0% found this document useful (0 votes)

152 views4,890 pages

Fat AP and Cloud AP V200R019C00 Command Reference PDF

Uploaded by

sean order

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

152 views4,890 pages

Fat AP and Cloud AP V200R019C00 Command Reference PDF

Uploaded by

sean order

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4890

Fat AP and Cloud AP

V200R019C00

Command Reference

Issue 08
Date 2021-11-15

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2021. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website: https://e.huawei.com

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. i

Fat AP and Cloud AP
Command Reference Contents

Contents

1 About This Document.............................................................................................................1

2 How to Use Command Lines.................................................................................................4
2.1 Entering Command Views.................................................................................................................................................... 4
2.2 Setting Command Levels...................................................................................................................................................... 6
2.3 Editing Command Lines........................................................................................................................................................ 7
2.4 Using Command Line Online Help....................................................................................................................................9
2.5 Interpreting Command Line Error Messages...............................................................................................................11
2.6 Using the undo Command Line....................................................................................................................................... 11
2.7 Displaying History Commands......................................................................................................................................... 12
2.8 Using Command Line Shortcut Keys.............................................................................................................................. 13

3 Basic Configurations Commands....................................................................................... 16

3.1 CLI Overview Commands................................................................................................................................................... 16
3.1.1 cls............................................................................................................................................................................................ 16
3.1.2 command-privilege level.................................................................................................................................................17
3.1.3 diagnose............................................................................................................................................................................... 19
3.1.4 display history-command............................................................................................................................................... 20
3.1.5 display language................................................................................................................................................................ 21
3.1.6 display this........................................................................................................................................................................... 22
3.1.7 header................................................................................................................................................................................... 23
3.1.8 display hotkey..................................................................................................................................................................... 26
3.1.9 hotkey.................................................................................................................................................................................... 27
3.1.10 quit....................................................................................................................................................................................... 29
3.1.11 return................................................................................................................................................................................... 30
3.1.12 system-view...................................................................................................................................................................... 31
3.2 First Login Commands........................................................................................................................................................ 32
3.2.1 clock datetime.................................................................................................................................................................... 32
3.2.2 clock daylight-saving-time............................................................................................................................................. 33
3.2.3 clock timezone....................................................................................................................................................................36
3.2.4 display clock........................................................................................................................................................................ 38
3.2.5 sysname................................................................................................................................................................................ 44
3.2.6 ip domain-name................................................................................................................................................................ 45
3.3 UI Configuration Commands............................................................................................................................................ 46

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. ii

Fat AP and Cloud AP
Command Reference Contents

3.3.1 acl (user interface view)................................................................................................................................................. 46

3.3.2 authentication-mode (user interface view)............................................................................................................. 48
3.3.3 auto-execute command.................................................................................................................................................. 49
3.3.4 databits................................................................................................................................................................................. 50
3.3.5 display mib-index interface............................................................................................................................................ 51
3.3.6 display user-interface....................................................................................................................................................... 53
3.3.7 display user-interface maximum-vty.......................................................................................................................... 55
3.3.8 display users........................................................................................................................................................................ 56
3.3.9 display vty lines.................................................................................................................................................................. 58
3.3.10 display vty mode............................................................................................................................................................. 58
3.3.11 free user-interface........................................................................................................................................................... 59
3.3.12 history-command max-size......................................................................................................................................... 60
3.3.13 idle-timeout...................................................................................................................................................................... 61
3.3.14 mmi-mode enable.......................................................................................................................................................... 62
3.3.15 parity................................................................................................................................................................................... 63
3.3.16 protocol inbound............................................................................................................................................................. 64
3.3.17 screen-length.................................................................................................................................................................... 65
3.3.18 screen-width..................................................................................................................................................................... 66
3.3.19 set authentication password....................................................................................................................................... 67
3.3.20 shell...................................................................................................................................................................................... 69
3.3.21 speed (user interface view)......................................................................................................................................... 70
3.3.22 stopbits............................................................................................................................................................................... 71
3.3.23 user privilege.................................................................................................................................................................... 72
3.3.24 user-interface.................................................................................................................................................................... 75
3.3.25 user-interface current.................................................................................................................................................... 77
3.3.26 user-interface maximum-vty....................................................................................................................................... 78
3.4 User Login Configuration Commands........................................................................................................................... 79
3.4.1 config lock............................................................................................................................................................................ 79
3.4.2 config unlock interval...................................................................................................................................................... 80
3.4.3 console ble-mode (system view)................................................................................................................................. 81
3.4.4 display config lock............................................................................................................................................................. 82
3.4.5 display console ble-mode............................................................................................................................................... 84
3.4.6 display rsa local-key-pair public................................................................................................................................... 85
3.4.7 display rsa peer-public-key............................................................................................................................................. 87
3.4.8 display ssh server............................................................................................................................................................... 88
3.4.9 display ssh user-information..........................................................................................................................................91
3.4.10 display telnet server status.......................................................................................................................................... 92
3.4.11 display telnet-client........................................................................................................................................................ 93
3.4.12 display ecc local-key-pair public................................................................................................................................ 94
3.4.13 display ecc peer-public-key.......................................................................................................................................... 96
3.4.14 display wlan ble-link-info............................................................................................................................................. 97
3.4.15 ecc local-key-pair create............................................................................................................................................... 98

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. iii

Fat AP and Cloud AP
Command Reference Contents

3.4.16 ecc local-key-pair destroy.......................................................................................................................................... 100

3.4.17 ecc peer-public-key.......................................................................................................................................................101
3.4.18 lock.................................................................................................................................................................................... 103
3.4.19 matched upper-view.................................................................................................................................................... 104
3.4.20 peer-public-key end..................................................................................................................................................... 105
3.4.21 public-key-code begin................................................................................................................................................. 106
3.4.22 public-key-code end.....................................................................................................................................................108
3.4.23 rsa local-key-pair create............................................................................................................................................. 109
3.4.24 rsa local-key-pair destroy.......................................................................................................................................... 110
3.4.25 rsa peer-public-key....................................................................................................................................................... 111
3.4.26 ssh client assign............................................................................................................................................................ 113
3.4.27 ssh client first-time enable........................................................................................................................................ 114
3.4.28 ssh client key-exchange.............................................................................................................................................. 115
3.4.29 ssh client secure-algorithms hmac......................................................................................................................... 117
3.4.30 ssh client secure-algorithms cipher........................................................................................................................ 118
3.4.31 ssh server authentication-retries............................................................................................................................. 119
3.4.32 ssh server key-exchange.............................................................................................................................................120
3.4.33 ssh server permit interface........................................................................................................................................ 121
3.4.34 ssh server port............................................................................................................................................................... 122
3.4.35 ssh server rekey-interval.............................................................................................................................................123
3.4.36 ssh server secure-algorithms hmac........................................................................................................................ 124
3.4.37 ssh server secure-algorithms cipher....................................................................................................................... 125
3.4.38 ssh server timeout........................................................................................................................................................ 126
3.4.39 ssh user assign............................................................................................................................................................... 127
3.4.40 ssh user authentication-type.................................................................................................................................... 129
3.4.41 stelnet............................................................................................................................................................................... 132
3.4.42 stelnet ap (Central AP)............................................................................................................................................... 134
3.4.43 stelnet server enable................................................................................................................................................... 135
3.4.44 telnet................................................................................................................................................................................. 136
3.4.45 telnet client-source...................................................................................................................................................... 137
3.4.46 telnet server permit interface...................................................................................................................................138
3.4.47 telnet server port.......................................................................................................................................................... 140
3.4.48 telnet server enable..................................................................................................................................................... 141
3.5 File Management Commands........................................................................................................................................ 142
3.5.1 ascii...................................................................................................................................................................................... 142
3.5.2 binary.................................................................................................................................................................................. 143
3.5.3 bye........................................................................................................................................................................................ 143
3.5.4 cd (FTP client view)........................................................................................................................................................ 144
3.5.5 cd (SFTP client view)..................................................................................................................................................... 145
3.5.6 cd (user view)................................................................................................................................................................... 146
3.5.7 cdup (SFTP client view)................................................................................................................................................ 148
3.5.8 cdup (FTP client view)................................................................................................................................................... 149

