7750SR常用维护命令

合集下载

1-2-IP城域网7750SR维护技术-网络结构

1-2-IP城域网7750SR维护技术-网络结构
IBGP
BAS
SR1
SR2
SR3
CR1、2是IBGP反射器.CR1、 CR2进行IBGP反射
1.1.1.128/25 ip poo•OSPF路由
个人客户
集团客户
1.1.1.8/29
蓝色箭头流量走向
路由协议
CMNET接收 EBGP路由
Cmnet骨干网
Internet流量如何去往用户?
MPLS VPN Backbone
如何区分不同VPN的路由?
路由前缀加上96bit的RD
如何构建VPN的不同互访关系?
RT
城域网现网PE两两之间需要直接建立MPBGP关系吗?
MPLS VPN(3层)
MPLS VPN Backbone
CE-RIP-A1 CE-RIP-A2
LDP
CE-BGP-A1
LDP
IP城域网维护技术讲座
网维中心数据室 何劲
目录
1 2 3 4
网络结构
路由协议 业务接入 MPLS VPN
网络结构 一二类公司网络结构
深圳(西丽) 核心路由器2 深圳(高科) 核心路由器1
有独立城域网CR
惠州第二机楼 核心路由器
CMNet
惠州第二机楼 省网汇聚路由器 惠州江北电信 省网汇聚路由器
惠州全球通 核心路由器
市名
SR ASBR/ SR 地市IP城域网 SR
城市AS
VPN路由
广州
65270
省干CMNET一个AS,每个地市城域网单独一个AS
韶关
65271
清远
65272
路由协议
Cmnet骨干网
用户流量如何去往Internet?
EBGP
BR

7750 SR-Series 路由器基本系统配置指南说明书

7750 SR-Series 路由器基本系统配置指南说明书

PrefaceAbout This GuideThis guide describes system concepts and provides configuration explanations and examplesto configure SR-OS boot option file (BOF), file system and system management functions.This document is organized into functional chapters and provides concepts and descriptions ofthe implementation flow, as well as Command Line Interface (CLI) syntax and commandusage.AudienceThis manual is intended for network administrators who are responsible for configuring the7750 SR-Seriesrouters. It is assumed that the network administrators have an understanding ofnetworking principles and configurations. Protocols, standards, and processes described in thismanual include the following:•CLI concepts•File system concepts•Boot option, configuration, image loading, and initialization procedures•Basic system management functions such as the system name, router location andcoordinates, and CLLI code, time zones, Network Time Protocol (NTP), SimpleNetwork Time Protocol (SNTP), and synchronization properties7750 SR OS Basic System Configuration GuidePrefaceList of Technical PublicationsThe 7750 SR documentation set is composed of the following books:•7750 SR OS Basic System Configuration GuideThis guide describes basic system configurations and operations.•7750 SR OS System Management GuideThis guide describes system security and access configurations as well as event loggingand accounting logs.•7750 SR OS Interface Configuration Guide•7750 SR OS Router Configuration GuideThis guide describes logical IP routing interfaces and associated attributes such as an IPaddress, as well as IP and MAC-based filtering, and VRRP and Cflowd.•7750 SR OS Routing Protocols GuideThis guide provides an overview of routing concepts and provides configuration examplesfor RIP, OSPF, IS-IS, BGP, and route policies.•7750 SR OS MPLS GuideThis guide describes how to configure Multiprotocol Label Switching (MPLS) and LabelDistribution Protocol (LDP).•7750 SR OS Services GuideThis guide describes how to configure service parameters such as service distributionpoints (SDPs), customer information, and user services.•7750 SR OAM and Diagnostic Guide•This guide describes how to configure features such as service mirroring and Operations, Administration and Management (OAM) tools.•7750 SR OS Triple Play GuideThis guide describes Triple Play services and support provided by the 7750 SR andpresents examples to configure and implement various protocols and services.•7750 SR OS Quality of Service GuideThis guide describes how to configure Quality of Service (QoS) policy management.•OS Multi-Service ISA GuideThis guide describes services provided by integrated service adapters such as ApplicationAssurance, IPSec, ad insertion (ADI) and Network Address Translation (NAT).•7750 SR-OS RADIUS Attributes Reference GuideThis guide describes all supported RADIUS Authentication, Authorization andAccounting attributes.Page 127750 SR OS Basic System Configuration GuidePrefaceTechnical SupportIf you purchased a service agreement for your 7750 SR router and related products from adistributor or authorized reseller, contact the technical support staff for that distributor or resellerfor assistance. If you purchased an Alcatel-Lucent service agreement, contact your welcomecenter:/wps/portal/supportReport documentation errors, omissions and comments to:**************************************Include document name, version, part number and page(s) affected.7750 SR OS Basic System Configuration Guide Page 13PrefacePage 147750 SR OS Basic System Configuration Guide。

7750BRAS维护与配置

7750BRAS维护与配置

7750SR/BRASI护与配置(SR功能篇)1. 设备配置命令说明 (4)1.1. S YSTEM本配置 (4)1.2. L OG!己置 (7)1.3. P ORT®置 (9)1.3.1 上行端口和互联POR㈱口配置 (9)1.3.2下联端口配置 (10)1.4. IGP协议配置 (14)1.4.1 OSPF协议配置 (14)1.4.2 ISIS 协议配置 (17)1.5. MLS LDP协议配置 (19)1.6. 设备安全配置(SECURITY (24)1.6.1 设备访问安全 (24)1.6.2 主CPU保护 (28)1.7. VPN-BGP配置 (35)1.8. P OLIC 丫配置 (38)1.9. 业务配置 (40)1.9.1 IES 业务配置 (41)1.9.2 二层VPN vpls 业务配置 (45)1.9.3三层VPN VPR业务配置 (48)1.10. SNM甫己置 (52)1.11. C FLOW配置 (53)2. 业务运行状态检查命令 (55)2.1查看设备P OR调口运行状态 (55)2.1.1 查看设备所有Port端口运行状态 (55)2.1.2 查看设备单个Port端口运行状态 (57)2.2 查看S ERVICE^务运行状态 (60)2.3检查路由器接口运行状态 (62)2.3.1 查看所有接口状态 (62)2.3.1 查看单个业务的接口状态 (64)2.4查看设备MAC地址表信息 (66)2.4.1 查看所有MA弛址表 (66)2.4.2 查看单个业务的MAC%址表 (69)2.5查看设备路由表信息 (70)2.5.1 查看所有路由表地址表 (70)2.5.2查看某个业务的路由表 (71)3. 故障排除方法说明 (73)3.1 光路正常但PORTED DOWN (73)3.2 PING不通对端地址 (73)3.3 ISIS邻接关系无法建立 (73)3.4 BGP^S居无法正常建立 (73)3.5 BG咪中有路由,但路由没有被放进VPN路由表中 (73)3.6 VPN中用户CE设备无法访问远端 (74)3.7 VPLS故障分析 (74)3.7.1 按照下列配置做mac-filter (74)3.7.2 在VPLS中应用MAC-FILTER (75)3.8.3 通过分析LO俄出问题 (75)4删除SERVICE配置步骤 (76)4.1 删除单个SAP S ERVICE^置步骤 (76)4.2删除多个SAP S ERVICE®己置步骤 (76)1.设备配置命令说明1.1. System基本配置1. chassis-mode 要配置为C,以支持新的feature 。

