H3C S3100-52P Ethernet Switch Operation Manual-Release 1500(V1.02)

HomeSupportResource CenterSwitchesH3C S3100 Switch SeriesH3C S3100 Switch SeriesTechnical DocumentsConfigure & DeployConfiguration GuidesH3C S3100-52P Ethernet Switch Operation Manual-Release 1500(V1.02)
28-FTP and TFTP Operatio
Title Size Download
28-FTP and TFTP Operatio 167.03 KB

Chapter 1  FTP and TFTP Configuration

1.1  FTP Configuration

1.1.1  Introduction to FTP

FTP (file transfer protocol) is commonly used in IP-based networks to transmit files. Before World Wide Web comes into being, files are transferred through command lines, and the most popular application is FTP. At present, although E-mail and Web are the usual methods for file transmission, FTP still has its strongholds.

As an application layer protocol, FTP is used for file transfer between remote server and local host. FTP uses TCP ports 20 and 21 for data transfer and control command transfer respectively. Basic FTP operations are described in RFC 959.

FTP-based file transmission is performed in the following two modes:

l           Binary mode for program file transfer.

l           ASCII mode for text file transfer.

An Ethernet switch can act as an FTP client or the FTP server in FTP-employed data transmission:

l           FTP server

An Ethernet switch can operate as an FTP server to provide file transmission services for FTP clients. You can log into a switch operating as an FTP server by running an FTP client program on your PC to access files on the FTP server. Before you log into the FTP server, the administrator must configure an IP address for it.

Table 1-1 describes the configurations needed when a switch operates as an FTP server.

Table 1-1 Configurations needed when a switch operates as an FTP server

Device

Configuration

Default

Description

Switch

Enable the FTP server function

The FTP server function is disabled by default

You can run the display ftp-server command to view the FTP server configuration on the switch.

Configure the authentication information on the FTP server

Configure user names and passwords.

Configure the connection idle time

The default idle time is 30 minutes.

PC

Log into the switch through an FTP client application.

 

  Caution:

The FTP-related functions require that the route between a FTP client and the FTP server is reachable.

 

l           FTP client

A switch can operate as an FTP client, through which you can access files on FTP servers. In this case, you need to establish a connection between your PC and the switch through a terminal emulation program or Telnet and then execute the ftp X.X.X.X command on your PC. (X.X.X.X is the IP address of an FTP server.)

Table 1-2 describes the configurations needed when a switch operates as an FTP client.

Table 1-2 Configurations needed when a switch operates as an FTP client

Device

Configuration

Default

Description

Switch

Run the ftp command to log into a remote FTP server directly

To log into a remote FTP server and operates files and directories on it, you need to obtain a user name and password first.

FTP server

Enable the FTP server and configure the corresponding information including user names, passwords, and user authorities

 

1.1.2  FTP Configuration: A Switch Operating as an FTP Server

I. Prerequisites

A switch operates as an FTP server. A remote PC operates as an FTP client. The network operates properly, as shown in Figure 1-1.

Figure 1-1 Network diagram for FTP configurations

The following configurations are performed on the FTP server:

l           Creating local users

l           Setting local user passwords

l           Setting the password display mode for the local users

l           Configuring service types for the local users

For commands used in these configurations, refer to the “AAA-RADIUS-HWTACACS” module of this manual for: local-user, local-user password-display-mode, password, and service-type.

II. Configuration procedure

Table 1-3 Configure an FTP server

Operation

Command

Description

Enter system view

system-view

Enable the FTP server function

ftp server enable

Required

By default, the FTP server function is disabled.

Set the connection idle time

ftp timeout minutes

Optional

The default connection idle time is 30 minutes.

 

&  Note:

l      Only one user can access an S3100-52P Ethernet switch at a given time when the latter operates as an FTP server. FTP services are implemented in this way: An FTP client sends FTP requests to the FTP server. The FTP server receives the requests, perform operations accordingly, and return the results to the FTP client.

l      To prevent unauthorized accesses, an FTP server disconnects a FTP connection when it does not receive requests from the FTP client for a specific period of time known as the connection idle time.

l      Operating as an FTP server, an S3100-52P Ethernet switch cannot receive a file whose size exceeds its storage space. The clients that attempt to upload such a file will be disconnected with the FTP server due to lack of storage space on the FTP server.

 

To use FTP services, a user must provide a user name and a password for being authenticated by the FTP server.

