Documente Academic
Documente Profesional
Documente Cultură
Version: 3.00.11
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: support@zte.com.cn
LEGAL INFORMATION
Copyright © 2014 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Figures............................................................................................................. I
Glossary ........................................................................................................ III
II
Intended Audience
This manual is intended for:
Chapter 3, IP MTU Describes the overview and principles of MTU configuration, related
Configuration configuration and maintenance commands, and configuration examples.
Chapter 4, DHCP Describes the overview and principles of DHCP configuration, related
Configuration configuration and maintenance commands, and configuration examples.
Chapter 5, TCPv4 Describes the overview and principles of TCPv4 configuration, related
Configuration configuration and maintenance commands, and configuration examples.
Chapter 6, UDPv4 Describes the overview and principles of UDPv4 configuration, related
Configuration configuration and maintenance commands, and configuration examples.
Chapter 8, IPTV Describes the overview and principles of IPTV configuration, related
Configuration configuration and maintenance commands, and configuration examples.
Conventions
This manual uses the following typographical conventions:
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant Text that you type, program codes, filenames, directory names, and function names.
width
[] Optional parameters.
{} Mandatory parameters.
II
Network bits and subnet bits are used to uniquely identify a network. Use subnet mask to
find which part in IP address indicates network bits and subnet bits, which part stands for
host bits. The part with subnet mask of "1" corresponds to network bits and subnet bits of
IP address, while the part with subnet mask of "0" corresponds to host bits.
Division of subnets greatly improves utilization of IP addresses, which relieves the problem
of insufficient IP addresses to some extent.
1-1
Parameter Description
Command Function
ZXR10#show ip interface [ brief [ phy This shows the information of the IP address
|<interface-name >|[{ exclude | include}<line>]]] configured in the current interface.
1-2
Parameter Description
line protocol is up It indicates whether the link layer protocol is available. The
up represents that the alink layer protocol state is available
while the down represents that the link layer protocol state
is unavailable.
1-3
Configuration Flow
1. Configure IP addresses of the layer 3 vlan interface.
2. Test the configuration result to confirm that S1 and S2 can ping each other.
Configuration Commands
S1 configuration,
S1(config)#switchvlan-configuration
S1(config-swvlan)#interface gei-0/1/1/1
S1(config-swvlan-if-gei-0/1/1/1)#switchport access vlan50
S1(config-swvlan-if-gei-0/1/1/1)#!
S1(config)#interface vlan50
S1(config-if-vlan50)#ip address 10.1.1.1 255.255.255.0
S1(config-if-vlan50)#exit
S2 configuration,
S2(config)#switchvlan-configuration
S2(config-swvlan)#interface gei-0/1/1/2
S2(config-swvlan-if-gei-0/1/1/2)#switchport access vlan50
S1(config-swvlan-if-gei-0/1/1/2)#!
S2(config)#interface vlan50
S2(config-if-vlan50)#ip address 10.1.1.2 255.255.255.0
S2(config-if-vlan50)#exit
Configuration Verification
Validate the configuration on S1,
S1#ping 10.1.1.2
sending 5,100-byte ICMP echoes to 10.1.1.2,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max=
129/185/200 ms.
1-4
l Configuration Thought
1. Configure IP addresses of S1 and S2 interfaces.
2. Test configuration result to make sure that ICMP response (ping) is realized
between S1 and S2.
l Configuration Process
S1 configuration,
S1(config)#switchvlan-configuration
S1(config-swvlan)#interface gei-0/1/1/1
S1(config-swvlan-intf)#switchport access vlan 1
S1(config-swvlan-intf)#exit
2-1
S1(config)#interface vlan1
S1(config-if)#ip address 10.1.1.1 255.255.255.0
S2 configuration,
S2(config)#switchvlan-configuration
S2(config-swvlan)#interface gei-0/1/1/2
S2(config-swvlan-intf)#switchport access vlan 2
S2(config-swvlan-intf)#exit
S2(config)#interface vlan2
S2(config-if)#ip address 10.1.1.2 255.255.255.0
l Configuration Check
Validate the configuration on S1,
S1#ping 10.1.1.2
sending 5,100-byte ICMP echoes to 10.1.1.2,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 1/1/21 ms.
S2#ping 10.1.1.1
sending 5,100-byte ICMP echoes to 10.1.1.2,timeout is 2 seconds.
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 1/1/21 ms.
Command Function
2-2
The source host specifies a path called source path by IP network. Software forwards the
packets according to the specified source path. This function is required when a packet
has to be transmitted by using the specified path. By default, source route processing is
executed.
To configure IP source route options on ZXR10 5900E, use the following commands.
Command Function
Example
The following example shows how to enable the ICMP redirection packet function on
interface vlan50:
ZXR10(config)#icmp-config
ZXR10(config-icmp)#interface vlan50
ZXR10(config-icmp-if)#ip redirect
2-3
Command Function
2-4
However, IP MTU value can not be set too small because each packet has a 40 bytes
header containing important control information. The header occupies lots of available
bandwidth if IP MTU value is smaller. For example, a good working 56k modem can upload
data at 4200bytes/second. If IP MTU value is set to 90 bytes, and the header occupies 40
bytes (44% of the size of the whole data packet). The utilization rate of bandwidth is very
low because 44% of 4200 (1428 bytes) bytes are used to transmit the header, only 2772
bytes are used to transmit user data. Therefore, it is necessary to configure an appropriate
IP MTU value.
3-1
Parameter Description
Command Function
For example: to view the IP MTU value of the vlan100 interface, run the following
command:
ZXR10(config-if-vlan100)#show ip interface vlan100
gre_tunnel1 AdminStatus is up, PhyStatus is up, line protocol is down
IP MTU 1000 bytes
3-2
Configuration Flow
1. Enter interface configuration mode.
2. Configure IP MTU value of the interface.
Configuration Commands
S1 configuration,
S1(config)#interface vlan100
S1(config-if-vlan100)#ip mtu 1300
S1(config-if-vlan100)#exit
Verification
Run the following command to verify the IP MTU value of the interface for VLAN100:
S1(config-if-vlan100)#show running-config-interface vlan100
!<INTERFACE>
interface vlan100
ip mtu 1300
$
!</INTERFACE>
As shown above, the IP MTU value of the interface for VLAN100 is 1300 bytes.
3-3
3-4
4-2
ZXR10(config-ip-pool)#conflict-time <1-18000>
ZXR10(config-ip-pool)#network <network-number><ne
twork-mask>
4-3
ZXR10(config)#ip dhcp policy < policy-name>< priority> Binds the specified DHCP pool
to a DHCP policy.
ZXR10(config-dhcp-policy)#dhcp-pool<dhcppool-name>
ZXR10#kick-off ip dhcp server user [[interface <interface-n Gets users offline based on the
21 ame>]|[mac <mac-address>]|[ip <ip-address>[vrf-instance specified attribute (interface,
<vrf-name>]]] MAC address, or IP address).