贝尔7750SR维护必备手册

贝尔7750SR维护必备手册

一、检查系统状态 (2)show system cpu //检查系统CPU占用率 (2)show system memory-pools//检查系统Memory占用率 (3)show uptime //检查系统距离上一次重启的运行时间 (4)二、检查板卡状态 (4)show card state //检查7750SR各块单板的基本状态 (4)Show card <slot-number> detail //检查7750SR IOM单板的详细状态信息 (5)Show mda <slot/mda > detail //检查7750SR MDA单板的详细状态信息 (6)show redundancy synchronization //检查7750SR二块CPM单板的冗余状态 (7)Show chassis power-supply //检查7750SR电源模块的运行状态 (8)Show chassis environment //检查7750SR风扇的运行状态 (8)三、检查物理接口状态 (9)show port x/x/x //检查物理接口的状态 (9)show port x/x/x.stsx //检查传输电路的质量 (10)show service sap-using //检查sap口的状态 (11)四、检查网络接口状态 (11)show route interface //检查三层interface的基本状态 (11)Monitor port //检查7750SR物理端口带宽占用情况 (13)五、检查路由协议状态 (13)show router isis adjacency //检查7750SR的ISIS协议邻居状态 (13)show router ldp session //检查7750SR的LDP协议邻居及会话状态 (14)show router bgp neighbor //检查7750SR的BGP协议邻居状态 (15)六、检查VPRN状态 (16)show route x route-table //检查VPRN路由 (16)show route x bfd session //检查VPRN中的bfd session (17)show router xxxx vrrp instance检查xxxx VPN VRRP状态。

阿尔卡特-7750SR路由器加固

阿尔卡特-7750SR路由器加固

7750SR路由器安全加固手册V1.1(适用于SR12, SR7)上海贝尔阿尔卡特股份有限公司互联网事业部二零一一年一月1关闭未用服务正常情况下,现场较多使用telnet登录、管理、配置路由器,其他服务在需要的时候再打开,不用时关闭。

7750SR路由器的SSH 服务系统缺省是打开的,建议关闭。

➢通过如下命令关闭ssh server和ftp服务:#config>system>security>ssh# server-shutdown#config>system>security>no ftp-server➢通过如下命令确认系统开放端口:#show system connections➢正常情况下系统只开放如下端口:TCP 179:用于BGP连接TCP 22:用于SSH登录TCP 646:用于LDPUDP 161:用于SNMPUDP 123:用于NTP2限制异常流量带宽7750SR路由器对于那些必须经过CPM上的CPU进行处理的流量可以通过cpm-filter命令来进行识别,该命令作用于流量到达CPM CPU之前的P-Chip芯片上,并可根据情况选择这些流量通过、拒绝或对其进行cpm-queue限速。

2.1.限制异常ICMP流量大量对路由器端口或system地址的Ping包都会造成CPM CPU利用率增加,可通过cpm-filter匹配由IOM送到CPM板卡上的ICMP报文,并通过cpm-queue限制其速率。

参考配置如下:部署CPM-Queue>config>sys>security>cpm-queue# info----------------------------------------------queue 40 createcbs 1000 mbs 1000rate 2000 cir 2000 //为ICMP协议只分配2000 kbps带宽exit----------------------------------------------部署CPM-Filter>config>sys>security>cpm-filter# info----------------------------------------------ip-filterno shutdownentry 40 createaction queue 40match protocol icmpexitexitexit----------------------------------------------注:经测试,上述配置可保证该路由器正常响应一台网络设备的快速Ping,在两台以上网络设备同时对其进行fast ping时,会造成丢包,但CPM上的CPU可得到较好保护。

7750常用的几个维护命令(培训)

7750常用的几个维护命令(培训)

7750常用的几个维护命令:一、查看用户show service active-subscribersshow service active-subscribers summaryshow service subscriber-using 当前用户名排列show service subscriber-using port 1/1/10 根据端口或lag排列用户show service sap-using 当前使用的sap点,静态sap点一直在上面show service active-subscribers subscriber "170030028648@466f3b" 根据用户名查看:@后面的数值是用户的MAC地址后6位show service id 100 pppoe session ip-address 114.254.248.186 detail 根据用户ip地址查看用户show service id 100 pppoe session mac 00:21:27:6e:a0:05 detail 根据用户终端MAC地址查看用户show service id 100 pppoe session sap lag-1:10.27 detail 根据用户端口/lag及vlan查看用户二、清除用户下线clear service id 100 pppoe session sap-id 1/1/10:199.177 根据用户端口/lag及vlan清除用户clear service id 100 pppoe session ip-address 111.196.45.234 根据用户ip地址清除用户clear service id 100 pppoe session mac c8:0a:a9:dc:3f:35 根据用户终端MAC地址用户service id 值1为vprn,100为一般用户,8为与二层汇聚的互联三、查流量进入Monitormonitor# port 1/1/1 看端口流量monitor# lag 1 看LAG-1流量。

阿尔卡特7750SR路由器现场维护手册

阿尔卡特7750SR路由器现场维护手册

阿尔卡特7750SR路由器日常维护操作手册上海贝尔阿尔卡特股份有限公司互联网事业部二零零六年十月目录1. 总体概述................................................. 错误!未定义书签。

2. 常用软件操作............................................. 错误!未定义书签。

. 通过Console线缆连接路由器....................... 错误!未定义书签。

. SR系列路由器配置过程............................ 错误!未定义书签。

. 设备重启......................................... 错误!未定义书签。

. 路由引擎切换..................................... 错误!未定义书签。

. TiMOS软件升级步骤............................... 错误!未定义书签。

软件升级相关文件............................. 错误!未定义书签。

升级步骤..................................... 错误!未定义书签。

. 密码恢复......................................... 错误!未定义书签。

. 在CLI中获取帮助................................. 错误!未定义书签。

3. 7750SR-12 ................................................ 错误!未定义书签。

. 7750SR-12结构................................... 错误!未定义书签。

设备描述..................................... 错误!未定义书签。

7750SR12维护培训

7750SR12维护培训

2007
Fan tray number
==================================== 查看板卡状态 ==================================== ======= Card Summary Show card/show card detail ==================================== A:GD# show card ==================================== ======= =============================================================================== Slot Provisioned Equipped Card Summary Admin Operational =============================================================================== Card-type Card-type State Slot Provisioned Equipped Admin Operational State Card-type Card-type State State -----------------------------------------------------------------------------------------------------------------------------------------------------------1 iom-20g-b iom-20g-b up up 1 iom-20g-b iom-20g-b up 2 iom-20g-b iom-20g-b up up up 3 iom-20g-b iom-20g-b up up 2 iom-20g-b iom-20g-b up A sfm-400g sfm-400g up up/active up B sfm-400g sfm-400g up up/standby 3 iom-20g-b iom-20g-b up =============================================================================== up A:# show card detail A sfm-400g sfm-400g up up/active B sfm-400g sfm-400g up up/standby ==================================== All Rights Reserved © Alcatel-Lucent 2007 ==================================== =======

