- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 新华三人才研学中心
- 关于我们
06-H3C SR6600-F路由器 EAA典型配置举例
本章节下载: 06-H3C SR6600-F路由器 EAA典型配置举例 (151.18 KB)
H3C SR6600-F EAA配置举例
|
Copyright © 2018 新华三技术有限公司 版权所有,保留一切权利。 非经本公司书面许可,任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部, 并不得以任何形式传播。本文档中的信息可能变动,恕不另行通知。 |
|
目 录
本文档介绍使用EAA的典型配置举例。
本文档不严格与具体软、硬件版本对应,如果使用过程中与产品实际情况有差异,请参考相关产品手册,或以设备实际情况为准。
本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。
本文档假设您已了解EAA特性,对于同一需求,Tcl和CLI监控策略的实现效果是一致的,用户可以根据习惯选择任意一种策略。
为设备配置Tcl监控策略,当检测接口GigabitEthernet2/0/0入流量值大于等于500Mbps时,执行如下操作:
· 生成流量超范围的日志。
· 显示当前cpu状态,并保存至文件。
· 显示接口GigabitEthernet2/0/0状态,并保存至文件。
如果后续入流量大于等于200Mbps时会再次启动监控,当再次检测到接口入流量大于500Mbps时,执行上述操作。
本举例是在R7607版本上进行配置和验证的。
# 使用写字板编辑文件test.tcl,如下:
# 定义监控事件,监控接口为GigabitEthernet2/0/0,关注入方向流量,当入流量大于等于500Mbps时,执行动作;再次开启轮询的条件为接口流量大于等于200Mbps。
::comware::rtm::event_register interface gigabitethernet2/0/0 monitor-obj rcv-bps start-op ge start-val 500000000 restart-op ge restart-val 200000000 user-role network-admin
# 当监控事件发生时执行动作为:发送优先级为1、设备号为local1、信息为GE2/0/0 input rate exceeded 500000000bps的日志。
::comware::rtm::action syslog priority 1 facility local1 msg "GE2/0/0 input rate exceeded 500000000bps"
# 当监控事件发生时执行动作为:执行display cpu-usage命令,显示CPU利用率的统计信息,并将信息保存在文件ge0_info.txt中。
display cpu-usage >> ge0_info.txt
# 当监控事件发生时执行动作为:执行display interface gigabitethernet 2/0/0命令,显示GigabitEthernet2/0/0当前的运行状态和相关信息,并将信息保存在文件ge0_info.txt中。
display interface gigabitethernet2/0/0 >> ge0_info.txt
# 配置接口GigabitEthernet2/0/0的IP地址。
<Device> system-view
[Device] interface gigabitethernet 2/0/0
[Device-GigabitEthernet2/0/0] ip address 192.168.100.66 255.255.255.0
[Device-GigabitEthernet2/0/0] quit
[Device] quit
# 通过TFTP将test.tcl下载到设备上。
<Device> tftp 192.168.100.14 get test.tcl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 189 100 189 0 0 7900 0 --:--:-- --:--:-- --:--:-- 12600
# 创建并启用Tcl监控策略,并将其和Tcl脚本test.tcl绑定。
<Device> system-view
[Device] rtm tcl-policy test test.tcl
[Device] quit
# 通过display rtm policy registered命令可以看到存在策略名为test,策略类型为Tcl的策略。
<Device> display rtm policy registered
Total number: 1
Type Event TimeRegistered PolicyName
TCL INTERFACE Oct 22 14:06:20 2017 test
# 当检测到接口GigabitEthernet2/0/0入流量值大于等于500Mbps时,查看设备中所有的文件及文件夹信息,存在ge0_info.txt。
<Device> dir
Directory of cfa0:
0 -rw- 3227 Nov 19 2017 17:28:36 1.cfg
1 -rw- 2296 Apr 26 2017 18:55:08 5660_data.ak
2 -rw- 2304 Apr 26 2017 18:54:56 5660_security.ak
3 -rw- 2298 Apr 26 2017 18:55:16 5660_voice.ak
4 -rw- 3227 Nov 19 2017 17:15:19 STARTUP110.CFG
5 drw- - Mar 10 2017 04:10:10 diagfile
6 -rw- 567 Jul 17 2017 14:25:00 dsakey
7 -rw- 223 Jul 17 2017 14:25:00 ecdsakey
8 -rw- 278 Jul 17 2017 14:25:00 ge0_info.txt
9 -rw- 735 Jul 17 2017 14:25:00 hostkey
10 -rw- 492 Nov 18 2017 16:40:50 ifindex.dat
11 -rw- 276 Apr 23 2017 19:00:00 lauth.dat