For a description of the parameters in Step 12, refer to the following table:
Parameter Description
For a description of the parameters in Step 13, refer to the following table:
4-4
Parameter Description
For a description of the parameters in Step 14, refer to the following table:
Parameter Description
<IP> IP address.
For a description of the parameters in Step 15, refer to the following table:
Parameter Description
4-5
Parameter Description
<ip-address> IP address.
For a description of the parameter in Step 16, refer to the following table:
Parameter Description
For a description of the parameter in Step 17, refer to the following table:
Parameter Description
Command Function
ZXR10#show ip local pool {[configure <pool-name> Displays the information about the
vrf-instance <instance name>] , [conflict-ip <pool-name> local address pool.
vrf-instance <instance name>] , [exclude-ip <pool-name>
vrf-instance <instance name>] , [statistics <pool-name> total],
[used-exclude-ip <pool-name> vrf-instance <instance name>] ,
[used-ip <pool-name> vrf-instance <instance name>]}
ZXR10# show ip dhcp server user [interface <interface-name>[ Displays the information about
total-count]]|[ total-count] current online users on the DHCP
server.
ZXR10#show ip dhcp packet statistic MP-0/1/0 {global | mgmt_eth | Displays statistics of DHCP
supervlan <1-4000>| vlan <1-4094>} packets sent and received.
4-6
Command Function
Run the show ip dhcp configuration command to display the configuration of the DHCP
process module. The following shows the output of the show ip dhcp configuration
command:
DHCP process state information
process state :enable(running)
ramble state:disable
suppress_nak state:disable
max_hops: 4
DHCP server configure:
server support max user: 64000
server update arp: off
DHCP relay configure:
not insert relay option82 information in BOOTREQUEST.
relay option82 policy: replace
relay option82 format: china-tel
relay option82 user policy: interface
relay support max user: 64000
relay update arp: off
Field Description
server support max user Maximum number of users supported on the server.
server update arp Whether the ARP update function is enabled on the server.
not insert relay information in Whether Option82 is inserted. Here, it is not inserted.
BOOTREQUEST
4-7
Field Description
relay information user policy Policy of Option82. There are two modes, uniform, and
interface.
relay support max user Maximum number of users supported on the relay.
relay update arp Whether the ARP update function is enabled on the relay.
Run the show ip local pool command to display the information about the local address
pool. The following shows the output of the show ip local pool command:
ZXR10(config)#show ip local pool
PoolName Begin End Mask Free Used
zte 20.1.1.1 20.1.1.100 24 100 0
TotalPool: 1
Field Description
Run the show ip dhcp server user command to display the information about the current
online users on the DHCP server. The following shows the output of the show ip dhcp
server user command:
ZXR10#show ip dhcp server user
CLIENT MAC addr: 0010.9400.0001
IP addr: 29.160.1.10
State: BOUND
Expiration: 11:16:07 06/07/2010
VRF:
CLIENT MAC addr: 0010.9400.0002
IP addr: 29.160.1.11
State: BOUND
Expiration: 11:16:07 06/07/2010
VRF:
ZXR10#show ip dhcp server user interface vlan1000 total-count
Current online users on this interface are: 2
ZXR10#show ip dhcp server user total-count
Current online users are: 2
4-8
Run the show running-config command to display the configuration of the DHCP server or
relay on an interface. The following shows the output of the show running-config command:
ZXR10#show running-config vlan1000
!<Interface>
interface vlan1000
ip address 30.1.1.100 255.255.0.0
$
!</Interface>
!<ETHER_PORT>
interface vlan1000
!</ETHER_PORT>
!</DHCP>
dhcp
interface vlan1000
mode server
policy 1000
$
$
!</DHCP>
Field Description
Run the show ip dhcp packet statistic command to display statistics of DHCP packets sent
and received. The following shows the output of the show ip dhcp packet statistic command:
ZXR10#show ip dhcp packet statistic MP-0/1/0 global
----------------------------------------------
All received DHCP packet of the slot 1 is: 0
----------------------------------------------
Valid request packet: 0
DHCPDISCOVER: 2
DHCPREQUEST : 1
DHCPDECLINE : 0
DHCPRELEASE : 0
DHCPINFORM : 0
reply packet: 0
DHCPOFFER: 0
DHCPACK : 0
DHCPNAK : 0
4-9
----------------------------------------------
ZXR10#
Field Description
Run the show ip dhcp pool command to display the information about a DHCP pool. The
following shows the output of the show ip dhcp pool command:
ZXR10#show ip dhcp pool
PoolName IpPool LeaseTime DnsNum RouterNum OptionNum BindNum
1 ss 0 2 0 0 0 0 0
Total: 1
Field Description
Run the show ip dhcp policy command to display the information about a DHCP policy. The
following shows the output of the show ip dhcp policy command:
4-10
1 1 ss 1.1.1.1
Total: 1
Field Description
Option60 Option60
l In global configuration mode, configure IP Pool, DHCP Pool, DHCP Policy on S1, and
enable DHCP function.
l In interface configuration mode, configure IP address and DHCP server mode and
bind DHCP Policy on S1.
Configuration Flow
1. Configure IP pool. The range of address pool needs to be configured in a network
segment.
2. Configure DHCP Pool. DHCP Pool needs to bind with IP Pool and configures DNS,
lease-time, default router and so on.
3. Configure DHCP Policy. DHCP Policy is a policy option. Many priorities are supported
by a name for policy management.
4. Configure DHCP Server. Configure Server functional mode in DHCP interface mode
and bind the policy.
5. Enable DHCP globally.
4-11
Configuration Commands
S1 configuration,
/*This configures IP Pool.*/
S1(config)#ip pool pool1
S1(config-ip-pool)#range 10.10.1.3 10.10.1.254 255.255.255.0
S1(config-ip-pool)#exit
Configuration Verification
View the configuration of IP Pool on S1.
4-12
TotalPool: 1
4-13
$
!</DHCP>
Under both of the conditions described above, the packets are transmitted to a new
destination (or DHCP Server) in unicast. Obviously, the new destination address is
configurable. In this way, DHCP packets can pass through many sub-networks.
When DHCP Relay finds a responding packet coming from DHCP Server, it inspects the
"Relay Agent", "Client hardware address" fields and so on. These fields provide enough
informations to DHCP Relay for transmitting responding packet to client PC.
4-14
The value of "Relay Agent" field (non-zero) is often used to identify a logical port for
transmitting responding packets. The responding packet will be discarded if the value
can not match any logical port directly connecting to DHCP Relay.
Meanwhile, DHCP Relay inspects the value of broadcast identifier bit containing in "flag"
field. If the value is 1, it will broadcast the encapsulated packet. Otherwise, the packet will
be encapsulated and transmitted to DHCP Client in unicast way.