7750 SR OS 路由器配置指南.pdf_1701712574.009497说明书

7750 SR OS 路由器配置指南.pdf_1701712574.009497说明书

Common CLI Command DescriptionsIn This ChapterThis section provides information about common Command Line Interface (CLI) syntax andcommand usage.Topics in this chapter include:•SAP syntax on page 616Common CLI Command DescriptionsCommon Service CommandssapSyntax[no] sap sap-idDescription This command specifies the physical port identifier portion of the SAP definition.Parameters sap-id — Specifies the physical port identifier portion of the SAP definition.The sap-id can be configured in one of the following formats:null[port-id | bundle-id| bpgrp-id | lag-id | aps-id]port-id: 1/1/3bundle-id: bundle-ppp-1/1.1bpgrp-id: bpgrp-ima-1lag-id: lag-63aps-id: aps-1dot1q[port-id | bundle-id| bpgrp-id | lag-id | aps-id]:qtag1port-id:qtag1: 1/1/3:100bundle-id: bundle-ppp-1/1.1bpgrp-id: bpgrp-ima-1lag-id:qtag1:lag-61:102aps-id:qtag1: aps-1:27qinq[port-id |bundle-id| bpgrp-id | lag-id]:qtag1.qtag2port-id:qtag1.qtag2: 1/1/3:100.10bundle-id: bundle-ppp-1/1.1bpgrp-id: bpgrp-ima-1lag-id:qtag1.qtag2:lag-10:atm[port-id | aps-id | bundle-id | bpgrp-id][:vpi/vci |vpi |vpi1.vpi2]port-id: 1/1/1aps-id: aps-1bundle-id: bundle-ima-1/1.1bundle-ppp-1/1.1bpgrp-id: bpgrp-ima-1vpi/vci: 16/26vpi: 16vpi1.vpi2: 16.200frame-relay [port-id| aps-id]:dlci port-id: 1/1/1:100aps-id: aps-1dlci: 16cisco-hdlc slot/mda/port.channel port-id: 1/1/3.1Common CLI Command Descriptions Values:sap-id null[port-id | bundle-id | bpgrp-id | lag-id | aps-id]dot1q [port-id | bundle-id | bpgrp-id | lag-id | aps-id]:qtag1qinq[port-id | bundle-id | bpgrp-id | lag-id]:qtag1.qtag2atm [port-id | aps-id][:vpi/vci|vpi| vpi1.vpi2]frame [port-id | aps-id]:dlcicisco-hdlc slot/mda/port.channelcem slot/mda/port.channelima-grp [bundle-id[:vpi/vci|vpi|vpi1.vpi2]port-id slot/mda/port[.channel]bundle-id bundle-type-slot/mda.bundle-numbundle keywordtype ima, fr, pppbundle-num 1 — 336bpgrp-id bpgrp-type-bpgrp-numbpgrp keywordtype ima, fr, pppbpgrp-num 1 — 2000aps-id aps-group-id[.channel]aps keywordgroup-id 1 — 64ccag-id ccag-id.path-id[cc-type]:cc-idccag keywordid 1 — 8path-id a, bcc-type .sap-net, .net-sapcc-id 0 — 4094lag-id lag-idlag keywordid 1 — 200qtag1 0 — 4094qtag2 *, 0 — 4094vpi NNI: 0 — 4095UNI: 0 — 255vci 1, 2, 5 — 65535dlci 16 — 1022ipsec-id ipsec-id.[private | public]:tagipsec keywordid 1 — 4tag 0 — 4094bundle-id — Specifies the multilink bundle to be associated with this IP interface. The bundle keyword must be entered at the beginning of the parameter.The command syntax must be configured as follows:bundle-id:bundle-type-slot-id/mda-slot.bundle-numbundle-id value range: 1 — 336For example:Common CLI Command Descriptions*A:ALA-12>config# port bundle-ppp-5/1.1*A:ALA-12>config>port# multilink-bundlebgprp-id — Specifies the bundle protection group ID to be associated with this IP interface. The bpgrp keyword must be entered at the beginning of the parameter.The command syntax must be configured as follows:bpgrp-id: bpgrp-type-bpgrp-numtype:imabpgrp-num value range: 1 — 2000For example:*A:ALA-12>config# port bpgrp-ima-1*A:ALA-12>config>service>vpls$ sap bpgrp-ima-1qtag1, qtag2 — Specifies the encapsulation value used to identify the SAP on the port or sub-port. If this parameter is not specificially defined, the default value is 0.Values qtag1: * | 0 — 4094qtag2 : * | 0 — 4094The values depends on the encapsulation type configured for the interface. The following tabledescribes the allowed values for the port and encapsulation types.Ethernet Dot1q0 — 4094The SAP is identified by the 802.1Q tag on the port.Note that a 0 qtag1 value also accepts untagged packetson the dot1q port.Ethernet QinQ qtag1: 0 — 4094qtag2: 0 — 4094The SAP is identified by two 802.1Q tags on the port. Note that a 0 qtag1 value also accepts untagged packets on the Dot1q port.SONET/SDH IPCP-The SAP is identified by the channel. No BCP isdeployed and all traffic is IP.SONET/SDH TDM BCP-Null0The SAP is identified with a single service on thechannel. Tags are assumed to be part of the customerpacket and not a service delimiter.SONET/SDHTDMBCP-Dot1q0 — 4094The SAP is identified by the 802.1Q tag on the channel.SONET/SDH TDM Frame Relay16 — 991The SAP is identified by the data link connectionidentifier (DLCI).SONET/SDH ATM ATM vpi (NNI) 0 — 4095vpi (UNI) 0 — 255vci 1, 2, 5 — 65535The SAP is identified by port or by PVPC or PVCCidentifier (vpi, vpi/vci, or vpi range)Common CLI Command Descriptions sap ipsec-id.private|public:tag — This parameter associates an IPSec group SAP with this interface. This is the public side for an IPSec tunnel. Tunnels referencing this IPSec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.This context will provide a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally this creates an Ethernet SAP that will be used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can beassociated with this SAP. The “tag” will be a dot1q value. The operator may see it as an identifier. The range is limited to 1 — 4095.Common CLI Command Descriptions。

阿尔卡特7750路由器-健康检查手册

阿尔卡特7750路由器-健康检查手册

阿尔卡特7750SR路由器健康检查手册上海贝尔股份有限公司2015年1月14日一、健康检查标准使用说明1.1 使用说明1.本手册适用产品:阿尔卡特7750SR,适用于CE、AR、DCN、CMNET等应用场景。

1.2 适用的设备软、硬件列表1.设备型号:ALCA TEL 7750SR2.软件版本:TiMOS 9.0.R17二、健康检查项目编号检查内容检查方法检查标准1 检查软件版本在路由器各节点上分别执行:show version为IOS软件版本核对TiMOS,正常情况为为9.0.R17。

如有不同要引起注意,TiMOS异常有可能会造成设备重启后无法正常启动。

2 检查日志信息及日志设置在路由器各节点上分别执行:show log log-id 99show log log-id 100正常情况下,不应该有大量重复信息。

比如端口频繁up/down,以及错误信息等。

3 检查调试信息开关在路由器各节点上分别执行:show debug正常运行时应该全部关闭。

如果发现存在启用Debug,则可以在用户视图使用no debug命令关闭所有Debug。

4 检查设备系统名是否符合中国移动命名规范在路由器各节点上分别查看命令行提示符。

符合中国移动命名规范。

5 检查端口描述是否规范在交路由器各节点上分别执行:show port description所有激活的重要接口都要按照中国移动规范进行描述,按照下列规则对重要端口进行描述:本端设备名-本端端口号->对端设备名-端口号。

6 检查系统时间是否与当地时间和时区一致在路由器各节点上分别执行:show time系统时间和当地时间、时区一致。

●如果没有配置网络时间同步,则时间设置应与当地时间和时区一致,从而便于日后定位故障时间和跟踪信息。

●如果系统时间不精确,则需要在用户视图配置时区和时间,命令如下:A:7750SR#configure system time zone PRC 8●A:7750SR#admin set-time 2011/10/0108:00:007 检查配置文件参数在路由器各节点上分别执行:admin display-config说明建议将最终配置文件另行备份保存到机器外。

