- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-RBM-based hot backup commands | 148.75 KB |
Contents
configuration auto-sync enable
configuration manual-sync-check
display remote-backup-group status
display remote-backup-group sync-check
RBM-based hot backup commands
The following matrixes show the compatibility of hardware and hot backup:
F1000 series |
Models |
Hot backup compatibility |
F1000-X-G5 series |
F1000-A-G5, F1000-C-G5, F1000-C-G5-LI, F1000-E-G5, F1000-H-G5, F1000-S-G5 |
Yes |
F1000-X-G3 series |
F1000-A-G3, F1000-C-G3, F1000-E-G3, F1000-S-G3 |
Yes |
F1000-X-G2 series |
F1000-A-G2, F1000-C-G2, F1000-E-G2, F1000-S-G2 |
Yes |
F1000-9X0-AI series |
F1000-9390-AI, F1000-9385-AI, F1000-9380-AI, F1000-9370-AI, F1000-9360-AI, F1000-9350-AI, F1000-9330-AI, F1000-9320-AI, F1000-990-AI, F1000-980-AI, F1000-970-AI, F1000-960-AI, F1000-950-AI, F1000-930-AI, F1000-920-AI , F1000-910-AI, F1000-905-AI |
Yes |
F1000-C83X0 series |
F1000-C8395, F1000-C8390, F1000-C8385, F1000-C8380, F1000-C8370, F1000-C8360, F1000-C8350, F1000-C8330 |
Yes |
F1000-C81X0 series |
F1000-C8180, F1000-C8170, F1000-C8160, F1000-C8150, F1000-C8130, F1000-C8120, F1000-C8110 |
Yes |
F1000-7X0-HI series |
F1000-770-HI, F1000-750-HI, F1000-740-HI, F1000-730-HI, F1000-720-HI, F1000-710-HI |
Yes |
F1000-C-X series |
F1000-C-EI, F1000-C-HI, F1000-C-XI, F1000-E-XI |
Yes |
F1000-V series |
F1000-E-VG, F1000-S-VG |
Yes |
SecBlade IV |
LSPM6FWD8, LSQM2FWDSC8 |
Yes |
F100 series |
Models |
Hot backup compatibility |
F100-X-G5 series |
F100-A-G5, F100-C-G5, F100-E-G5, F100-M-G5, F100-S-G5 |
Yes |
F100-X-G3 series |
F100-A-G3, F100-C-G3, F100-E-G3, F100-M-G3, F100-S-G3 |
Yes |
F100-X-G2 series |
F100-A-G2, F100-C-G2, F100-E-G2, F100-M-G2, F100-S-G2 |
Yes |
F100-WiNet series |
F100-A80-WiNet, F100-C80-WiNet, F100-C60-WiNet, F100-S80-WiNet, F100-A81-WiNet, F100-A91-WiNet, F100-C50-WiNet |
Yes |
F100-C-A series |
F100-C-A6, F100-C-A5, F100-C-A3, F100-C-A2, F100-C-A1 |
Yes |
F100-C-A6-WL, F100-C-A5-W, F100-C-A3-W |
No |
|
F100-X-XI series |
F100-A-EI, F100-A-HI, F100-A-SI, F100-C-EI, F100-C-HI, F100-C-XI, F100-E-EI, F100-S-HI, F100-S-XI |
Yes |
adjust-cost enable
Use adjust-cost enable to enable hot backup to adjust the link cost for the specified routing protocol on the standby device.
Use undo adjust-cost enable to disable hot backup from adjusting the link cost for the specified routing protocol on the standby device.
Syntax
adjust-cost { bgp | isis | ospf | ospfv3 } enable { absolute [ absolute-cost ] | increment [ increment-cost ] }
undo adjust-cost { bgp | isis | ospf | ospfv3 } enable
Default
The hot backup system does not adjust the link cost for the specified routing protocol on the standby device.
Views
RBM view
Predefined user roles
network-admin
Parameters
bgp: Specifies the BGP protocol.
isis: Specifies the IS-IS protocol.
ospf: Specifies the OSPF protocol.
ospfv3: Specifies the OSPFv3 protocol.
absolute [ absolute-cost ]: Specifies an absolute cost in the range of 1 to 65535. The default value is 65500. If you specify this option, the standby device will advertise an absolute link cost for the specified routing protocol.
increment [ increment-cost ]: Specifies an increment cost in the range of 1 to 65535. The default value is 100. If you specify this option, the standby device will advertise the original link cost plus this increment cost for the specified routing protocol.
Usage guidelines
In a hot backup system, the routing protocols on hot backup member devices advertise link cost according to their respective operation mechanisms. This command allows you to enable the routing protocols to advertise link cost modified as configured. The active device still uses the original link cost advertisement method.