III. Specifying the source interface and source IP address for an FTP server

You can specify the source interface and source IP address for an FTP server to enhance server security. After this configuration, FTP clients can access this server only through the IP address of the specified interface or the specified IP address.

 

&  Note:

Source interface refers to the existing VLAN interface or Loopback interface on the device. Source IP address refers to the IP address configured for the interface on the device. Each source interface corresponds to a source IP address. Therefore, specifying a source interface for the FTP server is the same as specifying the IP address of this interface as the source IP address.

 

Table 1-4 Specify the source interface and source IP address for an FTP server

Operation

Command

Description

Enter system view

system-view

Specify the source interface for an FTP server

ftp-server source-interface interface-type interface-number

Optional

Specifying the source IP address for an FTP server

ftp-server source-ip ip-address

Optional

 

&  Note:

l      The specified interface must be an existing one. Otherwise a prompt appears to show the configuration fails.

l      The value of argument ip-address must be an IP address on the device where the configuration is performed. Otherwise a prompt appears to show the configuration fails.

l      You may specify only one source interface or source IP address for the FTP at one time. That is, only one of the commands ftp-server source-interface and ftp-server source-ip can be valid at one time. If you execute both of them, the new setting will overwrite the original one.

 

IV. Disconnecting a specified user

On the FTP server, you can disconnect a specified user from the FTP server to secure the network.

Table 1-5 Disconnect a specified user

Operation

Command

Description

Enter system view

system-view

On the FTP server, disconnect a specified user from the FTP server

ftp disconnect user-name

Required

 

&  Note:

If you attempt to disconnect a user that is uploading/downloading data to/from the FTP server that is acted by an S3100-52P Ethernet switch, the S3100-52P Ethernet switch will disconnect the user after the data transmission is completed.

 

V. Displaying FTP server information

After the above configurations, you can run the display command in any view to display the running information of the FTP server and verify your configurations.

Table 1-6 Display FTP server information

Operation

Command

Description

Display the information about FTP server configurations on a switch

display ftp-server

These commands can be executed in any view.

Display the source IP address set for an FTP server

display ftp-server source-ip

Display the login FTP client on an FTP server

display ftp-user

 

1.1.3  Configuration Example: A Switch Operating as an FTP Server

I. Network requirements

A switch operates as an FTP server and a remote PC as an FTP client.

l           Create a user account on the FTP server with the user name “switch” and password “hello”.

l           Configure the IP address 1.1.1.1/16 for a VLAN interface on the switch, and 2.2.2.2/16 for the PC. Ensure the route between the two is reachable.

The switch application named switch.bin is stored on the PC. Upload it to the FTP server through FTP to upgrade the application of the switch, and download the switch configuration file named config.cfg from the switch to backup the configuration file.

II. Network diagram

Figure 1-2 Network diagram for FTP configurations

III. Configuration procedure

1)         Configure the switch

# Log into the switch. (You can log into a switch through the Console port or by Telneting to the switch. See the “Login” module for detailed information.)

<H3C>

# Start the FTP service on the switch and set the user name and the corresponding password.

<H3C> system-view

[H3C] ftp server enable

[H3C] local-user switch

[H3C-luser-switch] password simple hello

[H3C-luser-switch] service-type ftp

2)         Run an FTP client application on the PC to connect to the FTP server. Upload the application named switch.bin to the root directory of the Flash memory of the FTP server, and download the configuration file named config.cfg from the FTP server. The following takes the command line window tool provided by Windows as an example:

# Enter the command line window and switch to the directory where the file switch.bin is located. In this example it is in the root directory of C:\.

C:\>

# Access the Ethernet switch through FTP. Input the user name “switch” and password “hello” to log in and enter FTP view.

C:\> ftp 1.1.1.1

Connected to 1.1.1.1.

220 FTP service ready.

User (1.1.1.1:(none)): switch

331 Password required for switch.

Password:

230 User logged in.

ftp>

# Upload the switch.bin file.

ftp> put switch.bin

200 Port command okay.

150 Opening ASCII mode data connection for switch.bin.

226 Transfer complete.

# Download the config.cfg file.

ftp> get config.cfg

200 Port command okay.

150 Opening ASCII mode data connection for config.cfg.

226 Transfer complete.

ftp: 3980 bytes received in 8.277 seconds 0.48Kbytes/sec.

This example uses the command line window tool provided by Windows. When you log into the FTP server through another FTP client, refer to the corresponding instructions for operation description.