7750 SR 路由器操作、管理和诊断指南说明书

7750 SR 路由器操作、管理和诊断指南说明书

PrefaceAbout This GuideThis guide describes service mirroring and Operations, Administration and Management (OAM)and diagnostic tools provided by the router and presents examples to configure and implementvarious tests.This guide is organized into functional chapters and provides concepts and descriptions of theimplementation flow, as well as Command Line Interface (CLI) syntax and command usage.AudienceThis guide is intended for network administrators who are responsible for configuring the 7750 SRrouters. It is assumed that the network administrators have an understanding of networkingprinciples and configurations. Concepts described in this guide include the following:•Service mirroring and Lawful Interception•Operation, Administration and Maintenance (OAM) operationsPrefaceList of Technical PublicationsThe 7750 SR documentation set is composed of the following guides: Table 1: List of Technical PublicationsPreface Table 1: List of Technical PublicationsSearching for InformationYou can use Adobe Reader, Release 6.0 or later, to search one or more PDF files for a term.To search for specific information in this guide1. From the Adobe Reader main menu, choose Edit > Search or Advanced Search. The Searchpanel opens.2. Click on the In the current document radio button.3. Enter the term to search for.4. Select the following search criteria, if required:Preface•Whole words only•Case-Sensitive•Include Bookmarks•Include Comments5. Click on the Search button. Adobe Reader displays the search results.You can expand the entries by clicking on the + symbol.To search for specific information in multiple documentsNote: The PDF files that you search must be in the same folder.1. From the Adobe Reader main menu, choose Edit > Search or Advanced Search. The Searchpanel opens.2. Click on the All PDF Documents in radio button.3. Choose the folder in which to search using the drop-down menu.4. Enter the term to search for.5. Select the following search criteria, if required:•Whole words only•Case-Sensitive•Include Bookmarks•Include Comments6. Click on the Search button. Adobe Reader displays the search results.You can expand the entries for each file by clicking on the + symbol.PrefaceTechnical SupportIf you purchased a service agreement for your 7750 SR router and related products from adistributor or authorized reseller, contact the technical support staff for that distributor or resellerfor assistance. If you purchased an Alcatel-Lucent service agreement, follow this link to contact anAlcatel-Lucent support representative and to access product manuals and documentation updates:https:///portal/olcsHome.doPreface。

Alcatel7750SR常用命令集

Alcatel7750SR常用命令集

Alcatel7750SR常用命令集1. 简介本文档是关于Alcatel7750SR常用命令集的指南。

Alcatel7750SR是一款多功能的路由器和交换机,广泛应用于电信运营商和企业网络中。

本文档将介绍一些常用的命令,以帮助用户更好地了解和使用Alcatel7750SR。

2. 登录与退出2.1 登录要登录到Alcatel7750SR设备,可以使用以下命令:login <用户名> <密码>其中,<用户名>和<密码>分别是您的登录名和密码。

2.2 退出要退出登录,可以使用以下命令:logout3. 基本配置3.1 设置主机名可以使用以下命令设置设备的主机名:configure systemset hostname <主机名>end其中,<主机名>是您要设置的主机名。

3.2 设置IP地址要设置设备的IP地址,可以使用以下命令:configure systemset address <接口> ip-address <IP地址>/<子网掩码>end其中,<接口>是设备的接口名,如ethernet 1/1/1,<IP 地址>是您要设置的IP地址,<子网掩码>是IP地址的子网掩码。

4. 路由配置4.1 静态路由要配置静态路由,可以使用以下命令:configure router static-routeadd <目标网络> next-hop <下一跳地址>end其中,<目标网络>是要配置的目标网络,如10.0.0.0/24,<下一跳地址>是下一跳的IP地址。

4.2 动态路由要配置动态路由,可以使用以下命令:configure router dynamic-routeospfarea <区域号>network <网络地址> mask <子网掩码>exitexit其中,<区域号>是OSPF的区域号,<网络地址>是要配置的网络地址,<子网掩码>是网络地址的子网掩码。

中国移动7750SR业务数据配置规范(IES)

中国移动7750SR业务数据配置规范(IES)

江苏移动7750SR业务数据配置规范(集团专线)南通分公司工程维护部2009年10月目录1前言 (3)2业务规则 (3)37750业务结构 (4)4业务配置前的基本配置 (4)4.1 端口设置 (4)4.2 业务(集团专线)基本配置 (4)5IES(专线业务)配置 (5)5.1 配置思路 (5)5.2 Interface配置模式 (5)5.3 subscriber-interface配置模式 (6)6完整业务配置举例 (7)6.1 interface专线开通 (7)6.2 subscriber-interface专线开通 (7)7常用show命令 (9)1 前言本配置规范只涉及7750作为SR时的IES业务,本文所有配置为最基本的配置,也是集团业务开通的必要配置。

根据业务发展需求将对本规范进行补充。

2 业务规则关键字用途规则customer ID 每种业务对应的customer ID1、IES 10;2、VPLS 20;3、VPRN 30;4、VLL 40IES ID 区分每个IES业务1、本地唯一,具体规则如下:2、IES ID:10+(cmnet_zx/VoIP),cmnet_zx 编号:100—110 VoIP 编号:200-210描述定义业务/端口描述1、业务描述:配置为业务用途(To_HaiMenChangHai)2、端口描述:To_对端设备名称_对端设备端口序号3、interface描述:以IP_X.X.X.X/mask路由策略控制引入路由的路由策略策略名称:业务导入陆游协议,如ies_bgp,意为将ies的路由导入BGPPrefix-List 路由发布前缀列表名称和策略名称一致policy-statement路由策略编辑采用业务导入协议命名3 7750业务结构7750SR4 业务配置前的基本配置4.1 端口设置配置思路:当7750SR 为下联设备提供业务服务时,用户设备上联到7750的端口称为SAP , 以太口的配置有:端口描述,配置端口模式,配置封装,配置端口协商A:AK7750# configure port x/x/xA:AK7750>config>port# description To_对端设备名称_对端设备端口序号 A:AK7750>config>port# ethernet mode accessA:AK7750>config>port# ethernet encap-type null/dot1q/qinq A:AK7750>config>port# ethernet no autonegotiate A:AK7750>config>port# no shutdown A:AK7750>config>port# exit4.2 业务(集团专线)基本配置配置说明:7750SR 要求每开一个业务要关联customer ,本次业务开通要求为每种业务创一个customer ID 并做描述,规范见<关键字说明>部分。

