original user name and password. If the user name and password cannot be found, restart the switch and delete the configuration file. The detailed procedure is as follows:
211
i.
Restart the switch, and press any key according to the prompt to enter the boot status in the HyperTerminal.
Welcome to use ZTE eCarrier!!
Copyright(c) 2004-2006, System Booting...... CPU: WindBond ARM7TDMI Version: VxWorks5.5.1 BSP version: 1.2/0
ZTE Co., Ltd.
Creation date: May 23 2005, 00:07:21
[ZxR10 Boot]:
ii. In the boot status, enter <zte> to enter the [BootManager] status of the switch. Enter <?> to get command help.
[ZxR10 Boot]: zte Load wbdEnd Begin W90N740 MAC0: 10MB - Full Duplex
Board 2818s ! Marvell has been initialized ! boot device : wbdEnd
212
unit number processor number host name file name
: 0 : 0 : tiger : vxWorks
inet on ethernet (e) : 10.40.89.106 host inet (h) gateway inet (g) flags (f) : 10.40.89.78 : 10.40.89.78 : 0x80
Attached TCP/IP interface to wbdEnd0. Warning: no netmask specified. Attaching network interface lo0... done. Attaching to TFFS... test flash passed perfectly! Welcome to boot manager! Type ? for help
[BootManager]:?
ls directories/* pwd absolute path/* devs informaiton/* show and MAC address/* reboot format memory/* del file_name
*/Lists the current
*/Displays the current
*/Displays the FLASH memory
*/Displays the switch type
*/Restarts the switch/* */Formats the FLASH
*/Deletes the specified

213
file/* md mf cd dir_name file_name absolue-pathname */Creates a directory/* */Creates a file/* */Changes the current
directory/* tftp ip_address file_name */Uploads/downloads the
version through TFTP/* update file_name rename file_name newname */Upgrades boot/* */Rename a file/*
[BootManager]:
iii. Run the del command to delete the configuration file, and then restart the switch.
[BootManager]:ls KERNEL RUNNING.CFG [BootManager]:del running.cfg [BootManager]:reboot
iv. After the switch is restarted, use the default user name and password to log in to the switch.
Please Press any Key to Start!
Welcome ! ZTE Corporation. All rights reserved.
login:admin password: ********* zte>en

password : zte(cfg)#
Missing enable Password

1. Fault symptom The user cannot enter the global configuration mode after logging in to the switch and entering the password. 2. Fault analysis and location The password used for entering the global configuration mode is invalid. 3. Troubleshooting The troubleshooting method is the same as that described in Missing User Name or Password. 4. Precautions Before restarting the switch, record the current configuration of the switch. It is useful for reconfiguration.
Failed to Interconnect Two Devices in the Same VLAN

1. Fault symptom The two devices connected to the two ports of the switch in the same VLAN cannot be interconnected. 2. Fault analysis and location i. The PVID of the port is configured incorrectly.
ii. The port is disabled. iii. The VLAN is disabled. iv. The tag is selected when the port is added to the VLAN. 3. Troubleshooting i. Modify the PVID of the port to be consistent with the related VLAN ID.
ii. Enable the port. iii. Enable the VLAN. iv. Add the port to the VLAN and select untag.
216
Chapter
10
Command Reference
Commands of the ZXR10 2609/2818S/2826S/2852S. Functions, modes, format, parameters and application of the commands.
Introduction
Table 13 shows the parameters commonly used in the commands.
TABLE 13 P ARAMETER DESCRIPTION
Parameter
Description Comma separated port number, port name or port number range. For example:
<portlist>
1, 2, 4-8, 18 p1, pp2, 4-8, port18 p1, pp2 and port18 are names of the ports created by the user. Comma separated VLAN ID, VLAN name or VLAN range. For example: 1-19, 77, 88, 100-900 vlan1, v1, 10, 100-200
<vlanlist>
217
Parameter <trunklist>
Description Comma separated trunk ID or trunk range. For example: 1-19, 77, 88, 100-900 It indicates that only one port number or port name can be entered at a time. It indicates that only one VLAN ID or VLAN name can be entered at a time. It indicates that only one trunk ID can be entered at a time. MAC address, for example, 11.22.33.44.55.66. IP address, for example, 10.40.47.254 Digits of the IP address and mask. M is an integer ranging 1~32, for example, 10.40.47.254/24. A character string without space. Variable number in dotted decimal notation, for example, 1.3.6.2.19.2. A character string without space.
<portname>
<vlanname> <trunkid> <xx.xx.xx.xx.xx.xx> <A.B.C.D> <A.B.C.D/M>
<string>
<mib-oid>
<name>
Management Commands
adminpass
Function: To set the password for entering the global configuration mode. Mode: Global configuration mode Format: adminpass [<string>] Parameter:
Chapter 10 - Command Reference
Parameter
Description The password for entering the configuration mode.
<string>
Note: If adminpass is entered directly without a string, it indicates that the management password is set to null. Example: Set the password for entering the global configuration mode to administrator. adminpass administrator
config router
Function: To enter the layer 3 configuration mode. Mode: Global configuration mode Format: config router
config snmp
Function: To enter the SNMP configuration mode. Mode: Global configuration mode Format: config snmp
config tffs
Function: To enter the file system configuration mode. Mode: Global configuration mode Format: config tffs
219
create User
Function: To create a management user. Mode: Global configuration mode Format: create user <name> Parameter: Parameter Description The name of the management user.
<name>
Example: Create a user named userx. create user userx
delete User
Function: To delete a management user. Mode: Global configuration mode Format: delete user <name> Parameter: Parameter Description The name of the management user.
<name>
Example: Delete a user named userx. delete user userx
220
enable
Function: To enter the global configuration mode from the user mode. Mode: User mode Format: enable Note: After the enable command is executed, the system prompts the user to enter the management password (use the adminpass command to set it).
exit
Function: To exit from the current mode to the previous mode. Mode: All modes Format: exit
hostname
Function: To set or change the host name. Mode: Global configuration mode Format: hostname <name> Parameter: Parameter Description Host name.
<name>
Example: Set the host name to hello. hostname hello
221
line-vty
Function: To set the timeout time for Telnet user login. Mode: Global configuration mode Format: line-vty timeout <1-1080> Parameter: Parameter <1-1080> Description Timeout time. The unit is minute. By default, it is 10 minutes.
list
Function: To list all commands available in the current mode. Mode: All modes Format: list
loginpass
Function: To set the login password. Mode: Global configuration mode Format: loginpass [<string>] Parameter: Parameter Description Login password.
<string>
222
Note: If loginpass is entered directly without a string, it indicates that the login password is set to null. In this case, the Telnet user cannot log in to the system. Example: Set the login password to ok. loginpass ok
ping
Function: To test the connectivity of the network. Mode: Global configuration mode Format: ping <A.B.C.D> [<0-65535>] [<0-65535>] Parameter: Parameter <A.B.C.D> <0-65535> <0-65535> Description Destination IP address. The times of sending the echo request. The delay of waiting for response.
readconfig
Function: To read the switch configuration from the config.txt file. Mode: Global configuration mode Format: readconfig
reboot
Function: To restart the switch. Mode: Global configuration mode
Format: reboot
saveconfig
Function: To save the configuration information. Mode: Global configuration mode Format: saveconfig
set date
Function: To set the date and time. Mode: Global configuration mode Format: set date <yyyy-mm-dd> time <hh:mm:ss> Parameter: Parameter <yyyy-mm-dd> <hh:mm:ss> Description Date (year/month/day). Time (hour/minute/second).
Note that after the switch is restarted, the date and time shall be reconfigured.
set loginauth
Function: To set the login authentication mode. Mode: Global configuration mode Format: set loginauth {local|radius} Parameter:
224
Parameter local radius
Description Sets local authentication for the login user. Sets the RADIUS authentication for the login user.
set specialVlan1
Function: To enable/disable the special management of vlan1. Mode: Global configuration mode Format: set specialVlan1 [enable|disable] Parameter: Parameter enable disable Description Enables the special management of vlan1. Disables the special management of vlan1.
show date-time
Function: To display the current date and time. Mode: All modes Format: show date-time Note: If no date and time are configured, the time starts from 200407-01 by default.
show loginauth
Function: To display the login authentication mode.
Mode: All modes Format: show loginauth
show running-config
Function: To display all current non-default configurations of the system. Mode: All modes Format: show running-config [toFile] Parameter: Parameter [toFile] Description Outputs the show running-config result to the config.txt file.
show specialVlan1
Function: To specialVlan1. Mode: All modes Format: show specialVlan1 display the configuration information about
show start-config
Function: To display all non-default configurations of the system saved last time. Mode: All modes Format: show start-config
226
show terminal
Function: To display the monitoring and log information about terminals. Mode: All modes Format: show terminal [log] Parameter: Parameter [log] Description Displays log information.
Note: It is used to display the on/off status of the monitor and log.
show vct
Function: To display the VCT result of the port. Mode: All modes Format: show vct port <portname> Parameter: Parameter Description A port number.
<portname>
show user
Function: To display information and the current name of the user logging in through Telnet. Mode: All modes Format: show user
sysLocation
Function: To set the location information about the switch. Mode: Global configuration mode Format: sysLocation <string> Parameter: Parameter Description Location of the switch.
<string>
terminal log
Function: To enable/disable the log. Mode: Global configuration mode Format: terminal log {on|off} Parameter: Parameter on off Description Enables log. Disables log.
terminal monitor
Function: To enable/disable printing real-time alarm information to the terminal. Mode: Global mode Format: terminal monitor {on|off}
228
Parameter: Parameter on off Description Enables printing real-time alarm information. Disables printing real-time alarm information.
version
Function: To display system information including version, running time and MAC address of the switch. Mode: Global configuration mode Format: version
File System
cd
Function: To change the current directory. Mode: File system configuration mode Format: cd <name> Parameter: Parameter Description Name of the directory.
<name>
229
Example: Enter the config directory in the file system. cd config
copy
Function: To copy a file. Mode: File system configuration mode Format: copy <name> <name> Parameter: Parameter Description Name of the source file path/destination file path.
<name>
Example 1: Copy the v1.txt file in the root directory to the \bak directory. copy v1.txt bak\v1.txt
Example 2: Copy the a.txt file in the \\test directory to the \\temp directory. copy \\test\a.txt \\temp\a.txt
format
Function: To format the Flash memory. Mode: File system configuration mode
230
Format: format
ls
Function: To display the current directory list. Mode: File system configuration mode Format:
md
Function: To create a directory. Mode: File system management mode Format: md <name> Parameter: Parameter Description Name of the directory.
<name>
Example: Create the directory group. md group
remove
Function: To delete a specified file or directory. Mode: File system configuration mode Format: remove <name> Parameter:
231
Parameter
Description Name of the file or directory.
<name>
Example: Delete the directory group. remove group
rename
Function: To rename a file. Mode: File system configuration mode Format: rename <name> <name> Parameter: Parameter Description Name of the source file/destination file.,
<name>
Example: Rename the configbak.txt file to config.txt. rename configbak.txt config.txt
tftp
Function: To download/upload a version through TFTP. Mode: File system configuration mode Format: tftp <name> Parameter: {<A.B.C.D>|commander} {download|upload}
232
Parameter <A.B.C.D> commander download upload
Description IP address of the specified host. Command switch. Downloads a file from the host to the FLASH memory. Uploads a file from the FLASH memory to the host. Name of the file.
<name>
Example: Download version.o from 10.40.44.167 to the switch. tftp 10.40.44.167 download version.o
Port Configuration
clear port
Function: To clear the name/statistics data of a port. Mode: Global configuration mode Format: clear port <portlist> {name|statistics|description} Parameter: Parameter <portlist> name statistics description Description Port list. Clears the name of the port. Clears the statistics data of the port. Clears the description of the port.
233
Example: Clear names of ports 1, 5, 6, 7 and 11. clear port 1,5-7,11 name
create port name

Function: To create a port name. Mode: Global configuration mode Format: create port <portname> name <name> Parameter: Parameter Description A port number. Port name.
<portname> <name>
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. Example: Create the name userx for port 1. create port 1 name userx
set port
Function: To enable/disable a port. Mode: Global configuration mode Format: set port <portlist> {enable|disable} Parameter:
Parameter <portlist> enable disable
Description Port list. Enables the port. Disables the port.
Example: Enables ports 1, 5, 6, 7 and 11. set port 1,5-7,11 enable
set port auto

Function: To enable/disable the adaptive function of a port. Mode: Global configuration mode Format: set port <portlist> auto {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the adaptive function of the port. Disables the adaptive function of the port.
Example: Enable the adaptive function of ports 1, 5, 6, 7 and 11. set port 1,5-7,11 auto enable
set port bandwidth