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. iv

Fat AP and Cloud AP
Command Reference Contents

3.5.9 close..................................................................................................................................................................................... 150

3.5.10 copy................................................................................................................................................................................... 151
3.5.11 debugging....................................................................................................................................................................... 154
3.5.12 delete (user view)......................................................................................................................................................... 154
3.5.13 dir (user view)................................................................................................................................................................156
3.5.14 delete (FTP client view).............................................................................................................................................. 159
3.5.15 dir/ls (FTP client view)................................................................................................................................................ 160
3.5.16 dir/ls (SFTP client view)..............................................................................................................................................163
3.5.17 disconnect....................................................................................................................................................................... 164
3.5.18 display ftp-server.......................................................................................................................................................... 165
3.5.19 display ftp-users............................................................................................................................................................ 166
3.5.20 display ftp-client........................................................................................................................................................... 168
3.5.21 display sftp-client......................................................................................................................................................... 169
3.5.22 display tftp-client.......................................................................................................................................................... 170
3.5.23 execute............................................................................................................................................................................. 171
3.5.24 file prompt...................................................................................................................................................................... 172
3.5.25 format............................................................................................................................................................................... 173
3.5.26 ftp....................................................................................................................................................................................... 175
3.5.27 ftp acl................................................................................................................................................................................ 176
3.5.28 ftp client-source............................................................................................................................................................ 177
3.5.29 ftp server enable........................................................................................................................................................... 179
3.5.30 ftp server permit interface.........................................................................................................................................180
3.5.31 ftp server port................................................................................................................................................................ 181
3.5.32 ftp server-source........................................................................................................................................................... 183
3.5.33 ftp timeout...................................................................................................................................................................... 184
3.5.34 get (FTP client view)................................................................................................................................................... 185
3.5.35 get (SFTP client view)................................................................................................................................................. 186
3.5.36 help (SFTP client view)............................................................................................................................................... 187
3.5.37 mkdir (FTP client view).............................................................................................................................................. 188
3.5.38 mkdir (SFTP client view)............................................................................................................................................ 189
3.5.39 mkdir (User view)......................................................................................................................................................... 190
3.5.40 lcd....................................................................................................................................................................................... 192
3.5.41 more.................................................................................................................................................................................. 193
3.5.42 mount............................................................................................................................................................................... 195
3.5.43 move................................................................................................................................................................................. 196
3.5.44 open.................................................................................................................................................................................. 198
3.5.45 passive.............................................................................................................................................................................. 200
3.5.46 put (FTP client view)................................................................................................................................................... 201
3.5.47 put (SFTP client view)................................................................................................................................................. 202
3.5.48 pwd (FTP client view)................................................................................................................................................. 204
3.5.49 pwd (SFTP client view)............................................................................................................................................... 204
3.5.50 pwd (user view)............................................................................................................................................................ 205

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. v

Fat AP and Cloud AP
Command Reference Contents

3.5.51 quit (FTP client view).................................................................................................................................................. 206

3.5.52 quit (SFTP client view)................................................................................................................................................ 207
3.5.53 remotehelp...................................................................................................................................................................... 208
3.5.54 remove (SFTP client view)......................................................................................................................................... 209
3.5.55 rename (SFTP client view)........................................................................................................................................ 210
3.5.56 rename (user view)...................................................................................................................................................... 211
3.5.57 reset recycle-bin............................................................................................................................................................ 213
3.5.58 rmdir (FTP client view)............................................................................................................................................... 215
3.5.59 rmdir (SFTP client view)............................................................................................................................................. 216
3.5.60 rmdir (user view).......................................................................................................................................................... 217
3.5.61 set default ftp-directory............................................................................................................................................. 218
3.5.62 sftp..................................................................................................................................................................................... 219
3.5.63 sftp ap (Central AP)..................................................................................................................................................... 222
3.5.64 sftp client-source...........................................................................................................................................................223
3.5.65 sftp server enable......................................................................................................................................................... 225
3.5.66 tftp..................................................................................................................................................................................... 225
3.5.67 tftp client-source........................................................................................................................................................... 227
3.5.68 tftp-server acl................................................................................................................................................................. 229
3.5.69 umount............................................................................................................................................................................. 230
3.5.70 undelete........................................................................................................................................................................... 231
3.5.71 unzip..................................................................................................................................................................................232
3.5.72 user.................................................................................................................................................................................... 234
3.5.73 verbose............................................................................................................................................................................. 235
3.5.74 zip....................................................................................................................................................................................... 236
3.6 Configuring System Startup Commands.................................................................................................................... 238
3.6.1 autosave interval............................................................................................................................................................. 238
3.6.2 autosave time................................................................................................................................................................... 241
3.6.3 compare configuration.................................................................................................................................................. 244
3.6.4 display autosave configuration.................................................................................................................................. 245
3.6.5 display current-configuration..................................................................................................................................... 247
3.6.6 display reset-reason....................................................................................................................................................... 248
3.6.7 display saved-configuration........................................................................................................................................ 256
3.6.8 display schedule reboot................................................................................................................................................ 257
3.6.9 display startup.................................................................................................................................................................. 258
3.6.10 reset saved-configuration.......................................................................................................................................... 259
3.6.11 reboot............................................................................................................................................................................... 261
3.6.12 reset factory-configuration........................................................................................................................................262
3.6.13 startup patch.................................................................................................................................................................. 263
3.6.14 reset patch-configure.................................................................................................................................................. 264
3.6.15 save.................................................................................................................................................................................... 265
3.6.16 schedule reboot............................................................................................................................................................. 267
3.6.17 startup saved-configuration......................................................................................................................................268

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. vi

Fat AP and Cloud AP
Command Reference Contents

3.6.18 startup system-software............................................................................................................................................ 270

3.7 Upgrade Commands.......................................................................................................................................................... 270
3.7.1 ap-mode-switch............................................................................................................................................................... 271
3.7.2 ap-mode-switch check.................................................................................................................................................. 272
3.7.3 ap-mode-switch ftp........................................................................................................................................................ 273
3.7.4 ap-mode-switch prepare.............................................................................................................................................. 275
3.7.5 ap-mode-switch sftp...................................................................................................................................................... 276
3.7.6 display paf......................................................................................................................................................................... 279
3.7.7 display patch-information............................................................................................................................................ 281
3.7.8 patch delete all................................................................................................................................................................ 282
3.7.9 patch load.......................................................................................................................................................................... 283
3.7.10 pki-load houp-certificate........................................................................................................................................... 284
3.7.11 upgrade version check................................................................................................................................................ 285
3.7.12 upgrade version ftp...................................................................................................................................................... 286
3.7.13 upgrade version sftp.................................................................................................................................................... 288
3.8 HTTP Server Commands.................................................................................................................................................. 290
3.8.1 display http server.......................................................................................................................................................... 290
3.8.2 display http user.............................................................................................................................................................. 292
3.8.3 http acl................................................................................................................................................................................ 293
3.8.4 http get............................................................................................................................................................................... 294
3.8.5 http server enable........................................................................................................................................................... 296
3.8.6 http server load............................................................................................................................................................... 297
3.8.7 http server permit interface........................................................................................................................................ 298
3.8.8 http server port................................................................................................................................................................ 299
3.8.9 http timeout...................................................................................................................................................................... 300