7750-SR设备常见故障处理指导书

7750-SR设备常见故障处理指导书

中国移动通信集团山西有限公司7750SR设备常见故障处理指导书上海贝尔阿尔卡特股份有限公司工程服务部二零零七年十月1 检查硬件运行状态 (4)1.17750SR硬件介绍 (4)1.2设备启动 (6)1.3检查管理连接状态 (10)1.3.1 Console 口连接 (10)1.4检查机箱状态 (12)1.4.1 机箱状态 (12)1.5检查电源 (13)1.6检查风扇 (14)1.7检查SF/CPM状态 (14)1.7.1 SF/CPM LED状态 (14)1.7.2 SF/CPM 排错命令 (16)1.7.3 检查SF/CPM 状态详情 (18)1.8检查IOM状态 (22)1.9检查MDA状态 (24)2 系统级排错 (25)2.1硬件初始化常见问题 (25)2.2检查文件配置 (27)2.2验证系统管理配置信息 (32)2.3显示系统信息 (32)2.4验证同步和冗余状态 (33)3 OA&M排错命令 (34)3.1LSP诊断命令 (35)3.2SDP D IAGNOSTICS (35)3.3业务诊断 (36)3.4VPLS MAC诊断 (36)3.5OAM命令汇总 (37)4 常见排错案例 (38)4.1硬件常见故障处理 (38)4.1.1 内存损失造成不能正常启动 (38)4.1.2 设备启动不成功 (39)4.1.3 MDA卡无法注册 (40)4.1.4 主控板无法注册 (40)4.1.5 console口无法输出信息 (41)4.1.6 软件升版不当导致CPM反复重启 (41)4.2端口常见故障处理 (44)4.2.1 pos端口常见故障处理 (44)4.2.2 ethernet端口常见故障处理 (46)4.3路由协议常见故障处理 (48)4.3.1 链路无法负载均衡 (48)4.3.2 等价路由情况下的PING问题 (49)4.3.3 访问控制列表配置不当引起路由协议DOWN掉 (54)4.3.4 升级后部分路由无法正常转发 (55)4.3.5 Ospf常见故障处理: (58)4.3.5.1 MTU配置问题导致OSPF无法与对端设备建立邻接关系 (58)4.3.5.2 配置了将直连路由重分发进ospf后,直连路由没有发布出去 (59)4.3.5.3 OSPF参考带宽与其他厂商互联设备设置不一致引起的路由问题 (59)4.3.5.4 移动voip大业务量倒换测试问题处理 (63)4.3.6 isis常见故障处理 (66)4.3.6.1 MD5的HASH算法版本不匹配导致ISIS验证失败 (66)4.3.6.2 与第三方设备(测试仪表类)建立ISIS邻接关系时遇到的问题 (66)4.3.7 bgp常见故障处理 (67)4.3.7.1 IBGP连接经常重启故障案例 (67)4.3.7.2 BGP宣告路由不全问题的处理 (71)4.3.7.3 7750路由宣告问题的处理 (72)4.3.8 mpls常见故障处理 (72)4.3.8.1 由于更改system地址后没有restart ospf导致MPLS-TE FRR故障 (72)4.3.8.2 由于不同厂商mpls分发机制不同引起的业务故障 (76)4.4业务常见故障处理 (78)4.4.1 ies常见故障处理 (78)4.4.1.1 ies割接后业务不通,对端用户无法ping通 (78)4.4.1.2 subscriber-interface业务无法开通故障 (79)4.4.2 vpls常见故障处理 (81)4.4.2.1 arp广播引起的网络设备故障 (81)4.4.2.2 使用filter-log进行vpls业务丢包故障定位 (83)4.4.3 vprn常见故障处理 (84)4.4.3.1 vprn的路由限制功能无法生效 (84)4.4.3.2 vprn通过option a方式实现跨域mpls vpn时,对端asbr无法学到本as内的私网路由。

7750SR配置方法

7750SR配置方法

实用文案7750SR路由器配置规范V2.1上海贝尔阿尔卡特股份有限公司互联网事业部二零零六年十一月目录1.概述 (5)2.系统基本配置 (7)2.1.层次化命令结构 (7)2.2.在CLI中获得帮助 (8)2.3.硬件板卡配置 (9)2.4.设备名称配置 (11)2.5.系统时间配置 (11)2.6.NTP配置 (11)2.7.主备卡切换配置 (12)2.8.AAA配置(登录用户) (14)3.端口配置 (16)3.1.Loopback端口配置 (16)3.2.GE端口配置 (16)3.3.POS端口配置 (17)3.4.端口镜像配置 (18)4.安全配置 (23)4.1.ACL配置 (23)4.2.防攻击配置 (24)5.网管配置 (31)5.1.网管地址配置 (31)5.2.TELNET配置 (32)5.3.FTP配置 (33)5.4.SNMP (33)5.5.SYSLOG (35)5.6.配置备份 (36)5.7.SSH配置 (36)Flow备份 (37)6.路由配置 (39)6.1.黑洞路由配置 (39)6.2.静态路由配置 (39)6.3.OSPF配置 (39)6.4.ISIS配置 (44)6.5.BGP配置 (47)7.业务配置 (54)7.1.专线业务配置(IES配置) (54)7.2.MPLS VPN业务配置 (56)7.2.1P路由器配置 (56)7.2.2PE路由器配置(VPRN) (60)7.2.3PE路由器配置(VPLS) (63)8.7750SR常用维护命令 (67)1.概述阿尔卡特7750SR路由器是业内第一个专为高级互联网和虚拟专用网络(VPN)业务而设计和优化的IP/MPLS业务路由器。

阿尔卡特7750SR有三种尺寸可供选择:单槽、7槽和12槽,可提供具有卓越性能和高密度的各种接口。

作为目前业内最具扩展性的路由器平台,阿尔卡特7750SR具有为高效传送基于服务等级协议(SLA)的业务而设计的软件和硬件架构,因此阿尔卡特7750SR不仅仅是强大的互联网路由器,更是一个灵活、强大的业务供应平台。

