H3C S3100 Series Ethernet Switches Operation Manual-Release 22XX Series(V1.00)

HomeSupportResource CenterSwitchesH3C S3100 Switch SeriesH3C S3100 Switch SeriesTechnical DocumentsConfigureConfiguration GuidesH3C S3100 Series Ethernet Switches Operation Manual-Release 22XX Series(V1.00)

Preface

Download the entire book or click on the links to the left for one chapter at a time.

 

H3C S3100 Series Ethernet Switches Operation Manual-Release 22XX Series describes the software features for the H3C S3100 Series Ethernet Switches and guides you through the software configuration procedures. It also provides configuration examples to help you apply software features to different network scenarios.

This preface includes:

l          Audience

l          Organization

l          Software Version

l          Conventions

l          About the H3C S3100 Documentation Set

l          Obtaining Documentation

l          Documentation Feedback

Audience

This documentation is intended for:

l          Network planners

l          Field technical support and servicing engineers

l          Network administrators working with the S3100 series

Organization

H3C S3100 Series Ethernet Switches Operation Manual-Release 22XX Series is organized as follows:

Part

Features

01-CLI Operation

l      Introduction to CLI

l      CLI configuration

02-Login Operation

l      Logging into a switch through the console port

l      Logging in through Telnet/SSH

l      Logging in using a modem

l      Logging in through the web-based network management system

l      Logging in through NMS

l      User control

03-Configuration File Management Operation

l      Saving and deleting the configuration file

l      Erasing the startup configuration file

l      Specifying a configuration file for next startup

04-VLAN Operation

l      VLAN overview

l      Port-based VLAN

l      MAC-based VLAN (applicable only to the S3100-EI series)

l      Protocol-based VLAN (applicable only to the S3100-EI series)

05-Static Route Operation

l      Introduction to static route

l      Static route configuration

l      Troubleshooting a static route

06-IP Address-IP Performance Operation

l      Configuring an IP address for a switch

l      Configuring the TCP attributes for a switch

07-Voice VLAN Operation

Voice VLAN (applicable only to the S3100-EI series)

08-GVRP Operation

GARP VLAN registration protocol (GVRP)

09-Port Basic Configuration Operation

l      Configuring port auto-negotiation speed

l      Limiting traffic on individual ports

l      Enabling flow control on a port

l      Duplicating the configuration of a port to other ports

l      Configuring loopback detection for Ethernet port(s)

l      Enabling loopback test

l      Configuring a port group

l      Enabling the system to test connected cable

l      Configuring the interval to perform statistical analysis on port traffic

l      Disabling Up/Down log output on a port

l      Configuring storm control on a port

l      Setting the port state change delay

10-Link Aggregation Operation

l      Link aggregation control protocol (LACP)

l      Manual aggregation

l      Static aggregation

11-Port Isolation Operation

Port isolation group

12-Port Security-Port Binding Operation

l      Configuring port security

l      Configuring port binding (applicable only to the S3100-EI series)

13-DLDP Operation

Device link detection protocol (DLDP) (applicable only to the S3100-EI series)

14-MAC Address Table Management Operation

l      Manually configuring dynamic, static, and black hole MAC addresses

l      Setting the MAC address aging timer

l      Setting the maximum number of MAC addresses a port can learn

l      Disabling MAC address learning for a VLAN (applicable only to the S3100-EI series)

l      Assigning MAC addresses for Ethernet ports

l      Configuring MAC address replication (applicable only to the S3100-EI series)

15-MSTP Operation

l      STP/RSTP/MSTP overview and basic configuration

l      Performing mCheck operation

l      Guard functions: BPDU Guard, Root Guard, Loop Guard, TC-BPDU Attack Guard, and BPDU Drop (BPDU Drop is applicable only to the S3100-EI series)

l      Digest snooping

l      Rapid transition

l      VLAN-VPN tunnel (applicable only to the S3100-SI series)

l      MSTP maintenance configuration

l      Sending trap messages conforming to 802.1d standard

16-Multicast Operation

l      Internet group management protocol (IGMP) snooping v2&v3

l      Multicast Listener Discovery (MLD) snooping v1&v3 (applicable only to the S3100-EI series)

l      IPv6 multicast VLAN configuration (applicable only to the S3100-EI series)

l      Multicast user control policy configuration (applicable only to the S3100-EI series)