4 Cloud-based Management Configuration Commands...............................................302

4.1 cloud-mng controller........................................................................................................................................................ 303
4.2 cloud-mng register-center disable................................................................................................................................304
4.3 display alarm active-to-cloud........................................................................................................................................ 305
4.4 display alarm active-to-cloud sync-record................................................................................................................. 307
4.5 display cloud-mng info..................................................................................................................................................... 308
4.6 display cloud-mng execute-cli-list................................................................................................................................ 310
4.7 display cloud-mng register-center status...................................................................................................................311
4.8 display offline roll-back-config...................................................................................................................................... 312
4.9 display offline self-healing-reset configuration....................................................................................................... 313
4.10 management-vlan (WAN view).................................................................................................................................. 314
4.11 offline roll-back interval................................................................................................................................................ 315
4.12 offline roll-back-certificate disable............................................................................................................................ 317
4.13 offline save-online-config interval............................................................................................................................. 318
4.14 offline self-healing-reset disable................................................................................................................................ 319
4.15 offline self-healing-reset timeout.............................................................................................................................. 320
4.16 interface wan0.................................................................................................................................................................. 321

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. vii

Fat AP and Cloud AP
Command Reference Contents

4.17 ip-address (WAN view).................................................................................................................................................. 322

4.18 dns-server (WAN view).................................................................................................................................................. 323
4.19 dhcp-client enable........................................................................................................................................................... 324
4.20 pppoe-client (Cloud AP)................................................................................................................................................ 325
4.21 temporary-management psk (Cloud Central AP).................................................................................................326
4.22 temporary-management psk (Cloud AP)................................................................................................................ 327

5 Device Management Commands.....................................................................................329

5.1 Device Status Checking Commands............................................................................................................................. 329
5.1.1 display cpu-usage........................................................................................................................................................... 329
5.1.2 display cpu-usage configuration................................................................................................................................330
5.1.3 display cpu-usage history............................................................................................................................................. 331
5.1.4 display diagnostic-information................................................................................................................................... 333
5.1.5 display elabel.................................................................................................................................................................... 336
5.1.6 display esn......................................................................................................................................................................... 338
5.1.7 display sn........................................................................................................................................................................... 339
5.1.8 display fan......................................................................................................................................................................... 341
5.1.9 display health................................................................................................................................................................... 343
5.1.10 display memory-usage................................................................................................................................................345
5.1.11 display memory-usage threshold............................................................................................................................ 346
5.1.12 display power................................................................................................................................................................. 347
5.1.13 display temperature..................................................................................................................................................... 349
5.1.14 display transceiver........................................................................................................................................................ 350
5.1.15 display transceiver diagnosis interface..................................................................................................................353
5.1.16 display version............................................................................................................................................................... 355
5.1.17 reset cpu-usage record............................................................................................................................................... 357
5.2 Hardware Configuration Commands........................................................................................................................... 358
5.2.1 backup elabel................................................................................................................................................................... 358
5.2.2 set cpu-usage threshold................................................................................................................................................359
5.2.3 set disk-usage threshold............................................................................................................................................... 361
5.2.4 set memory-usage threshold...................................................................................................................................... 362
5.3 Energy-saving Configuration Commands.................................................................................................................. 363
5.3.1 als enable........................................................................................................................................................................... 363
5.3.2 als restart........................................................................................................................................................................... 364
5.3.3 als restart mode manual.............................................................................................................................................. 365
5.3.4 als restart pulse-interval............................................................................................................................................... 366
5.3.5 als restart pulse-width...................................................................................................................................................367
5.3.6 display als configuration.............................................................................................................................................. 368
5.4 Fault Management Commands..................................................................................................................................... 369
5.4.1 alarm correlation-suppress enable........................................................................................................................... 369
5.4.2 alarm-name severity...................................................................................................................................................... 371
5.4.3 alarm (system view)...................................................................................................................................................... 373
5.4.4 clear alarm active........................................................................................................................................................... 374

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. viii

Fat AP and Cloud AP
Command Reference Contents

5.4.5 clear event all................................................................................................................................................................... 374

5.4.6 correlation-analyze enable.......................................................................................................................................... 375
5.4.7 display alarm active....................................................................................................................................................... 376
5.4.8 display alarm history..................................................................................................................................................... 378
5.4.9 display alarm information............................................................................................................................................380
5.4.10 display event.................................................................................................................................................................. 381
5.4.11 display event information.......................................................................................................................................... 383
5.4.12 delay-suppression enable...........................................................................................................................................384
5.4.13 event................................................................................................................................................................................. 385
5.4.14 mask interface............................................................................................................................................................... 385
5.4.15 suppression alarm-name............................................................................................................................................386
5.4.16 suppression event-name............................................................................................................................................ 388
5.5 Information Center Configuration Commands........................................................................................................ 389
5.5.1 display binlog-buffer...................................................................................................................................................... 389
5.5.2 display binlog-buffer summary.................................................................................................................................. 391
5.5.3 display channel................................................................................................................................................................ 392
5.5.4 display debugging........................................................................................................................................................... 395
5.5.5 display info-center.......................................................................................................................................................... 396
5.5.6 display info-center filter-id.......................................................................................................................................... 399
5.5.7 display info-center logfile path.................................................................................................................................. 401
5.5.8 display info-center rate-limit record.........................................................................................................................402
5.5.9 display info-center rate-limit threshold.................................................................................................................. 403
5.5.10 display info-center statistics..................................................................................................................................... 404
5.5.11 display log....................................................................................................................................................................... 405
5.5.12 display log failure......................................................................................................................................................... 408
5.5.13 display logbuffer........................................................................................................................................................... 409
5.5.14 display logfile................................................................................................................................................................. 414
5.5.15 display trapbuffer......................................................................................................................................................... 416
5.5.16 info-center channel...................................................................................................................................................... 419
5.5.17 info-center channel name......................................................................................................................................... 421
5.5.18 info-center enable........................................................................................................................................................ 422
5.5.19 info-center filter-id....................................................................................................................................................... 423
5.5.20 info-center logbuffer................................................................................................................................................... 425
5.5.21 info-center logbuffer size...........................................................................................................................................426
5.5.22 info-center logfile path...............................................................................................................................................427
5.5.23 info-center logfile size................................................................................................................................................ 428
5.5.24 info-center loghost....................................................................................................................................................... 429
5.5.25 info-center loghost source.........................................................................................................................................432
5.5.26 info-center loghost source-port............................................................................................................................... 433
5.5.27 info-center max-logfile-number.............................................................................................................................. 434
5.5.28 info-center rate-limit except..................................................................................................................................... 435
5.5.29 info-center rate-limit global-threshold................................................................................................................. 437

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. ix

Fat AP and Cloud AP
Command Reference Contents

5.5.30 info-center rate-limit monitor-period.................................................................................................................... 438

5.5.31 info-center rate-limit threshold............................................................................................................................... 439
5.5.32 info-center source channel........................................................................................................................................ 441
5.5.33 info-center statistic-suppress enable..................................................................................................................... 446
5.5.34 info-center timestamp................................................................................................................................................ 447
5.5.35 info-center trapbuffer................................................................................................................................................. 449
5.5.36 info-center trapbuffer size.........................................................................................................................................450
5.5.37 reset info-center statistics..........................................................................................................................................451
5.5.38 reset logbuffer............................................................................................................................................................... 452
5.5.39 reset trapbuffer............................................................................................................................................................. 453
5.5.40 save logfile...................................................................................................................................................................... 453
5.5.41 terminal debugging..................................................................................................................................................... 454
5.5.42 terminal logging........................................................................................................................................................... 455
5.5.43 terminal monitor.......................................................................................................................................................... 456
5.5.44 terminal trapping.......................................................................................................................................................... 457
5.6 NTP Configuration Commands...................................................................................................................................... 458
5.6.1 display ntp-service sessions......................................................................................................................................... 458
5.6.2 display ntp-service status............................................................................................................................................. 464
5.6.3 display ntp-service trace............................................................................................................................................... 465
5.6.4 ntp-service access........................................................................................................................................................... 466
5.6.5 ntp-service access limited............................................................................................................................................ 469
5.6.6 ntp-service authentication enable............................................................................................................................ 470
5.6.7 ntp-service authentication-keyid............................................................................................................................... 471
5.6.8 ntp-service broadcast-client........................................................................................................................................ 473
5.6.9 ntp-service broadcast-server....................................................................................................................................... 474
5.6.10 ntp-service discard....................................................................................................................................................... 475
5.6.11 ntp-service enable........................................................................................................................................................ 477
5.6.12 ntp-service in-interface disable................................................................................................................................477
5.6.13 ntp-service kod-enable............................................................................................................................................... 478
5.6.14 ntp-service max-dynamic-sessions......................................................................................................................... 479
5.6.15 ntp-service reliable authentication-keyid............................................................................................................. 480
5.6.16 ntp-service server disable.......................................................................................................................................... 481
5.6.17 ntp-service source-interface......................................................................................................................................482
5.6.18 ntp-service unicast-peer............................................................................................................................................. 483
5.6.19 ntp-service unicast-server.......................................................................................................................................... 485
5.7 PoE Configuration Commands....................................................................................................................................... 487
5.7.1 display current power-workmode............................................................................................................................. 487
5.7.2 display poe device........................................................................................................................................................... 488
5.7.3 display poe information................................................................................................................................................ 489
5.7.4 display poe power........................................................................................................................................................... 491
5.7.5 display poe power-state................................................................................................................................................494
5.7.6 display poe-power.......................................................................................................................................................... 500