Function: To set port bandwidth. Mode: Global configuration mode
235
Format: set port <portlist> bandwidth ingress {off|on rate <64256000>}{tcpdrop|flowcontrol} set port <portlist> bandwidth egress {off|on rate <64-256000>} Parameter: Parameter <portlist> ingress egress off on tcpdrop flowcontrol <64-256000> Description Port list. Set the input bandwidth. Set the output bandwidth. Disables the bandwidth restriction. Enables the bandwidth restriction. TCP connection mode. Traffic control connection mode. The rate ranges from 64 kbps to 256000 kbps.
Example: Set the input bandwidth of ports 1, 5, 6, 7 and 11 to 1000 kbps. set port 1,5-7,11 bandwidth ingress on rate 1000
set port dscp-priority

Function: To enable/disable the layer 3 DSCP priority of a port. Mode: Global configuration mode Format: set port <portlist> dscp-priority {enable|disable}
236
Parameter: Parameter <portlist> enable disable Description Port list. Enables the layer 3 DSCP priority of a port. Disables the layer 3 DSCP priority of a port.
Note that the layer 3 DSCP priority can be used to determine the priority of data packets only when the received data packets are IP data packets and the layer 3 DSCP priority of the port is enabled. The queue priority of data packets is determined in the queue priority table according to the IP DSCP priority.
set port default-priority

Function: To set the default priority of a port. Mode: Global configuration mode Format: set port <portlist> default-priority <0-7> Parameter: Parameter <portlist> Description Port list. Default port priority.
<0-7>
set port description

Function: To set the description of a port. Mode: Global configuration mode Format: set port <portname> description <string>
237
Parameter: Parameter Description Port list. Description of the port.
<portname> <string>
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S.
set port duplex

Function: To set the working mode of a port to full duplex/half duplex. Mode: Global configuration mode Format: set port <portlist> duplex {full|half} Parameter: Parameter <portlist> full half Description Port list. The working mode of a port is full duplex. The working mode of a port is half duplex.
Example: Set the working modes of ports 1, 5, 6, 7 and 11 to full duplex. set port 1,5-7,11 duplex full
set port flowcontrol

Function: To enable/disable the flow control of a port.
Mode: Global configuration mode Format: set port <portlist> flowcontrol {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the flow control of a port. Disables the flow control of a port.
Example: Enable the flow control of ports 1, 5, 6, 7 and 11. set port 1,5-7,11 flowcontrol enable
set port ingress_limit_mode

Function: To set the bandwidth restriction mode of a port. Mode: Global configuration mode Format: set port <portlist> ingress_limit_mode {all|nonunicast|multibroadcast|broadcast} Parameter: Parameter <portlist> all nonUnicast Description Port list. Set the ingress restriction filter type to all data packets. Set the ingress restriction filter type to nonunicast data packets.
239
Parameter multi-broadcast broadcast
Description Set the ingress restriction type to broadcast and multicast data packets. Set the ingress restriction broadcast data packets. filter type to
set port macaddress

Function: To set the MAC address learning number of a port. Mode: Global configuration mode Format: set port <portlist> macaddress <0-16> Parameter: Parameter <portlist> <0-16> Description Port list. The number of learned MAC addresses of the port. 0 indicates that the number is not set.
set port multicast-filter

Function: To enable/disable the multicast packet filter of a port. Mode: Global configuration mode Format: set port <portlist> multicast-filter {enable|disable} Parameter: Parameter <portlist> Description Port list.
240
Parameter enable disable
Description Enables the multicast packet filter, namely, multicast packets are discarded. Disables the multicast packet filter, namely, multicast packets are forwarded.
Example: Set ports 1, 5, 6, 7 and 11 for forwarding multicast packets. set port 1,5-7,11 multicast-filter disable
set port poe

Function: To set the external power supply mode of a port. Mode: Global configuration mode Format: set port <portlist> poe {auto|force|never} Parameter: Parameter <portlist> auto force never Description Port list. Set the power supply mode to auto. Set the power supply mode to force. Set the power supply mode to never.
Example: Set the power supply mode of port 1 to auto. set port 1 poe auto
set port priority

Function: To set port priority control.
Mode: Global configuration mode Format: set port <portlist> default-priority <0-7> Parameter: Parameter <portlist> <0-7> Description Port list. Priority value.
Example: Set the priority of ports 1, 5, 6, 7 and 11 to 3. set port 1,5-7,11 default-priority 3
set port remapping-tag

Function: To set 802.1P user priority remapping table of a port. Mode: Global configuration mode Format: set port <portlist> remapping-tag <0-7> priority <0-7> Parameter: Parameter <portlist> <0-7> <0-7> Description Port list. Remapping-tag value. It can any value from 0 to 7. Priority value. It can be any value from 0 to 7.
Note that when a data packet received by the port is a TAG packet, the switch first uses this remapping table to remap the priority in the data packet, and then uses the priority of the new priority of the 802.1P user to determine future priority.
242
The default values of the remapping table are 0 0, 1 1, 2 2, 3 3, 4 4, 5 5, 6 6 and 7 7. Example: Set the priority value of remapping-tag 3 in the 802.1P user priority remapping table of ports 1, 5, 6, 7 and 11 to 2. set port 1,5-7,11 remapping-tag 3 priority 2
set port sa-priority

Function: To enable/disable the source MAC address priority. Mode: Global configuration mode Format: set port <portlist> sa-priority {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the source MAC address priority of the port. Disables the source MAC address priority of the port.
set port security

Function: To enable/disable port address learning. Mode: Global configuration mode Format: set port <portlist> security {enable|disable} Parameter: Parameter Description
Parameter <portlist> enable disable
Description Port list. Disables port address learning, and does not forward packets. Enables port address learning and forwards packets.
Example: Disable the address learning of ports 1, 5, 6, 7 and 11. set port 1,5-7,11 security enable
set port speed

Function: To set the port rate to 10 Mbps/100 Mbps/1000 Mbps. Mode: Global configuration mode Format: set port <portlist> speed {10|100|1000} Parameter: Parameter <portlist> 10 100 1000 Description Port list. The port rate is 10 Mbps. The port rate is 100 Mbps. The port rate is 1000 Mbps.
Example: Set the rate of ports 1, 5, 6, 7 and 11 to 10 Mbps. set port 1,5-7,11 speed 10
set port speedadvertise

Function: To set the port speed advertisement.
Mode: Global configuration mode Format: set port <portlist> speedadvertise {maxspeed|speed 10|speed 100|speed 1000} {fullduplex|halfduplex} Parameter: Parameter <portlist> maxspeed speed 10 speed 100 speed 1000 fullduplex halfduplex Description Port list. Sets the port speed advertisement to maximum speed. Sets the port speed advertisement to 10 Mbps. Sets the port speed advertisement to 100 Mbps. Sets the port speed advertisement to 1000 Mbps. Full duplex mode. Half duplex mode.
set port user-priority

Function: To enable/disable the 802.1P user priority. Mode: Global configuration mode Format: set port <portlist> user-priority {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the 802.1P user priority of the port. Disables the 802.1P user priority of the port.
245
set port vlan-priority

Function: To enable/disable the VLAN priority. Mode: Global configuration mode Format: set port <portlist> vlan-priority {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the port VLAN priority. Disables the port VLAN priority.
set trunk multicast-filter

Function: To enable/disable the trunk multicast packet filter. Mode: Global configuration mode Format: set trunk <trunklist> multicast-filter {enable|disable} Parameter: Parameter <trunklist> enable disable Description Trunk list. Enables the multicast packet filter, namely, multicast packets are discarded. Disables the multicast packet filter, namely, multicast packets are discarded.
Example: Set trunk 1 multicast packet forwarding. set trunk 1 multicast forward
246
Note that the range of parameter <trunklist> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S.
show port
Function: To display port configuration and the working status. Mode: All modes Format: show port [<portlist>] Parameter: Parameter <portlist> Description Port list.
Example: Display the configuration and working status of ports 1, 5, 6, 7 and 11. show port 1,5-7,11
show port qos

Function: To display the QoS configuration information about a port. Mode: All modes Format: show port <portlist> qos Parameter: Parameter <portlist> Description Port list.
Example: Display the QoS configuration data of ports 1, 5, 6, 7 and 11.

show port 1,5-7,11 qos
show port statistics

Function: To display port statistics. Mode: All modes Format: show port <portlist> statistics Parameter: Parameter <portlist> Description Port list.
Example: Display the statistics data of ports 1, 5, 6, 7 and 11. show port 1,5-7,11 statistics
show trunk
Function: To display the trunk configuration. Mode: All modes Format: show trunk [<trunklist>] Parameter: Parameter <trunklist> Description Trunk ID list.
Example: Display the configuration of trunks 1, 5, 6 and 7. show trunk 1,5-7
248
Port Mirroring
set mirror add source-port
Function: To add an ingress/egress mirroring port. Mode: Global configuration mode Format: set mirror add source-port <portlist> {ingress|egress} Parameter: Parameter <portlist> ingress egress Description Port list. Ingress. Egress.
Example: Add the egress mirror of ports 1, 5, 6, 7 and 12. set mirror add port 1,5-7,12 egress
set mirror delete source-port

Function: To delete an ingress/egress mirroring port. Mode: Global configuration mode Format: set mirror {ingress|egress} Parameter: Parameter <portlist> Description Port list. delete source-port <portlist>
249
Parameter ingress egress
Description Ingress. Egress.
Example: Delete the ingress mirror of ports 1, 5, 6, 7 and 12. set mirror delete port 1,5-7,12 ingress
set mirror dest-port

Function: To set an ingress/egress monitoring port. Mode: Global configuration mode Format: set mirror dest-port <portname> {ingress|egress} Parameter: Parameter Description A port number or port name.
<portname>
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S.The switch supports one ingress monitoring port and one egress monitoring port. Example: Set an ingress monitoring port. set mirror dest-port 1
show mirror
Function: To display mirroring configuration information. Mode: All modes
250
Format: show mirror
VLAN Configuration
clear vlan name
Function: To clear a VLAN name. Mode: Global configuration mode Format: clear vlan <vlanlist> name Parameter: Parameter <vlanlist> Description VLAN list.
Example: Clear the names of VLAN 1, 5, 6, 7 and 12. clear vlan 1,5-7,12 name
create vlan name

Function: To create a VLAN name. Mode: Global configuration mode Format: create vlan <1-4094> name <name> Parameter: Parameter <1-4094> Description VLAN ID. The range is 1~4094.
251
Parameter
Description VLAN name.
<name>
Example: Set the name of vlan 1 to group1. create vlan 1 name group1
set port pvid

Function: To set the PVID of a port. Mode: Global configuration mode Format: set port <portlist> pvid <1-4094> Parameter: Parameter <portlist> <1-4094> Description Port list. Default VLAN ID. The range is 1~4094.
Example: Set the PVID of ports 1, 5, 6, 7 and 11 to 30. set port 1,5-7,11 pvid 30
set trunk pvid

Function: To set the PVID of a trunk. Mode: Global configuration mode Format: set trunk < trunklist > pvid <1-4094> Parameter:
252
Parameter < trunklist > <1-4094>
Description Trunk list. Default VLAN ID. The range is 1~4094.
Example: Set the PVID of trunk 1, 2 and 3 to 1000. set trunk 1-3 pvid 1000
set vlan
Function: To enable/disable a VLAN. Mode: Global configuration mode Format: set vlan <vlanlist> {enable|disable} Parameter: Parameter <vlanlist> enable disable Description VLAN list. Enables the VLAN. Disables the VLAN.
Example: Enable VLAN 1, 5, 6, 7 and 12. set vlan 1,5-7,12 enable
set vlan add port

Function: To add a port to a VLAN.
Mode: Global configuration mode Format: set vlan <vlanlist> add port <portlist> [tag|untag] Parameter: Parameter <vlanlist> <portlist> tag untag Description VLAN list. Port list. Attaches a tag. Does no tag. By default, untag is selected.
Example: Add ports 2, 8, 9, 10 and 18 with tag to VLAN 1, 5, 6, 7 and 12. set vlan 1,5-7,12 add port 2,8-10,18 tag
set vlan add trunk

Function: To add the specified trunk to a VLAN. Mode: Global configuration mode Format: set vlan <vlanlist> add trunk <trunklist> [tag|untag] Parameter: Parameter <vlanlist> <trunklist> tag untag Description VLAN list. Trunk list. Attach a tag. Does not tag. By default, untag is selected.
254
Note: The range of parameter <trunklist> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. Example: Add trunk 1 with tag to VLAN 1, 5, 6, 7 and 12. set vlan 1,5-7,12 add trunk 1 tag
set vlan delete port