17-802.1x-System Guard Operation

l      Basic 802.1x configuration

l      Advanced 802.1x configuration

l      Configuring quick EAD deployment

l      Configuring HABP server

l      Configuring HABP client

l      Configuring system guard

18-AAA Operation

l      AAA overview

l      AAA configuration

l      RADIUS configuration

l      HWTACACS configuration

l      EAD configuration

19-MAC Address Authentication Operation

l      MAC authentication overview

l      Configuring basic MAC authentication functions

l      MAC address authentication enhanced function configuration

20-Web Authentication Operation

(Applicable only to the S3100-EI series)

l      Introduction to web authentication

l      Web authentication configuration

l      Configuring an Auth-Fail VLAN for web authentication

l      Configuring a web authentication-free user

l      Configuring HTTPS access for web authentication

l      Customizing web authentication pages

l      Configuring web authentication transition

l      Configuring a proxy server port for web authentication

21-Triple Authentication Operation

(Applicable only to the S3100-EI series)

l      Triple authentication overview

l      Triple authentication configuration

22-ARP Operation

l      Gratuitous ARP

l      Manually configuring ARP entries

l      ARP attack detection (applicable only to the S3100-EI series)

l      ARP packet rate limit (applicable only to the S3100-EI series)

23-DHCP Operation

l      DHCP server (applicable only to the S3100-EI series)

l      DHCP snooping

l      DHCP packet rate limit  (applicable only to the S3100-EI series)

l      DHCP/BOOTP client

24-ACL Operation

l      Basic/advanced ACLs (Only ACLs defined on S3100-EI series switches can be applied to hardware directly.)

l      Layer 2 ACLs (applicable only to the S3100-EI series)

l      IPv6 ACLs (applicable only to the S3100-EI series)

25-QoS-QoS Profile Operation

l      Quality of Service (QoS)

l      QoS profile (applicable only to the S3100-EI series)

26-Mirroring Operation

l      Local port mirroring

l      Remote port mirroring

27-Stack-Cluster Operation

l      Stack

l      Huawei Group Management Protocol (HGMP) v2

l      Neighbor Discovery Protocol (NDP)

l      Neighbor Topology Discovery Protocol (NTDP)

l      Cluster topology management function

l      Cluster synchronization function

28-PoE-PoE Profile Operation

l      Power over Ethernet (PoE)

l      PoE profile

29-SNMP-RMON Operation

l      Simple network management protocol (SNMP)

l      Remote monitoring (RMON)

30-NTP Operation

l      Network time protocol (NTP)

31-SSH Operation

l      Configuring the SSH server

l      Configuring the SSH client

32-File System Management Operation

l      File system management

l      File attribute configurable

33-FTP-SFTP-TFTP Operation

l      Operating as an FTP server/FTP client

l      Operating as an SFTP server/SFTP client

l      Operating as a TFTP client

34-Information Center Operation

l      System logs

l      Hierarchical alarms

l      Debugging information output

35-System Maintenance and Debugging Operation

l      Boot ROM and host software loading

l      Basic system configuration and debugging

l      Network connectivity test

l      Device management

l      Scheduled task configuration

36-VLAN-VPN Operation

l      VLAN-VPN (QinQ)

l      Configuring TPID value (applicable only to the S3100-EI series)

l      Configuring BPDU tunnels (applicable only to the S3100-EI series)

l      Selective QinQ (applicable only to the S3100-EI series)

37-VLAN Mapping Operation

l      One-to-one VLAN mapping (applicable only to the S3100-EI series)

l      Many-to-One VLAN mapping (applicable only to the S3100-EI series)

38-HWPing Operation

l      HWPing Server/HWPing client configuration

l      Nine test types, including ICMP test, DHCP test, FTP test, HTTP test, DNS test, SNMP test, jitter test, TCP test, and UDP test

39-IPv6 Management Operation

l      Supporting IPv6 address

l      Supporting static IPv6 route

l      Supporting ND snooping (applicable only to the S3100-EI series)

l      Supporting ND detection (applicable only to the S3100-EI series)

l      Supporting DHCPv6 snooping (applicable only to the S3100-EI series)

l      Supporting IPv6 filtering (applicable only to the S3100-EI series)

l      Supporting IPv6 DNS

l      IPv6-based ping, traceroute, TFTP, and Telnet

40-DNS Operation

l      Static domain name resolution

l      Dynamic domain name resolution

41-Smart Link-Monitor Link Operation

l      Smart Link (applicable only to the S3100-EI series)

l      Monitor Link (applicable only to the S3100-EI series)