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. x

Fat AP and Cloud AP
Command Reference Contents

5.7.7 poe af-inrush enable...................................................................................................................................................... 502

5.7.8 poe enable......................................................................................................................................................................... 503
5.7.9 poe force-power.............................................................................................................................................................. 504
5.7.10 poe high-inrush enable...............................................................................................................................................505
5.7.11 poe { power-off | power-on } interface.................................................................................................................506
5.7.12 poe legacy enable.........................................................................................................................................................507
5.7.13 poe max-power............................................................................................................................................................. 508
5.7.14 poe power-management............................................................................................................................................510
5.7.15 poe power-off time-range......................................................................................................................................... 511
5.7.16 poe power-reserved..................................................................................................................................................... 513
5.7.17 poe power-threshold................................................................................................................................................... 514
5.7.18 poe priority..................................................................................................................................................................... 515

6 Interface Management Commands................................................................................ 517

6.1 Basic Interface Configuration Commands................................................................................................................. 517
6.1.1 bandwidth (interface view)......................................................................................................................................... 517
6.1.2 description (interface view).........................................................................................................................................518
6.1.3 display default-parameter interface......................................................................................................................... 519
6.1.4 display interface.............................................................................................................................................................. 521
6.1.5 display interface brief.................................................................................................................................................... 527
6.1.6 display interface description....................................................................................................................................... 529
6.1.7 display interface counters............................................................................................................................................ 531
6.1.8 display ip interface......................................................................................................................................................... 533
6.1.9 display ip interface description...................................................................................................................................536
6.1.10 display this interface....................................................................................................................................................541
6.1.11 interface........................................................................................................................................................................... 545
6.1.12 reset counters if-mib interface.................................................................................................................................546
6.1.13 reset counters interface.............................................................................................................................................. 547
6.1.14 restart (interface view)............................................................................................................................................... 548
6.1.15 set flow-stat interval (interface view)................................................................................................................... 549
6.1.16 shutdown (interface view)........................................................................................................................................ 550
6.1.17 shutdown interval......................................................................................................................................................... 551
6.2 Ethernet Interface Configuration Commands.......................................................................................................... 552
6.2.1 am isolate.......................................................................................................................................................................... 553
6.2.2 auto duplex....................................................................................................................................................................... 554
6.2.3 auto speed......................................................................................................................................................................... 556
6.2.4 cable-snr-test.................................................................................................................................................................... 557
6.2.5 display interface ethernet brief.................................................................................................................................. 558
6.2.6 display port-isolate group............................................................................................................................................ 561
6.2.7 duplex.................................................................................................................................................................................. 562
6.2.8 log-threshold.................................................................................................................................................................... 564
6.2.9 loopback............................................................................................................................................................................. 565
6.2.10 negotiation auto........................................................................................................................................................... 567

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xi

Fat AP and Cloud AP
Command Reference Contents

6.2.11 port-down holdoff-timer............................................................................................................................................568

6.2.12 port-isolate enable....................................................................................................................................................... 569
6.2.13 port-isolate mode......................................................................................................................................................... 570
6.2.14 speed................................................................................................................................................................................. 571
6.2.15 trap-threshold................................................................................................................................................................ 573
6.2.16 virtual-cable-test...........................................................................................................................................................575
6.3 Logical Interface Configuration Commands............................................................................................................. 577
6.3.1 display interface loopback........................................................................................................................................... 577
6.3.2 display interface null......................................................................................................................................................579
6.3.3 interface loopback.......................................................................................................................................................... 582
6.3.4 interface null.....................................................................................................................................................................583
6.3.5 management-interface................................................................................................................................................. 583

7 Network Interconnection Configurations Commands............................................... 585

7.1 MAC Address Table Configuration Commands........................................................................................................ 585
7.1.1 display bridge mac-address......................................................................................................................................... 585
7.1.2 display mac-address....................................................................................................................................................... 586
7.1.3 display mac-address aging-time................................................................................................................................ 589
7.1.4 display mac-address blackhole................................................................................................................................... 590
7.1.5 display mac-address dynamic..................................................................................................................................... 592
7.1.6 display mac-address static........................................................................................................................................... 594
7.1.7 display mac-address summary................................................................................................................................... 596
7.1.8 display mac-address total-number........................................................................................................................... 597
7.1.9 display mac-limit............................................................................................................................................................. 599
7.1.10 mac-address....................................................................................................................................................................601
7.1.11 mac-address aging-time.............................................................................................................................................604
7.1.12 mac-address learning disable................................................................................................................................... 605
7.1.13 mac-learning priority................................................................................................................................................... 608
7.1.14 mac-learning priority allow-flapping..................................................................................................................... 609
7.1.15 mac-limit..........................................................................................................................................................................610
7.1.16 port bridge enable........................................................................................................................................................ 613
7.2 Ethernet Link Aggregation Commands.......................................................................................................................614
7.2.1 display eth-trunk............................................................................................................................................................. 614
7.2.2 display interface eth-trunk.......................................................................................................................................... 616
7.2.3 display trunk index-map............................................................................................................................................... 620
7.2.4 display trunk resource................................................................................................................................................... 621
7.2.5 display trunkmembership eth-trunk.........................................................................................................................622
7.2.6 eth-trunk............................................................................................................................................................................ 623
7.2.7 interface eth-trunk......................................................................................................................................................... 625
7.2.8 least active-linknumber................................................................................................................................................ 626
7.2.9 load-balance..................................................................................................................................................................... 627
7.2.10 mode................................................................................................................................................................................. 630
7.2.11 trunk-member trap...................................................................................................................................................... 631

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xii

Fat AP and Cloud AP
Command Reference Contents

7.3 VLAN Configuration Commands................................................................................................................................... 632