Function: To delete the specified port from a VLAN. Mode: Global configuration mode Format: set vlan <vlanlist> delete port <portlist> Parameter: Parameter <vlanlist> <portlist> Description VLAN list. Port list.
Example: Disable ports 2, 9, 10, 11 and 16 in VLAN 1, 5, 6, 7 and 12. set vlan 1,5-7,12 delete port 2,9-11,16
set vlan delete trunk

Function: To delete the specified trunk from a VLAN. Mode: Global configuration mode Format: set vlan <vlanlist> delete trunk <trunklist> Parameter: Parameter Description
Parameter <vlanlist> <trunklist>
Description VLAN list. Trunk list.
Example: Delete trunk 1 from VLAN 1, 5, 6, 7 and 12. set vlan 1,5-7,12 delete trunk 1 Note that the range of parameter <trunklist> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S.
set vlan fid

Function: To set the FID of a VLAN. Mode: Global configuration mode Format: set vlan <vlanlist> fid <1-256> Parameter: Parameter <vlanlist> <1-256> Description VLAN list. FID. The range is 1~256.
Example: Set the FID of VLAN 1, 5, 6, 7 and 12 to 1. set vlan 1,5-7,12 fid 1
set vlan priority

Function: To set VLAN priority. Mode: Global configuration mode Format: set vlan <vlanlist> priority {off|on <0-7>}
Parameter: Parameter <vlanlist> off on <0-7> Description VLAN list. Disables the VLAN priority. Enables the VLAN priority. Value of the VLAN priority.
Example: Set the priority of VLAN 1, 5, 6, 7 and 12 to 3. set vlan 1,5-7,12 priority on 3
show vlan
Function: To display VLAN information. Mode: All modes Format: show vlan [<vlanlist>] Parameter: Parameter <vlanlist> Description VLAN list.
Example 1: Display information about all VLANs. show vlan
Example 2: Display information about VLAN 1, 5, 6, 7 and 12. show vlan 1,5-7,12
257
MAC Address Table Configuration

set fdb add
Function: To add a static binding address to the address table. Mode: Global configuration mode Format: set fdb add <xx.xx.xx.xx.xx.xx> fid <1-256> {port <portname>|trunk <trunkid>} [priority <0-7>] Parameter: Parameter <<xx.xx.xx.xx.xx.xx> <1-256> Description MAC address. FID. The range is 1~256. A port number or port name. Trunk ID. Priority value.
<portname>
< trunkid > < 0-7 >
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. The range of parameter <trunkid> is 1~8 on 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. the ZXR10
Example 1: Add 00.00.00.00.11.22 to the address table, and set the FID to 1, the port number to 1, and the priority value to 3. set fdb add 00.00.00.00.11.22 fid 1 port 1 priority 3
258
Example 2: Add 00.00.00.00.11.22 to the address table, and set the FID to 1, and the port name to userx. set fdb add 00.00.00.00.11.22 fid 1 port userx
Example 3: Add 00.00.00.00.11.22 to the address table, and set the FID to 1, and trunk to 1. set fdb add 00.00.00.00.11.22 fid 1 trunk 1
set fdb agingtime

Function: To set the address aging time. By default, the value is 240. Mode: Global configuration mode Format: set fdb agingtime <15-3600> Parameter: Parameter <15-3600> Description Aging time. The range is 15~3600. The unit is second.
Example: Set the address aging time to 100s. set fdb agingtime 100
set fdb delete

Function: To delete a record from the address table. Mode: Global configuration mode Format: set fdb delete <xx.xx.xx.xx.xx.xx> fid <1-256>
259
Parameter: Parameter <xx.xx.xx.xx.xx.xx> <1-256> Description MAC address. FID. The range is 1~256. of
Example: Delete the fdb entry with the MAC address 00.00.00.00.11.22 and the FID of 1 from the address table. set fdb delete 00.00.00.00.11.22 fid 1
set fdb filter

Function: To set the fdb filter address. Mode: Global configuration mode Format: set fdb filter <xx.xx.xx.xx.xx.xx> fid <1-256> Parameter: Parameter <xx.xx.xx.xx.xx.xx> <1-256> Description MAC address. FID. The range is 1~256.
Example: Set the fdb filter address to 00.00.00.00.11.22, and the FID to 1. set fdb filter 00.00.00.00.11.22 fid 1
show fdb
Function: To display fdb information. Mode: All modes
Format: show fdb [static|dynamic|filter] [detail] Parameter: Parameter static dynamic filter detail: Description Displays the number of static fdb entries. Displays the number of dynamic fdb entries. Displays the number of static filter fdb entries. Displays details of a type of fdb entries.
Note that the ZXR10 2852S does not support the show fdb, show fdb detail, show fdb dynamic and show fdb dynamic detail commands.
show fdb agingtime

Function: To display the aging time of the fdb address table. Mode: All modes Format: show fdb agingtime
show fdb dynamic port

Function: To display fdb information. Mode: All modes Format: show fdb dynamic port <portname> {detail} Parameter: Parameter Description A port number or port name. Displays details of a type of fdb entries.
<portname>
detail
261
Note that this command is available for the ZXR10 2852S only.
show fdb mac

Function: To display the fdb information about a MAC address. Mode: All modes Format: show fdb mac <xx.xx.xx.xx.xx.xx> Parameter: Parameter <<xx.xx.xx.xx.xx.xx> Description MAC address.
show fdb port

Function: To display the fdb information about a port. Mode: All modes Format: show fdb port <portname> Parameter: Parameter Description A port number.
<portname>
show fdb vlan

Function: To display the fdb information about a VLAN. Mode: All modes Format: show fdb vlan <vlanname>
262
Parameter: Parameter <vlanname> Description A VLAN ID or VLAN name.
Note that the ZXR10 2852S does not support this command.
show fdb vlan port

Function: To display the fdb information about a VLAN. Mode: All modes Format: show fdb vlan <vlanname> port <portname> Parameter: Parameter <vlanname> Description A VLAN ID or VLAN name. A port number.
<portname>
Note that this command is available for the ZXR10 2852S only.
LACP Configuration
set lacp
Function: To enable/disable the LACP. Mode: Global configuration mode Format: set lacp {enable|disable} Parameter:
Parameter enable disable
Description Enables the LACP Disables the LACP.
set lacp aggregator add port

Function: To add the specified port to an LACP aggregation group. Mode: Global configuration mode Format: set lacp aggregator <trunkid> add port <portlist> Parameter: Parameter <trunkid> <portlist> Description Aggregation group number. Port list. Up to four ports can be aggregated.
Example: Add ports 1, 5, 6 and 7 to aggregation group 1. set lacp aggregator 1 add port 1,5-7
Note that the range of parameter <trunkid> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S.
set lacp aggregator delete port

Function: To delete the specified port from an LACP aggregation group. Mode: Global configuration mode Format: set lacp aggregator <trunkid> delete port <portlist>
264
Parameter: Parameter <trunkid> <portlist> Description Aggregation group number. Port list.
Example: Delete ports 1, 5, 6 and 7 from aggregation group 1. set lacp aggregator 1 delete port 1,5-7 Note that the range of parameter <trunkid> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S.
set lacp aggregator mode

Function: To set LACP aggregation mode. Mode: Global configuration mode Format: set lacp aggregator <trunkid> mode {dynamic|static | mixed } Parameter: Parameter <trunkid> static dynamic mixed Description Aggregation group number. The aggregation mode is static. The aggregation mode is dynamic. The aggregation mode is mixed.
Example: Set the LACP aggregation mode of aggregation group 1 to dynamic. set lacp aggregator 1 mode dynamic
265
Note: The range of parameter <trunkid> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S.
set lacp port mode

Function: To set LACP port aggregation mode. Mode: Global configuration mode Format: set lacp port <portlist> mode {active|passive} Parameter: Parameter <portlist> active passive Description Port list. The LACP port is in active negotiation mode. The LACP port is in passive negotiation mode.
Example: Set the LACP aggregation mode of ports 1, 5, 6 and 7 to active negotiation mode. set lacp port 1,5-7 mode active
set lacp port timeout

Function: To set LACP port timeout status. Mode: Global configuration mode Format: set lacp port <portlist> timeout {long|short} Parameter: Parameter <portlist> short
266
Description Port list. The port is in short timeout.
Parameter long
Description The port is in long timeout.
Example: Set aggregation ports 1, 5, 6 and 7 to long timeout. set lacp port 1,5-7 timeout long
set lacp priority

Function: To set the LACP priority. Mode: Global configuration mode Format: set lacp priority <1-65535> Parameter: Parameter <1-65535> Description Priority. The range is 1~65535. By default, it is 32768.
Example: Set the LACP priority to 100. set lacp priority 100
show lacp
Function: To display LACP configuration information. Mode: All modes Format: show lacp
show lacp aggregator

Function: To display LACP aggregation group information.
Mode: All modes Format: show lacp aggregator [<trunkid>] Parameter: Parameter <trunkid> Description Aggregation group number.
Example 1: Display information about all LACP aggregation groups. show lacp aggregator Example 2: Display information about LACP aggregation group 1. show lacp aggregator 1
show lacp port

Function: To display information about an LACP aggregation port. Mode: All modes Format: show lacp port [<portlist >] Parameter: Parameter <portlist> Description Port list.
Example 1: Display information about all LACP aggregation ports. show lacp port
268
Example 2: Display information about LACP aggregation ports 1, 5, 6 and 7. show lacp port 1,5-7
IGMP Snooping Configuration

set igmp snooping
Function: To enable/disable multicast snooping. Mode: Global configuration mode Format: set igmp snooping {enable|disable} Parameter: Parameter enable disable Description Enables multicast snooping. Disables multicast snooping.
set igmp snooping add vlan

Function: To add a multicast snooping VLAN. Mode: Global configuration mode Format: set igmp snooping add vlan <vlanlist>
269
Parameter: Parameter <vlanlist> Description VLAN list.
Example: Add multicast snooping VLAN 1, 5, 6, 7 and 12. set igmp snooping add vlan 1,5-7,12
set igmp snooping crossvlan

Function: To enable/disable multi-VLAN multicast snooping. Mode: Global configuration mode Format: set igmp snooping crossvlan {enable|disable} Parameter: Parameter enable disable Description Enables multi-VLAN multicast snooping. Disables multi-VLAN multicast snooping.
Example: Enable multi-VLAN multicast snooping. set igmp snooping crossvlan enable
set igmp snooping delete vlan

Function: To delete a multicast snooping VLAN. Mode: Global configuration mode Format: set igmp snooping delete vlan <vlanlist>
270
Parameter: Parameter <vlanlist> Description VLAN list.
Example: Delete multicast snooping VLAN 1, 5, 6, 7 and 12. set igmp snooping delete vlan 1,5-7,12
set igmp snooping fastleave

Function: To enable/disable snooping fastleave. Mode: Global configuration mode Format: set igmp snooping fastleave {enable|disable} Parameter: Parameter enable disable Description Enables fastleave. Disables fastleave.
set igmp snooping lastmember_query

Function: To set last member query interval. Mode: Global configuration mode Format: set igmp snooping lastmember_query <10-250>
271
Parameter: Parameter <10-250> Description Last member query interval. The unit is 1/10 second. By default, it is 10 (1s).
Example: Set last member query interval to 10s. set igmp snooping lastmember_query 100
set igmp snooping query vlan

Function: To enable/disable multicast polling for a VLAN. Mode: Global configuration mode Format: set igmp {enable|disable} Parameter: Parameter <vlanlist> enable disable Description VLAN list. It only includes multicast VLANs. Enables multicast polling. Disables multicast polling. snooping query vlan <vlanlist>
Example: Enable multicast polling for VLAN 1, 7 and 12. set igmp snooping query vlan 1,7,12 enable
set igmp snooping query_interval

Function: To set a query interval. Mode: Global configuration mode
Format: set igmp snooping query_interval <10-2147483647> Parameter: Parameter <10-2147483647> Description The query interval. The unit is 1/10 second. By default, it is 1250 (125s).
Example: Set the query interval to 100s. set igmp snooping query_interval 1000
set igmp snooping response_interval

Function: To set the query response interval. Mode: Global configuration mode Format: set igmp snooping response_interval <10-250> Parameter: Parameter <10-250> Description The query response interval. The unit is 1/10 second. By default, it is 100 (10s).
Example: Set the query response interval to 12s. set igmp snooping response_interval 120
273
set igmp snooping timeout

Function: To set the multicast member/router timeout. Mode: Global configuration mode Format: set igmp {host|router} Parameter: Parameter <100-2147483647> host router Description Timeout time. The unit is 1/10 second. By default, it is 2600 (260s). Sets the member timeout. Sets the router timeout. snooping timeout <100-2147483647>
Example: Set the multicast member timeout to 100s. set igmp snooping timeout 1000 host
set igmp snooping vlan add group