42-ARP and IP Attack Defense Operation

l      Supporting ARP packet filtering based on gateway’s address (applicable only to the S3100-EI series)

l      Supporting configuring the maximum number of dynamic ARP entries a VLAN interface can learn (applicable only to the S3100-EI series)

l      Supporting ARP/IP attack defense based on 802.1x (applicable only to the S3100-EI series)

l      Supporting ARP source MAC address consistency check

43-LLDP Operation

l      Basic Link Layer Discovery Protocol (LLDP) configuration

l      CDP compatibility (applicable only to the S3100-EI series)

l      LLDP trapping

44-PKI Operation

l      PKI overview

l      PKI configuration

45-SSL Operation

l      Configuring an SSL server policy

l      Configuring an SSL client policy

46-HTTPS Operation

l      HTTPS overview

l      HTTPS configuration

47-Ethernet OAM Operation

(Applicable only to the S3100-EI series)

l      Configuring basic ethernet OAM functions

l      Configuring the Ethernet OAM connection detection timers

l      Configuring link monitoring

l      Enabling OAM remote loopback

48-CFD Operation

(Applicable only to the S3100-EI series)

l      Configuring basic CFD settings

l      Configuring CC on MEPs

l      Configuring LB on MEPs

l      Configuring LT on MEPs

 

Software Version

H3C S3100 Series Ethernet Switches Operation Manual-Release 22XX Series and H3C S3100 Series Ethernet Switches Command Manual-Release 22XX Series are for the software version Release 22XX Series of the S3100-SI series and S3100-EI series switches.

Compared with Release 21XX Series, some new features are added in Release 22XX Series. For more information, see Table -1.

Table -1 Added features

Software version

Added features compared with the earlier version Release 2108P04

Part

Release 2211P06

Configuring MAC address replication (applicable only to the S3100-EI series)

14-MAC Address Table Management Operation

Setting the offline detect timer for MAC authentication on the Ethernet port view

19-MAC Address Authentication Operation

Configuring a web authentication-free user on the Ethernet port view (applicable only to the S3100-EI series)

20-Web Authentication Operation

Configuring web authentication transition (applicable only to the S3100-EI series)

Configuring a proxy server port for web authentication (applicable only to the S3100-EI series)

Release 2211P02

Limit broadcast traffic in pps

09-Port Basic Configuration Operation

Multicast user control policy configuration (applicable only to the S3100-EI series)

16-Multicast Operation

Disables the EPON ONU from dropping unknown multicast packets (applicable only to the S3100-EI series)

Unicast trigger function of 802.1x (applicable only to the S3100-EI series)

17-802.1X-System Guard Operation

Triple authentication (applicable only to the S3100-EI series)

21-Triple Authentication Operation

Cluster synchronization function

27-Stack-Cluster Operation

Many-to-one VLAN mapping (applicable only to the S3100-EI series)

37-VLAN Mapping Operation

DHCPv6 snooping options 18 and 37 Functions (applicable only to the S3100-EI series)

39-IPv6 Management Operation

Ethernet OAM configuration (applicable only to the S3100-EI series)

47-Ethernet OAM Operation

CFD configuration (applicable only to the S3100-EI series)

48-CFD Operation

Release 2209

MAC-based VLAN configuration (applicable only to the S3100-EI series)

04-VLAN Operation

Configuring QoS priority settings for voice traffic on an interface (applicable only to the S3100-EI series)

07-Voice VLAN Operation

Configuring port auto-negotiation speed

09-Port Basic Configuration Operation

Configuring storm control on a port

Extended LACP functions

10-Link Aggregation Operation

Guest VLAN for a Port in macAddressOrUserLoginSecure mode function

12-Port Security-Port Binding Operation

Configuring an aging time for learned security MAC address entries

IPv6-supported port binding (applicable only to the S3100-EI series)

Suppressing flooding of unknown multicast traffic in a VLAN

16-Multicast Operation

MLD snooping (applicable only to the S3100-EI series)

IPv6 multicast VLAN (applicable only to the S3100-EI series)

Mandatory 802.1X authentication domain

17-802.1x-System Guard Operation

Per user type AAA

18-AAA Operation

Configuring the sending mode of accounting start requests

Multiple secondary RADIUS servers

IPv6-supported RADIUS authentication

Web authentication

20-Web Authentication Operation

DHCP Server (applicable only to the S3100-EI series)

23-DHCP Operation

Removing DHCP snooping entries

Automatic Configuration

IPv6 ACL (applicable only to the S3100-EI series)

24-ACL Operation

VLAN marking

25-QoS-QoS Profile Operation

IPv6-supported SNMP

29-SNMP-RMON Operation

Configuring command alias

35-System Maintenance and Debugging Operation

Enabling auto power down on the 1000 Mbps uplink port

Scheduled task configuration

New HWPing commands, including: adv-factor, datafill, description, display hwping statistics, filesize, history keep-time, history-record enable, hwping-agent clear, hwping-agent max-requests, sendpacket passroute, statistics, statistics keep-time, test-time begin, and ttl.