4-15
4-16
ZXR10(config)#ip dhcp relay server group < group-number> Configures a DHCP server
group, and binds the server
ZXR10(config-dhcpr-server-group)#server <server-
24
address to the group.
number><ip-address>{security | standard}[master][dscp
<dscp-number>]
ZXR10(config)#ip dhcp relay server policy group Enters DHCP relay server
<group-no> policy group configuration
mode.
ZXR10#kick-off ip dhcp relay user [[interface <interface-n Gets users offline from the relay
ame>]|[mac <mac-address>]|[ip <ip-address>[vrf-instance based on the specified attribute
28
<vrf-name>]]] (interface, MAC address, or IP
address).
4-17
For a description of the parameter in Step 11, refer to the following table:
Parameter Description
For a description of the parameters in Step 15, refer to the following table:
Parameter Description
For a description of the parameters in Step 17, refer to the following table:
Parameter Description
For a description of the parameters in Step 20, refer to the following table:
Parameter Description
For a description of the parameter in Step 21, refer to the following table:
Parameter Description
For a description of the parameter in Step 22, refer to the following table:
4-18
Parameter Description
For a description of the parameter in Step 23, refer to the following table:
Parameter Description
<group-number> Serial number of the DHCP Relay server group bound to the
interface, range: 1–20.
For a description of the parameters in Step 24, refer to the following table:
Parameter Description
<group-number> Serial number of the DHCP Relay server group bound to the
interface, range: 1–20.
<dscp-number> Priority.
For a description of the parameters in Step 25, refer to the following table:
Parameter Description
<group-no> Serial number of the DHCP relay server policy group, range:
1–20.
For a description of the parameter in Step 26, refer to the following table:
Parameter Description
For a description of the parameters in Step 28, refer to the following table:
4-19
Parameter Description
Command Function
ZXR10#show ip dhcp relay user [interface <interface-name>[ Displays the information about
total-count]]|[ total-count] current online users on the DHCP
relay.
ZXR10#show ip dhcp packet statistic MP-0/1/0 {global | mgmt_eth | Displays statistics of DHCP
supervlan <1-4000>| vlan <1-4094>} packets sent and received.
ZXR10#show ip dhcp relay server group [<group-no>] Displays the information about a
DHCP relay server group.
ZXR10#show ip dhcp relay server policy [<policy_no>] Displays the information about a
DHCP relay server policy group.
Run the show ip dhcp configuration command to display the configuration of the DHCP
process module. The following shows the output of the show ip dhcp configuration
command:
DHCP process state information
process state: disable(stop)
ramble state: disable
4-20
server support max user Maximum number of users supported on the server.
server update arp Whether the ARP update function is enabled on the server.
not insert relay option82 information Whether Option82 is inserted. Here, it is not inserted.
in BOOTREQUEST
relay option82 user policy Policy of user-configured Option82. There are two modes,
uniform, and interface.
relay support max user Maximum number of users supported on the relay.
relay update arp Whether the ARP update function is enabled on the relay.
4-21
!</DHCP>
dhcp
interface vlan2000
mode relay
relay server group 1
relay agent 30.1.1.100
$
$
!</DHCP>
Field Description
Run the show ip dhcp packet statistic command to display statistics of DHCP packets sent
and received. The following shows the output of the show ip dhcp packet statistic command:
ZXR10#show ip dhcp packet statistic MP-0/1/0 global
-------------------------------------------------
All received DHCP packet of the slot 1 is: 0
-------------------------------------------------
Valid request packet: 0
DHCPDISCOVER: 2
DHCPREQUEST : 1
DHCPDECLINE : 0
DHCPRELEASE : 0
DHCPINFORM : 0
reply packet: 0
DHCPOFFER: 0
DHCPACK : 0
DHCPNAK : 0
--------------------------------------------------
ZXR10#
Field Description
4-22
Field Description
Run the show ip dhcp relay server group command to display the information about a DHCP
relay server group. The following shows the output of the show ip dhcp relay server group
command:
ZXR10#show ip dhcp relay server group 1
group-no: 1 deadtime: 60 max-retries: 8 algorithm: round-robin
description:
DHCP server group server: 1 2.2.2.2 security dscp 0
ZXR10#
Field Description
deadtime Deadtime.
description Description.
DHCP server group server Information about the server, including the serial number of
the serve, IP address, mode, and DSCP value.
Run the show ip dhcp relay server policy command to display the information about a DHCP
relay server policy group. The following shows the output of the show ip dhcp relay server
policy command:
ZXR10#show ip dhcp relay server policy 1
PolicyNo ServerNo VclassID InternalVLAN ExternalVLAN
1 1 llll
VlanNum:0
ZXR10#
Field Description
4-23
Field Description
VclassID Option60.
Run the show ip dhcp relay information command to display the information about DHCP
relay option82. The following shows the output of the show ip dhcp relay information
command:
ZXR10#show ip dhcp relay information
DHCP relay information of all by user configuration are:
TYPE circuit-id-len remote-id-len
uniform 3 3
ZXR10#
Field Description
Run the show ip dhcp proxy client command to display the information about the lease
time of the DHCP proxy. The following shows the output of the show ip dhcp proxy client
command:
ZXR10#show ip dhcp proxy client
DHCP client configure information in proxy mode:
leasetime :33 seconds
ZXR10#
4-24
Configuration Flow
1. A route has to be required between the DHCP Server and the Relay interface (Global
static route can be used for testing).
2. For the configuration of server, see DHCP Server Configuration. In policy
configuration, Relay Agent is the IP address of Relay interface.
3. For Relay configuration, the parameters need to be configured in DHCP interface. IP
addresses of Relay interface and IP Pool corresponding to DHCP Server need to be
in the same network segment.
4. DHCP Relay configuration:
l Configure Relay mode.
l Enable Relay function in DHCP interface mode, configure Relay Agent to be the
IP address of Relay interface and configure Relay Server to be the IP address
of configured DHCP server. Make sure that the IP addresses of DHCP Server
interface and Relay interface are not in the same network segment but the IP
addresses of the allocated IP pool and Relay interface are in the same network
segment.