To ensure switchover of both uplink and downlink traffic to the new active device, configure this command with the same parameters on both hot backup member devices.
In dual-active mode, both devices advertise link cost according to the operation mechanisms of the running routing protocols. When one device is faulty and becomes the standby device, it will advertise link cost modified as configured.
To enable the feature for multiple routing protocols, execute this command multiple times by specifying the protocols.
If you execute the command multiple times for a specific routing protocol, the most recent configuration takes effect.
Examples
# Enable hot backup to adjust OSPF link cost on the standby device by specifying an absolute value of 6000.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] adjust-cost ospf enable absolute 6000
backup-mode
Use backup-mode to configure the hot backup mode.
Use undo backup-mode to restore the default.
Syntax
backup-mode dual-active
undo backup-mode
Default
The hot backup mode is active/standby.
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
The hot backup system supports active/standby mode and dual-active mode. In active/standby mode, only the active device processes services. In dual-active mode, both devices process services.
Changing the dual-active mode to active/standby mode might affect services. Make sure you understand the potential impact before performing the operation.
Examples
# Configure the dual-active mode.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] backup-mode dual-active
configuration auto-sync enable
Use configuration auto-sync enable to enable automatic configuration synchronization.
Use undo configuration auto-sync enable to disable automatic configuration synchronization.
Syntax
configuration auto-sync enable
undo configuration auto-sync enable
Default
Automatic configuration synchronization is enabled.
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
The automatic configuration synchronization feature synchronizes existing configuration on the primary device in bulk to the secondary device. Consequent synchronization for added, deleted, or modified configuration will be performed in real time.
If the amount of configuration to be synchronized is large, bulk synchronization might take one to two hours.
Examples
# Enable automatic configuration synchronization.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] configuration auto-sync enable
configuration manual-sync
Use configuration manual-sync to manually synchronize the configuration of the primary device to the secondary device.
Syntax
configuration manual-sync
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
This command takes effect only on the primary device.
This command does not take effect when bulk configuration backup is in progress. To view the backup progress, execute the display remote-backup-group status command.
Examples
# Manually synchronize the configuration of the primary device to the secondary device.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] configuration manual-sync
Related commands
display remote-backup-group status
configuration manual-sync-check
Use configuration manual-syn-check to perform a one-off configuration consistency check.
Syntax
configuration manual-sync-check
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
This command allows you to perform a one-off configuration consistency check as needed. If the system detects configuration inconsistency, it generates a log for you to manually synchronize configuration. To view the check result, execute the display remote-backup-group sync-check command.
Examples
# Perform a one-off configuration consistency check.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] configuration manual-sync-check
Related commands
configuration manual-sync
display remote-backup-group sync-check
configuration sync-check
Use configuration sync-check to enable configuration consistency check.
Use undo configuration sync-check to disable configuration consistency check.
Syntax
configuration sync-check [ interval interval ]
undo configuration sync-check
Default
Configuration consistency check is enabled.
Views
RBM view
Predefined user roles
network-admin
Parameters
interval interval: Specifies the configuration consistency check interval, in the range of 1 to 168 hours. The default value is 24.
Usage guidelines
The hot backup system verifies configuration consistency between the primary and secondary devices to avoid service interruption upon active/standby switchover. If a device detects configuration inconsistency, it generates a log for you to manually synchronize configuration.
Examples
# Enable configuration consistency check and set the check interval to 120 hours.
<Sysname>system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] configuration sync-check interval 120
Related commands
configuration manual-sync
configuration manual-sync-check
data-channel
Use data-channel to configure a data channel.
Use undo data-channel to restore the default.
Syntax
data-channel interface interface-type interface-number
undo data-channel
Default
No data channel is configured.
Views
RBM view
Predefined user roles
network-admin
Parameters
interface interface-type interface-number: Specifies an interface by its type and number to set up a data channel between the primary and secondary devices.
Usage guidelines
The primary and secondary devices use the interface specified in the command to set up a data channel. The data channel transmits only backup packets and the packets that require transparent transmission.
The data channel is a Layer 2 channel that can transverse only Layer 2 switches.
Examples
# Set up a data channel using interface GigabitEthernet 1/0/1.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] data-channel interface gigabitethernet 1/0/1
delay-time
Use delay-time to enable traffic switchover upon failure recovery.
Use undo delay-time to disable traffic switchover upon failure recovery.
Syntax
delay-time delay-time
undo delay-time
Default
Traffic switchover upon failure recovery is disabled.
Views
RBM view
Predefined user roles
network-admin
Parameters
delay-time: Specifies the switchover delay time in the range of 1 to 1440 minutes.