Function: To add a static multicast group to the specified VLAN. Mode: Global configuration mode Format: set <A.B.C.D> Parameter: Parameter <vlanname> <A.B.C.D>
274
igmp
snooping
vlan
<vlanname> add
group
Description A VLAN ID or VLAN name. IP address. The range is 224.x.x.x~239.x.x.x, excluding 224.0.0.x.
Example 1: Add the static multicast group 230.40.44.167 to vlan 1. set igmp snooping vlan 1 add group 230.40.44.167
Example 2: Add the static multicast group 230.40.44.167 to the VLAN named group1. set igmp snooping vlan group1 add group 230.40.44.167
set igmp snooping vlan delete group

Function: To delete a static multicast group from the specified VLAN. Mode: Global configuration mode Format: set igmp snooping vlan <vlanname> delete group <A.B.C.D> Parameter: Parameter <vlanname> <A.B.C.D> Description A VLAN ID or VLAN name. IP address. The range is 224.x.x.x~239.x.x.x, excluding 224.0.0.x.
Example 1: Delete the static multicast group 230.40.44.167 from vlan 1. set igmp snooping vlan 1 delete group 230.40.44.167
Example 2: Delete the static multicast group 230.40.44.167 from the VLAN named group1.
275
set igmp snooping vlan group1 delete group 230.40.44.167
show igmp snooping

Function: To display the multicast snooping configuration. Mode: All modes Format: show igmp snooping
show igmp snooping vlan

Function: To display multicast snooping results. Mode: All modes Format: show igmp snooping vlan [<vlanname> [host|router]] Parameter: Parameter <vlanname> host router Description A VLAN ID or VLAN name. Displays the member snooping results. Displays the router snooping results.
Example 1: Display the multicast snooping results of all VLANs. show igmp snooping vlan
Example 2: Display the multicast snooping results of vlan 1. show igmp snooping vlan 1
276
Example 3: Display the multicast snooping results of the VLAN named group1. show igmp snooping vlan group1
Example 4: Display the multicast router snooping results of vlan 1. show igmp snooping vlan 1 router
MSTP Configuration
clear stp instance
Function: To delete an instance. Mode: Global configuration mode Format: clear stp instance <1-15> Parameter: Parameter <1-15> Description Instance number. The range is 0~15.
Example: Delete instance 1. clear stp instance 1
clear stp name

Function: To delete an STP area name.
Mode: Global configuration mode Format: clear stp name
set stp
Function: To enable/display STP. By default, STP is disabled. Mode: Global configuration mode Format: set stp {enable|disable} Parameter: Parameter enable disable Description Enables STP. Disables STP.
set stp agemax

Function: To set the STP aging time. Mode: Global configuration mode Format: set stp agemax <6-40> Parameter: Parameter <6-40> Description STP aging time. The unit is second.
Example: Set the STP aging time to 30s. set stp agemax 30
278
set stp edge-port

Function: To add/delete an STP edge port. Mode: Global configuration mode Format: set stp edge-port {add|delete} port <portlist> Parameter: Parameter <portlist> Description Port list.
Example: Set port 1 as the STP edge port. set stp edge-port add port 1
set stp forceversion

Function: To set the forced STP type to mstp/rstp/stp. Mode: Global configuration mode Format: set stp forceversion {mstp|rstp|stp} Parameter: Parameter mstp rstp stp Description Sets the forced STP type to mstp. Sets the forced STP type to rstp. Sets the forced STP type to stp.
Example: Set the forced STP type to stp. set stp forceversion stp
set stp forwarddelay

Function: To set the STP forwarding delay. Mode: Global configuration mode Format: set stp forwarddelay <4-30> Parameter: Parameter <4-30> Description STP forwarding delay. The unit is second.
Example: Set the STP forwarding delay to 10s. set stp forwarddelay 10
set stp hellotime

Function: To set the STP notification interval. Mode: Global configuration mode Format: set stp hellotime <1-10> Parameter: Parameter <1-10> Description STP notification interval. The unit is second.
Example: Set the STP notification interval to 6s. set stp hellotime 6
280
set stp hmd5-digest

Function: To set the hmd5-digest value. Mode: Global configuration mode Format: set stp hmd5-digest <0x00..0-0xff..f> Parameter: Parameter <0x00..0-0xff..f> Description A 32-bit hexadecimal value.
set stp hmd5-key

Function: To set the hmd5-key value. Mode: Global configuration mode Format: set stp hmd5-key <0x00..0-0xff..f> Parameter: Parameter <0x00..0-0xff..f> Description A 32-bit hexadecimal value.
set stp hopmax

Function: To set the maximum hop count between any two terminals of the MST. Mode: Global configuration mode Format: set stp hopmax <1-40>
281
Parameter: Parameter <1-40> Description Maximum hop count terminals of the MST. between any two
Example: Set the maximum hop count between any two terminals of the MST to 30. set stp hopmax 30
set stp instance bridgeprio

Function: To set the instance bridge priority. Mode: Global configuration mode Format: set stp instance <0-15> bridgeprio <0-61440> Parameter: Parameter <0-15> <0-61440> Description Instance number. The range is 0~15. Bridge priority. The range is 0~61440.
Note that the priority shall be in multiples of 4096. If the inputted value is not in multiples of 4096, the system automatically converts the priority value to the nearest multiple of 4096. Example: Set the bridge priority in instance 1 to 4096. set stp instance 1 bridgeprio 4096
set stp instance port cost

Function: To set the instance port cost.
Mode: Global configuration mode Format: set stp instance <0-15> port <portname> cost <1200000000> Parameter: Parameter <0-15> Description Instance number. The range is 0~15. A port number. Post cost.
<portname>
<1-200000000>
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. Example: Set the cost of port 1 in instance 1 to 20000. set stp instance 1 port 1 cost 20000
set stp instance port priority

Function: To set the instance port priority. Mode: Global configuration mode Format: set stp instance <0-15> port <portname> priority <0255> Parameter: Parameter <0-15> Description Instance number. The range is 0~15. A port number. Priority.
<portname>
<0-255>
283
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. Example: Set the priority of port 1 in instance 1 to 100. set stp instance 1 port 1 priority 100
set stp instance trunk cost

Function: To set the instance trunk cost. Mode: Global configuration mode Format: set stp instance <0-15> trunk < trunkid > cost <1200000000> Parameter: Parameter <0-15> < trunkid > <1-200000000> Description Instance number. The range is 0~15. Trunk ID. Trunk cost.
Note that the range of parameter <trunkid> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. Example: Set the cost of trunk1 in instance 1 to 20000. set stp instance 1 trunk 1 cost 20000
set stp instance trunk priority

Function: To set the instance trunk priority. Mode: Global configuration mode
284
Format: set stp instance <0-15> trunk < trunkid > priority <0255> Parameter: Parameter <0-15> < trunkid > <0-255> Description Instance number. The range is 0~15. Trunk ID. Priority.
Note that the range of parameter <trunkid> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. Example: Set the priority of trunk1 in instance 1 to 100. set stp instance 1 trunk 1 priority 100
set stp instance vlan

Function: To set the mapping relationship between the VLAN and instance. Mode: Global configuration mode Format: set stp instance <0-15>[add|delete] vlan <vlanlist> Parameter: Parameter <1-15> <vlanlist> Description Instance number. The range is 0~15. VLAN list.
Example: Set the mapping relationship among instance 1 and vlan 1, 5, 6, 7 and 12.
285
set stp instance 1 add vlan 1,5-7,12
set stp name

Function: To set an MST area name. Mode: Global configuration mode Format: set stp name <name> Parameter: Parameter Description MST area name.
<name>
Example: Set the MST area name to education. set stp name education
set stp port

Function: To enable/disable STP on a port. Mode: Global configuration mode Format: set stp port <portlist> {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables STP. Disables STP.
286
set stp port linktype

Function: To set the port connection type. Mode: Global configuration mode Format: set stp port <portlist> linktype {point-point|shared} Parameter: Parameter <portlist> point-point shared Description Port list. The port connection type is point-to-point. The port connection type is shared
set stp port packettype

Function: To set the port packet type. Mode: Global configuration mode Format: set stp port <portlist> packettype {IEEE|CISCO|HUAWEI|HAMMER} Parameter: Parameter <portlist> IEEE CISCO HUAWEI HAMMER Description Port list. IEEE mode. CISCO mode. Huawei mode. Harbour mode.
287
set stp relay

Function: To enable/disable STP Relay. Mode: Global configuration mode Format: set stp relay {enable|disable} Parameter: Parameter enable disable Description Enables STP Relay Disables STP Relay
set stp revision

Function: To set the MST version number. Mode: Global configuration mode Format: set stp revision <0-65535> Parameter: Parameter <0-65535> Description MST version number. The value range is 0~65535.
Example: Set the MST version number to 10. set stp revision 10
set stp trunk

Function: To enable/disable STP on a trunk.
Mode: Global configuration mode Format: set stp trunk <trunkid> {enable|disable} Parameter: Parameter < trunkid > enable disable Description Trunk ID. Enables STP. Disables STP.
set stp trunk linktype

Function: To set the trunk connection type. Mode: Global configuration mode Format: set stp trunk < trunkid > linktype {point-point|shared} Parameter: Parameter < trunkid > point-point shared Description Trunk ID. The trunk connection type is point-to-point. The trunk connection type is shared.
set stp trunk packettype

Function: To the set trunk packet type.
Mode: Global configuration mode Format: set stp trunk < trunkid > packettype {IEEE|CISCO|HUAWEI|HAMMER} Parameter: Parameter < trunkid > IEEE CISCO HUAWEI HAMMER Description Trunk ID IEEE mode. CISCO mode. Huawei mode. Harbour mode.
show stp
Function: To display STP information. Mode: All modes Format: show stp
show stp instance

Function: To display STP instance information. Mode: All modes Format: show stp instance [<0-15>] Parameter:
290
Parameter <0-15>
Description Instance number. The range is 0~15.
Example 1: Display information about all STP instances. show stp instance
Example 2: Display information about STP instance 1. show stp instance 1
show stp port

Function: To display STP port information. Mode: All modes Format: show stp port [<portlist>] Parameter: Parameter <portlist> Description Port list.
Example 1: Display information about all STP ports. show stp port
Example 2: Display information about STP ports 1, 5, 6, 7 and 12. show stp port 1,5-7,12
291
show stp trunk

Function: To display STP trunk information. Mode: All modes Format: show stp trunk < trunkid > Parameter: Parameter < trunkid > Description Trunk ID
Example: Display information about STP trunk 1. show stp trunk 1
QoS Configuration
set qos queue-schedule
Function: To set the queue scheduling mode. Mode: Global configuration mode Format: set qos queue-schedule {sp|wfq} Parameter: Parameter sp wfq Description Sp mode. Wfq mode.
292
Example: Set the queue scheduling mode to sp. set qos queue-schedule sp
set qos priority-map user-priority

Function: To set the mapping of the 802.1P user priority into the queue priority. Mode: Global configuration mode Format: set qos priority-map user-priority <0-7> traffic-class <0-3> Parameter: Parameter <0-7> <0-3> Description Priority of the 802.1P user. Queue priority.
Example 1: Set the mapping of the 802.1P user priority into the queue priority 2. set qos priority-map user-priority 3 traffic-class 2
set qos priority-map ip-priority

Function: To set the mapping of a layer 3 DSCP priority to the queue priority. Mode: Global configuration mode Format: set qos priority-map ip-priority <0-63> traffic-class <0-3> Parameter:
293
Parameter <0-63> <0-3>
Description Layer 3 DSCP priority. Queue priority.
Example 1: Set the mapping of the layer 3 DSCP priority 13 into the queue priority 2. set qos priority-map ip-priority 13 traffic-class 2
show qos queue-schedule

Function: To display the qos queue configuration. Mode: All modes Format: show qos queue-schedule
show qos priority-map