 

  Caution:

l      If available space on the Flash memory of the switch is not enough to hold the file to be uploaded, you need to delete files from the Flash memory to make room for the file.

l      H3C series switch is not shipped with FTP client applications. You need to purchase and install it by yourself.

 

3)         After uploading the application, you can update the application on the switch.

# Use the boot boot-loader command to specify the uploaded file (switch.bin) to be the startup file used when the switch starts the next time, and restart the switch. Thus the switch application is upgraded.

<H3C> boot boot-loader switch.bin

<H3C> reboot

 

&  Note:

For information about the boot boot-loader command and how to specify the startup file for a switch, refer to the “System Maintenance and Debugging” module of this manual.

 

1.1.4  FTP Configuration: A Switch Operating as an FTP Client

I. Basic configurations on an FTP client

The function for a switch to operate as an FTP client is implemented by an application module built in the switch. Thus a switch can operate as an FTP client without any configuration. You can perform FTP-related operations (such as creating/removing a directory) by executing FTP client commands on a switch operating as an FTP client connecting with the remote FTP server. Table 1-7 lists the operations that can be performed on an FTP client.

Table 1-7 Basic configurations on an FTP client

Operation

Command

Description

Enter FTP Client view

ftp [ cluster | remote-server [ port-number ] ]

Specify to transfer files in ASCII characters

ascii

Optional

By default, files are transferred in ASCII characters.

Specify to transfer files in binary streams

binary

Optional

Set the data transfer mode to passive

passive

Optional

By default, the passive mode is adopted.

Change the work directory on the remote FTP server

cd pathname

Optional

Change the work directory to be the parent directory

cdup

Optional

Get the local work path on the FTP client

lcd

Optional

Display the work directory on the FTP server

pwd

Optional

Create a directory on the remote FTP server

mkdir pathname

Optional

Remove a directory on the remote FTP server

rmdir pathname

Optional

Delete a specified file

delete remotefile

Optional

Query the specified files

dir [ filename ] [ localfile ]

Optional

Query a specified remote file

ls [ remotefile ] [ localfile ]

Optional

Download a remote file

get remotefile [ localfile ]

Optional

Upload a local file to the remote FTP server

put localfile [ remotefile ]

Optional

Rename a file on a remote host.

rename remote-source remote-dest

Optional

Switch to another FTP user

user username [ password ]

Optional

Connect to a remote FTP server

open { ip-address | server-name } [ port ]

Optional

Terminate the current FTP connection without exiting FTP client view

disconnect

Optional

Terminate the current FTP connection without exiting FTP client view

close

Optional

Terminate the current FTP connection and quit to user view

quit

Optional

Terminate the current FTP connection and quit to user view

bye

Optional

Display the on-line help on a specified command concerning FTP

remotehelp [ protocol-command ]

Optional

Enable verbose function

verbose

Optional

The verbose function is enabled by default.

 

II. Specifying the source interface and source IP address for an FTP client

You can specify the source interface and source IP address for a switch acting as an FTP client, so that it can connect to a remote FTP server.

Table 1-8 Specify the source interface and source IP address for an FTP client

Operation

Command

Description

Specify the source interface only used for the current connection

ftp { cluster | remote-server } source-interface interface-type interface-number

Optional

Specify the source IP address only used for the current connection

ftp { cluster | remote-server } source-ip ip-address

Optional

Enter system view

system-view

Specify an interface as the fixed source interface to be used in each connection

ftp source-interface interface-type interface-number

Optional

Specify an IP address as the fixed source IP address to be used in each connection

ftp source-ip ip-address

Optional

Display the fixed source IP address used by a FTP client to connect to a FTP server

display ftp source-ip

This command can be executed in any view.

 

&  Note:

l      The specified interface must be an existing one. Otherwise a prompt appears to show the configuration fails.

l      The value of argument ip-address must be the IP address of the device where the configuration is performed. Otherwise a prompt appears to show the configuration fails.

l      The source interface/source IP address set for one connection is prior to the fixed source interface/source IP address set for each connection. That is, for a connection between an FTP client and an FTP server, if you specify the source interface/source IP address only used for the connection this time, and the specified source interface/source IP address is different from the fixed one, the former will be used for the connection this time.

l      Only one fixed source interface or source IP address can be set for the FTP client at one time. That is, only one of the commands ftp source-interface and ftp source-ip can be effective at one time. If you execute both of them, the new setting will overwrite the original one.