Usage guidelines
After an active/standby switchover in a hot backup system, if the original active device recovers, traffic will not be switched back by default. Perform this task to enable traffic switchover to the original active device upon failure recovery. You can set a delay timer to ensure smooth service switchover.
In dual-active mode, you must configure this command to ensure that both devices can operate after the failure is recovered.
Examples
# Enable traffic switchover upon failure recovery and set the switchover delay time to two minutes.
<Sysname>system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] delay-time 2
device-role
Use device-role to configure the hot backup role.
Use undo device-role to restore the default.
Syntax
device-role { primary | secondary }
undo device-role
Default
The hot backup role is not configured.
Views
RBM view
Predefined user roles
network-admin
Parameters
primary: Assigns the primary role to the device.
secondary: Assigns the secondary role to the device.
Usage guidelines
The hot backup system backs up important configuration from the primary device to the secondary device to prevent service interruption when an active/standby switchover occurs. The configuration on the secondary device is overwritten. The unidirectional backup mechanism avoids configuration conflicts, especially in dual-active mode, and ensures configuration consistency on the primary and secondary devices.
Each hot backup member device adds a prefix to the view prompt to identify its hot backup role.
· The primary device adds the RBM_P prefix, RBM_P<Sysname> for example.
· The secondary device adds the RBM_S prefix, RBM_S<Sysname> for example.
After you assign hot backup roles to hot backup member devices, both devices add the RBM_P prefix to their view prompts. The devices display view prompt prefixes according to their hot backup roles after they set up the control channel.
The hot backup system must contain one primary device and one secondary device.
As a best practice, configure service features on the primary device.
Examples
# Assign the primary role to the device.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] device-role primary
RBM_P[Sysname-remote-backup-group]
display remote-backup-group status
Use display remote-backup-group status to display hot backup status information.
Syntax
display remote-backup-group status
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Examples
# Display hot backup status information on the default context.
<Sysname> display remote-backup-group status
Remote backup group information:
Backup mode: Dual-active
Device management role: Primary
Device running status: Active
Data channel interface: GigabitEthernet1/0/1
Local IP: 1.1.1.1
Remote IP: 1.1.1.2 Destination port: 1028
Control channel status: Connected
Keepalive interval: 1s
Keepalive count: 10
Configuration consistency check interval: 24 hour
Configuration consistency check result: Consistent
Configuration backup status: Batch backup (Do not operate
the device at will, such as board insertion and removal.)
Session backup status: Hot backup enabled
Delay-time: 1 min
Remaining switchover delay time: 3 minutes, 32 seconds
Uptime since last switchover: 0 days, 0 hours, 11 minutes
Switchover records:
Time Status change Cause
2021-06-22 13:33:33 Initial to Standby Local device rebooted
2021-06-22 14:34:34 Initial to Active Peer device rebooted
# Display hot backup status information on non-default contexts.
<Sysname> display remote-backup-group status
Remote backup group information:
Backup mode: Dual-active
Device management role: Primary
Device running status: Active
Control channel status: Connected
Configure channel status: Disconnected
Table 1 Command output
Field |
Description |
Backup mode |
Hot backup mode: · Dual-active. · Active/standby. |
Device management role |
Hot backup role of the device: · Primary. · Secondary. |
Device running status |
Running status of the device. · Active. · Standby. · Initial—The local IP address, peer IP address, or hot backup role is not configured. |
Data channel interface |
Interface used to set up the data channel. |
Local IP |
Local IP address used by control channel packets. This field is not displayed if the parameter is not configured. |
Remote IP |
Peer IP address used by control channel packets. This field is not displayed if the parameter is not configured. |
Local IPv6 |
Local IPv6 address used by control channel packets. This field is not displayed if the parameter is not configured. |
Remote IPv6 |
Peer IPv6 address used by control channel packets. This field is not displayed if the parameter is not configured. |
Destination port |
Peer port number used by control channel packets. |
Control channel status |
Control channel status: · Connected. · Disconnected. |
Configure channel status: Disconnected |
Status of the configuration information channel for non-default contexts: · Connected. · Disconnected. This filed is displayed only for non-default contexts. If the configuration information channel is disconnected, the device cannot synchronize configuration of non-default contexts. |
Keepalive interval |
Interval for sending keepalive packets. |
Keepalive count |
Maximum number of keepalive attempts. |
Configuration consistency check interval |
Configuration consistency check interval in hours. This field is displayed only when configuration consistency check is enabled. |
Configuration consistency check result |
Result of the configuration consistency check: · Consistent. · Inconsistent. · Checking. · Not Performed. |
Configuration backup status |
Status of configuration backup: · Batch backup in progress (Do not operate the device at will, such as board insertion and removal.). · Auto sync enabled. · Auto sync disabled. |
Session backup status |
Status of session entry backup: · Batch backup in progress. · Hot backup enabled. · Hot backup disabled. |
Delay-time |
Delay time for traffic switchover back to the original active device in minutes. If the delay time is not configured, this switchover feature is disabled for the hot backup system. |
Remaining switchover delay time |
Remaining delay time for traffic switchover back to the original active device in minutes. This field is not displayed if traffic switchover is disabled. |
display remote-backup-group sync-check
Use display remote-backup-group sync-check to display the configuration consistency check result for hot backup.