12 drw- - Jul 17 2017 11:26:34 test
13 drw- - Apr 24 2017 12:39:38 logfile
14 -rw- 18839552 Nov 14 2017 16:42:12 msr56-cmw710-boot-r000706.bin
15 -rw- 1150976 Nov 14 2017 16:43:00 msr56-cmw710-data-r000706.bin
16 -rw- 47470592 Nov 14 2017 16:42:24 msr56-cmw710-system-r000706.bin
17 -rw- 2975744 Nov 14 2017 16:42:56 msr56-cmw710-voice-r000706.bin
18 -rw- 70445056 Nov 14 2017 17:41:08 msr56.ipe
19 -rw- 70445056 Nov 14 2017 16:40:00 msr56NN.ipe
20 drw- - Aug 21 2017 16:23:10 pkey
21 -rw- 189 Nov 19 2017 17:49:34 test.tcl
22 drw- - Mar 10 2017 04:10:10 seclog
23 -rw- 591 Jul 17 2017 14:25:00 serverkey
24 -rw- 3227 Nov 18 2017 16:40:50 startup.cfg
507492 KB total (298412 KB free)
# 使用TFTP方式,将ge0_info.txt文件复制到TFTP服务器上。
<Device> tftp 192.168.100.14 put ge0_info.txt
# 查看ge0_info.txt文件,显示包含当前CPU和接口GigabitEthernet2/0/0状态。
Slot 1 CPU 0 CPU usage:
5% in last 5 seconds
5% in last 1 minute
6% in last 5 minutes
Slot 2 CPU 0 CPU usage:
1% in last 5 seconds
1% in last 1 minute
1% in last 5 minutes
GigabitEthernet2/0/0
Current state: UP
Line protocol state: UP
Description: GigabitEthernet2/0/0 Interface
Bandwidth: 1000000kbps
Maximum Transmit Unit: 1500
Internet Address is 192.168.100.66/24 Primary
IP Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 4431-9255-f3fc
IPv6 Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 4431-9255-f3fc
Media type is twisted pair
Port hardware type is 1000_BASE_T
Port priority: 0
1000Mbps-speed mode, full-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
Flow-control is not enabled
The Maximum Frame Length is 9216
Last clearing of counters: Never
Peak value of input: 108106680 bytes/sec, at 2017-10-15 14:14:30
Peak value of output: 20 bytes/sec, at 2017-10-15 13:24:25
Last 300 seconds input: 1028465 packets/sec 65821768 bytes/sec 69%
Last 300 seconds output: 0 packets/sec 9 bytes/sec 0%
Input (total): 9585460958 packets, 759947089836 bytes
9585460803 unicasts, 3 broadcasts, 9 multicasts, 0 pauses
Input (normal): 9585460815 packets, - bytes
9585460803 unicasts, 3 broadcasts, 9 multicasts, 0 pauses
Input: 1 input errors, 0 runts, 0 giants, 0 throttles
1 CRC, 0 frame, - overruns, 0 aborts
- ignored, - parity errors
Output (total): 313 packets, 94288 bytes
0 unicasts, 0 broadcasts, 313 multicasts, 0 pauses
Output (normal): 313 packets, - bytes
0 unicasts, 0 broadcasts, 313 multicasts, 0 pauses
Output: 0 output errors, - underruns, - buffer failures
0 aborts, 0 deferred, 0 collisions, 0 late collisions
0 lost carrier, - no carrier
· test.tcl脚本文本:
::comware::rtm::event_register interface gigabitethernet2/0/0 monitor-obj rcv-bps start-op ge start-val 500000000 restart-op ge restart-val 200000000 user-role network-admin
::comware::rtm::action syslog priority 1 facility local1 msg "GE2/0/0 input rate exceeded 500000000bps"
display cpu-usage >> ge0_info.txt