Configuration Commands
S1 configuration,
/*This configures Relay interface.*/
S1(config)#switchvlan-configuration
S1(config-swvlan)#vlan 1000
S1(config-swvlan-sub)#switchport pvid gei-0/1/1/1
S1(config-swvlan-sub)#exit
S1(config-swvlan)#exit
S1(config)#interface vlan1000
S1(config-if)#ip address 10.10.1.1 255.255.255.0
S1(config-if)#exit
/*Specify Server*/
S1(config)#ip dhcp relay server group 1
S1(config-dhcpr-server-group)#server 1 10.10.2.2 standard master
S1(config-dhcpr-server-group)#exit
4-25
S2 configuration,
/*This enables DHCP.*/
S2(config)#dhcp
S2(config-dhcp)#enable
S2(config-dhcp)#exit
4-26
S2(config-dhcp-pool)#ip-pool pool1
S2(config-dhcp-pool)#default-router 10.0.1.1
S2(config-dhcp-pool)#exit
Configuration Verification
Show IP Pool configuration on S2,
S2(config)#show ip local pool
PoolName Begin End Mask Free Used
pool1 10.10.1.3 10.10.1.254 24 252 0
TotalPool: 1
4-27
A short lease must be configured for the DHCP proxy. This short lease is shorter than
that configured for the DHCP server. The time-out interval of the binding state timer for
4-28
the DHCP proxy is shorter than that for the DHCP server, so the DHCP proxy can fast
detect user disconnection and notify the DHCP server to release IP addresses as soon
as possible. In case of a large number of renewal requests from users, the DHCP proxy
reduces the load of the DHCP server.
When the DHCP relay proxy receives a renewal request from the client, if the state of the
user is BOUND, the proxy returns L2 to the client and resets the state timer. If the user
is in another state, the proxy returns no response. The proxy needs to check whether the
actual renewal time (calculated based on L1) of the client arrives. If yes, the proxy sends
a request to the server by using L1. If the server returns a DHCP ACK message, the L1
of the proxy is updated. If the server returns a DHCP NAK message, the data area of the
user is released.
4-29
Parameter Description
4-30
Parameter Description
1 ZXR10(config)#ip dhcp relay server group Configures a group that the external DHCP
<group-number> server of an interface belongs to and enters
DHCP relay server group configuration
mode.
4-31
Command Function
The following shows the output of the show ip dhcp configuration command:
ZXR10#show ip dhcp configuration
DHCP process state information
process state :enable(running)
ramble state:disable
suppress_nak state:disable
max_hops: 4
DHCP server configure:
server support max user: 2048
server update arp: default(off)
DHCP relay configure:
not insert relay option82 information in BOOTREQUEST.
relay option82 policy: default(replace)
relay option82 format: default(china-tel)
relay option82 user policy: interface
relay support max user: 32000
relay update arp: default(off)
Field Description
server support max user Indicates the maximum number of users on the server.
server update arp Indicates whether ARP entries can be added on the server.
not insert relay option82 information Indicates that Option82 is not inserted.
in BOOTREQUEST
4-32
Field Description
relay option82 user policy Indicates the selected policy of user-configured Option82.
There are two modes, uniform mode and interface mode.
relay support max user Indicates the maximum number of users on the relay.
relay update arp Indicates whether ARP entries can be added on the relay.
On the interfaces of S1, the IP addresses, DHCP server address, and DHCP proxy mode
need to be configured. On the interfaces of S2, the IP addresses, and DHCP server mode
need to be configured, and a DHCP policy needs to be bound. On S2, DHCP needs to be
enabled. An IP pool, DHCP pool, DHCP policy, and route to the network segment of the
proxy interface on S1 need to be configured.
Configuration Flow
1. Configure proxy parameters on the DHCP interfaces. The IP address of the proxy
interface must be in the same network segment as the addresses in the IP pool
corresponding to the server.
2. Configure the proxy mode, and set the relay agent to the address of the proxy interface.
The relay server is set to the address of the server. The address of the server interface
and the address of the proxy interface are in different network segments. The address
of the proxy interface is in the same network segment as the addresses in the IP pool.
3. On the server, configure a route to the proxy interface.
4. Set the relay agent to the proxy interface when configuring a policy.
4-33
Configuration Commands
S1 configuration:
/*Configure a proxy interface*/
S1(config)#interface gei-0/1/1/1
S1(config-if)#ip address 10.10.1.1 255.255.255.0
S1(config-if)#exit
/*Specify a server*/
S1(config)#ip dhcp relay server group 1
S1(config-dhcpr-server-group)#server 1 10.10.2.2 standard master
S1(config-dhcpr-server-group)#exit
/*Enable DHCP*/
S1(config)#dhcp
S1(config-dhcp)#enable
/*Set the DHCP mode of an interface and other attributes/*
S1(config-dhcp)#interface gei-0/1/1/1
S1(config-dhcp-if)#mode proxy
S1(config-dhcp-if)#relay agent 10.10.1.1
S1(config-dhcp-if)#relay server group 1
S1(config-dhcp-if)#exit
S1(config-dhcp)#exit
S2 configuration:
/*Enable DHCP*/
S2(config)#dhcp
S2(config-dhcp)#enable
S2(config-dhcp)#exit
S2(config)#interface gei-0/1/1/3
S2(config-if)#ip address 10.10.2.2 255.255.255.0
S2(config-if)#exit
/*Configure an IP pool*/
S2(config)#ip pool pool1
S2(config-ip-pool)#range 10.10.1.3 10.10.1.254 255.255.255.0
S2(config-ip-pool)#exit
/*Bind the IP pool to the DHCP pool*/
S2(config)#ip dhcp pool pool1
S2(config-dhcp-pool)#ip-pool pool1
S2(config-dhcp-pool)default-router 10.10.1.1
S2(config-dhcp-pool)#exit
/*Bind the DHCP pool to the DHCP policy*/
S2(config)#ip dhcp policy policy1 1
S2(config-dhcp-policy)#dhcp-pool pool1
S2(config-dhcp-policy)#relay agent 10.10.1.1
S2(config-dhcp-policy)#exit
S2(config)#dhcp
4-34
Configuration Verification
View the DHCP configuration of the specified interface on S1:
S1(config)#show running-config-interface
dhcp gei-0/1/1/1
!<DHCP>
dhcp
interface gei-0/1/1/1
mode proxy
relay server group 1
relay agent 10.10.1.1
!</DHCP>
4-35
4-36
When a DHCP server and a client are not on the same subnet and the client wants to obtain
an IP address from the DHCP server, it is necessary to use a DHCP relay agent to forward
the DHCP Request message. Before the DHCP relay agent forwards the DHCP message
of the client to the DHCP server, it can inserts some optional information so that the DHCP
server can know the client information more correctly. In this way, the IP address and other
parameter values can be assigned more flexibly according to the related policy.
The option is named DHCP relay agent information option, and the option number is 82.
Therefore, it is also called Option82. The related standard document is Request For
Comments (RFC) 3046.
Option82 is an extended application of DHCP options. It is only an extension. That whether
Option82 is contained does not affect the application of DHCP. In addition, it is necessary
to check whether the DHCP server supports Option82. If a DHCP server that does not
support Option82 receives packets containing Option82 information, or a DHCP server
that supports Option82 receives packets not containing Option82 information, the basic
DHCP service will not be affected.
To support the extended application brought by Option82, the DHCP server must support
Option82 and Option82 information must be inserted into the DHCP packets received.
When a DHCP Request message is received on an un-trusted port, no matter whether the
DHCP server and the client are in the same subnet, The switch on which DHCP snooping is
enabled can choose whether to insert Option82 information. By default, the switch inserts
Option82 information to the DHCP Request message received on the un-trusted port.