Function: To display the mapping of the QoS 802.1P user priority into the queue priority and the mapping of the layer 3 DSCP priority into the queue priority. Mode: All modes Format: show qos priorty-map {user-priority|ip-priority}
PVLAN Configuration
set pvlan session
Function: To add/delete an isolated/shared port to/from the PVLAN. Mode: All modes
Format: set pvlan session <id> {add|delete} {isolatedport|promiscuous-port} <portlist> Parameter: Parameter <id> add delete isolated-port |promiscuous-port Description At present, only one PVLAN is supported, therefore, the session value must be 1. Adds an isolated port or a shared port. Deletes an isolated port or a shared port. The isolated port. The shared port. Port list.
<portlist>
Note that the range of parameter <portlist> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S.
show pvlan
Function: To display the PVLAN configuration. Mode: All modes Format: show pvlan
295
802.1x Transparent Transmission Configuration

set 802.1xrelay
Function: To enable/disable the 802.1x transparent transmission function. Mode: Global configuration mode Format: set 802.1xrelay {enable|disable} Parameter: Parameter enable disable Description Enables the 802.1x transparent transmission function. Disables the 802.1x transparent transmission function.
show 802.1xrelay
Function: To configuration. Mode: All modes Format: show 802.1x relay display the 802.1x transparent transmission
296
Layer 3 Configuration
arp add
Function: To add the static address resolution. Mode: Layer 3 configuration mode Format: arp <vlanname> Parameter: Parameter <A.B.C.D> <xx.xx.xx.xx.xx.xx> <0-63> <vlanname> Description IP address. MAC address. Layer 3 port number. A VLAN ID or VLAN name. add <A.B.C.D> <xx.xx.xx.xx.xx.xx> <0-63>
Note that the IP address must be within the IP subnet of the specified IP port. The VLAN ID must be a VLAN ID which is bound with this IP port. Example 1: Add the static address resolution 10.40.44.167, MAC address 00.00.00.00.11.22, layer 3 port 1 and vlan 1. arp add 10.40.44.167 00.00.00.00.11.22 1 1
Example 2: Add the static address resolution 10.40.44.167, MAC address 00.00.00.00.11.22, layer 3 port 1 and the VLAN named group1. arp add 10.40.44.167 00.00.00.00.11.22 1 group1
297
arp delete
Function: To delete the static address resolution. Mode: Layer 3 configuration mode Format: arp delete <A.B.C.D> Parameter: Parameter <A.B.C.D> Description IP address.
Example: Delete the static address resolution of 10.40.44.167. arp delete 10.40.44.167
arp ipport timeout

Function: To set the layer 3 port timeout time. Mode: Layer 3 configuration mode Format: arp ipport <0-63> timeout <1-1000> Parameter: Parameter <0-63> <1-1000> Description A layer 3 port number. Timeout time. The unit is minute. By default, it is 10 minutes.
Example: Set the timeout time of layer 3 port 1 to 100 minutes.
298
arp ipport 1 timeout 100
clear arp
Function: To delete all ARP information. Mode: Layer 3 configuration mode Format: clear arp Note that this command is used to delete all ARP information from the switch. Use this command with caution.
clear ipport
Function: To delete the ipport configuration. Mode: Layer 3 configuration mode Format: clear ipport <0-63> [mac|ipaddress {<A.B.C.D/M>|<A.B.C.D> <A.B.C.D>}|vlan <vlanname>] Parameter: Parameter <0-63> <A.B.C.D/M> <A.B.C.D> <vlanname> Description A layer 3 port number. IP address and mask. IP address/mask. A VLAN ID or VLAN name.
Note that the command for clearing the IP port configuration is used when the port is down. The command restores the default values of the port (IP address: 0.0.0.0, MAC address: 00.00.00.00.00.00, bound VLAN: vlan 0). Example 1: Delete the configuration of layer 3 port 1.
clear ipport 1 Example 2: Delete the MAC address of layer 3 port 1. clear ipport 1 mac
Example 3: Delete the IP address 10.40.44.167 and the mask 255.255.255.0 of layer 3 port 1. clear ipport 1 ipaddress 10.40.44.167/24 clear ipport 1 ipaddress 10.40.44.167 255.255.255.0
Example 4: Delete vlan1 of layer 3 port 1. clear ipport 1 vlan 1
Example 5: Delete the VLAN named group1 of layer 3 port 1. clear ipport 1 vlan group1
clear iproute
Function: To delete a static route. Mode: Layer 3 configuration mode Format: clear iproute [{<A.B.C.D/M>|<A.B.C.D> <A.B.C.D>} <A.B.C.D>] Parameter: Parameter <A.B.C.D/M> Description IP address and mask.
300
Parameter <A.B.C.D>
Description IP address/mask/gateway.
Note that this command can delete all configured static routes, and the deleted routes cannot be restored. Example 1: Delete all static routes. clear iproute
Example 2: Delete the static route to the network at 10.40.44.0/24 and the gateway at 10.40.44.12. clear iproute 10.40.44.0/24 10.40.44.12 clear iproute 10.40.44.0 255.255.255.0 10.40.44.12
iproute
Function: To add a static route. Mode: Layer 3 configuration mode Format: iproute {<A.B.C.D/M>|<A.B.C.D> < A.B.C.D>} < A.B.C.D> [<0-15>] Parameter: Parameter <A.B.C.D/M> <A.B.C.D> <0-15> Description IP address and mask. IP address/mask/gateway. Metric. By default, it is 0.
Example: Add a static route to the network (10.40.44.0/24), with the gateway at 10.40.44.255 and the metric 3.
301
iproute 10.40.44.0/24 10.40.44.255 3 iproute 10.40.44.0 255.255.255.0 10.40.44.255 3
set ipport
Function: To enable/disable a layer 3 port. Mode: Layer 3 configuration mode Format: set ipport <0-63> {enable|disable} Parameter: Parameter <0-63> enable disable Description Number of a layer 3 port. Enables a layer 3 port. Disables a layer 3 port.
Note that to enable a layer-port, the IP address and VLAN data of the port shall already be configured. You do not have to configure the MAC address. Example 1: Enable layer 3 port 1. set ipport 1 enable Example 2: Disable layer 3 port 1. set ipport 1 disable
set ipport ipaddress

Function: To set the IP address and mask of a layer 3 port.
Mode: Layer 3 configuration mode Format: set ipport <0-63> ipaddress {<A.B.C.D/M>|<A.B.C.D> < A.B.C.D>} Parameter: Parameter <0-63> <A.B.C.D/M> <A.B.C.D> Description Number of a layer 3 port. IP address and mask. IP address/mask.
Note: If an IP port is already configured with an IP address, you can use this command to replace the IP address with a new one. Example: Set the IP address of layer 3 port 1 to 10.40.44.167, and the mask to 255.255.255.0. set ipport 1 ipaddress 10.40.44.167/24 set ipport 1 ipaddress 10.40.44.167 255.255.255.0
set ipport mac

Function: To set the MAC address of a layer 3 port. Mode: Layer 3 configuration mode Format: set ipport <0-63> mac <xx.xx.xx.xx.xx.xx> Parameter: Parameter <0-63> <xx.xx.xx.xx.xx.xx> Description Number of a layer 3 port. MAC address.
303
Note: The range of the MAC address is from 00.d0.d0.f0.00.00 to 00.d0.d0.ff.ff.ff. If this item is not configured, the MAC address is the MAC address of the switch. If an IP port is already configured with a MAC address, you can use this command to replace the MAC address with a new one. Example: Set the MAC address of layer 3 port 1 to 00.d0.d0.f0.11.22. set ipport 1 mac 00.d0.d0.f0.11.22
set ipport vlan

Function: To set the VLAN bound with a layer 3 port. Mode: Layer 3 configuration mode Format: set ipport <0-63> vlan <vlanname> Parameter: Parameter <0-63> <vlanname> Description Number of a layer 3 port. A VLAN ID or VLAN name.
Note that if an IP port is bound with a VLAN, you can use this command to replace the VLAN value with a new one. Example 1: Set vlan 1 bound with layer 3 port 1. set ipport 1 vlan 1
Example 2: Set the VLAN named group1 bound with layer 3 port 1. set ipport 1 vlan group1
304
show arp
Function: To display the ARP information. Mode: All modes Format: show arp [static|dynamic|invalid|ipport <0-63> {static|dynamic|invalid} |ipaddress <A.B.C.D>] Parameter: Parameter <0-63> <A.B.C.D> Description Number of a layer 3 port. IP address
Example 1: Display information about all ARPs. show arp
Example 2: Display invalid ARP information. show arp invalid
Example 3: Display the static ARP information about layer 3 port 1. show arp ipport 1 static
Example 4: Display the ARP information about the IP address 10.40.44.167. show arp ipaddress 10.40.44.167
305
show ipport
Function: To display the layer 3 port information. Mode: All modes Format: show ipport [<0-63>] Parameter: Parameter <0-63> Description Number of a layer 3 port.
Example 1: Display information about all layer 3 ports. show ipport
Example 2: Display information about layer 3 port 1. show ipport 1
show iproute
Function: To display all static routes. Mode: All modes Format: show iproute
306
Access Service Configuration

aaa-control port accounting
Function: To enable/disable the port accounting. Mode: NAS mode Format: aaa-control port <portlist> accounting {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the port accounting. Disables the port accounting.
aaa-control port dot1x

Function: To enable/disable the 802.1x access to a port. Mode: NAS mode Format: aaa-control port <portlist> dot1x {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the dot1x access to the port. Disables the dot1x access to the port.
aaa-control port keepalive

Function: To enable/disable the abnormal offline test of a port. Mode: NAS mode Format: aaa-control port <portlist> keepalive {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the abnormal offline test of the port. Disables the abnormal offline test of the port.
aaa-control port keepalive period

Function: To set the abnormal offline test period of a port. Mode: NAS mode Format: aaa-control port <portlist> keepalive period <1-3600> Parameter: Parameter <portlist> Description Port list. The abnormal offline test period of the port. The unit is second. By default, it is 10 seconds.
<1-3600>
308
aaa-control port max-hosts

Function: To set the maximum number of accessed subscribers. Mode: NAS mode Format: aaa-control port <portlist> max-hosts <0-64> Parameter: Parameter <portlist> Description Port list. Maximum number of accessed subscribers. By default, it is 0.
<0-64>
Note that if the maximum number of accessed subscribers is 0, it indicates that the number of subscribers with access to the port is not restricted. In this case, the number of accessed subscribers is restricted by the maximum number of subscribers that are allowed for access to the switch.
aaa-control port multiple-hosts

Function: To enable/disable the multi-subscriber access to a port. Mode: NAS mode Format: aaa-control {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the multi-subscriber access to a port. Disables the multi-subscriber access to a port. port <portlist> multiple-hosts
309
aaa-control port port-mode

Function: To set the authentication control mode of a port. Mode: NAS mode Format: aaa-control port <portlist> port-mode {auto|forceunauthorized| force-authorized} Parameter: Parameter <portlist> auto force-unauthorized force-authorized Description Port list. The automatic authentication mode is used. It is the default mode. The forced un-authentication mode is used. The forced authentication mode is used.
aaa-control port protocol

Function: To set the authentication mode of a port. Mode: NAS mode Format: aaa-control port <portlist> protocol {pap|chap|eapmd5} Parameter: Parameter <portlist> pap: chap: eap-md5
310
Description Port list. The port authentication mode is pap. The port authentication mode is chap. The port authentication mode is eap-md5. It is
Parameter
Description the default authentication mode.
dot1x max-request
Function: To set the timeout retransmission times for the authentication system to receive challenge response from the client system. Mode: NAS mode Format: dot1x max-request <1-10> Parameter: Parameter <1-10> Description Timeout retransmission times. By default, it is 2.
dot1x quiet-period
Function: To set the interval between one authentication failure and the next authentication request being received by the authentication system. Mode: NAS mode Format: dot1x quiet-period <0-65535> Parameter: Parameter <0-65535> Description Time interval. The unit is second. By default, it is 60 seconds.
311
dot1x re-authenticate
Function: To enable/disable the re-authentication mechanism. Mode: NAS mode Format: dot1x re-authenticate {enable|disable} Parameter: Parameter enable disable Description Enables the re-authentication mechanism. Disables the re-authentication mechanism.
dot1x re-authenticate period

Function: To set the re-authentication period. Mode: NAS mode Format: dot1x re-authenticate period <1-4294967295> Parameter: Parameter <1-4294967295> Description Time interval. The unit is second. By default, it is 3600 seconds.
dot1x server-timeout
Function: To set the timeout time for the authentication system to received data packets from the authentication server. Mode: NAS mode
312
Format: dot1x server-timeout <1-65535> Parameter: Parameter <1-65535> Description Time interval. The unit is second. By default, it is 30 seconds.
dot1x supplicant-timeout
Function: To set the timeout time for the authentication system to received data packets from the authentication client system. Mode: NAS mode Format: dot1x supplicant-timeout <1-65535> Parameter: Parameter <1-65535> Description Time interval. The unit is second. By default, it is 30 seconds.
dot1x tx-period
Function: To set the time for the authentication system waits for retransmitting EAPOL data packets when it cannot receive response from the client system. Mode: NAS mode Format: dot1x tx-period <1-65535> Parameter:
313
Parameter <1-65535>
Description Time interval. The unit is second. By default, it is 30 seconds.
clear client
Function: To delete all users of a client. Mode: NAS mode Format: clear client
clear client index

Function: To delete a user of a client. Mode: NAS mode Format: clear client index <0-63> Parameter: Parameter <0-63> Description User number.
clear client port

Function: To delete a client user on a port. Mode: NAS mode Format: clear client port <portlist> Parameter:
314
Parameter <portlist>
Description Port list.
clear client vlan