display interface gigabitethernet2/0/0 >> ge0_info.txt
· Device:
#
interface GigabitEthernet2/0/0
port link-mode route
ip address 192.168.100.66 255.255.255.0
#
rtm tcl-policy test test.tcl
#
为设备配置Tcl监控策略,当检测接口GigabitEthernet2/0/0入流量值大于等于500Mbps时,执行如下操作:
· 生成流量超范围的日志。
· 显示当前cpu状态,并保存至文件。
· 显示接口GigabitEthernet2/0/0状态,并保存至文件。
如果后续入流量大于等于200Mbps时会再次启动监控,当再次检测到接口入流量大于500Mbps时,执行上述操作。
本举例是在R7607上进行配置和验证的。
· 同一个策略下,只能配置一个触发事件和运行时间。当多次执行event或者running-time命令时,则最近配置并且commit的生效。
· 如果新配置的动作的编号和已有动作的编号相同,则执行commit命令后最近配置生效。
· 给CLI监控策略配置事件、动作、用户角色和运行时间后,必须执行commit命令,该策略才会启用,该策略下的配置才会生效。
# 配置接口GigabitEthernet2/0/0的IP地址。
<Device> system-view
[Device] interface gigabitethernet 2/0/0
[Device-GigabitEthernet2/0/0] ip address 192.168.100.66 255.255.255.0
[Device-GigabitEthernet2/0/0] quit
# 创建CLI策略1。
[Device] rtm cli-policy 1
# 配置监控事件,监控接口为GigabitEthernet2/0/0,当入流量大于等于500Mbps时执行动作;再次开启轮询的条件为接口流量大于等于200Mbps。
[Device-rtm-1] event interface gigabitEthernet 2/0/0 monitor-obj rcv-bps start-op ge start-val 500000000 restart-op ge restart-val 200000000
# 当事件发生时,发送优先级为1、日志记录工具为local1、信息为GE2/0/0 input rate exceeded 500000000bps的日志。
[Device-rtm-1] action 1 syslog priority 1 facility local1 msg "GE2/0/0 input rate exceeded 500000000bps"
# 当事件发生时,执行display cpu-usage命令,显示CPU利用率的统计信息,并将信息保存在文件ge0_info.txt中。
[Device-rtm-1] action 2 cli display cpu-usage >> ge0_info.txt
# 当事件发生时,执行display interface gigabitetherne 2/0/0命令,显示GigabitEthernet2/0/0当前的运行状态和相关信息,并将信息保存在文件ge0_info.txt中。
[Device-rtm-1] action 3 cli display interface gigabitethernet 2/0/0 >> ge0_info.txt
# 配置策略运行时间为30s。
[Device-rtm-1] running-time 30
# 配置执行CLI监控策略1时使用的用户角色为network-admin。
[Device-rtm-1] user-role network-admin
# 启用CLI监控策略1。
[Device-rtm-1] commit
[Device-rtm-1] quit
# 通过display rtm policy registered命令查看,可以看到策略名为1,策略类型为CLI的策略。
<Device> display rtm policy registered
Total number: 1
Type Event TimeRegistered PolicyName
CLI INTERFACE May 04 00:12:40 2017 1
# 当检测到接口GigabitEthernet2/0/0入流量值大于等于500Mbps时,查看设备中所有的文件及文件夹信息,存在ge0_info.txt。
<Device> dir
Directory of cfa0:
0 -rw- 3227 Nov 19 2017 17:28:36 1.cfg
1 -rw- 2296 Apr 26 2017 18:55:08 5660_data.ak
2 -rw- 2304 Apr 26 2017 18:54:56 5660_security.ak
3 -rw- 2298 Apr 26 2017 18:55:16 5660_voice.ak
4 -rw- 3227 Nov 19 2017 17:15:19 STARTUP110.CFG
5 drw- - Mar 10 2017 04:10:10 diagfile
6 -rw- 567 Jul 17 2017 14:25:00 dsakey
7 -rw- 223 Jul 17 2017 14:25:00 ecdsakey
8 -rw- 278 Jul 17 2017 14:25:00 ge0_info.txt
9 -rw- 735 Jul 17 2017 14:25:00 hostkey
10 -rw- 492 Nov 18 2017 16:40:50 ifindex.dat
11 -rw- 276 Apr 23 2017 19:00:00 lauth.dat
12 drw- - Jul 17 2017 11:26:34 test
13 drw- - Apr 24 2017 12:39:38 logfile
14 -rw- 18839552 Nov 14 2017 16:42:12 msr56-cmw710-boot-r000706.bin
15 -rw- 1150976 Nov 14 2017 16:43:00 msr56-cmw710-data-r000706.bin
16 -rw- 47470592 Nov 14 2017 16:42:24 msr56-cmw710-system-r000706.bin