4-37
4-38
4-39
15 ZXR10(config-dhcp-snoop)#ip dhcp snooping verify mac Configures the ether mac and
bootp mac verification function
for DHCP snooping.
4-40
4-41
Parameter Description
Parameter Description
4-42
Parameter Description
Parameter Description
For a description of the parameter in Step 11, refer to the following table:
Parameter Description
For a description of the parameter in Step 12, refer to the following table:
Parameter Description
For a description of the parameters in Step 17, refer to the following table:
Parameter Description
For a description of the parameter in Step 18, refer to the following table:
Parameter Description
For a description of the parameter in Step 19, refer to the following table:
Parameter Description
For a description of the parameter in Step 20, refer to the following table:
4-43
Parameter Description
For a description of the parameter in Step 22, refer to the following table:
Parameter Description
For a description of the parameter in Step 24, refer to the following table:
Parameter Description
For a description of the parameter in Step 25, refer to the following table:
Parameter Description
For a description of the parameters in Step 29, refer to the following table:
Parameter Description
infinite Permanent.
For a description of the parameter in Step 30, refer to the following table:
Parameter Description
For a description of the parameter in Step 31, refer to the following table:
Parameter Description
4-44
For a description of the parameter in Step 33, refer to the following table:
Parameter Description
For a description of the parameters in Step 35, refer to the following table:
Parameter Description
For a description of the parameter in Step 36, refer to the following table:
Parameter Description
For a description of the parameter in Step 37, refer to the following table:
Parameter Description
For a description of the parameter in Step 38, refer to the following table:
Parameter Description
For a description of the parameter in Step 40, refer to the following table:
Parameter Description
For a description of the parameter in Step 42, refer to the following table:
Parameter Description
For a description of the parameter in Step 47, refer to the following table:
4-45
Parameter Description
For a description of the parameters in Step 49, refer to the following table:
Parameter Description
Command Function
ZXR10(config)#show ip dhcp snooping vlan [<vlan>] Displays the DHCP snooping state
of a VLAN.
ZXR10(config)#show ipv6 dhcp snooping database Displays the information about the
[<interface-name>] DHCPv6 snooping database.
4-46
Command Function
ZXR10(config)#show ipv6 dhcp snooping vlan [<vlan>] Displays the DHCPv6 snooping
state of a VLAN.
Parameter Description
The following shows the output of the show ip dhcp snooping configure command:
ZXR10(config)#show ip dhcp snooping configure
DHCP snooping configure information
Global state :disable(stop)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2048
The following shows the output of the show ip dhcp snooping database command:
ZXR10(config)#show ip dhcp snooping database smartgroup1
The following shows the output of the show ip dhcp snooping ramble command:
ZXR10(config)#ip dhcp snooping ramble
ZXR10(config)#show ip dhcp snooping ramble
4-47
The following shows the output of the show ip dhcp snooping trust command:
Interface State
-------------------------------------------
gei_0/1/1/1 Trusted
The following shows the output of the show ip dhcp snooping vlan command:
ZXR10(config)#show ip dhcp snooping vlan
DHCP snooping state on VLANs
VLAN State
-------------------------------------------
1 disable
2 disable
10 enable
The following shows the output of the show ipv6 dhcp snooping configure command:
ZXR10(config-dhcpv6-snoop)#show ipv6 dhcpsnooping configure
DHCPv6 snooping configure information
DHCPv6 snooping globally state : disable(stop)
snooping support max user : 2048
remote-id enterprise number : 0
remote-id string :
interface-id format
The following shows the output of the show ipv6 dhcp snooping database command:
ZXR10(config-dhcpv6-snoop)#show ipv6 dhcp snooping database
Current bind users are: 1
Index : 1
MAC addr: 0000.1111.2222
Vpls :
Vlan : 1
Internal-vlan: 0
State : static
Interface : smartgroup1
IPv6 addr : 2:3::2:3 expiration infinite
The following shows the output of the show ipv6 dhcp snooping interface command:
4-48
Interface-id :
The following shows the output of the show ipv6 dhcp snooping ramble command:
ZXR10(config-dhcpv6-snoop)#show ipv6 dhcp snooping ramble
Current DHCPv6 snooping user ramble state :disable
The following shows the output of the show ipv6 dhcp snooping trust command:
ZXR10(config)#show ipv6 dhcp snooping trust
Interface State
-------------------------------------------
gei_0/1/1/1 Trusted
The following shows the output of the show ipv6 dhcp snooping vlan command:
ZXR10(config)#show ipv6 dhcp snooping vlan
DHCPv6 snooping state on VLANs
VLAN State
-------------------------------------------
1 disable
2 disable
10 enable
Configuration Description
The network topology is shown in Figure 4-7.
Note:
The network topology is suitable for all the configuration examples in this section
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Enable and disable the DHCP snooping function globally.
4-49
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping enable
ZXR10(config-dhcp-snoop)#no ip dhcp snooping enable
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP snooping global configuration information as follows:
ZXR10(config-dhcp-snoop)#show ip dhcp snooping configure
DHCP snooping configure information
Global state :enable(running)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2048
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Enable the DHCP snooping function globally.
3. Enable and disable the DHCP snooping function in a specified VLAN.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping enable
ZXR10(config-dhcp-snoop)#ip dhcp snooping vlan 1
ZXR10(config-dhcp-snoop)#no ip dhcp snooping vlan 1
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP snooping states in VLANs as follows:
ZXR10(config)#show
ip dhcp snooping vlan
DHCP snooping state on VLANs
VLAN State
-------------------------------
4-50
1 enable
2 enable
3 enable
4 enable
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Enable the DHCP snooping function, and insert Option82 to DHCP packets. By
default, Option82 is not inserted.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping information option
ZXR10(config-dhcp-snoop)#no ip dhcp snooping information option
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP snooping configuration information as follows:
ZXR10(config-dhcp-snoop)#show ip dhcp snooping configure
DHCP snooping configure
information
Global state :enable(running)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2048
Configuration Description
The network topology is shown in Figure 4-8.
4-51
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Configure the format of Option82 inserted to DHCP packets, including CHINA-TEL and
DSL-FORUM. The default format is CHINA-TEL. Run the corresponding no command
to restore the default format.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping information format
{china-tel | dsl-forum}
ZXR10(config-dhcp-snoop)#no ip dhcp snooping information format
Configuration Verification
Check the DHCP snooping configuration information as follows:
ZXR10(config-dhcp-snoop)#show ip dhcp snooping configure
DHCP snooping configure
information
Global state :enable(running)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2048
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Configure the policy to handle a DHCP packet when Option82 is has been inserted
to DHCP packets in which Option82 information exists. There are two policies,
maintaining Option82, or replacing Option82. Run the corresponding no command
to restore the default policy.