Security 7750 SR OS System Management Guide

Security 7750 SR OS System Management Guide

Security Security Command ReferenceCommand HierarchiesConfiguration Commands•Security Commands−LLDP Commands on page96−Management Access Filter Commands on page97−CPM Filter Commands on page98−CPM Queue Commands on page101−CPU Protection Commands on page102−Security Password Commands on page104−Public Key Infrastructure (PKI) Commands on page104−Profile Commands on page105−RADIUS Commands on page106−SSH Commands on page106−TACPLUS Commands on page106−User Template Commands on page107−Dot1x Commands on page107−Keychain Commands on page107•Login Control Commands on page109•Show Commands on page110•Clear Commands on page110•Debug Commands on page111•Tools Commands on page111Security Command ReferenceSecurity Commandsconfig—system—security—copy {user source-user | profile source-profile} to destination [overwrite]—[no]ftp-server—hash-control [read-version {1 | 2 | all}] [write-version {1 | 2}]—no hash-control—[no]per-peer-queuing—source-address—application app [ip-int-name | ip-address]—no application app—application6app ipv6-address—no application6—[no] telnet-server—[no] telnet6-server—vprn-network-exceptions number secondsLLDP Commandsconfigure—system—lldp—message-fast-tx time—no message-fast-tx—message-fast-tx-init count—no message-fast-tx-init—notification-interval time—no notification-interval—reinit-delay time—no reinit-delay—tx-credit-max count—no tx-credit-max—tx-hold-multiplier multiplier—no tx-hold-multiplier—tx-interval interval—no tx-intervalSecurityManagement Access Filter Commandsconfig—system—security—[no]management-access-filter—[no]ip-filter—default-action {permit | deny}—[no] entry entry-id—action{permit | deny | deny-host-unreachable}—no action—description description-string—no description—dst-port value [mask]—no dst-port—[no]log—protocol protocol-id—no protocol—router{router-instance}—no router—src-ip{ip-prefix/mask | ip-prefix netmask}—no src-ip—src-port{port-id | cpm | lag lag-id}—no src-port—src-port old-entry-number new-entry-number—renum old-entry-number new-entry-number—[no] shutdown—[no] ipv6-filter—default-action {permit | deny | deny-host-unreachable}—[no] entry entry-id—action{permit | deny | deny-host-unreachable}—no action—description description-string—no description—dst-port value [mask]—no dst-port—flow-label value—no flow-label—[no]log—next-header next-header—no next-header—router{router-instance}—no router—src-ip{ip-prefix/mask | ip-prefix netmask}—no src-ip—src-port{port-id | cpm | lag lag-id}—no src-port—renum old-entry-number new-entry-number—[no] shutdown—[no] mac-filter—default-action {permit | deny}—[no] entry entry-id—action{permit | deny | deny-host-unreachable}Security Command Reference—no action—description description-string—no description—[no] log—match frame-type frame-type—no match—cfm-opcode{lt | gt | eq}opcode—cfm-opcode range start end—no cfm-opcode—dot1p dot1p-value[dot1p-mask]—dsap dsap-value [dsap-mask]—dst-mac ieee-address [ieee-address-mask]—no dst-mac—etype0x0600..0xfff—no etype—snap-oui{zero | non-zero}—snap-pid snap-pid—no snap-pid—src-mac ieee-address [ieee-address-mask]—no src-mac—ssap ssap-value [ssap-mask]—no ssap—svc-id service-id—no svc-id—renum old-entry-number new-entry-number—[no] shutdownCPM Filter Commandsconfig—system—security—[no]cpm-filter—default-action {accept | drop}—[no]ip-filter—[no] entry entry-id—action[accept | drop | queue queue-id]}—no action—description description-string—no description—log log-id—no log—match [protocol protocol-id]—no match—dscp dscp-name—no dscp—dst-ip {ip-address/mask | ip-address netmask | ip-prefix-list prefix-list-name}—no dst-ip—dst-port [tcp/udp port-number] [mask]—no dst-port—fragment {true | false}—no fragment—icmp-code icmp-code—no icmp-code—icmp-type icmp-typeSecurity—no icmp-type—ip-option[ip-option-value] [ip-option-mask]—no ip-option—multiple-option{true | false}—no multiple-option—option-present{true | false}—no option-present—port port-number—port -list port-list-name—port-range start end—no port—router—src-ip{ip-address/mask | ip-address netmask | ip-prefix-list prefix-list-name}—no src-ip—src-port[src-port-number] [mask]—no src-port—tcp-ack{true | false}—no tcp-ack—tcp-syn{true | false}—no tcp-syn—renum old-entry-id new-entry-id—[no]shutdown—[no]ipv6-filter—[no] entry entry-id—action[accept | drop | queue queue-id]}—no action—description description-string—no description—log log-id—no log—match [next-header next-header]—no match—dscp dscp-name—no dscp—dst-ip ipv6-address/prefix-length—dst-ip ipv6-prefix-list ipv6-prefix-list-name—no dst-ip—dst-port [tcp/udp port-number] [mask]—dst-port port-list port-list-name—dst-port range tcp/udp port-number tcp/udp port-num-ber—no dst-port—flow-label value—no flow-label—fragment {true | false}—no fragment—hop-by-hop-opt{true | false}—no hop-by-hop-opt—icmp-code icmp-code—no icmp-code—icmp-type icmp-type—no icmp-type—port tcp/udp port-number [mask]—port port-list port-list-nameSecurity Command Reference—port range start end—no port—router service-name service-name—router router-instance—no router—src-ip[ipv6-address/prefix-length] [ipv6-prefix-listipv6-prefix-list-name]—no src-ip—src-port[src-port-number] [mask]—no src-port—tcp-ack{true | false}—no tcp-ack—tcp-syn{true | false}—no tcp-syn—renum old-entry-id new-entry-id—[no]shutdown—[no] mac-filter—[no] entry entry-id—action [accept | drop | queue queue-id]}—no action—description description-string—no description—log log-id—no log—match[frame-type frame-type]—no match—cfm-opcode{lt | gt | eq}opcode—cfm-opcode range start end—no cfm-opcode—dsap dsap-value [dsap-mask]—dst-mac ieee-address [ieee-address-mask]—no dst-mac—etype0x0600..0xfff—no etype—src-mac ieee-address [ieee-address-mask]—no src-mac—ssap ssap-value [ssap-mask]—no ssap—svc-id service-id—no svc-id—renum old-entry-number new-entry-number—[no] shutdownSecurityCPM Queue Commandsconfig—system—security—[no] cpm-queue—[no]queue queue-id—cbs cbs—no cbs—mbs mbs—no mbs—rate rate [cir cir]—no rateSecurity Command ReferenceCPU Protection Commandsconfig—system—security—cpu-protection—link-specific-rate packet-rate-limit—no link-specific-rate—policy cpu-protection-policy-id [create]—no policy cpu-protection-policy-id—[no] alarm—description description-string—no description—eth-cfm entry entry levels levels opcodes opcodes rate packet-rate-limit—no eth-cfm—out-profile-rate packet-rate-limit—no out-profile-rate—overall-rate packet-rate-limit—no overall-rate—per-source-rate packet-rate-limit—no per-source-rate—port-overall-rate packet-rate-limit—no port-overall-rate—[no]protocol-protection [allow-sham-links]Refer to the OS Services Guide and the Multi-Service ISA Guide for command, syntax, and usageinformation about applying CPU Protection policies to interfaces.CPU protection policies are applied by default (and customer policies can be applied) to a variety of entitiesincluding interfaces and SAPs. Refer to the appropriate guides (See Preface for document titles) forcommand syntax and usage for applying CPU protection policies. Examples of entities that can have CPUprotection policies applied to them include:configure>router>interface>cpu-protection policy-idconfigure>service>epipe>sap>cpu-protection policy-id [mac-monitoring]|[eth-cfm-monitoring[aggregate][car]]configure>service>epipe>spoke-sdp>cpu-protection policy-id [mac-monitoring]|[eth-cfm-monitoring[aggregate][car]]configure>service>ies>interface>cpu-protection policy-idconfigure>service>ies>interfac>sap>cpu-protection policy-id[mac-monitoring]|[eth-cfm-monitoring[aggregate][car]]configure>service>template>vpls-sap-template>cpu-protection policy-id[mac-monitoring]|[eth-cfm-monitoring [aggregate][car]]configure>service>vpls>sap>cpu-protection policy-id[mac-monitoring]|[eth-cfm-monitoring[aggregate][car]]configure>service>vpls>video-interface>cpu-protection policy-idconfigure>service>vprn>interface>cpu-protection policy-idSecurity configure>service>vprn >interface>sap>cpu-protection policy-id[mac-monitoring]|[eth-cfm-monitoring [aggregate][car]]configure>service>vprn>network-interface>cpu-protection policy-idconfigure>service>vprn>subscriber-interface>group-interface>sap>cpu-protection policy-id[mac-monitoring]|[eth-cfm-monitoring [aggregate][car]]configure>subscriber-mgmt>msap-policy>cpu-protection policy-id[mac-monitoring ]Distributed CPU Protection Commandsconfig—system—security—dist-cpu-protection—policy policy-name [create]—no policy—description description-string—no description—[no] local-monitoring-policer policer-name [create]—[no]description“description-string”—rate{packets {ppi | max} within seconds [initial-delaypackets] | kbps {kilobits-per-second | max} [mbs size][bytes|kilobytes]}—no rate—exceed-action{discard | low-priority | none}—[no]log-events [verbose]—protocol name [create]—no protocol name—dynamic-parameters—detection-time seconds—exceed-action{discard [hold-down seconds] | low-priority [hold-down seconds] | none}—log-events[verbose]—no log-events—rate {packets {ppi | max} within seconds [initial-delay packets] | kbps {kilobits-per-second | max} [mbssize] [bytes|kilobytes]}—enforcement {static policer-name | dynamic {mon-policer-name | local-mon-bypass }}—static-policer policer-name [create]—no static-policer policer-name—description description-string—no description—detection-time seconds—no detection-time—exceed-action{discard [hold-down seconds] | low-prior-ity [hold-down seconds] | none}—log-events[verbose]—no log-events—rate{packets {ppi | max} within seconds [initial-delaypackets] | kbps {kilobits-per-second | max} [mbs size][bytes|kilobytes]}—no rateSecurity Command Referenceconfig card x fp y—dist-cpu-protection—[no]dynamic-enforcement-policer-pool number-of-policersSecurity Password Commandsconfig—system—ftp-server—password—admin-password password [hash | hash2]—no admin-password—aging days—no aging—attempts count[time minutes1][lockout minutes2]—no attempts—authentication-order[method-1] [method-2] [method-3] [exit-on-reject]—no authentication-order—[no]complexity[numeric] [special-character] [mixed-case]—[no] health-check[interval interval]—minimum-length value—no minimum-length—[no] tacplus-map-to-priv-lvl[admin-priv-lvl]Public Key Infrastructure (PKI) Commandsconfig—system—security—pki—ca-profile name [create]—no ca-profile name—cert-file filename—no cert-file—cmp—cmp-key-list—key password[hash|hash2] reference reference-num-ber—no key reference reference-number—cmp-url url-string [service-id service-id]—no cmp-url—http-response-timeout timeout—no http-response-timeout—crl-file filename—no crl-file—description description-string—no description—ocsp—responder-url url-string—no responder-url—service service-id—no service—verify-cert filename [allow-override]—verify-cert ca-cert [allow-override]—no verify-cert—[no]shutdown—maximum-cert-chain-depth level—no maximum-cert-chain-depthadmin—certificate—clear-ocsp-cache[entry-id]—display type {cert|key|crl|cert-request} url-string format {pkcs10|pkcs12|pkcs7-der|pkcs7-pem|pem|der} [password [32 chars max]]—export type {cert|key|crl} input filename output url-string format output-format [password [32chars max]] [pkey filename]—gen-keypair url-string [size {512|1024|2048}] [type {rsa|dsa}]—gen-local-cert-req keypair url-string subject-dn subject-dn [domain-name [255 chars max]] [ip-addr ip-address] file url-string—import type {cert|key|crl} input url-string output filename format input-format [password [32chars max]]—reload type {cert|key} filenameProfile Commandsconfig—system—security—[no]profile user-profile-name—default-action{deny-all | permit-all | none}—[no]entry entry-id—action{deny | permit}—description description-string—no description—security command-string—no security—renum old-entry-number new-entry-numberRADIUS Commandsconfig—system—security—[no]radius—access-algorithm {direct | round-robin}— no access-algorithm—[no] accounting—accounting-port port—no accounting-port—[no] authorization—port port—no port—retry count—no retry—server server-index address ip-address secret key [hash | hash2]—no server server-index—[no]shutdown—timeout seconds—no timeout—[no] use-default-templateSSH Commandsconfig—system—security—ssh—[no]preserve-key—[no]server-shutdown—[no]version SSH-versionTACPLUS Commandsconfig—system—security—[no]tacplus—accounting[record-type {start-stop | stop-only}]—no accounting—[no]authorization—[no]interactive-authentication—server server-index address ip-address secret key [hash | hash2] [port port]—no server server-index—[no]shutdown—timeout seconds—no timeout—[no]use-default-templateUser Commandsconfig—system—security—[no]user user-name—[no]access[ftp][snmp][console] [li]—console—[no]cannot-change-password—login-exec url-prefix::source-url—no login-exec—member user-profile-name [user-profile-name…(up to 8 max)]—no member user-profile-name—[no]new-password-at-login—home-directory url-prefix[directory][directory/directory…]—no home-directory—password[password][hash | hash2]—[no]restricted-to-home—[no]rsa-key“public-key-name” key-id—snmp—authentication{[none]|[[hash]{md5 key-1| sha key-1} privacy{none|des-key|aes-128-cfb-key key-2}]}—group group-name—no groupUser Template Commandsconfig—system—security—user-template {tacplus_default | radius_default}—[no]access [ftp] [console]—console—login-exec url-prefix:source-url—no login-exec—home-directory url-prefix[directory][directory/directory..]—no home-directory—profile user-profile-name—no profile—[no]restricted-to-homeDot1x Commandsconfig—system—security—dot1x—radius-plcy name—retry count—no retry—server (dot1x)server-index address ip-address secret key [port port]—source-address ip-address—[no] shutdown—timeout seconds—no timeout—[no]shutdownKeychain Commandsconfig—system—security—[no] keychain keychain-name—description description-string—no description—direction {uni | bi}—bi—entry entry-id key [authentication-key| hash-key | hash2-key] [hash | hash2] algorithm algorithm—begin-time[date] [hours-minutes] [UTC] [now][forever]—[no] shutdown—tolerance[seconds | forever]—uni—receive—entry entry-id key [authentication-key| hash-key | hash2-key] [hash | hash2] algorithm algorithm—begin-time[date] [hours-minutes] [UTC] [now][forever]—end-time[date][hours-minutes] [UTC] [now] [for-ever]—[no] shutdown—tolerance[seconds | forever]—send—entry entry-id key [authentication-key| hash-key |hash2-key] [hash | hash2] algorithm algorithm—begin-time[date] [hours-minutes] [UTC] [now][forever]—[no] shutdown—[no] shutdown—tcp-option-number—receive option-number—send option-numberTTL Security Commandsconfig— router—bgp—group—ttl-security min-ttl-value—neighbor—ttl-security min-ttl-valueconfig— router—ldp—peer-parameters—peer—ttl-security min-ttl-valueconfig— system—login-control—ssh—ttl-securityconfig— system—login-control—telnet—ttl-securityLogin Control Commandsconfig—system—login-control—[no] exponential-backoff—ftp—inbound-max-sessions value—no inbound-max-sessions—idle-timeout{minutes | disable}—no idle-timeout—[no] login-banner—motd{url url-prefix: source-url| text motd-text-string}—no motd—pre-login-message login-text-string[name]—no pre-login-message—ssh—disable-graceful-shutdown—inbound-max-sessions—outbound-max-sessions—ttl-security—telnet—enable-graceful-shutdown—inbound-max-sessions value—no inbound-max-sessions—outbound-max-sessions value—no outbound-max-sessions—ttl-securityShow CommandsSecurityshow—system—security—access-group[group-name]—authentication[statistics]—communities—cpm-filter—ip-filter [entry entry-id]—ipv6-filter [entry entry-id]—mac-filter[entry entry-id]—cpm-queue queue-id—cpu-protection—eth-cfm-monitoring [ {service-id service-id sap-id sap-id} | {service-id ser-vice-id sdp-id sdp-id:vc-id} ]—excessive-sources [service-id service-id sap-id sap-id]—policy [policy-id] association—protocol-protection—violators[port] [interface] [sap] [video] [sdp]—dist-cpu-protection—policy [policy-id] [association detail]—keychain keychain-name [detail]—management-access-filter—ip-filter[entry entry-id]—ipv6-filter[entry entry-id]—mac-filter[entry entry-id]—password-options—per-peer-queuing [detail]—per-peer-queuing—profile[user-profile-name]—source-address—ssh—user[user-name][detail]—user[user-name] lockout—view[view-name][detail]—certificate—ca-profile—ca-profile name [association]—ocsp-cache [entry-id]—statisticsLogin Controlshow—userClear CommandsAuthenticationclear—router—authentication—statistics[interface ip-int-name | ip-address]CPM Filter—cpm-filter—ip-filter[entry entry-id]—ipv6-filter[entry entry-id]—mac-filter[entry entry-id]CPU Protectionclear—cpu-protection—excessive-sources—protocol-protection—violators [port] [interface] [sap]Clear CPU Statsclear—cpm-queue queue-idClear RADIUS Proxy Serverclear—router—radius-proxy-server server-name statisticsDebug Commandsdebug—radius [detail] [hex]—no radius—[no] ocsp—[no]ocsp profile-nameTools Commandstools— dump— security—dist-cpu-protection—violators enforcement {sap|interface} card slot-number [fp fp-number]—violators local-monitor {sap|interface} card slot-number [fp fp-number]—perform—security—dist-cpu-protection—release-hold-down interface interface-name[protocol protocol] [static-policer name]—release-hold-down sap sap-id [protocol protocol] [static-policer name]。