 

1.1.5  Configuration Example: A Switch Operating as an FTP Client

I. Network requirements

A switch operates as an FTP client and a remote PC as an FTP server.

l           Create a user account on the FTP server with the user name “switch” and password “hello”, and authorize the user “switch” with read and write permissions on the directory named “Switch” on the PC.

l           Configure the IP address 1.1.1.1/16 for a VLAN interface on the switch, and 2.2.2.2/16 for the PC. Ensure the route between the two is reachable.

The switch application named switch.bin is stored on the PC. Download it to the switch through FTP to upgrade the switch application, and upload the switch configuration file named config.cfg to the “switch” directory of the PC to backup the configuration file.

II. Network diagram

Figure 1-3 Network diagram for FTP configurations

III. Configuration procedure

1)         Perform FTP server–related configurations on the PC, that is, create a user account on the FTP server with user name “switch” and password “hello”. (For detailed configuration, refer to the configuration instruction relevant to the FTP server software.)

2)         Configure the switch.

# Log into the switch. (You can log into a switch through the Console port or by Telneting to the switch. See the “Login” module for detailed information.)

<H3C>

 

  Caution:

If available space on the Flash memory of the switch is not enough to hold the file to be uploaded, you need to delete files from the Flash memory to make room for the file.

 

# Connect to the FTP server using the ftp command in user view. You need to provide the IP address of the FTP server, the user name and the password as well.

<H3C> ftp 2.2.2.2

Trying ...                                                              

Press CTRL+K to abort                                                   

Connected.                                                              

220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user   

User(none):switch                                                       

331 Give me your password, please                                       

Password:*****                                                           

230 Logged in successfully      

[ftp]

# Enter the authorized directory on the FTP server.

[ftp] cd switch

# Run the put command to upload the configuration file named config.cfg to the FTP server.

[ftp] put config.cfg

# Run the get command to download the file named switch.bin to the Flash memory of the switch.

[ftp] get switch.bin

# Run the quit command to terminate the FTP connection and quit to user view.

[ftp] quit

<H3C>

# Run the boot boot-loader command to specify the downloaded file (switch.bin) to be the startup file used when the switch starts the next time, and then restart the switch. Thus the switch application is upgraded.

<H3C> boot boot-loader switch.bin

<H3C> reboot

 

&  Note:

For information about the boot boot-loader command and how to specify the startup file for a switch, refer to the “System Maintenance and Debugging” module of this manual.

 

1.2  TFTP Configuration

1.2.1  Introduction to TFTP

Compared with FTP, TFTP (trivial file transfer protocol) features simple interactive access interface and no authentication control. Therefore TFTP is applicable in the networks where client-server interactions are relatively simple. TFTP is implemented based on UDP. It transfers data through UDP port 69. Basic TFTP operations are described in RFC1986.

TFTP transmission is initiated by clients, as described in the following:

l           To download a file, a client sends Read Request packets to the TFTP server, then receives data from the TFTP server, and sends acknowledgement packets to the TFTP server.

l           To upload a file, a client sends Write Request packets to the TFTP server, then sends data to the TFTP server, and receives acknowledgement packets from the TFTP server.

TFTP-based file transmission can be performed in the following modes:

l           Binary mode for program files transfer.

l           ASCII mode for text files transfer.

 

&  Note:

l      Before performing TFTP-related configurations, you need to configure IP addresses for the TFPT client and the TFTP server, and make sure the route between the two is reachable.

l      A switch can only operate as a TFTP client.

 

Figure 1-4 Network diagram for TFTP configuration

Table 1-9 describes the operations needed when a switch operates as a TFTP client.

Table 1-9 Configurations needed when a switch operates as a TFTP client

Device

Configuration

Default

Description

Switch

Configure an IP address for the VLAN interface of the switch and make sure the route between the IP address of the VLAN interface and that of the TFTP server is reachable.

TFTP applies to networks where client-server interactions are comparatively simple. It requires the routes between TFTP clients and TFTP servers are reachable.

You can log into a TFTP server directly to upload or download files through TFTP commands.

TFTP server

The TFTP server is started and the TFTP work directory is configured.

 

1.2.2  TFTP Configuration

I. Prerequisites

A switch operates as a TFTP client and a remote PC as the TFTP server. The network operates properly, as shown in Figure 1-4.