7.3.1 damping time................................................................................................................................................................... 632
7.3.2 description (VLAN view)............................................................................................................................................... 633
7.3.3 description (VLANIF interface view).........................................................................................................................634
7.3.4 display interface vlanif.................................................................................................................................................. 636
7.3.5 display port vlan.............................................................................................................................................................. 638
7.3.6 display vlan....................................................................................................................................................................... 639
7.3.7 interface vlanif................................................................................................................................................................. 643
7.3.8 ip pool (VLAN view)....................................................................................................................................................... 645
7.3.9 management-vlan.......................................................................................................................................................... 646
7.3.10 mtu (VLANIF interface view).................................................................................................................................... 647
7.3.11 name (VLAN view)....................................................................................................................................................... 649
7.3.12 port.................................................................................................................................................................................... 650
7.3.13 port default vlan........................................................................................................................................................... 652
7.3.14 port hybrid pvid vlan................................................................................................................................................... 654
7.3.15 port hybrid tagged vlan..............................................................................................................................................655
7.3.16 port hybrid untagged vlan.........................................................................................................................................657
7.3.17 port link-type..................................................................................................................................................................658
7.3.18 port trunk allow-pass vlan........................................................................................................................................ 659
7.3.19 port trunk pvid vlan..................................................................................................................................................... 661
7.3.20 reset vlan statistics....................................................................................................................................................... 662
7.3.21 shutdown (VLANIF interface view)........................................................................................................................ 663
7.3.22 vlan.................................................................................................................................................................................... 664
7.3.23 vlan vlan-name..............................................................................................................................................................666
7.4 STP/RSTP/MSTP Configuration Commands.............................................................................................................. 667
7.4.1 active region-configuration......................................................................................................................................... 667
7.4.2 check region-configuration..........................................................................................................................................668
7.4.3 display stp.......................................................................................................................................................................... 669
7.4.4 display stp abnormal-interface.................................................................................................................................. 676
7.4.5 display stp active............................................................................................................................................................. 677
7.4.6 display stp bridge............................................................................................................................................................ 681
7.4.7 display stp error packet.................................................................................................................................................683
7.4.8 display stp global............................................................................................................................................................ 683
7.4.9 display stp region-configuration................................................................................................................................ 686
7.4.10 display stp tc-bpdu statistics..................................................................................................................................... 688
7.4.11 display stp topology-change.....................................................................................................................................689
7.4.12 display stp vlan.............................................................................................................................................................. 691
7.4.13 instance............................................................................................................................................................................ 692
7.4.14 max bandwidth-affected-linknumber................................................................................................................... 693
7.4.15 region-name................................................................................................................................................................... 694
7.4.16 reset stp error packet statistics................................................................................................................................ 695
7.4.17 reset stp statistics......................................................................................................................................................... 696

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xiii

Fat AP and Cloud AP
Command Reference Contents

7.4.18 revision-level.................................................................................................................................................................. 697

7.4.19 stp bpdu-filter................................................................................................................................................................ 698
7.4.20 stp bpdu-filter default................................................................................................................................................. 700
7.4.21 stp bpdu-protection..................................................................................................................................................... 701
7.4.22 stp bridge-diameter..................................................................................................................................................... 702
7.4.23 stp compliance............................................................................................................................................................... 703
7.4.24 stp config-digest-snoop.............................................................................................................................................. 704
7.4.25 stp converge................................................................................................................................................................... 705
7.4.26 stp cost............................................................................................................................................................................. 707
7.4.27 stp edged-port............................................................................................................................................................... 709
7.4.28 stp edged-port default................................................................................................................................................ 710
7.4.29 stp enable........................................................................................................................................................................ 711
7.4.30 stp loop-protection.......................................................................................................................................................713
7.4.31 stp max-hops..................................................................................................................................................................714
7.4.32 stp mcheck...................................................................................................................................................................... 715
7.4.33 stp mode (system view)............................................................................................................................................. 717
7.4.34 stp no-agreement-check............................................................................................................................................ 718
7.4.35 stp pathcost-standard................................................................................................................................................. 720
7.4.36 stp point-to-point......................................................................................................................................................... 722
7.4.37 stp port priority............................................................................................................................................................. 723
7.4.38 stp priority....................................................................................................................................................................... 725
7.4.39 stp region-configuration............................................................................................................................................ 726
7.4.40 stp root............................................................................................................................................................................. 728
7.4.41 stp root-protection....................................................................................................................................................... 729
7.4.42 stp tc-protection............................................................................................................................................................ 731
7.4.43 stp tc-protection interval............................................................................................................................................732
7.4.44 stp tc-protection threshold........................................................................................................................................ 733
7.4.45 stp timer forward-delay............................................................................................................................................. 734
7.4.46 stp timer hello............................................................................................................................................................... 736
7.4.47 stp timer max-age........................................................................................................................................................ 737
7.4.48 stp timer-factor............................................................................................................................................................. 738
7.4.49 stp transmit-limit (interface view)......................................................................................................................... 740
7.4.50 stp transmit-limit (system view)............................................................................................................................. 741
7.4.51 vlan-mapping modulo................................................................................................................................................ 742
7.5 IPv4 Configuration Commands...................................................................................................................................... 744
7.5.1 ip address........................................................................................................................................................................... 744
7.6 ARP Configuration Commands...................................................................................................................................... 745
7.6.1 arp detect-mode unicast.............................................................................................................................................. 745
7.6.2 arp detect-times.............................................................................................................................................................. 746
7.6.3 arp expire-time................................................................................................................................................................ 747
7.6.4 arp fixup............................................................................................................................................................................. 748
7.6.5 arp ip-conflict-detect enable.......................................................................................................................................750

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xiv

Fat AP and Cloud AP
Command Reference Contents

7.6.6 arp scan.............................................................................................................................................................................. 751

7.6.7 arp static............................................................................................................................................................................ 752
7.6.8 arp topology-change disable...................................................................................................................................... 754
7.6.9 arp-proxy enable............................................................................................................................................................. 755
7.6.10 arp-proxy inner-sub-vlan-proxy enable.................................................................................................................756
7.6.11 arp-proxy inter-sub-vlan-proxy enable..................................................................................................................757
7.6.12 arp send-packet.............................................................................................................................................................758
7.6.13 arp-suppress enable..................................................................................................................................................... 759
7.6.14 display arp....................................................................................................................................................................... 760
7.6.15 display arp dynamic..................................................................................................................................................... 762
7.6.16 display arp error packet............................................................................................................................................. 764
7.6.17 display arp interface.................................................................................................................................................... 765
7.6.18 display arp ip-conflict track.......................................................................................................................................768
7.6.19 display arp network..................................................................................................................................................... 769
7.6.20 display arp packet statistics...................................................................................................................................... 771
7.6.21 display arp static........................................................................................................................................................... 773
7.6.22 display arp statistics.....................................................................................................................................................775
7.6.23 display arp track............................................................................................................................................................ 776
7.6.24 display snmp-agent trap feature-name arp all.................................................................................................. 777
7.6.25 l2-topology detect enable......................................................................................................................................... 779
7.6.26 reset arp........................................................................................................................................................................... 780
7.6.27 reset arp packet statistics.......................................................................................................................................... 781
7.6.28 snmp-agent trap enable feature-name arp........................................................................................................ 782
7.7 DHCP Configuration Commands...................................................................................................................................783
7.7.1 alarm ip-used percentage............................................................................................................................................ 783
7.7.2 bootfile................................................................................................................................................................................784
7.7.3 conflict auto-recycle interval.......................................................................................................................................786
7.7.4 dhcp anti-attack check duplicate option................................................................................................................ 787
7.7.5 dhcp client class-id (interface view)......................................................................................................................... 788
7.7.6 dhcp client class-id (system view)............................................................................................................................ 789
7.7.7 dhcp client client-id........................................................................................................................................................ 790
7.7.8 dhcp client expected-lease...........................................................................................................................................791
7.7.9 dhcp client gateway-detect......................................................................................................................................... 792
7.7.10 dhcp client default-route preference .................................................................................................................... 793
7.7.11 dhcp client hostname.................................................................................................................................................. 795
7.7.12 dhcp client renew......................................................................................................................................................... 796
7.7.13 dhcp client request option-list exclude................................................................................................................. 797
7.7.14 dhcp client request option-list................................................................................................................................. 798
7.7.15 dhcp enable.................................................................................................................................................................... 799
7.7.16 dhcp option template..................................................................................................................................................800
7.7.17 dhcp relay gateway-switch enable......................................................................................................................... 801
7.7.18 dhcp relay information enable................................................................................................................................. 802

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xv

Fat AP and Cloud AP
Command Reference Contents

7.7.19 dhcp relay information strategy.............................................................................................................................. 804