Syntax
display remote-backup-group sync-check
Views
Any view
Predefined user roles
network-admin
network-operator
Usage guidelines
Use this command when the primary and secondary devices have inconsistent configuration. You can view the inconsistent configuration only after the configuration consistency check is finished.
The command displays detailed inconsistency information for only the service features supported by hot backup. For a feature not supported by hot backup, the command displays only the interface where configuration inconsistency exists.
Examples
# Display the configuration consistency check result for hot backup. (The configuration consistency check has not been performed.)
<Sysname> display remote-backup-group sync-check
No configuration consistency checks have been performed.
# Display the configuration consistency check result for hot backup. (No inconsistent configuration exists.)
<Sysname> display remote-backup-group sync-check
No inconsistent configuration exists.
# Display the configuration consistency check result for hot backup. (Inconsistent configuration exists.)
<Sysname> display remote-backup-group sync-check
Inconsistent configuration exists.
Configuration on secondary device:
#
security-policy ip
rule 0 name abc
source-zone trust
destination-zone untrust
#
Configuration on primary device:
#
security-policy ip
rule 0 name abc
source-zone dmz
destination-zone trust
#
Context 2
Configuration on secondary device:
#
security-policy ip
rule 0 name 10
#
Configuration on primary device:
#
security-policy ip
#
Context 3
Configuration on secondary device:
#
object-group ipv6 address d
#
security-policy ipv6
rule 0 name d
source-ip d
#
Configuration on primary device:
#
security-policy ipv6
rule 0 name d
#
Related commands
configuration sync-check
configuration manual-syn-check
hot-backup enable
Use hot-backup enable to enable service entry hot backup.
Use undo hot-backup enable to disable service entry hot backup.
Syntax
hot-backup enable
undo hot-backup enable
Default
Service entry hot backup is enabled.
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
This command enables the active device in the hot backup system to back up service entries to the standby device in real time. This prevents service interruption when an active/standby switchover occurs.
Examples
# Enable service entry hot backup.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] hot-backup enable
hot-backup protocol enable
Use hot-backup protocol enable to enable hot backup for the session entries of application layer protocols.
Use undo hot-backup protocol enable to disable hot backup for the session entries of application layer protocols.
Syntax
hot-backup protocol { dns | http } * enable
undo hot-backup protocol { dns | http } * enable
Default
The hot backup system performs hot backup for the session entries of application layer protocols.
Views
RBM view
Predefined user roles
network-admin
Parameters
dns: Specifies DNS.
http: Specifies HTTP.
Usage guidelines
For this command to take effect, first execute the hot-backup enable command.
Enable HTTP and DNS backup if asymmetric-path traffic traverses the hot backup system. HTTP and DNS backup ensures that a flow and its return traffic are processed correctly on hot backup members.
If hot backup active/standby mode is used or only symmetric-path traffic traverses the hot backup system, disabling HTTP and DNS backup can improve performance of hot backup members at the expense of delayed data synchronization. When you disable HTTP and DNS backup, make sure you are fully aware of the impact on the network. A device removes a DNS or HTTP connection if packet exchange is inactive. When a switchover interrupts a connection, the DNS or HTTP client re-initiates the connection immediately, which has little impact on user services.
The hot backup system backs up the sessions created for other application protocols as long as service entry backup is enabled.
Examples
# Disable hot backup for the session entries of application layer protocols.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] undo hot-backup protocol dns enable
Related commands
hot-backup enable
keepalive count
Use keepalive count to set the maximum number of keepalive attempts.
Use undo keepalive count to restore the default.
Syntax
keepalive count counts
undo keepalive count
Default
The maximum number of keepalive attempts is 10.
Views
RBM view
Predefined user roles
network-admin
Parameters
times: Sets the maximum number of keepalive attempts, in the range of 1 to 255.
Usage guidelines
If the value for the maximum number of keepalive attempts is too small, network latency will cause incorrect switchovers. If this issue occurs, increase the value of this parameter.
The device periodically sends keepalive packets to the peer over the control channel. If the device has not received any responses from the peer when the maximum number of keepalive attempts is reached, the control channel is disconnected.