4-52
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping information policy replace
ZXR10(config-dhcp-snoop)#no ip dhcp snooping information policy
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP snooping configuration information as follows:
ZXR10(config-dhcp-snoop)#show ip dhcp snooping configure
DHCP snooping configure
information
Global state :enable(running)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2048
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Configure an interface on the DHCP server as a trusted interface. Configure other
interfaces as untrusted interfaces.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping trust gei-0/1/1/1
ZXR10(config-dhcp-snoop)#no ip dhcp snooping trust gei-0/1/1/1
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP snooping interface state as follows:
ZXR10(config)#show ip dhcp snooping trust
Interface State
---------------------------------------------------
gei-0/1/1/1 Trusted
4-53
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Add binding entities to the DHCP snooping database manually. Run the corresponding
no command to delete the binding entities from the database.
Configuration Commands
ZXR10config-dhcp-snoop)#vlan 2
ZXR10(config-dhcp-snoop-vlan2)#ip dhcp snooping binding
0010.9400.0001 1.2.3.4 gei-0/1/1/1 infinite
ZXR10(config-dhcp-snoop-vlan2)#no ip dhcp snooping binding 0010.9400.0001
Configuration Verification
Check the binding information in the DHCP Snooping database as follows:
ZXR10(config)#show ip dhcp snooping database
user total: 1
Index : 1
MAC addr: 0010.9400.0001
Vpls :
Vlan : 2
Internal-vlan: 0
State : static
Interface : gei-0/1/1/1
IP addr : 1.2.3.4 expiration 02:46:33
Option82
Gateway IP :
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Clear the entities in the DHCP snooping database manually.
4-54
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping clear
ZXR10(config-dhcp-snoop)#ip dhcp snooping clear gei-0/1/1/1
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the information in the DHCP Snooping database as follows:
ZXR10(config)#show ip dhcp snooping database
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Enable the DHCP snooping roaming function, so that users can be changed over on
different physical interfaces. By default, the roaming function is disabled.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping ramble
ZXR10(config-dhcp-snoop)#no ip dhcp snooping ramble
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the configuration information of the DHCP snooping roaming function as follows:
ZXR10(config-dhcp-snoop)#show ip dhcp snooping ramble
Current DHCP snooping user ramble state :
ramble state: enable
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
4-55
2. Configure the maximum number of DHCP snooping users. By default, the maximum
number of users supported on a board is 2048.
3. Enable the DHCP snooping function globally.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#no ip dhcp snooping enable
ZXR10(config-dhcp-snoop)#ip dhcp snooping max-user 2
ZXR10(config-dhcp-snoop)#no ip dhcp snooping max-user
ZXR10(config-dhcp-snoop)#ip dhcp snooping enable
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP Snooping configuration information as follows:
ZXR10(config)#show ip dhcp snooping configure
DHCP snooping configure information
Global state :enable(running)
Mac-verifying state :disable
Not insert relay information in BOOTREQUEST
Relay information policy :keep
Relay information format :china-tel
Support max user :2
Configuration Description
Figure 4-7 shows the network topology.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Enable the ether mac and bootp mac verification function for DHCP snooping. If the
ether mac and bootp mac are not the same, the packet will be dropped.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping verify-mac
ZXR10(config-dhcp-snoop)#no ip dhcp snooping verify-mac
ZXR10(config-dhcp-snoop)#exit
Configuration Verification
Check the DHCP Snooping configuration information as follows:
4-56
Configuration Description
Figure 4-7 shows the network topology. An available FTP or TFTP server must be provided
on the network.
Configuration Flow
1. Enter DHCP snooping configuration mode.
2. Configure the storage directory of the user binding table.
3. Start the write timer.
4. Configure the IP address of the FTP or TFTP server.
5. Configure the upload timer for the FTP or TFTP server.
6. Restore the use binding table through the local configuration if necessary after the
device is restarted.
7. Restore the user binding table through downloading the table if necessary after the
device is restarted.
Configuration Commands
ZXR10(config)#dhcp-snoop
ZXR10(config-dhcp-snoop)#ip dhcp snooping file localdir /flash
ZXR10(config-dhcp-snoop)#ip dhcp snooping file timeout 5
ZXR10(config-dhcp-snoop)#ip dhcp snooping file server ftp //2.1.1.101/
dhcp.xml@root:root
ZXR10(config-dhcp-snoop)#ip dhcp snooping file upload time 10
ZXR10(config-dhcp-snoop)#ip dhcp snooping file localload
ZXR10(config-dhcp-snoop)#ip dhcp snooping file download
Configuration Verification
Check the DHCP snooping configuration information as follows:
ZXR10(config-dhcp-snoop)#show running-config dhcp-snoop
!<dhcp-snoop>
dhcp-snoop
ip dhcp snooping file localdir /flash
ip dhcp snooping file timeout 5
4-57
4-58
5-1
5-2
Parameter Description
Parameter Description
Parameter Description
Parameter Description
vrf <vrf-name> Name of the VRF instance which the IP address belongs to,
range: 1–16 characters.
5-3
Parameter Description
Command Function
ZXR10# show tcp brief Displays the brief information about all
TCP connections.
ZXR10# show tcp tcb <tcb-index> Displays the information about the
corresponding of a specified TCB.
ZXR10# show tcp synflood-protect statistics Displays statistics of the TCP SYN flood
protection function.
ZXR10# show tcp synflood-protect all Displays all information about the TCP
SYN flood protection function in the
system.
Run the show tcp command to display the information about TCP connections, including
local and remote IP address, port number, states of timers, and packets sent. The following
shows the output of the show tcp command:
ZXR10#show tcp
Stand-alone TCP connection from host 192.168.109.6
Connection state is ESTABLocal host: 192.168.5.1, Local port: 22
Foreign host: 192.168.109.6, Foreign port: 2335
5-4
Field Description
SRTT: 555 ms, RTTO: 395 ms, KRTT: Times used for sending or receiving packets, and
395 ms minRTT: 10 ms, maxRTT: retransmission time-out period of the connection.
690 ms, ACK hold: 200 ms
Rcvd: 34 (out of order: 0), with data: Numbers of packets received and bytes.
21, total data bytes: 1636
Run the show tcp brief command to display the brief information about all TCP connections,
including TCB, and IP addresses of sender and receiver. The following shows the output
of the show tcp brief command:
5-5
Field Description
Run the show tcp config command to display TCP configuration information, including the
wait time for establishing and disconnecting a connection, the length of the wait queue,
and the window size. The following shows the output of the show tcp config command:
ZXR10#show tcp config
TCP SYNWAIT: 30
TCP FINWAIT: 150
TCP WINDOWSIZE: 32768
Field Description
TCP SYNWAIT: 30 Wait time of SYN packets for the TCP connection, unit:
seconds.