II. Basic TFTP configurations

Table 1-10 Basic TFTP configurations

Operation

Command

Description

Download a file through TFTP

tftp tftp-server get source-file [ dest-file ]

Optional

Upload a file through TFTP

tftp tftp-server put source-file [ dest-file ]

Optional

Enter system view

system-view

Set the TFTP file transmission mode

tftp { ascii | binary }

Optional

By default, the binary file transmission mode is adopted.

Specify the ACL adopted when a switch attempts to connect a TFTP server

tftp-server acl acl-number

Optional

 

III. Specifying the source interface and source IP address for a TFTP client

You can specify the source interface and source IP address for a switch operating as a TFTP client, so that it can connect with a remote TFTP server through the IP address of the specified interface or the specified IP address.

Table 1-11 Specify the source interface and source IP address for a TFTP client

Operation

Command

Description

Specify the source interface only used for the current connection

tftp tftp-server source-interface interface-type interface-number { get source-file [ dest-file ] | put source-file-url [ dest-file ] }

Optional

Specify the source IP address only used for the current connection

tftp tftp-server source-ip ip-address { get source-file [ dest-file ] | put source-file-url [ dest-file ] }

Optional

Enter system view

system-view

Specify an interface as the fixed source interface to be used in each connection

tftp source-interface interface-type interface-number

Optional

Specify an IP address as the fixed source IP address to be used in each connection

tftp source-ip ip-address

Optional

Display the fixed source IP address used by a TFTP client to connect to a TFTP server

display tftp source-ip

This command can be executed in any view.

 

&  Note:

l      The specified interface must be an existing one, and otherwise a prompt appears to show the configuration fails.

l      The value of argument ip-address must be an IP address on the device where the configuration is performed, and otherwise a prompt appears to show the configuration fails.

l      The source interface/source IP address set for one connection is prior to the fixed source interface/source IP address set for each connection. That is, for a connection between a TFTP client and a TFTP server, if you specify the source interface/source IP address only used for the connection this time, and the specified source interface/source IP address is different from the fixed one, the former will be used for the connection this time.

l      You may specify only one source interface or source IP address for the TFTP client at one time. That is, only one of the commands tftp source-interface and tftp source-ip can be effective at one time. If both commands are configured, the one configured later will overwrite the original one.

 

1.2.3  TFTP Configuration Example

I. Network requirements

A switch operates as a TFTP client and a PC as the TFTP server.

l           The TFTP work directory is configured on the TFTP server.

l           The IP address of a VLAN interface on the switch is 1.1.1.1/24. The port through which the switch connects with the PC belongs to the VLAN. The IP address of the PC is 1.1.1.2/24.

The application named switch.bin is stored on the PC. Download it (switch.bin) to the switch through TFTP, and upload the configuration file named config.cfg to the work directory on the PC to backup the configuration file.

II. Network diagram

Figure 1-5 Network diagram for TFTP configurations

III. Configuration procedure

1)         Start the TFTP server and configure the work directory on the PC.

2)         Configure the switch.

# Log into the switch. (You can log into a switch through the Console port or by Telneting to the switch. See the “Login” module for detailed information.)

<H3C>

 

  Caution:

If available space on the Flash memory of the switch is not enough to hold the file to be uploaded, you need to delete files from the Flash memory to make room for the file.

 

# Enter system view

<H3C> system-view

[H3C]

# Configure the IP address of a VLAN interface on the switch to be 1.1.1.1/24, and ensure that the port through which the switch connects with the PC belongs to this VLAN. (This example assumes that the port belongs to VLAN 1.)

[H3C] interface Vlan-interface 1

[H3C-vlan-interface1] ip address 1.1.1.1 255.255.255.0

[H3C-vlan-interface1] quit

# Download the switch application named switch.bin from the TFTP server to the switch.

<H3C> tftp 1.1.1.2 get switch.bin switch.bin

# Upload the switch configuration file named config.cfg to the TFTP server.

<H3C> tftp 1.1.1.2 put config.cfg config.cfg

# Use the boot boot-loader command to specify the downloaded file (switch.bin) to be the startup file used when the switch starts the next time, and restart the switch. Thus the switch application is upgraded.

<H3C> boot boot-loader switch.bin

<H3C> reboot

 

&  Note:

For information about the boot boot-loader command and how to specify the startup file for a switch, refer to the “System Maintenance and Debugging” module of this manual.