Examples
# Set the maximum number of keepalive attempts to 6.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] keepalive count 6
Related commands
keepalive interval
keepalive interval
Use keepalive interval to set the interval for sending keepalive packets.
Use undo keepalive interval to restore the default.
Syntax
keepalive interval interval
undo keepalive interval
Default
The device sends keepalive packets at one-second intervals.
Views
RBM view
Predefined user roles
network-admin
Parameters
interval: Sets the interval for sending keepalive packets in seconds, in the range of 1 to 60.
Usage guidelines
The device periodically sends keepalive packets to the peer over the control channel. If the device has not received any responses from the peer when the maximum number of keepalive attempts is reached, the control channel is disconnected.
Examples
# Set the interval for sending keepalive packets to 2 seconds.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] keepalive interval 2
Related commands
keepalive count
local-ip
Use local-ip to configure the local IPv4 address for setting up the control channel.
Use undo local-ip to restore the default.
Syntax
local-ip ipv4-address
undo local-ip
Default
The local IPv4 address is not configured for setting up the control channel.
Views
RBM view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the local IPv4 address for setting up the control channel. The IP address cannot be an all-zero, loopback, or multicast address.
Usage guidelines
The hot backup system compares the specified local and peer IP address to determine the device role for setting up the control channel. The device with higher IP address acts as the server to listen for TCP connection requests, and the other device acts as the client to initiate the TCP connection.
You can configure a local IPv4 address or a local IPv6 address, but not both.
Examples
# Configure the local IPv4 address as 1.1.1.2 for setting up the control channel.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] local-ip 1.1.1.2
Related commands
local-ipv6
remote-ip
local-ipv6
Use local-ipv6 to configure the local IPv6 address for setting up the control channel.
Use undo local-ipv6 to restore the default.
Syntax
local-ipv6 ipv6-address
undo local-ipv6
Default
The local IPv6 address is not configured for setting up the control channel.
Views
RBM view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the local IPv6 address for setting up the control channel. The IP address cannot be an all-zero address, loopback address, multicast address, or IPv6 address with an embedded IPv4 address.
Usage guidelines
The hot backup system compares the specified local and peer IPv6 address to determine the device role for setting up the control channel. The device with higher IPv6 address acts as the server to listen for TCP connection requests, and the other device acts as the client to initiate the TCP connection.
You can configure a local IPv4 address or a local IPv6 address, but not both.
Examples
# Configure the local IPv6 address as 2019::1 for setting up the control channel.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] local-ipv6 2019::1
Related commands
local-ip
remote-ipv6
remote-backup group
Use remote-backup group command to enter RBM view.
Use undo remote-backup group to remove all settings of hot backup.
Syntax
remote-backup group
undo remote-backup group
Views
System view
Predefined user roles
network-admin
Usage guidelines
The hot backup system provides backup for important configuration and service entries between devices. It collaborates with VRRP to implement hot backup that enables smooth master/backup switchover upon link failures for service continuity.
Examples
# Enter RBM view.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group]
remote-ip
Use remote-ip to configure the peer IPv4 address for setting up the control channel.
Use undo remote-ip to restore the default.
Syntax
remote-ip ipv4-address [ port port-number ]
undo remote-ip ipv4-address
Default
The peer IPv4 address is not configured for setting up the control channel.
Views
RBM view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the peer IPv4 address for setting up the control channel. The IP address cannot be an all-zero, loopback, or multicast address.
port port-number: Specifies a port by its number used for establishing TCP connection. The value range for the port-number argument is 1024 to 65535, and the default value is 60064.
Usage guidelines
The control channel transmits data by using packets, including hot backup status packets, configuration consistency check packets, and configuration synchronization packets. Each member device compares the specified local and peer IP address to determine the device role for setting up the control channel. The device with higher IP address acts as the server to listen for TCP connection requests, and the other device acts as the client to initiate the TCP connection.
If the port number is configured on the server, the port provides services for the client. If the port number is configured on the client, the port serves as the destination port to establish TCP connection to the server. The source port is randomly generated on the client.
You can specify only one peer IP address with the same port number on the primary and secondary devices.
You can configure a remote IPv4 address or a remote IPv6 address, but not both.
Examples
# Configure the peer IPv4 address and port number as 1.1.1.1 and 4456 for setting up the control channel.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] remote-ip 1.1.1.1 port 4456
Related commands
local-ip
remote-ipv6
remote-ipv6
Use remote-ipv6 to configure the peer IPv6 address for setting up the control channel.
Use undo remote-ipv6 to restore the default.