TCP FINWAIT: 150 Wait time of FIN packets for the TCP connection, unit:
seconds.
TCP WINDOWSIZE: 32768 Size of the receiving window for the TCP connection, unit:
bytes.
Run the show tcp statistics command to display statistics at the TCP layer, including the
number of packets received, the number of error packets, and the numbers of various
packets. The following shows the output of the show tcp statistics command:
ZXR10#show tcp statistics
Rcvd: 2966 Total, 0 no port
0 checksum error, 0 bad offset, 0 too short
2955 packets (12107 bytes) in sequence
0 out-of-order packets (0 bytes)
0 packets (0 bytes) with data after window
0 packets after close
0 window probe packets, 2058 window update packets
38 dup ack packets, 0 ack packets with unsend data
2960 ack packets (12123 bytes)
5-6
Field Description
Rcvd: 2966 Total, 0 no port 0 Total number of packets received, including the numbers of
checksum error, 0 bad offset, 0 too various packets, and error packets (for example, the packets
short,2955 packets (12107 bytes) in containing ports that do not exist, and packets containing
sequence,0 out-of-order packets (0 checksum errors or offset errors.)
bytes),0 packets (0 bytes) with data
after window,0 packets after close,0
window probe packets, 2058 window
update packets,38 dup ack packets,
0 ack packets with unsend data,2960
ack packets (12123 bytes)
Run the show tcp tcb <tcb-index> command to display the information about the
corresponding of a specified TCB. The following shows the output of the show tcp tcb
<tcb-index> command:
ZXR10#show tcp tcb 2
Stand-alone TCP connection from host 169.1.109.6
Connection state is ESTAB
Local host: 169.1.5.5, Local port: 23
Foreign host: 169.1.109.6, Foreign port: 4655
5-7
Field Description
show tcp tcb 2 Displays the information about the corresponding of TCB
2. For the field descriptions, refer to that of the show tcp
command.
Run the show tcp synflood-protect config command to display configuration information
about the TCP SYN flood protection function, including whether the protection function is
enabled, the connection wait time, the number of half-connections, and the threshold of
total connections. The following shows the output of the show tcp synflood-protect config
command:
ZXR10# show tcp synflood-protect config
synflood-prevnet is enable
prevent means is quickening the tcp connect aging
and deleting the old tcp half connect
syn-waittime is 600 (seconds)
old-half-connect is 500
max-connect high limit is 90%
max-connect low limit is 70%
one-minute high limit is 80%
one-minute low limit is 50%
Field Description
prevent means is quickening the tcp Decrements the syn wait time, and deletes the old
connect aging and deleting the old half-connections.
tcp half connect
max-connect high limit is 90% The high threshold of total connections is 90.
one-minute low limit is 50% The low threshold of connections in one minute is 50.
Run the show tcp synflood-protect statistics command to display statistics of the TCP SYN
flood protection function. The following shows the output of the show tcp synflood-protect
statistics command:
ZXR10#show tcp synflood-protect statistics
MPU:Main Processing Unit
5-8
Run the show tcp synflood-protect all command to display all information about the TCP
SYN flood protection function in the system. The following shows the output of the show
tcp synflood-protect all command:
ZXR10# show tcp synflood-protect all
configuration infomation:
syn-flood-prevnet is enable
prevent means is quickening the tcp connect
aging and deleting the old tcp half connect
syn-waittime is 600 (seconds)
old-half-connect is 500
max-connect high limit is 90%
max-connect low limit is 70%
one-minute high limit is 80%
one-minute low limit is 50%
statistics infomation:
MP:Manage Processor RP:Routing Processor
maxcon:current total connect maxhcon:current total half connect
onecon:oneminute connect onehcon:oneminute half connect
maxper:maxcon*100/tolcon*100% oneper:onecon*100/tolcon*100%
tolcon:max connect of the cpu allowed
CPU status maxcon maxhcon onecon onehcon tolcon maxper oneper
MP safety 2 0 0 0 3072 0f 0f(null)
For a description of the fields, refer to those of the show tcp synflood-protect config and
show tcp synflood-protect statics commands.
Run the show sockets commands to display all sockets. The following shows the output of
the show sockets command:
ZXR10#show sockets
Proto Local Address Foreign Address In Out State
IPv4 TCP 0.0.0.0:23 *:* 0 0 LISTEN
IPv4 UDP 0.0.0.0:3503 *:* 0 0
IPv4 RAW(112) 0.0.0.0:* *:* 0 0
IPv6 TCP 0:0:0:0:0:0:0:0:23 *:* 0 0 LISTEN
IPv6 UDP 0:0:0:0:0:0:0:0:161 *:* 0 0
IPv6 RAW(58) 0:0:0:0:0:0:0:0:33024 *:* 0 0
5-9
5-10
6-1
6-2
7-1
7-2
Command Function
The following is a sample output from the show zdp neighbour command:
ZXR10(config)#show zdp neighbour
Peer-Mac Local-Port Hdtm Peer-Port Platform Hostname
-----------------------------------------------------------------------
0051.334E.5327 gei-0/1/1/1 162 gei-0/1/1/2 8900E ZXR10
7-3
Configuration Flow
1. Create a ip pool of interface addresses.
2. Configure Switch1 as a command switch.
3. Configure Switch2 as a member switch.
Configuration Commands
Switch1 configuration:
ZXR10(config)#group-management
ZXR10(config-gm)#interface vlan1
ZXR10(config-gm-if-vlan1)#bind-ip-pool
ZXR10(config-gm-if-vlan1)#exit
ZXR10(config-gm)#group switch-type commander
ZXR10(config-gm)#group member device 1
Configuration Verification
ZXR10(config-gm)#show group members
Index MemID MacAddress IPAddr Mask Stat Hostname
----------------------------------------------------
1 1 0000.0205.0000 192.168.1.2 255.255.255.0 Up Mem1.ZXR10
7-4
8-1
The IPTV access and control process is as follows: A user client sends a report (join in) or
leave packet to the IPTV module. The IPTV module queries the corresponding CAC rule
according to the user port and the VLAN, and authenticates the channel rights requested
by the user. For the query packet received from a route port, the IPTV module queries the
corresponding CAC rule according to the route port and the VLAN, and authenticates the
query request. Authentication means to query the channel rights ( view, preview, query,
and deny) configured in a rule. After the rights is queried, the result is returned to the
IGMP Snooping for further processing. The following describes how the IGMP Snooping
processes different rights:
l For the view and preview rights: Add the port to which the user belongs to the
broadcast forwarding table.
l For the query rights: Broadcast the query packet to the VLAN to which the route port
belongs.
8-2
Parameter Description
8-3
Parameter Description
Parameter Description
Parameter Description
8-4
Parameter Description
Parameter Description
Parameter Description
Parameter Description
Parameter Description
8-5
Parameter Description
Parameter Description
Parameter Description
8-6
Parameter Description
Parameter Description
<bandwidth value> Bandwidth for the channel, range: 0–256, unit: Mbps.