7.7.20 dhcp relay release......................................................................................................................................................... 805
7.7.21 dhcp relay request server-match enable.............................................................................................................. 807
7.7.22 dhcp relay reply forward all enable....................................................................................................................... 808
7.7.23 dhcp relay server-ip......................................................................................................................................................809
7.7.24 dhcp relay server-select.............................................................................................................................................. 811
7.7.25 dhcp relay trust option82.......................................................................................................................................... 813
7.7.26 dhcp set ttl...................................................................................................................................................................... 814
7.7.27 dhcp select global.........................................................................................................................................................815
7.7.28 dhcp select interface....................................................................................................................................................816
7.7.29 dhcp server alarm ip-used percentage..................................................................................................................817
7.7.30 dhcp select relay........................................................................................................................................................... 819
7.7.31 dhcp server bootfile..................................................................................................................................................... 820
7.7.32 dhcp server bootp......................................................................................................................................................... 822
7.7.33 dhcp server bootp automatic................................................................................................................................... 823
7.7.34 dhcp server conflict auto-recycle interval............................................................................................................ 824
7.7.35 dhcp server database.................................................................................................................................................. 825
7.7.36 dhcp server dns-list...................................................................................................................................................... 827
7.7.37 dhcp server domain-name (interface view)........................................................................................................ 828
7.7.38 dhcp server excluded-ip-address............................................................................................................................. 830
7.7.39 dhcp server gateway-list............................................................................................................................................ 832
7.7.40 dhcp server force insert option................................................................................................................................ 833
7.7.41 dhcp server force response........................................................................................................................................ 835
7.7.42 dhcp server group......................................................................................................................................................... 836
7.7.43 dhcp server ip-range.................................................................................................................................................... 837
7.7.44 dhcp server lease.......................................................................................................................................................... 838
7.7.45 dhcp server logging..................................................................................................................................................... 840
7.7.46 dhcp server mask.......................................................................................................................................................... 842
7.7.47 dhcp server nbns-list................................................................................................................................................... 844
7.7.48 dhcp server netbios-type............................................................................................................................................845
7.7.49 dhcp server next-server.............................................................................................................................................. 847
7.7.50 dhcp server option....................................................................................................................................................... 848
7.7.51 dhcp server option121................................................................................................................................................ 852
7.7.52 dhcp server option184................................................................................................................................................ 853
7.7.53 dhcp server ping............................................................................................................................................................854
7.7.54 dhcp server sip-server................................................................................................................................................. 856
7.7.55 dhcp server sname....................................................................................................................................................... 857
7.7.56 dhcp server static-bind................................................................................................................................................859
7.7.57 dhcp server trust option82........................................................................................................................................ 861
7.7.58 dhcp speed-limit auto................................................................................................................................................. 861
7.7.59 dhcp-server..................................................................................................................................................................... 863
7.7.60 display dhcp client........................................................................................................................................................ 864

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xvi

Fat AP and Cloud AP
Command Reference Contents

7.7.61 display dhcp client statistics..................................................................................................................................... 866

7.7.62 display dhcp configuration........................................................................................................................................ 868
7.7.63 display dhcp option template...................................................................................................................................870
7.7.64 display dhcp relay......................................................................................................................................................... 873
7.7.65 display dhcp relay statistics.......................................................................................................................................876
7.7.66 display dhcp relay user-table.................................................................................................................................... 879
7.7.67 display dhcp server database................................................................................................................................... 880
7.7.68 display dhcp server configuration........................................................................................................................... 882
7.7.69 display dhcp server group.......................................................................................................................................... 884
7.7.70 display dhcp server statistics.................................................................................................................................... 885
7.7.71 display dhcp statistics..................................................................................................................................................887
7.7.72 display ip pool................................................................................................................................................................ 892
7.7.73 display snmp-agent trap feature-name dhcp all............................................................................................... 899
7.7.74 dns-list.............................................................................................................................................................................. 902
7.7.75 domain-name................................................................................................................................................................ 904
7.7.76 excluded-ip-address..................................................................................................................................................... 905
7.7.77 force insert option........................................................................................................................................................ 907
7.7.78 gateway (DHCP server group view)....................................................................................................................... 909
7.7.79 gateway-list.................................................................................................................................................................... 910
7.7.80 ip pool (system view).................................................................................................................................................. 911
7.7.81 ip relay address cycle...................................................................................................................................................912
7.7.82 ip address bootp-alloc.................................................................................................................................................913
7.7.83 ip address dhcp-alloc...................................................................................................................................................915
7.7.84 lease.................................................................................................................................................................................. 916
7.7.85 lock (IP address pool view)....................................................................................................................................... 918
7.7.86 logging (IP address pool view)................................................................................................................................ 918
7.7.87 nbns-list........................................................................................................................................................................... 920
7.7.88 netbios-type.................................................................................................................................................................... 922
7.7.89 network (IP address pool view)............................................................................................................................... 923
7.7.90 next-server...................................................................................................................................................................... 925
7.7.91 option................................................................................................................................................................................926
7.7.92 option121........................................................................................................................................................................ 930
7.7.93 option184........................................................................................................................................................................ 931
7.7.94 reset dhcp client statistics..........................................................................................................................................932
7.7.95 reset dhcp relay statistics........................................................................................................................................... 933
7.7.96 reset dhcp server statistics........................................................................................................................................ 934
7.7.97 dhcp relay detect enable............................................................................................................................................ 935
7.7.98 reset dhcp statistics...................................................................................................................................................... 936
7.7.99 reset ip pool.................................................................................................................................................................... 937
7.7.100 section (IP address pool view)............................................................................................................................... 939
7.7.101 sip-server (IP address pool view).......................................................................................................................... 940
7.7.102 sname............................................................................................................................................................................. 941

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xvii

Fat AP and Cloud AP
Command Reference Contents

7.7.103 snmp-agent trap enable feature-name dhcp................................................................................................... 942

7.7.104 static-bind..................................................................................................................................................................... 946
7.8 DNS Configuration Commands..................................................................................................................................... 948
7.8.1 display dns configuration............................................................................................................................................. 949
7.8.2 display dns domain.........................................................................................................................................................950
7.8.3 display dns dynamic-host............................................................................................................................................. 952
7.8.4 display dns forward table............................................................................................................................................. 954
7.8.5 display dns server............................................................................................................................................................ 956
7.8.6 display dns statistics.......................................................................................................................................................957
7.8.7 display dns zone.............................................................................................................................................................. 959
7.8.8 display ip host.................................................................................................................................................................. 960
7.8.9 dns domain........................................................................................................................................................................961
7.8.10 dns forward retry-number......................................................................................................................................... 963
7.8.11 dns forward retry-timeout......................................................................................................................................... 964
7.8.12 dns proxy enable........................................................................................................................................................... 965
7.8.13 dns resolve...................................................................................................................................................................... 966
7.8.14 dns server........................................................................................................................................................................ 967
7.8.15 dns server source-ip..................................................................................................................................................... 968
7.8.16 dns-server-select-algorithm...................................................................................................................................... 969
7.8.17 dns zone........................................................................................................................................................................... 971
7.8.18 ip host............................................................................................................................................................................... 972
7.8.19 reset dns dynamic-host...............................................................................................................................................973
7.8.20 reset dns forward table.............................................................................................................................................. 974
7.8.21 reset dns statistics........................................................................................................................................................ 975
7.8.22 rr a..................................................................................................................................................................................... 976
7.8.23 rr aaaa.............................................................................................................................................................................. 977
7.8.24 ttl........................................................................................................................................................................................ 978
7.9 NAT Configuration Commands..................................................................................................................................... 979
7.9.1 display app-inspect table statistics........................................................................................................................... 979
7.9.2 display app-inspect session table.............................................................................................................................. 981
7.9.3 display nat address-group............................................................................................................................................ 983
7.9.4 display nat alg.................................................................................................................................................................. 985
7.9.5 display nat dns-map...................................................................................................................................................... 986
7.9.6 display nat filter-mode..................................................................................................................................................987
7.9.7 display nat log configuration...................................................................................................................................... 988
7.9.8 display nat mapping table........................................................................................................................................... 989
7.9.9 display nat mapping-mode......................................................................................................................................... 991
7.9.10 display nat outbound.................................................................................................................................................. 992
7.9.11 display nat server..........................................................................................................................................................993
7.9.12 display nat session....................................................................................................................................................... 995
7.9.13 display nat session aging-time................................................................................................................................ 997
7.9.14 display nat static........................................................................................................................................................... 999