38-HWPing Operation

ND snooping function (applicable only to the S3100-EI series)

39-IPv6 Management Operation

ND detection function (applicable only to the S3100-EI series)

DHCPv6 snooping function (applicable only to the S3100-EI series)

IPv6 filtering function (applicable only to the S3100-EI series)

ARP packet filtering based on gateway’s address (applicable only to the S3100-EI series)

42-ARP and IP Attack Defense Operation

Configuring the maximum number of dynamic ARP entries a VLAN interface can learn (applicable only to the S3100-EI series)

ARP/IP attack defense based on 802.1x (applicable only to the S3100-EI series)

LLDP

43-LLDP Operation

PKI

44-PKI Operation

SSL

45-SSL Operation

HTTPS

46-HTTPS Operation

 

Conventions

This section describes the conventions used in this documentation set.

Command conventions

Convention

Description

Boldface

Bold text represents commands and keywords that you enter literally as shown.

italic

Italic text represents arguments that you replace with actual values.

[ ]

Square brackets enclose syntax choices (keywords or arguments) that are optional.

{ x | y | ... }

Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.

[ x | y | ... ]

Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none.

{ x | y | ... } *

Asterisk marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one.

[ x | y | ... ] *

Asterisk marked square brackets enclose optional syntax choices separated by vertical bars, from which you may select multiple choices or none.

&<1-n>

The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times.

#

A line that starts with a pound (#) sign is comments.

 

GUI conventions

Convention

Description

Boldface

Window names, button names, field names, and menu items are in Boldface. For example, the New User window appears; click OK.

Multi-level menus are separated by angle brackets. For example, File > Create > Folder.

 

Symbols

Convention

Description

Means reader be extremely careful. Improper operation may cause bodily injury.

Means reader be careful. Improper operation may cause data loss or damage to equipment.

Means an action or information that needs special attention to ensure successful configuration or good performance.

Means a complementary description.

Means techniques helpful for you to make configuration with ease.

 

About the H3C S3100 Documentation Set

The H3C S3100 documentation set includes:

Category

Documents

Purposes

Product description and specifications

l      S3100-EI series switches marketing brochure

l      S3100-SI series switches marketing brochure

Describe product specifications and benefits.

H3C Low End Series Ethernet Switches Pluggable Modules Manual

Describes the types, appearance, and specifications of pluggable modules.

RPS user manuals

Describe the RPS power supply appearance, functions, and specifications.

RPS Ordering Information for H3C Low-End Ethernet Switches

Describe the switch models that can use RPS power supply modules and the RPS power cable specifications.

Hardware specifications and installation

Compliance and Safety Manual

Provides regulatory information and the safety instructions that must be followed during installation.

Installation guide

Provides a complete guide to hardware installation and hardware specifications.

H3C Pluggable SFP[SFP+][XFP] Transceiver Modules Installation Guide

Guides you through installing SFP/SFP+/XFP transceiver modules.

Software configuration

Operation manuals

Describe software features and configuration procedures.

Command references

Provide a quick reference to all available commands.

H3C Low-End Ethernet Switches Configuration Example

H3C Low-End Ethernet Switches Configuration Guide

Describe typical network scenarios and provide configuration examples and instructions.

Operations and maintenance

H3C Series Ethernet Switches Login Password Recovery Manual

Describes the method of recovering or changing the login password if the password is lost.

Release notes

Describe product version information (including hardware and software compatibility matrix, software compatibility, feature updates, and technical information) and software upgrade methods.

 

Obtaining Documentation

You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com.

Click the links on the top navigation bar to obtain different categories of product documentation:

[Technical Support & Documents > Technical Documents] – Provides hardware installation, software feature configuration and maintenance documentation.

[Products & Solutions] – Provides information about products and technologies.

[Technical Support & Documents > Software Download] – Provides the documentation released with the software version.

Documentation Feedback

You can e-mail your comments about product documentation to info@h3c.com.

We appreciate your comments.