Parameter Description
Parameter Description
Parameter Description
8-7
Parameter Description
Parameter Description
Parameter Description
Parameter Description
8-8
Command Function
ZXR10(config-iptv)#clear client port < port-name> vlan-id < Deletes online IPTV users.
vlan-id> channel { id < channel-id>| id-list<channel-idlist>| name
< channel-name>}
Parameter Description
Command Function
ZXR10#show iptv cdr [record id-list <cdr-idlist>] Displays the information about
CDR configuration.
ZXR10#show iptv channel { all | name < channel-name>| id-list< Displays the information about
channel-idlist>} IPTV channels.
ZXR10#show iptv package [{ name < package-name>|id < Displays the information about an
package-id>}] IPTV service package.
ZXR10#show iptv rule{all |{port < port-name>[ vlan-id Displays the information about a
<vlan-id>][channel][package]}} CAC rule.
ZXR10#show iptv client {all |{port <port-name>| NPC Displays online IPTV users
<slot-no>[vlan-id <vlan-id>]}}
ZXR10#show iptv channel statistics [ channel-id < channel-id>] Displays channel statistics.
The following shows the output of the show iptv control command:
ZXR10#show iptv control
8-9
Field Description
The following shows the output of the show iptv prw command:
ZXR10#show iptv prw
PrwEnable : disable
PrwOverCount-Cdr : disable
PrwRecognitionTime : 4
PrwAutoResetTime : 23:59:59
Field Description
The following shows the output of the show iptv cdr record id-list 2 command:
ZXR10#show iptv cdr record id-list 2
Index :2 Findex :54 Time_Stamp :2013/3/4 09:00:20
VlanId :100 Mvlan :4000 OnLine_Time(s):0
Sourceip :
Groupip :225.1.1.0
Validility :invalid
Cdrtype :preview
Leave reason :prw overcount leave
8-10
Field Description
Validility Whether it is valid that the user watches programs on the port.
The following shows the output of the show iptv channel all command:
ZXR10#show iptv channel all
Id Name MVlan GroupIp
------ ------------------------------- --------- --
0 CHNAME0 1 225.0.0.0
1 CHNAME1 1 225.0.0.1
2 CHNAME2 1 225.0.0.2
3 CHNAME3 1 225.0.0.3
4 CHNAME4 1 225.0.0.4
5 CHNAME5 1 225.0.0.5
6 CHNAME6 1 225.0.0.6
7 CHNAME7 1 225.0.0.7
8 CHNAME8 1 225.0.0.8
9 CHNAME9 1 225.0.0.9
Field Description
Id Channel ID.
The following shows the output of the show iptv package command:
ZXR10#show iptv package
Pkgid Pkgname
----- ---------
8-11
0 ZTE
Field Description
The following shows the output of the show iptv view-profile command:
ZXR10#show iptv view-profile
ViewprofileId ViewprofileName
------------- ---------------
0 DEFVAL
Field Description
The following shows the output of the show iptv rule command:
ZXR10#show iptv rule
MaxRuleNum: 2048
CurrentConfigTotal: 1 HistoryConfigTotal: 1
Id Port Vlan Mode Service Cdr ViewNum PrwNum QryNum PkgNum
---- -------- ----- ------- ------- ----- ------- ------ ------ ------
1 gei-0/1/1/22 package IN FALSE 0 0 0 0
Field Description
Id Rule ID.
8-12
Field Description
The following shows the output of the show iptv channel statistics command:
ZXR10#show iptv channel statistics
ChannelNo CurPrwUser CurViewUser hisPrwUser hisViewUser
--------- ---------- ----------- ---------- -----------
0 0 0 0 0
1 0 0 0 0
2 0 0 0 0
3 0 0 0 0
4 2 0 0 0
5 0 0 0 1
6 0 4 0 0
7 0 0 0 0
8 0 0 0 0
9 0 0 0 0
Field Description
The following shows the output of the show iptv client command:
ZXR10#show iptv client all
Client View Channel Count: 1
ChanId GroupIp Port Vlan Rule Record TimeStamp
------ -------- ------------- ---------- ------ ------------ --
0 225.0.0.1 gei-0/1/1/2 200 5 2 2013/06/9 19:34:54
Field Description
8-13
Field Description
Configuration Flow
1. Configure a traffic flow of IPTV channel
2. Enable IPTV
3. Configure inquiry permissions on a interface connected to network
4. Configure rules of users on a interface connected to users
Configuration Commands
SwitchA configuration:
ZXR10(config)#igmpsnoop
ZXR10(config-igmpsnoop)#vlan 22
ZXR10(config-igmpsnoop-vlan22)#igmp snooping enable
ZXR10(config-igmpsnoop-vlan22)#exit
ZXR10(config-igmpsnoop)#vlan 20
ZXR10(config-igmpsnoop-vlan20)#igmp snooping enable
ZXR10(config-igmpsnoop-vlan20)#exit
ZXR10(config-igmpsnoop)#vlan 100
ZXR10(config-igmpsnoop-vlan100)#igmp snooping enable
ZXR10(config-igmpsnoop-vlan100)#exit
ZXR10(config-igmpsnoop)#exit
ZXR10(config)#iptv
8-14
Configuration Verification
Check configuration of SwitchA.
ZXR10#show iptv channel all
Id Name MVlan GroupIp
------ -------- --------------- ------------
0 cctv1 100 225.0.0.1
ZXR10#show iptv rule
MaxRuleNum: 2048
CurrentConfigTotal: 2 HistoryConfigTotal: 2
Id Port Vlan Mode Service Cdr ViewNum PrwNum QryNum PkgNum
---- ------ ---- ------- ------- ----- ------- ------ ------ ------
1 gei-0/1/1/1 20 channel IN FALSE 1 0 0 0
2 gei-0/1/1/2 100 channel IN FALSE 0 0 1 0
8-15
8-16
II
DSCP
- Differentiated Services Code Point
FTP
- File Transfer Protocol
ICMP
- Internet Control Message Protocol
IP
- Internet Protocol
IPTV
- Internet Protocol Television
MAC
- Media Access Control
MAN
- Metropolitan Area Network
MTU
- Maximum Transmission Unit
MVLAN
- Multicast Virtual Local Area Network
III
RARP
- Reverse Address Resolution Protocol
RFC
- Request For Comments
SMS
- Service Management System
STB
- Set-top Box
TCB
- Transmission Control Block
TCP
- Transmission Control Protocol
TCP/IP
- Transmission Control Protocol/Internet Protocol
TFTP
- Trivial File Transfer Protocol
UDP
- User Datagram Protocol
URL
- Uniform Resource Locator
VLAN
- Virtual Local Area Network
VPN
- Virtual Private Network
VRF
- Virtual Route Forwarding
IV