Syntax
remote-ipv6 ipv6-address [ port port-number ]
undo remote-ipv6 ipv6-address
Default
The peer IPv6 address is not configured for setting up the control channel.
Views
RBM view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the peer IPv6 address for setting up the control channel. The IP address cannot be an all-zero address, loopback address, multicast address, or IPv6 address with an embedded IPv4 address.
port port-number: Specifies a port by its number used for establishing TCP connection. The value range for the port-number argument is 1024 to 65535, and the default value is 60064. Make sure the port number is not in use.
Usage guidelines
The control channel transmits data by using packets, including hot backup status packets, configuration consistency check packets, and configuration synchronization packets. Each member device compares the specified local and peer IPv6 address to determine the device role for setting up the control channel. The device with higher IPv6 address acts as the server to listen for TCP connection requests, and the other device acts as the client to initiate the TCP connection.
If the port number is configured on the server, the port provides services for the client. If the port number is configured on the client, the port serves as the destination port to establish TCP connection to the server. The source port is randomly generated on the client.
You can specify only one peer IPv6 address with the same port number on the primary and secondary devices.
You can configure a remote IPv4 address or a remote IPv6 address, but not both.
Examples
# Configure the peer IPv6 address and port number as 2018::1 and 4456 for setting up the control channel.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] remote-ipv6 2018::1 port 4456
Related commands
local-ipv6
remote-ip
silent-backup-interface
Use silent-backup-interface to disable the standby device from sending or receiving protocol packets of a dynamic routing protocol.
Use undo silent-backup-interface to enable the standby device to send and receive protocol packets of a dynamic routing protocol.
Syntax
silent-backup-interface { ospf | ospfv3 }
undo silent-backup-interface { ospf | ospfv3 }
Default
The standby device can send and receive protocol packets of a dynamic routing protocol.
Views
RBM view
Predefined user roles
network-admin
Parameters
ospf: Specifies OSPF.
ospfv3: Specifies OSPFv3.
Usage guidelines
This command disconnects the neighbor relationships for a dynamic routing protocol on the standby device. The active device can send and receive protocol packets of that dynamic routing protocol, and correctly process both uplink and downlink traffic.
You can execute this command multiple times to disable multiple dynamic routing protocols on the standby device.
You cannot use this command together with the adjust-cost enable command.
Examples
# Disable the standby device from sending or receiving OSPF protocol packets.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] silent-backup-interface ospf
Related commands
adjust-cost enable
switchover request
Use switchover request to perform an active/standby switchover.
Syntax
switchover request
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
If you want to replace components or upgrade software on the current active device, you can execute this command to switch services to the standby device.
This command applies only when hot backup operates in active/standby mode.
In a hot backup and VRRP associated network, executing this command might cause temporary virtual IP address conflict in the VRRP group, which is considered a normal condition.
For stable operation of hot backup, do not repeatedly execute this command within one minute.
Examples
# Perform an active/standby switchover.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] switchover request
track
Use track to associate hot backup with Track.
Use undo track to remove the association.
Syntax
track track-entry-number
undo track track-entry-number
Default
The hot backup system is not associated with Track.
Views
RBM view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies a track entry by its ID in the range of 1 to 1024.
Usage guidelines
Use this command to associate hot backup with Track to monitor links. If one of the monitored track entries becomes Negative, hot backup performs an active/standby switchover and switches traffic to the new active device to ensure service continuity. For more information about Track, see Network Management and Monitoring Configuration Guide.
You can use the track interface and track commands in conjunction, but you cannot use these commands to monitor the same interfaces.
The track vlan and track commands are mutually exclusive. You cannot configure both of them.
To associate hot backup with multiple track entries, execute this command multiple times.
Examples
# Associate hot backup with track entries 1 and 2.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] track 1
[Sysname-remote-backup-group] track 2
Related commands
track (Network Management and Monitoring Command Reference)
track interface
Use track interface to enable hot backup to monitor an interface.
Use undo track interface to remove the configuration.
Syntax
track interface interface-type interface-number
undo track interface [ interface-type interface-number ]
Default
The hot backup system does not monitor any interfaces.
Views
RBM view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies an interface by its type and number. You can specify a Layer 2 or Layer 3 Ethernet interface in the current software version. If you do not specify this argument, the undo form of the command removes the monitoring for all interfaces.
Usage guidelines
Use this command to enable hot backup to monitor the interfaces connecting the uplink and downlink devices. The monitored interfaces can forward packets only when they are all up. If any of the monitored interfaces goes down, none of them will be able to forward packets.
If the uplink and downlink interfaces of the hot backup system are Layer 3 Ethernet interfaces and hot backup is used with static routes, use the track interface command to monitor those interfaces.