17 -rw- 2975744 Nov 14 2017 16:42:56 msr56-cmw710-voice-r000706.bin
18 -rw- 70445056 Nov 14 2017 17:41:08 msr56.ipe
19 -rw- 70445056 Nov 14 2017 16:40:00 msr56NN.ipe
20 drw- - Aug 21 2017 16:23:10 pkey
21 -rw- 189 Nov 19 2017 17:49:34 test.tcl
22 drw- - Mar 10 2017 04:10:10 seclog
23 -rw- 591 Jul 17 2017 14:25:00 serverkey
24 -rw- 3227 Nov 18 2017 16:40:50 startup.cfg
507492 KB total (298412 KB free)
# 使用TFTP方式,将ge0_info.txt文件复制到TFTP服务器上。
<Device> tftp 192.168.100.14 put ge0_info.txt
# 查看ge0_info.txt文件,显示包含当前CPU和接口GigabitEthernet2/0/0状态。
Slot 1 CPU 0 CPU usage:
5% in last 5 seconds
5% in last 1 minute
6% in last 5 minutes
Slot 2 CPU 0 CPU usage:
1% in last 5 seconds
1% in last 1 minute
1% in last 5 minutes
GigabitEthernet2/0/0
Current state: UP
Line protocol state: UP
Description: GigabitEthernet2/0/0 Interface
Bandwidth: 1000000kbps
Maximum Transmit Unit: 1500
Internet Address is 192.168.100.66/24 Primary
IP Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 4431-9255-f3fc
IPv6 Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 4431-9255-f3fc
Media type is twisted pair
Port hardware type is 1000_BASE_T
Port priority: 0
1000Mbps-speed mode, full-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
Flow-control is not enabled
The Maximum Frame Length is 9216
Last clearing of counters: Never
Peak value of input: 108106680 bytes/sec, at 2017-10-15 14:14:30
Peak value of output: 20 bytes/sec, at 2017-10-15 13:24:25
Last 300 seconds input: 1028465 packets/sec 65821768 bytes/sec 69%
Last 300 seconds output: 0 packets/sec 9 bytes/sec 0%
Input (total): 9585460958 packets, 759947089836 bytes
9585460803 unicasts, 3 broadcasts, 9 multicasts, 0 pauses
Input (normal): 9585460815 packets, - bytes
9585460803 unicasts, 3 broadcasts, 9 multicasts, 0 pauses
Input: 1 input errors, 0 runts, 0 giants, 0 throttles
1 CRC, 0 frame, - overruns, 0 aborts
- ignored, - parity errors
Output (total): 313 packets, 94288 bytes
0 unicasts, 0 broadcasts, 313 multicasts, 0 pauses
Output (normal): 313 packets, - bytes
0 unicasts, 0 broadcasts, 313 multicasts, 0 pauses
Output: 0 output errors, - underruns, - buffer failures
0 aborts, 0 deferred, 0 collisions, 0 late collisions
0 lost carrier, - no carrier
#
interface GigabitEthernet2/0/0
port link-mode route
ip address 192.168.100.66 255.255.255.0
#
rtm cli-policy 1
event interface GigabitEthernet2/0/0 monitor-obj rcv-bps start-op ge start-val 500000000 restart-op ge restart-val 200000000
action 1 syslog priority 1 facility local1 msg "GE2/0/0 input rate exceeded 500000000bps"
action 2 cli display cpu-usage >> ge0_info.txt
action 3 cli display interface gigabitethernet 2/0/0 >> ge0_info.txt
running-time 30
user-role network-admin
#
· H3C SR6600-F 路由器 网络管理和监控配置指导-R7607
· H3C SR6600-F 路由器 网络管理和监控命令参考-R7607
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
售前咨询
售后咨询
人工在线咨询