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xviii

Fat AP and Cloud AP
Command Reference Contents

7.9.15 display nat static interface enable....................................................................................................................... 1000

7.9.16 display port-mapping................................................................................................................................................1001
7.9.17 nat address-group...................................................................................................................................................... 1003
7.9.18 nat alg............................................................................................................................................................................ 1004
7.9.19 nat dns-map.................................................................................................................................................................1005
7.9.20 nat filter-mode............................................................................................................................................................ 1007
7.9.21 nat log binary-log host............................................................................................................................................ 1008
7.9.22 nat log session enable.............................................................................................................................................. 1010
7.9.23 nat log session log-interval.................................................................................................................................... 1010
7.9.24 nat mapping-mode....................................................................................................................................................1011
7.9.25 nat outbound............................................................................................................................................................... 1013
7.9.26 nat outbound (Easy-IP)............................................................................................................................................ 1014
7.9.27 nat server...................................................................................................................................................................... 1015
7.9.28 nat session aging-time............................................................................................................................................. 1018
7.9.29 nat static enable......................................................................................................................................................... 1020
7.9.30 nat static (interface view)....................................................................................................................................... 1021
7.9.31 nat static (system view)...........................................................................................................................................1025
7.9.32 port-mapping...............................................................................................................................................................1028
7.9.33 reset app-inspect table statistics...........................................................................................................................1030
7.9.34 reset nat session......................................................................................................................................................... 1031
7.9.35 reset session all........................................................................................................................................................... 1032
7.10 IP Performance Configuration Commands........................................................................................................... 1033
7.10.1 clear ip df...................................................................................................................................................................... 1033
7.10.2 discard ra....................................................................................................................................................................... 1034
7.10.3 discard rr....................................................................................................................................................................... 1034
7.10.4 discard srr......................................................................................................................................................................1035
7.10.5 discard ts....................................................................................................................................................................... 1036
7.10.6 display icmp statistics............................................................................................................................................... 1037
7.10.7 display ip interface.....................................................................................................................................................1039
7.10.8 display ip socket......................................................................................................................................................... 1042
7.10.9 display ip socket register-port................................................................................................................................ 1047
7.10.10 display ip statistics...................................................................................................................................................1048
7.10.11 display network status........................................................................................................................................... 1051
7.10.12 display rawip statistics........................................................................................................................................... 1052
7.10.13 display snmp-agent trap feature-name tcp all............................................................................................. 1054
7.10.14 display tcp statistics................................................................................................................................................ 1055
7.10.15 display tcp status..................................................................................................................................................... 1058
7.10.16 display udp statistics............................................................................................................................................... 1061
7.10.17 icmp blackhole unreachable send......................................................................................................................1063
7.10.18 icmp host-unreachable send (interface view)............................................................................................... 1064
7.10.19 icmp port-unreachable send................................................................................................................................ 1065
7.10.20 icmp receive............................................................................................................................................................... 1065

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xix

Fat AP and Cloud AP
Command Reference Contents

7.10.21 icmp redirect send................................................................................................................................................... 1067

7.10.22 icmp ttl-exceeded drop.......................................................................................................................................... 1068
7.10.23 icmp ttl-exceeded send.......................................................................................................................................... 1069
7.10.24 icmp unreachable drop.......................................................................................................................................... 1070
7.10.25 icmp with-options drop......................................................................................................................................... 1071
7.10.26 icmp-reply fast.......................................................................................................................................................... 1071
7.10.27 ip forward-broadcast.............................................................................................................................................. 1072
7.10.28 ip soft-forward enhancement disable...............................................................................................................1073
7.10.29 ip verify source-address......................................................................................................................................... 1074
7.10.30 reset ip socket monitor.......................................................................................................................................... 1075
7.10.31 load-balance (system view)................................................................................................................................. 1076
7.10.32 reset ip socket pktsort............................................................................................................................................ 1077
7.10.33 reset ip statistics....................................................................................................................................................... 1078
7.10.34 reset rawip statistics............................................................................................................................................... 1079
7.10.35 reset tcp statistics.................................................................................................................................................... 1080
7.10.36 reset udp statistics................................................................................................................................................... 1080
7.10.37 snmp-agent trap enable feature-name tcp.................................................................................................... 1081
7.10.38 tcp adjust-mss........................................................................................................................................................... 1082
7.10.39 tcp max-mss.............................................................................................................................................................. 1083
7.10.40 tcp min-mss............................................................................................................................................................... 1084
7.10.41 tcp timer fin-timeout.............................................................................................................................................. 1086
7.10.42 tcp timer syn-timeout............................................................................................................................................ 1087
7.10.43 tcp window.................................................................................................................................................................1088
7.11 IP Routing Basic Configuration Commands......................................................................................................... 1088
7.11.1 display fib...................................................................................................................................................................... 1089
7.11.2 display fib interface................................................................................................................................................... 1094
7.11.3 display fib ip-prefix.................................................................................................................................................... 1095
7.11.4 display fib longer........................................................................................................................................................ 1097
7.11.5 display fib next-hop................................................................................................................................................... 1099
7.11.6 display fib statistics................................................................................................................................................... 1101
7.11.7 display ip routing-table............................................................................................................................................ 1102
7.11.8 display ip routing-table protocol.......................................................................................................................... 1109
7.11.9 display ip routing-table statistics..........................................................................................................................1111
7.11.10 display ip routing-table time-range.................................................................................................................. 1112
7.11.11 display rm interface................................................................................................................................................ 1117
7.11.12 display route resource............................................................................................................................................ 1119
7.11.13 reset ip routing-table statistics protocol.......................................................................................................... 1120
7.12 Static Route Configuration Commands................................................................................................................. 1121
7.12.1 ip route-static.............................................................................................................................................................. 1121
7.12.2 ip route-static default-preference.........................................................................................................................1124
7.12.3 ip route-static selection-rule relay-depth.......................................................................................................... 1124
7.13 IGMP Snooping Configuration Commands...........................................................................................................1125

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xx

Fat AP and Cloud AP
Command Reference Contents

7.13.1 display igmp-snooping configuration................................................................................................................. 1125

7.13.2 display l2-multicast forwarding-table................................................................................................................. 1127
7.13.3 igmp-snooping enable (system view)................................................................................................................. 1128
7.13.4 igmp-snooping enable (VLAN view)................................................................................................................... 1129

8 WAN Commands............................................................................................................... 1131

8.1 PPPoE Commands............................................................................................................................................................ 1131
8.1.1 dialer queue-length..................................................................................................................................................... 1131
8.1.2 dialer retry limit............................................................................................................................................................ 1132
8.1.3 dialer timer idle............................................................................................................................................................. 1134
8.1.4 dialer-rule........................................................................................................................................................................ 1135
8.1.5 display interface dialer................................................................................................................................................1136
8.1.6 display pppoe-client session..................................................................................................................................... 1139
8.1.7 display pppoe fail-reason...........................................................................................................................................1141
8.1.8 interface dialer...............................................................................................................................................................1143
8.1.9 ip address ppp-negotiate........................................................................................................................................... 1144
8.1.10 ppp chap password.................................................................................................................................................... 1145
8.1.11 ppp chap user.............................................................................................................................................................. 1147
8.1.12 ppp keepalive retry-times........................................................................................................................................1148
8.1.13 ppp pap local-user..................................................................................................................................................... 1149
8.1.14 ppp timer negotiate.................................................................................................................................................. 1151
8.1.15 pppoe-client dial-bundle-number........................................................................................................................ 1152
8.1.16 reset pppoe-client...................................................................................................................................................... 1154
8.1.17 timer hold..................................................................................................................................................................... 1155