Function: To delete all client users on a VLAN. Mode: NAS mode Format: clear client vlan <vlantlist> Parameter: Parameter <vlanlist> Description VLAN list.
radius isp
Function: To add/delete an ISP. Mode: NAS mode Format: radius isp <ispname> {enable|disable} Parameter: Parameter <ispname> enable disable Description ISP domain name. Adds an ISP. Deletes an ISP.
315
radius isp add accounting

Function: To add an accounting server to the domain. Mode: NAS mode Format: radius isp <ispname> add accounting <A.B.C.D> [<065535>] Parameter: Parameter <ispname> <A.B.C.D> <0-65535> Description ISP domain name. IP address. The UDP port of the accounting server. By default, it is 1813.
radius isp add authentication

Function: To add an authentication server to the domain. Mode: NAS mode Format: radius isp <ispname> add authentication <A.B.C.D> [<0-65535>] Parameter: Parameter <ispname> <A.B.C.D> <0-65535> Description ISP domain name. IP address. The UDP port the authentication server. By default, it is 1812.
316
radius isp defaultisp

Function: To set/cancel a domain as a default domain. Mode: NAS mode Format: radius isp <ispname> defaultisp {enable|disable} Parameter: Parameter <ispname> enable disable Description ISP domain name. Sets the ISP domain as the default ISP domain. Cancels the ISP domain as the default ISP domain.
radius isp delete accounting

Function: To delete an accounting server from a domain. Mode: NAS mode Format: radius isp <ispname> delete accounting <A.B.C.D> Parameter: Parameter <ispname> <A.B.C.D> Description ISP domain name. IP address.
radius isp delete authentication

Function: To delete an authentication server from a domain. Mode: NAS mode
317
Format: radius isp <ispname> delete authentication <A.B.C.D> Parameter: Parameter <ispname> <A.B.C.D> Description ISP domain name. IP address.
radius isp description

Function: To configure the domain description. Mode: NAS mode Format: radius isp <ispname> description <string> Parameter: Parameter <ispname> Description ISP domain name. ISP domain description.
<string>
radius isp client

Function: To set the radius client address. Mode: NAS mode Format: radius isp <ispname> client <A.B.C.D> Parameter: Parameter <ispname>
318
Description ISP domain name.
Parameter <A.B.C.D>
Description IP address.
radius isp fullaccount

Function: To specify/cancel the full account for a domain. Mode: NAS mode Format: radius isp <ispname> fullaccount {enable|disable} Parameter: Parameter <ispname> enable disable Description ISP domain name. Enables the full account of the ISP domain. Disables the full account of the ISP domain.
radius isp sharedsecret

Function: To configure the shared password of a domain. Mode: NAS mode Format: radius isp <ispname> sharedsecret <string> Parameter: Parameter <ispname> Description ISP domain name. Shared password.
<string>
319
radius nasname
Function: To set the NAS name. Mode: NAS mode Format: radius nasname <nasname> Parameter: Parameter <nasname> Description NAS name.
radius retransmit
Function: To set the retransmission times of remote authentication requests. Mode: NAS mode Format: radius retransmit <1-255> Parameter: Parameter <1-255> Description Retransmission times. By default, it is 3.
radius timeout
Function: To set the retransmission interval of remote autehnticaiton requests. Mode: NAS mode Format: radius timeout <1-255>
Parameter: Parameter <1-255> Description Retransmission interval. The unit is second. By default, it is 3 seconds.
show aaa-control port

Function: To display the configuration information about the AAA control policy. Mode: All modes Format: show aaa-control port [<portlist>] Parameter: Parameter <portlist> Description Port list.
show dot1x
Function: To display the dot1x configuration information. Mode: All modes Format: show dot1x
show client
Function: To display information about all accessed users. Mode: All modes Format: show client
show client index

Function: To display information about an accessed user. Mode: All modes Format: show client index <0-63> Parameter: Parameter Description User number.
<0-63>
show client mac

Function: To display the user access information about a MAC address. Mode: All modes Format: show client mac <xx.xx.xx.xx.xx.xx> Parameter: Parameter <xx.xx.xx.xx.xx.xx > Description MAC address.
show client port

Function: To display the user access information about a port. Mode: All modes Format: show client port <portlist>
Parameter: Parameter <portlist> Description Port list.
show radius
Function: To display the RADIUS configuration information. Mode: All modes Format: show radius [<ispname>] Parameter: Parameter Description ISP domain name.
<ispname>
QinQ Configuration
set qinq customer port
Function: To add/delete a customer port. Mode: Global configuration mode Format: set qinq customer port <portlist> {enable|disable} Parameter: Parameter <portlist> Description Port list.
323
Example: Set ports 1, 2, 3 and 4 as customer ports. set qinq customer port 1-4 enable
set qinq tpid

Function: To set the tpid of the external layer label. Mode: Global configuration mode Format: set qinq tpid <tpid> Parameter: Parameter <tpid> Description The external label value (0xaaaa) used in QinQ.
Example: Set the tpid of the external layer label to 0x8910. set qinq tpid 0x8910
set qinq uplink port

Function: To add/delete an uplink port. Mode: Global configuration mode Format: set qinq uplink port <portlist> {enable|disable} Parameter: Parameter <portlist> Description Port list.
324
Example: Set port 24 as an uplink port. set qinq uplink port 24 enable
show qinq
Function: To display the QinQ configuration information. Mode: All modes Format: show qinq Parameter: None. Example: Display the QinQ configuration information. show qinq
Remote-access Configuration
clear remote-access all
Function: To delete all remote-access IP addresses. Mode: Global configuration mode Format: clear remote-access all
clear remote-access ipaddress

Function: To delete a remote-access IP address.
Mode: Global configuration mode Format: clear remote-access ipaddress <A.B.C.D> [<A.B.C.D>] Parameter: Parameter <A.B.C.D> Description IP address.
set remote-access
Function: To set remote access through Telnet. Mode: Global configuration mode Format: set remote-access {any|specific} Parameter: Parameter any specific Description It indicates that any IP address is available for access to the switch through Telnet. It indicates that only the specific IP address is available for access to the switch through Telnet.
set remote-access ipaddress

Function: To set the IP address for remote access through Telnet. Mode: Global configuration mode Format: set remote-access ipaddress <A.B.C.D> [<A.B.C.D>] Parameter:
326
Parameter <A.B.C.D>
Description IP address and mask.
show remote-access
Function: To display remote-access information. Mode: All modes Format: show remote-access
SSH Configuration
set ssh
Function: To enable/disable the SSH function. Mode: Global configuration mode Format: set ssh {enable|disable} Parameter: Parameter enable disable Description Enables the SSH function. Disables the SSH function.
show ssh
Function: To display the SSH configuration and status. Mode: All modes
Format: show ssh
SNMP Configuration
clear community
Function: To delete a community name. Mode: SNMP configuration mode Format: clear community <name> Parameter: Parameter Description Community name.
<name>
Example: Delete the community name seu. clear community seu
clear traphost
Function: To delete the traphost. Mode: SNMP configuration mode Format: clear traphost <A.B.C.D> Parameter:
328
Parameter <A.B.C.D>
Description IP address.
Example: Delete the traphost at 10.40.44.167. clear traphost 10.40.44.167
clear view
Function: To delete a view name. Mode: SNMP configuration mode Format: clear view <name> Parameter: Parameter Description View name.
<name>
Example: Delete the view name school. clear view school
create community
Function: To create a community name and set the authority. Mode: SNMP configuration mode Format: create community <name> {public|private} Parameter:
329
Parameter
Description Community name. The attribute of the community name is readonly. The attribute of the community name is readwrite.
<name>
public private
Example: Create a community name seu with the read-write attribute. create community seu private
create view
Function: To create a view name and determine whether the view contains a mib subtree. Mode: SNMP configuration mode Format: create view <name> [{include|exclude} <mib-oid>] Parameter: Parameter Description View name. Information path.
<name>
<mib-oid>
Note: If {include|exclude} <mib-oid> is not specified, the view contains 1.3.6.1 by default. Example: Create the view name school, excluding 1.3.6.2.19.2. create view school exclude 1.3.6.2.19.2
330
set community view

Function: To specify that the view contains the specified community name. Mode: SNMP configuration mode Format: set community <name> view <name> Parameter: Parameter Description Community name/view name.
<name>
Example: Set the view school which contains seu. set community seu view school
set trap
Function: To enable/disable such traps as link interruption, link setup, link authentication failure, cold start, hot start, cluster topology change and cluster member Up/Down of the SNMP. Mode: SNMP configuration mode Format: set trap {linkdown|linkup|authenticationfail|coldstart|warmstart |topologychange|memberupdown} {enable|disable} Parameter: Parameter linkdown linkup Description The link is down. The link is set up.
331
Parameter authenticationfail coldstart warmstart topologychange memberupdown enable disable
Description The link authentication fails. Cold start. Hot start. Topology Change. Member Up/Down. Enables trap. Disables trap.
set traphost
Function: To set the IP address, community name and version of the trap host. Mode: SNMP configuration mode Format: set traphost <A.B.C.D> <name> [<ver>] Parameter: Parameter <A.B.C.D> Description IP address. Community name. Version number. By default, it is 1.
<name>
<ver>
Example: Set the IP address of the trap host to 10.40.44.167, the community name to seu, and the version number to 2. set traphost 10.40.44.167 seu 2
332
show snmp
Function: To display SNMP information. Mode: All modes Format: show snmp [community|view|trap|host] Parameter: Parameter community view trap host Description Displays the snmp community information. Displays the snmp view information. Displays the snmp trap information. Displays the snmp host information.
Example 1: Display all SNMP information. show snmp Example 2: Display the configured SNMP host address. show snmp host
RMON Configuration
set alarm
Function: To set an alarm group.
Mode: SNMP configuration mode Format: set alarm <1-65535> {interval <1-65535>|variable <mib-oid>|sampletype {absolute|delta}|startup {rising|falling|both}|threshold <1-65535> eventindex <165535> {rising|falling}|owner <name>|status {valid|underCreation|createRequest|invalid}} Parameter: Parameter <1-65535> <mib-oid> Description The index/time interval (unit: second)/peak value/event index of the alarm group. Information path. Name of the owner. The sampling type of the alarm group is absolute value sampling. The sampling type of the alarm group is relative value sampling. The alarm group is triggered upon the rising of the data. The alarm group is triggered upon the falling of the data. The alarm group is triggered upon the rising and falling of the data. The status of the alarm group is valid. The status of the alarm group is underCreation. The status of the alarm group is createRequest. The status of the alarm group is invalid.
<name>
absolute delta rising falling both valid underCreati on createRequ est invalid
Example 1: Set the time interval of the alarm instance with the index of 10 to 100s. set alarm 10 interval 100
334
Example 2: Set the sampling object of the alarm instance with the index of 10 to 1.3.6.2.19.2. set alarm 10 variable 1.3.6.2.19.2
Example 3: Set the sampling type of the alarm instance with the index of 10 to delta. set alarm 10 sampletype delta
Example 4: Set the alarm instance with the index of 10 which is triggered upon the rising of the data. set alarm 10 startup rising
Example 5: Specify that the alarm instance with the index of 10 triggers the event with index of 100 when the data rises up to 30,000. set alarm 10 threshold 30000 eventindex 100 rising
Example 6: Set the owner of the alarm instance with the index of 10 to user1. set alarm 10 owner user1
Example 7: Set the status of the alarm instance with the index of 10 to invalid. set alarm 10 status invalid
335
set event
Function: To set an event group. Mode: SNMP configuration mode Format: set event <1-65535> {description <string>|type {none|log|snmptrap| logandtrap}|owner <name>|community <name>|status {valid|underCreation| createRequest|invalid}} Parameter: Parameter <1-65535> Description Index of the event group. Description. Name/community name of the owner. The type of the event group is none. The type of the event group is log. The type of the event group is trap. The type of the event group is log and trap. The status of the event group is valid. The status of the event group is underCreation The status of the event group is createRequest. The status of the event group is invalid.
<string> <name>
none log snmptrap logandtrap valid underCreation createRequest invalid
Example 1: Set the description of the event instance with the index of 10 to initial. set event 10 description initial
Example 2: Set the type of the event instance with the index of 10 to log.
336
set event 10 type log Example 3: Set the community name of the event instance with the index of 10 to seu. set event 10 community seu
Example 4: Set the owner of the event instance with the index of 10 to tom. set event 10 owner tom
Example 5: Set the status of the event instance with the index of 10 to invalid. set event 10 status invalid
set history
Function: To set a history group. Mode: SNMP configuration mode Format: set history <1-65535> {datasource <portname>|bucketRequested <1-65535>|owner <name>|interval <1-3600>|status {valid|underCreation| createRequest|invalid}} Parameter: Parameter <1-65535> Description Index of the buckerRequest. history group/value of the
<portname>
A port number or port name.
337
Parameter
Description Name of the owner. The time interval of the history group. The unit is second. The status of the history group is valid. The status of the history group is underCreation. The status of the history group is createRequest. The status of the history group is invalid.
<name>
<1-3600> valid underCreation createRequest invalid
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. Example 1: Set the data source of the history instance with the index of 10 to port 1. set history 10 datasource 1
Example 2: Set the data source of the history instance with the index of 10 to port userx. set history 10 datasource userx
Example 3: Set the buckerRequest of the history instance with index of 10 to 100. set history 10 bucketRequest 100
Example 4: Set the owner name of the history instance with the index of 10 to tom. set history 10 owner tom
338
Example 5: Set the time interval of the history instance with the index of 10 to 100s. set history 10 interval 100
Example 6: Set the status of the history instance with the index of 10 to invalid. set history 10 status invalid
set rmon
Function: To enable/disable RMON. Mode: SNMP configuration mode Format: set rmon {enable|disable} Parameter: Parameter enable disable Description Enables RMON. Disables RMON.
set statistics
Function: To set a statistics group. Mode: SNMP configuration mode Format: set statistics <1-65535> {datasource <portname>|owner <name>|status {valid|underCreation|createRequest|invalid}} Parameter:
339
Parameter <1-65535>
Description Index of the statistics group. A port number or port name. Name of the owner. The status of the statistics group is valid. The status of the statistics group is underCreation. The status of the statistics group is createRequest. The status of the statistics group is invalid.
<portname> <name>
valid underCreation createRequest invalid
Note that the range of parameter <portname> is 1~9 on the ZXR10 2609, 1~18 on the ZXR10 2818S, 1~26 on the ZXR10 2826S, and 1~52 on the ZXR10 2852S. Example 1: Set the data source of the statistics instance with the index of 10 to port 1. set statistics 10 datasource 1
Example 2: Set the data source of the statistics instance with the index of 10 to port userx. set statistics 10 datasource userx Example 3: Set the owner name of the statistics instance with the index of 10 to tom. set statistics 10 owner tom
Example 4: Set the status of the statistics instance with the index of 10 to invalid. set statistics 10 status invalid
340
show alarm
Function: To display the alarm group configuration information. Mode: All modes Format: show alarm [<1-65535>] Parameter: Parameter <1-65535> Description Index of the alarm group.
Example 1: Display the RMON information about all alarm instances. show alarm
Example 2: Display the RMON information about the alarm instance with the index of 10. show alarm 10
show event
Function: To display the event group configuration information. Mode: All modes Format: show event [<1-65535>] Parameter: Parameter <1-65535> Description Index of the event group.
341
Example 1: Display the RMON information about all event instances. show event
Example 2: Display the RMON information about the event instance with the index of 10. show event 10
show history
Function: To display the history group configuration information. Mode: All modes Format: show history [<1-65535>] Parameter: Parameter <1-65535> Description Index of the history group.
Example 1: Display the RMON information about all existing history instances. show history
Example 2: Display the RMON information about the history instance with the index of 10. show history 10
342
show rmon
Function: To display the RMON information. Mode: All modes Format: show rmon
show statistics
Function: To display the statistics group configuration information. Mode: All modes Format: show statistics [<1-65535>] Parameter: Parameter <1-65535> Description Index of the statistics group.
Cluster Management Configuration