If the uplink and downlink interfaces of the hot backup system are Layer 2 Ethernet interfaces connected to peer Layer 3 interfaces, use the track interface command to monitor the Layer 2 Ethernet interfaces.
You can use the track interface and track commands in conjunction, but you cannot use these commands to monitor the same interfaces.
The track vlan and track interface commands are mutually exclusive. You cannot configure both of them.
To enable hot backup to monitor multiple interfaces, execute this command multiple times.
The hot backup system does not support monitoring member ports of aggregate interfaces.
Examples
# Enable hot backup to monitor interfaces GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] track interface gigabitethernet 1/0/1
[Sysname-remote-backup-group] track interface gigabitethernet 1/0/2
Related commands
track
track interface
track vlan
track vlan
Use track vlan to enable hot backup to monitor a VLAN.
Use undo track vlan to remove the configuration.
Syntax
track vlan vlan-id
undo track vlan [ vlan-id ]
Default
The hot backup system does not monitor any VLANs.
Views
RBM view
Predefined user roles
network-admin
Parameters
vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094. If you do not specify this argument, the undo form of the command removes the monitoring for all VLANs.
Usage guidelines
Use this command to enable hot backup to monitor the VLANs of the uplink and downlink devices. The monitored VLANs are active and the member ports can forward packets only when the member ports are all up. If any of the member ports goes down, none of them will be able to forward packets, and all the monitored VLANs will become inactive.
In active/standby mode, the state of monitored VLANs is active on the primary device and inactive on the secondary device.
In dual-active mode, the state of monitored VLANs is active on both the primary and secondary devices.
Do not enable hot backup to monitor VLAN 1 (to which all access ports belong by default). This restriction prevents an unused interface in down state from interrupting operation of other interfaces in VLAN 1.
To enable hot backup to monitor multiple VLANs, execute this command multiple times.
The track vlan command is mutually exclusive with the track interface and track commands. You cannot use the track vlan command in conjunction with the track interface or track command.
Examples
# Enable hot backup to monitor VLAN 10.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] track vlan 10
Related commands
track
track interface
track vlan
transparent-transmit enable
Use transparent-transmit enable to enable transparent service traffic transmission between the remote backup group members.
Use undo transparent-transmit enable to disable transparent service traffic transmission between the remote backup group members.
Syntax
transparent-transmit enable
undo transparent-transmit enable
Default
Transparent service traffic transmission is enabled.
Views
RBM view
Predefined user roles
network-admin
Usage guidelines
Enable transparent service traffic transmission only when asymmetric-path traffic traverses the hot backup system operating in dual-active mode.
If an asymmetric-path flow traverses the hot backup system operating in dual-active mode, the flow and its return traffic are processed by different remote backup group members. This will degrade the traffic processing performance of modules such as NBAR, DPI, and load balancing. For example, the packet recognition rate of NBAR might drop. For an asymmetric-path flow and its return traffic to be processed by the same remote backup group member, enable transparent service traffic transmission. Transparent service traffic transmission is resource-intensive. Make sure you are fully aware of the impact of this feature when you use it on a live network.
Examples
# Enable transparent service traffic transmission between the remote backup group members.
<Sysname> system-view
[Sysname] remote-backup group
[Sysname-remote-backup-group] transparent-transmit enable
vrrp ipv6 vrid
Use vrrp ipv6 vrid to create an IPv6 VRRP group and assign a virtual IPv6 address to it, or to assign a virtual IPv6 address to an existing IPv6 VRRP group.
Use undo vrrp ipv6 vrid to remove all configurations of an IPv6 VRRP group, or to remove a virtual IPv6 address from an IPv6 VRRP group.
Syntax
vrrp ipv6 vrid virtual-router-id virtual-ip virtual-address [ prefix-length ] link-local { active | standby }
undo vrrp ipv6 vrid virtual-router-id [ virtual-ip [ virtual-address [ link-local ] ] ]
Default
No IPv6 VRRP groups exist.
Views
Interface view
Predefined user roles
network-admin
context-admin
Parameters
virtual-router-id: Specifies an IPv6 VRRP group by its virtual router ID in the range of 1 to 255.
virtual-ip virtual-address: Specifies a virtual IPv6 address. If you do not specify this option, the undo vrrp ipv6 vrid command removes all virtual IPv6 addresses from the specified IPv6 VRRP group.
prefix-length: Specifies the prefix length of the virtual IPv6 address, in the range of 1 to 128. If you do not specify this argument, the default value 128 applies.
link-local: Specifies a link-local address as the virtual IPv6 address.
active: Associates the IPv6 VRRP group with hot backup by adding the device to the IPv6 VRRP active group. The initial role of the device is master.
standby: Associates the IPv6 VRRP group with hot backup by adding the device to the IPv6 VRRP standby group. The initial role of the device is backup.