7750-SR设备常见故障处理指导书

7750-SR设备常见故障处理指导书

中国移动通信集团山西有限公司7750SR设备常见故障处理指导书上海贝尔阿尔卡特股份有限公司工程服务部二零零七年十月1 检查硬件运行状态 (4)1.17750SR硬件介绍 (4)1.2设备启动 (6)1.3检查管理连接状态 (10)1.3.1 Console 口连接 (10)1.4检查机箱状态 (12)1.4.1 机箱状态 (12)1.5检查电源 (13)1.6检查风扇 (14)1.7检查SF/CPM状态 (14)1.7.1 SF/CPM LED状态 (14)1.7.2 SF/CPM 排错命令 (16)1.7.3 检查SF/CPM 状态详情 (18)1.8检查IOM状态 (22)1.9检查MDA状态 (24)2 系统级排错 (25)2.1硬件初始化常见问题 (25)2.2检查文件配置 (27)2.2验证系统管理配置信息 (32)2.3显示系统信息 (32)2.4验证同步和冗余状态 (33)3 OA&M排错命令 (34)3.1LSP诊断命令 (35)3.2SDP D IAGNOSTICS (35)3.3业务诊断 (36)3.4VPLS MAC诊断 (36)3.5OAM命令汇总 (37)4 常见排错案例 (38)4.1硬件常见故障处理 (38)4.1.1 内存损失造成不能正常启动 (38)4.1.2 设备启动不成功 (39)4.1.3 MDA卡无法注册 (40)4.1.4 主控板无法注册 (40)4.1.5 console口无法输出信息 (41)4.1.6 软件升版不当导致CPM反复重启 (41)4.2端口常见故障处理 (44)4.2.1 pos端口常见故障处理 (44)4.2.2 ethernet端口常见故障处理 (46)4.3路由协议常见故障处理 (48)4.3.1 链路无法负载均衡 (48)4.3.2 等价路由情况下的PING问题 (49)4.3.3 访问控制列表配置不当引起路由协议DOWN掉 (54)4.3.4 升级后部分路由无法正常转发 (55)4.3.5 Ospf常见故障处理: (58)4.3.5.1 MTU配置问题导致OSPF无法与对端设备建立邻接关系 (58)4.3.5.2 配置了将直连路由重分发进ospf后,直连路由没有发布出去 (59)4.3.5.3 OSPF参考带宽与其他厂商互联设备设置不一致引起的路由问题 (59)4.3.5.4 移动voip大业务量倒换测试问题处理 (63)4.3.6 isis常见故障处理 (66)4.3.6.1 MD5的HASH算法版本不匹配导致ISIS验证失败 (66)4.3.6.2 与第三方设备(测试仪表类)建立ISIS邻接关系时遇到的问题 (66)4.3.7 bgp常见故障处理 (67)4.3.7.1 IBGP连接经常重启故障案例 (67)4.3.7.2 BGP宣告路由不全问题的处理 (71)4.3.7.3 7750路由宣告问题的处理 (72)4.3.8 mpls常见故障处理 (72)4.3.8.1 由于更改system地址后没有restart ospf导致MPLS-TE FRR故障 (72)4.3.8.2 由于不同厂商mpls分发机制不同引起的业务故障 (76)4.4业务常见故障处理 (78)4.4.1 ies常见故障处理 (78)4.4.1.1 ies割接后业务不通,对端用户无法ping通 (78)4.4.1.2 subscriber-interface业务无法开通故障 (79)4.4.2 vpls常见故障处理 (81)4.4.2.1 arp广播引起的网络设备故障 (81)4.4.2.2 使用filter-log进行vpls业务丢包故障定位 (83)4.4.3 vprn常见故障处理 (84)4.4.3.1 vprn的路由限制功能无法生效 (84)4.4.3.2 vprn通过option a方式实现跨域mpls vpn时,对端asbr无法学到本as内的私网路由。

  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
10 #show chassis power-supply 检查电源运行状况
11 #show card [ n detail] 显示板卡配置和状态
12 #show mda [ m/n detail] 显示mda卡配置和状态
13 #show port 查看物理端口的状态,如SFP类型,端口的MTU等
14 #show port x/x/x [detail] 查看具体物理端口详细信息
15 #show router interface 查看路由端口的状态
16 #show router ospf interface 查看OSPF端口的状态,以及DR和BDR关系
17 #show router ospf neighbor 查看OSPF邻居的建立状态
5 #Show system security user 检查路由器用户登录失败情况
6 #show users 显示用户登录情况
7 #show log log-id 99 查看系统日
8 #show bof 查看bof配置信息
9 #show chassis environment 检查风扇运行状况
7750SR常用维护命令
序号 命令 说明
1 #show uptime 显示系统开机时间
2 #show system cpu sample-preiod 10 显示系统cpu运行状况
3 #show system memory-pools 显示系统内存使用情况
4 #show system connections 检查系统开放端口
40 #tools perform aps request aps-7 protect Moving protect to working(本地protect)
41 #tools perform aps clear aps-7 protect After move is done aps request has to be clear
22 #show router route-table 查看路由表
23 #show router route-table protocol xxx 查看从某种协议学习到的路由表
24 #show router bgp neighbor 查看BGP邻居建立情况
25 #show router bgp routes 查看BGP路由
33 #show port aps-1 查看 APS
34 #monitor service id 8000 sap bpgrp-ppp-1 rate 查看流量
35 #monitor port bpgrp-ppp-1 multiclass rate 查看ASAP的MLG不同类流量
36 #show multilink-bundle bpgrp-ppp-1 detail 查看MLG 详细配置
18 # show router ospf database 查看OSPF的数据库
19 # show router isis adjacency 查看ISIS邻居建立状态
20 # show router isis interface 查看ISIS端口
21 # show router isis database 查看ISIS的数据库
29 #show router fib x 查看某个特定IOM的转发表
30 #show router vrrp instance 查看VRRP 运行情况
31 #show multilink-bundle bpgrp-ppp-1 ppp 查看MLP GROUP 运行情况
32 #show multilink-bundle 查看MLP ML BUNDLE
37 #show multilink-bundle bpgrp-ppp-1 ppp 查看MLG 详细PPP配置
38 # tools perform aps request aps-7 working Moving working to protect (本地working)
39 # tools perform aps clear aps-7 working After move is done aps request has to be clear
26 #show router bgp neighbor x.x.x.x advertised-routes 查看向bgp邻居广播的网段和网段属性
27 #show router bgp neighbor x.x.x.x received-routes 查看从bgp邻居接受到的网段和网段属性
28 #show router policy 查看应用的策略
相关文档
最新文档