erase member
Function: To delete the configuration of member switches in the cluster. Mode: Cluster management configuration mode Format: erase member <idlist> Parameter:
Parameter <idlist>
Description ID of the member switch.
Example: Delete the information bout the member switch with the ID of 2. erase member 2
reboot member
Function: To start a member switch. Mode: Cluster management configuration mode Format: reboot member <idlist> Parameter: Parameter <idlist> Description ID of the member switch.
Example: Restart the member switch with the ID of 1. reboot member 1
save member
Function: To save the information about member switches in the cluster. Mode: Cluster management configuration mode Format: save member <idlist> Parameter:
Parameter <idlist>
Example: Save the information about the member switch with the ID of 4. save member 4
set group add device

Function: To add a member device according to the device number. Mode: Cluster management configuration mode Format: set group add device <idlist> Parameter: Parameter <idlist> Description Device ID.
Example: Add the device with the device number of 3 to the cluster. set group add device 3
set group add mac

Function: To add a member according to the device MAC address and specify the member ID. Mode: Cluster management configuration mode Format: set group add mac <xx.xx.xx> <1-255> Parameter:
Parameter <xx.xx.xx> <1-255>
Description The latter part of the MAC address. Member ID.
Example: Add the device with the MAC address of 00.d0.d0.f2.d0.f5 to the cluster and specify the member ID as 4. set group add mac f2.d0.f5 4
set group candidate

Function: To set switches as candidate switches. Mode: Cluster management configuration mode Format: set group candidate
set group commander ipport

Function: To set a switch as the command switch, specify the layer 3 port number and set the IP address pool for cluster management. Mode: Cluster management configuration mode Format: set group <A.B.C.D/M>} Parameter: Parameter <0-63> <A.B.C.D/M> Description Number of the layer 3 port. IP address and mask. commander ipport <0-63> {ip-pool
Example: Set the command switch, specify the layer 3 port 3 for cluster management and set the IP address pool to 192.168.1.2/24.
346
set group commander ipport 3 ip-pool 192.168.1.2/24
set group delete member

Function: To delete a member according to the member ID. Mode: Cluster management configuration mode Format: set group delete member <idlist> Parameter: Parameter <idlist> Description Member ID.
Example: Delete a member according to the member ID. set group delete member 3
set group independent

Function: To set switches as independent switches. Mode: Cluster management configuration mode Format: set group independent
set group handtime

Function: To set the time interval for automatic handshake between member switches and the command switch. Mode: Cluster management configuration mode Format: set group handtime <1-300>
Parameter: Parameter <1-300> Description Time interval for automatic handshake between member switches and the command switch. The unit is second. By default, it is 8 seconds.
Example: Set the time interval for automatic handshake between the member switches and the command switch. set group handtime 10
set group holdtime

Function: To set the valid time for holding the information about the member switch configured by the command switch. Mode: Cluster management configuration mode Format: set group holdtime <1-300> Parameter: Parameter <1-300> Description The valid time for holding the information about the member switch configured by the command switch. The unit is second. By default, it is 80 seconds.
Example: Set the valid time for holding the information about the member switch configured by the command switch to 100 seconds. set group holdtime 100
348
set group name

Function: To set the cluster name. Mode: Cluster management configuration mode Format: set group name <name> Parameter: Parameter Description Sets the cluster name.
<name>
Example: Set the cluster name to zte. set group name zte
set group tftpsvr

Function: To specify the IP address of the TFTP server of the cluster. Mode: Cluster management configuration mode Format: set group tftpsvr < A.B.C.D> Parameter: Parameter <A.B.C.D> Description IP address.
Example: Set the IP address of the TFTP server of the cluster to 192.168.200.1. set group tftpsvr 192.168.200.1
349
set zdp
Function: To enable/disable the switch neighbor discovery function. Mode: Cluster management configuration mode Format: set zdp {enable|disable } Parameter: Parameter enable disable Description Enables the switch neighbor recovery function. Disables the switch neighbor recovery function.
set zdp holdtime

Function: To set the time for saving ZDP packets sent by the device. Mode: Cluster management configuration mode Format: set zdp holdtime <10-255> Parameter: Parameter <10-255> Description The time for saving ZDP packets sent by the device. By default, it is 180 seconds.
set zdp port

Function: To enable/disable the switch neighbor recovery function on a port. Mode: Cluster management configuration mode
350
Format: set zdp port <portlist> {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the switch neighbor recovery function. Disables the switch neighbor recovery function.
Example: Enable the switch neighbor recovery function on port 2. set zdp port 2 enable
set zdp timer

Function: To set the time interval for sending ZDP packets. Mode: Cluster management configuration mode Format: set zdp timer <5-255> Parameter: Parameter <5-255> Description Time interval for sending ZDP packets. The unit is second. By default, it is 60 seconds.
Example: Set the time interval for sending ZDP packets to 70 seconds. set zdp timer 70
351
set zdp trunk

Function: To enable/disable the switch neighbor recovery function on a trunk. Mode: Cluster management configuration mode Format: set zdp trunk <trunklist> {enable|disable} Parameter: Parameter <trunklist> enable disable Description Trunk list. Enables the switch neighbor recovery function. Disables the switch neighbor recovery function.
Note: The range of parameter <trunklist> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. Example: Enable the switch neighbor recovery function on trunk 2. set zdp trunk 2 enable
set ztp
Function: To enable/disable the topology information collection function of the switch. Mode: Cluster management configuration mode Format: set ztp {enable|disable} Parameter: Parameter enable
352
Description Enables the topology information collection function of
Parameter
Description the switch. Disables the topology information collection function of the switch.
disable
set ztp hop

Function: To set the topology information collection range (hop count). Mode: Cluster management configuration mode Format: set zdp hop <1-128> Parameter: Parameter <1-128> Description Topology information collection range (hop count). By default, it is 4.
set ztp hopdelay

Function: To set the delay for the device to forward topology information collection packets. Mode: Cluster management configuration mode Format: set ztp hopdelay <1-1000> Parameter: Parameter <1-1000> Description Delay for the device to forward topology information collection packets. The unit is millisecond. By default, it is 200 milliseconds.
Example: Set the delay for the device to forward topology information collection packets to 400 milliseconds. set ztp hopdelay 400
set ztp port

Function: To enable/disable the topology information collection function on a port. Mode: Cluster management configuration mode Format: set ztp port <portlist> {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the topology information collection function on a port. Disables the topology information collection function on a port.
Example: Enable the topology information collection function on port 2. set ztp port 2 enable
set ztp portdelay

Function: To set the delay for the next port of the device to forward topology information collection packets. Mode: Cluster management configuration mode Format: set ztp portdelay <1-100>
Parameter: Parameter <1-100> Description Delay for the next port of the device to forward topology information collection packets. The unit is millisecond. By default, it is 20 milliseconds.
Example: Set the delay for the next port of the device to forward topology information collection packets to 40 milliseconds. set ztp portdelay 40
set ztp timer

Function: To set the time interval for starting the automatic topology information collection. Mode: Cluster management configuration mode Format: set ztp timer <0-65535> Parameter: Parameter <0-65535> Description Time interval. The unit is minute. 0 indicates that the connection is not conducted.
Example: Set the time interval for starting the automatic topology information collection to 2 minutes. set ztp timer 2
355
set ztp trunk

Function: To enable/disable the topology information function of the switch on a trunk. Mode: Cluster management configuration mode Format: set ztp trunk <trunklist> {enable|disable } Parameter: Parameter <trunklist> enable disable Description Trunk list. Enables the topology information collection of the switch. Disables the topology information collection of the switch.
Note: The range of parameter <trunklist> is 1~8 on the ZXR10 2609/2818S/2826S, and 1~16 on the ZXR10 2852S. Example: Enable the topology information collection function of the switch on trunk 2. set zdp trunk 2 enable
set ztp vlan

Function: To specify that the topology information collection is conducted in a VLAN. Mode: Cluster management configuration mode Format: set ztp vlan <1-4094> Parameter: Parameter
356
Description
Parameter <1-4094>
Description VLAN ID. The range is 1~4094. the topology information collection is
Example: Specify that conducted in vlan 40. set ztp vlan 40
show group
Function: To display the cluster management information. Mode: All modes Format: show group
show group candidate

Function: To display information about candidate switches in the cluster. Mode: All modes Format: show group candidate
show group member

Function: To display information about member switches in the cluster. Mode: All modes Format: show group member <1-255> Parameter:
357
Parameter <1-255>
Example: Display information about the switch with the cluster member ID of 6. show group member 6
show zdp
Function: To display the ZDP configuration information about the switch. Mode: All modes Format: show zdp
show zdp neighbour

Function: To display the neighbor device information detected by the ZDP protocol. Mode: All modes Format: show zdp neighbour {detail}
show ztp
Function: To display the configuration topology information collection protocol. Mode: All modes Format: show ztp information about the
358
show ztp device

Function: To display the configuration about the topology information collection protocol according to the device number. Mode: All modes Format: show ztp device <idlist> Parameter: Parameter <idlist> Description Device number.
Example: Display information about the device with the device number of 2 in the topology information collection results. show ztp device 2
show ztp mac

Function: To display the configuration information about the topology information collection protocol according to the MAC address of the device. Mode: All modes Format: set ztp mac <xx.xx.xx> Parameter: Parameter <xx.xx.xx> Description The latter part of the MAC address.
359
Example: Display the configuration information about the topology information collection protocol according to the MAC address of the device. set ztp mac f2.d0.f5
ztp start
Function: To start the topology information collection procedure. Mode: Cluster management configuration mode Format: ztp start
Single-port Loop Test

set loopDetect blockDelay
Function: To set the port blocking interval during the loop. Mode: Global configuration mode Format: set loopDetect blockDelay <1-1080> Parameter: Parameter <1-1080> Description Time interval. The unit is minute. By default, it is 5 minutes.
set loopDetect port