Usage guidelines
You can execute this command multiple times to assign multiple virtual IPv6 addresses to an IPv6 VRRP group. When you configure hot backup in collaboration with VRRP, you can assign a maximum of 4096 virtual IPv6 addresses to a VRRP group. If you specify the prefix length to assign a virtual IPv6 subnet, the subnet is recognized as one virtual IPv6 address.
The first virtual IPv6 address that you assign to an IPv6 VRRP group must be a link-local address, and it must be removed last.
An IPv6 VRRP group can have only one link-local address as its virtual IPv6 address. For an IPv6 VRRP group to work correctly, you must also assign it a global unicast address as a virtual IPv6 address.
The virtual IPv6 address of an IPv6 VRRP group and the downlink interface IPv6 address of the VRRP group members must be on the same subnet. Otherwise, the hosts on the subnet might fail to access external networks.
You cannot associate an IPv6 VRRP group operating in load balancing mode with hot backup.
When you configure hot backup in collaboration with VRRP, make sure the interfaces in an IPv6 VRRP group do not own the virtual IPv6 addresses.
You cannot associate an IPv6 VRRP group with both hot backup and Track.
You cannot use the track vlan command in conjunction with the track interface command.
To modify the settings for the command, first execute the undo form of the command, and then execute the vrrp ipv6 vrid command again.
Examples
# Create IPv6 VRRP group 1, assign virtual IPv6 address fe80::10 to the VRRP group, and assign the device to the VRRP active group. Then assign virtual IPv6 address 1::10 to the VRRP group.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] vrrp ipv6 vrid 1 virtual-ip fe80::10 link-local active
[Sysname-GigabitEthernet1/0/1] vrrp ipv6 vrid 1 virtual-ip 1::10
vrrp vrid
Use vrrp vrid to create an IPv4 VRRP group and assign a virtual IP address to it, or to assign a virtual IP address to an existing IPv4 VRRP group.
Use undo vrrp vrid to remove all configurations of an IPv4 VRRP group, or to remove a virtual IP address from an IPv4 VRRP group.
Syntax
vrrp vrid virtual-router-id virtual-ip virtual-address [ mask | mask-length ] { active | standby }
undo vrrp vrid virtual-router-id [ virtual-ip [ virtual-address ] ]
Default
No IPv4 VRRP groups exist.
Views
Interface view
Predefined user roles
network-admin
context-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID in the range of 1 to 255.
virtual-ip virtual-address: Specifies a virtual IP address. You cannot specify the virtual IP address as any of the following IP addresses:
· All-zero address (0.0.0.0).
· Broadcast address (255.255.255.255).
· Loopback address.
· IP address of other than Class A, Class B, and Class C.
· Invalid IP address (for example, 0.0.0.1).
If you do not specify the virtual-address argument, the undo vrrp vrid command removes all virtual IP addresses from the specified IPv4 VRRP group.
mask-length: Specifies a mask length in the range of 1 to 32. If you do not specify a subnet mask or a mask length, the default mask length 32 applies.
active: Associates the VRRP group with hot backup by adding the device to the VRRP active group. The initial role of the device is master.
standby: Associates the VRRP group with hot backup by adding the device to the VRRP standby group. The initial role of the device is backup.
Usage guidelines
You can execute this command multiple times to assign multiple virtual IP addresses to an IPv4 VRRP group. When you configure hot backup in collaboration with VRRP, you can assign a maximum of 4096 virtual IPv4 addresses to a VRRP group. If you specify the mask or mask length to assign a virtual IPv4 subnet, the subnet is recognized as one virtual IPv4 address.
The virtual IP address of an IPv4 VRRP group and the downlink interface IP addresses of the VRRP group members must be on the same subnet. Otherwise, the hosts on the subnet might fail to access external networks.
You cannot associate a VRRP group operating in load balancing mode with hot backup.
For VRRP to operate correctly, make sure a virtual IP address of an IPv4 VRRP group is not the IP address of any interface in the VRRP group.
When you configure hot backup in collaboration with VRRP, make sure the interfaces in an IPv4 VRRP group do not own the virtual IPv4 addresses.
You cannot associate a VRRP group with both hot backup and Track.
You cannot use the track vlan command in conjunction with the track interface command.
To modify the settings for the command, first execute the undo form of the command, and then execute the vrrp vrid command again.
Examples
# Create IPv4 VRRP group 1, assign virtual IP address 10.10.10.10 to the VRRP group, and assign the device to the VRRP active group.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] vrrp vrid 1 virtual-ip 10.10.10.10 active
Related commands
display vrrp