Function: To enable/disable the port loop detection.
Mode: Global configuration mode Format: set loopDetect port <portlist> {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the port loop detection. Disables the port loop detection.
set loopDetect port protect

Function: To enable/disable the port protection in case of port loop. Mode: Global configuration mode Format: set loopDetect port <portlist> protect {enable|disable} Parameter: Parameter <portlist> enable disable Description Port list. Enables the port protection. Disables the port protection.
set loopDetect trunk

Function: To enable/disable the trunk loop detection. Mode: Global configuration mode Format: set loopDetect trunk <trunklist> {enable|disable}
361
Parameter: Parameter <trunklist> enable disable Description Trunk ID list. Enables the trunk loop detection. Disables the trunk loop detection.
set loopDetect trunk protect

Function: To enable/disable the trunk protection in case of trunk loop. Mode: Global configuration mode Format: set loopDetect {enable|disable} Parameter: Parameter <trunklist> enable disable Description Trunk ID list. Enables the trunk protection. Disables the trunk protection. trunk <trunklist> protect
362
show loopDetect
Function: To display the port loop information. Mode: All modes Format: show loopDetect
363
364
Appendix
Abbreviations
Abbreviation ABR ACL AD ARP AS ASBR ATM BGP BOOTP BRD CHAP CIDR CLNP CLNS CoS CRC CRLDP CSN Full Name Area Border Router Access Control List Administrative Distance Address ResolutionProtocol Autonomous System Autonomous System Border Router Asynchronous Transfer Mode Border Gateway Protocol BOOTstrap Protocol Backup Designate Router Challenge Handshake Authentication Protocol Classless Inter-Domain Routing ConnectionLess Network Protocol ConnectionLess Network Sevice Class of Service Cyclic Redundancy Check Constraint based Routing Label Distribution Protocol Cryptographic Sequence Number
Abbreviation DHCP DIS DNS DR EBGP EGP ES FEC FIFO FPGA FSM FTP GBIC GRE ICMP IETF IGMP IGP IP ISO ISP LACP LAN LAPB LCP LDP
Full Name Dynamic Host Configuration Protocol Designate IS Domain Name System Designate Router External Border Gateway Protocal External Gateway Protocol End System Forwarding Equivalence Class First In and First Out Field Programmable Gate Array Finite State Machine File Transfer Protocol Gigabit Interface Converter General Routing Encapsulation Internet Control Message Protocol Internet Engineering Task Force Internet Group Mangement Protocol Interior Gateway Protocol Internet Protocol International Organization for Standardization Internet Service Provider Link Aggregation Control Protocol Local Area Network Link Access Procedure Balanced Link Control Protocol Label Distribution Protocol
366
Appendix A - Abbreviations
Abbreviation LSA LSP LSR MAC MD5 MED MIB MPLS MSTP MTU NAT NBMA NCP NIC NLRI NMS NSAP NSP NTP NVT OAM OSI OSPF PAP PAT PCM
Full Name Link State Advertisement Link State PDU Label Switch Router Media Access Control Message Digest 5 MULTI_EXIT_DISC Management Information Base Multi-Protocol Label Switching Multiple Spanning Tree Protocol Maximum Transmission Unit Network Address Translation Non-Broadcast Multiple Access Network Control Protocol Network Information Center Network Layer Reachable Information Network Management System Network Service Access Point Network Service Provider Network Time Protocol Network Virtual Terminal Operation And Management Open Systems Interconnection Open Shortest Path First Passwork Authentication Protocol Port Address Translation Pulse Code Modulation
367
Abbreviation PDU POS PPP PSNP QoS RARP RADIUS RFC RIP RLE RMON ROS RSTP RSVP SDH SDLC SMTP SNMP SNP SPF STP TCP TFTP ToS TELNET TTL
Full Name Protocol Data Unit Packet over SDH Point-to-Point Protocol Partial Sequence Num PDU Quality of Service Reverse Address Resolution Protocol Remote Authentication Dial In User Service Request For Comments Routing Information Protocol Route lookup engine Remote Monitoring Router Operation System Rapid Spanning Tree Protocol Resource Reservation Protocol Synchronous Digital Hierarchy Synchronous Data Link Control Simple Mail Transfer Protocol Simple Network Management Protocol Sequence Num PDU Shortest Path First Spanning Tree Protocol Transmission Control Protocol Trivial File Transfer Protocol Type Of Service Telecommunication Network Protocol Time To Live
368
Appendix A - Abbreviations
Abbreviation UDP VID VLSM VPN VRF VRRP WAN WWW ZGMP
Full Name User Datagram Protocol VLAN Identifier Variable Length Subnet Mask Virtual Private Network Virtual Routing Forwarding Virtual Router Redundancy Protocol Wide Area Network World Wide Web Zte Group Manage Protocol
369
370
Figures
Figure 1 Typical Workgroup Networking Structure ...................... 34 Figure 2 Typical Networking of MAN Broadband Access ............... 35 Figure 3 ZXR10 2609/2818S/2826S/2852S Working Principle ...... 38 Figure 4 Front Panel of the ZXR10 2609.................................... 39 Figure 5 Front Panel of the ZXR10 2818S .................................. 41 Figure 6 Front Panel of the ZXR10 2826S .................................. 42 Figure 7 Front Panel of the ZXR10 2852S .................................. 43 Figure 8 SF-1FE-S40KSC Sub-board ......................................... 45 Figure 9 SF-1FE-S15KSC sub-board ......................................... 46 Figure 10 SF-1FE-M02KSC sub-board ....................................... 46 Figure 11 SF-2GE-2RJ45 Sub-board (FGEI) ............................... 47 Figure 12 SF-2GE-2SFP Sub-board (FGFI) ................................. 47 Figure 13 SF-2GE-SFPRJ45 Sub-board (FGFE) ........................... 48 Figure 14 Rear Panel of the ZXR10 2818S/2826S (DC power supply) ................................................................................... 49 Figure 15 Rear Panel of the ZXR10 2818S/2826S (AC power supply) ................................................................................... 49 Figure 16 Rear Panel of the ZXR10 2852S (DC power supply) ...... 50 Figure 17 Rear Panel of the ZXR10 2852S (AC power supply)....... 50 Figure 18 Installing Plastic Feet ............................................... 52 Figure 19 Installing Flanges .................................................... 53 Figure 20 Installing Holders .................................................... 54 Figure 21 Fixing Equipment..................................................... 55 Figure 22 AC Power Cable....................................................... 56 Figure 23 48 Power Socket.................................................... 57 Figure 24 DC Power Cable....................................................... 57 Figure 25 Serial Port Configuration Cable .................................. 58 Figure 26 Structure of Network Cable ....................................... 59 Figure 27 Transverse English Label on Panels and Connectors ...... 62 Figure 28 Roll-type Self-cover Laser print Label Model II ............. 63 Figure 29 Transverse English Type I Label................................. 64 Figure 30 Pattern and Meanings of the Engineering Label on the Optical Fiber .................................................................. 64 Figure 31 Cabling of the Ethernet Switch in a Building................. 66 Figure 32 Cabling of a Convergence Switch ............................... 67
Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
Creating a Connection............................................... 69 Connection Configuration Information ......................... 70 Port Attribute Settings .............................................. 71 ZXR10 2609/2818S/2826S/2852S Configuration Modes . 78 Run the Telnet ......................................................... 79 Switch Remote Login Window .................................... 80 TFTPD Server Interface ............................................. 91 Tftpd Settings Dialog Box .......................................... 92 Example of Overlapping VLAN .................................. 118 Example of VLAN Transparent Transmission ............... 119 Example of LACP Configuration ................................ 125 Network Topology for One-To-Many Communication.... 130 MSTP Topological Structure ..................................... 132 PVLAN Configuration Example .................................. 144 Configuration Example of Static Route....................... 148 Using PAP Mode for Identity Authentication ................ 153 Using CHAP Mode for Identity Authentication.............. 154 Using EAP-MD5 Mode for Identity Authentication ........ 155 Typical QinQ Networking ......................................... 165 SSH Configuration Example ..................................... 173 Setting IP Address and Port Number of the SSH Server 174 Setting SSH Version Number ................................... 175 User Confirmation Required in the First Login ............. 176 SSH Login Result ................................................... 176 Cluster Management Networking .............................. 189 Switch Role Changeover Rule................................... 190
372
Tables
Table Table Table Table Table Table Table Table Table Table Table Table 1 Typographical Conventions ......................................... xxv 2 Mouse Operation Conventions .................................... xxvi 3 Safety Signs ............................................................xxvii 4 Techincal Features and Parameters ............................... 36 5 Pinout of Serial Port Configuration Cable ........................ 58 6 RJ45 Pinout of Straight-through Cable ........................... 59 7 RJ45J Pinout of Crossover Cable ................................... 60 8 Fiber Types ............................................................... 61 9 Temperature and Humidity Table .................................. 72 10 Functional keys ........................................................ 87 11 Default Settings of Port Parameters ............................111 12 Maintenance and Test Period of the Ethernet Switch System ..................................................................................205 Table 13 Parameter Description ..............................................217
373

Sjzl20060311-ZXR10 26092818S2826S2852S Access Switch Users Manual

Enviado por

Dados do documento

Descrição original:

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Sjzl20060311-ZXR10 26092818S2826S2852S Access Switch Users Manual

Enviado por

Direitos autorais:

Formatos disponíveis

ZXR10

2609/2818S/2826S/2852S Access Switch

ZTE CORPORATION Values Your Comments & Suggestions!

Your Comments & Suggestions

Chapter 1..............................................................................29 Safety Description ...............................................................29

Chapter 2..............................................................................31 System Overview.................................................................31

Technical Features and Parameters ..................................................36

Chapter 3..............................................................................37 Structure & Principle ...........................................................37

Working Principle ............................................................................37 Hardware Structure.........................................................................39

Power Supply Module ......................................................................48

Chapter 4 ............................................................................. 51 Installation and Debugging ................................................ 51

Cable Lightning Protection Requirements ..........................................65 System Debugging..........................................................................68

Chapter 5..............................................................................77 Usage and Operation ...........................................................77

Command Mode .............................................................................81

Usage of Command Line..................................................................85

Chapter 6..............................................................................89 System Management...........................................................89

TFTP Configuration..........................................................................91 Import and Export of Configuration ..................................................93

Backup and Recovery of Files...........................................................94 Software Version Upgrade ...............................................................96

Chapter 7 ........................................................................... 105 Service Configuration........................................................ 105

Port Mirroring ...............................................................................113

VLAN Configuration .......................................................................115

MAC Table Operations ...................................................................120

LACP Configuration .......................................................................122

IGMP Snooping Configuration.........................................................126

PVLAN Configuration .....................................................................143

802.1x Transparent Transmission Configuration ..............................145 Layer 3 Configuration ....................................................................146

Access Service Configuration..........................................................150

Chapter 8............................................................................169 Network Management .......................................................169

Cluster Management .....................................................................187

Chapter 9 ........................................................................... 203 Maintenance ...................................................................... 203

Common Test Methods..................................................................206

Virtual Circuit Test......................................................................................207

Chapter 10 .........................................................................217 Command Reference .........................................................217

File System ..................................................................................229

Port Configuration .........................................................................233

Port Mirroring ...............................................................................249

VLAN Configuration .......................................................................251

MAC Address Table Configuration ...................................................258

LACP Configuration .......................................................................263

show lacp port ...........................................................................................268

IGMP Snooping Configuration.........................................................269

PVLAN Configuration .....................................................................294

802.1x Transparent Transmission Configuration ..............................296

Layer 3 Configuration ....................................................................297

Access Service Configuration..........................................................307

SNMP Configuration ......................................................................328

Cluster Management Configuration.................................................343

Single-port Loop Test ....................................................................360

This page is intentionally blank.

About this Users Manual

Confidential and Proprietary Information of ZTE CORPORATION

ZXR10 2609/2818S/2826S/2852S Access Switch Users Manual

Purpose of this Users Manual

Confidential and Proprietary Information of ZTE CORPORATION

About this Users Manual

Confidential and Proprietary Information of ZTE CORPORATION

ZXR10 2609/2818S/2826S/2852S Access Switch Users Manual

Mouse Operation Conventions

Typeface Click Double-click Right-click Drag

Confidential and Proprietary Information of ZTE CORPORATION

About this Users Manual

Confidential and Proprietary Information of ZTE CORPORATION

ZXR10 2609/2818S/2826S/2852S Access Switch Users Manual