9 WLAN Service Configuration Commands (Common AP)........................................1157

9.1 active-dull-client enable................................................................................................................................................ 1160
9.2 advertise-ap-name enable............................................................................................................................................ 1161
9.3 agile-antenna-polarization........................................................................................................................................... 1162
9.4 antenna-gain..................................................................................................................................................................... 1163
9.5 association-timeout......................................................................................................................................................... 1164
9.6 auto-off service................................................................................................................................................................. 1165
9.7 beacon-2g-rate................................................................................................................................................................. 1167
9.8 beacon-5g-rate................................................................................................................................................................. 1169
9.9 beacon-interval................................................................................................................................................................. 1170
9.10 beamforming enable.................................................................................................................................................... 1172
9.11 channel.............................................................................................................................................................................. 1175
9.12 channel-switch announcement disable................................................................................................................. 1177
9.13 channel-switch mode................................................................................................................................................... 1178
9.14 copy-from......................................................................................................................................................................... 1179
9.15 country-code................................................................................................................................................................... 1181
9.16 deny-broadcast-probe enable................................................................................................................................... 1185
9.17 dhcp option82 insert enable...................................................................................................................................... 1186
9.18 dhcp option82 format (vap profile view).............................................................................................................. 1187

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxi

Fat AP and Cloud AP
Command Reference Contents

9.19 display ap......................................................................................................................................................................... 1189

9.20 display ap configurable channel...............................................................................................................................1191
9.21 display interface wlan-radio...................................................................................................................................... 1192
9.22 display radio.................................................................................................................................................................... 1195
9.23 display radio-2g-profile............................................................................................................................................... 1196
9.24 display radio-5g-profile............................................................................................................................................... 1204
9.25 display references radio-2g-profile.......................................................................................................................... 1212
9.26 display references radio-5g-profile.......................................................................................................................... 1213
9.27 display references ssid-profile................................................................................................................................... 1214
9.28 display references vap-profile................................................................................................................................... 1215
9.29 display resource occupancy message..................................................................................................................... 1216
9.30 display ssid-profile.........................................................................................................................................................1217
9.31 display station................................................................................................................................................................. 1223
9.32 display station offline-record.................................................................................................................................... 1231
9.33 display station online-fail-record............................................................................................................................. 1232
9.34 display station statistics.............................................................................................................................................. 1246
9.35 display vap....................................................................................................................................................................... 1249
9.36 display vap-profile......................................................................................................................................................... 1251
9.37 display wlan config-errors.......................................................................................................................................... 1261
9.38 display station online-track........................................................................................................................................ 1262
9.39 display vap create-fail-record.................................................................................................................................... 1263
9.40 display vap-service-backup auth-server-down.................................................................................................... 1266
9.41 dot11a basic-rate........................................................................................................................................................... 1268
9.42 dot11a supported-rate................................................................................................................................................. 1269
9.43 dot11bg basic-rate........................................................................................................................................................ 1271
9.44 dot11bg supported-rate.............................................................................................................................................. 1273
9.45 dtim-interval....................................................................................................................................................................1274
9.46 eirp...................................................................................................................................................................................... 1276
9.47 fragmentation-threshold............................................................................................................................................. 1277
9.48 frequency.......................................................................................................................................................................... 1278
9.49 guard-interval-mode.................................................................................................................................................... 1280
9.50 he mcs-map (SSID Profile)......................................................................................................................................... 1281
9.51 ht a-mpdu disable......................................................................................................................................................... 1283
9.52 ht a-mpdu max-length-exponent............................................................................................................................ 1284
9.53 interface wlan-radio..................................................................................................................................................... 1285
9.54 legacy-station disable.................................................................................................................................................. 1287
9.55 max-sta-number (SSID profile view)...................................................................................................................... 1288
9.56 multicast-rate.................................................................................................................................................................. 1290
9.57 mu-mimo disable.......................................................................................................................................................... 1292
9.58 mu-mimo optimize enable......................................................................................................................................... 1293
9.59 probe-response-retry.................................................................................................................................................... 1294
9.60 qbss-load enable............................................................................................................................................................ 1295

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxii

Fat AP and Cloud AP
Command Reference Contents

9.61 radio disable.................................................................................................................................................................... 1296

9.62 radio-2g-profile (WLAN view).................................................................................................................................. 1297
9.63 radio-5g-profile (WLAN view).................................................................................................................................. 1298
9.64 radio-type (2G radio profile view)........................................................................................................................... 1298
9.65 radio-type (5G radio profile view)........................................................................................................................... 1300
9.66 reach-max-sta................................................................................................................................................................. 1301
9.67 report-sta-assoc enable............................................................................................................................................... 1302
9.68 reset channel switch-record....................................................................................................................................... 1303
9.69 reset station offline-record.........................................................................................................................................1304
9.70 reset station online-fail-record................................................................................................................................. 1305
9.71 reset station statistics...................................................................................................................................................1306
9.72 rf-ping................................................................................................................................................................................ 1307
9.73 rts-cts-mode.................................................................................................................................................................... 1308
9.74 rts-cts-threshold............................................................................................................................................................. 1310
9.75 service-mode disable.................................................................................................................................................... 1311
9.76 service-vlan (VAP profile view)................................................................................................................................. 1312
9.77 short-preamble disable................................................................................................................................................ 1313
9.78 single-txchain enable................................................................................................................................................... 1314
9.79 snmp-agent trap enable feature-name wlan...................................................................................................... 1315
9.80 ssid...................................................................................................................................................................................... 1316
9.81 ssid-hide enable............................................................................................................................................................. 1317
9.82 ssid-profile (WLAN view)............................................................................................................................................ 1318
9.83 ssid-profile (VAP profile view).................................................................................................................................. 1320
9.84 sta-network-detect disable.........................................................................................................................................1321
9.85 type (VAP profile view)............................................................................................................................................... 1322
9.86 u-apsd enable................................................................................................................................................................. 1323
9.87 utmost-power................................................................................................................................................................. 1324
9.88 vap-profile (WLAN view)............................................................................................................................................ 1325
9.89 vap-profile (radio interface view)............................................................................................................................ 1326
9.90 vap-service-backup auth-server-down................................................................................................................... 1327
9.91 vht a-mpdu max-length-exponent.......................................................................................................................... 1329
9.92 vht a-msdu enable........................................................................................................................................................ 1331
9.93 vht a-msdu max-frame-num..................................................................................................................................... 1332
9.94 vht mcs-map................................................................................................................................................................... 1333
9.95 vht mcs-map (SSID profile)....................................................................................................................................... 1335
9.96 wlan.................................................................................................................................................................................... 1336

10 AP Management Configuration Commands............................................................ 1338

10.1 access-user syslog-restrain enable...........................................................................................................................1339
10.2 access-user syslog-restrain period........................................................................................................................... 1340
10.3 channel-load-mode indoor........................................................................................................................................ 1341
10.4 display ap around-ssid-list..........................................................................................................................................1342
10.5 display ap led.................................................................................................................................................................. 1343

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxiii

Fat AP and Cloud AP
Command Reference Contents

10.6 display ap optical-info................................................................................................................................................. 1344

10.7 display ap run-info........................................................................................................................................................ 1347
10.8 display ap uncontrol all............................................................................................................................................... 1348
10.9 high-temperature threshold.......................................................................................................................................1349
10.10 led blink-time............................................................................................................................................................... 1351
10.11 led off.............................................................................................................................................................................. 1352
10.12 low-temperature threshold...................................................................................................................................... 1353
10.13 mtu (Cloud AP)............................................................................................................................................................ 1355
10.14 sta-ipv6-service enable..............................................................................................................................................1356
10.15 usb enable..................................................................................................................................................................... 1357

11 WLAN Radio Resource Management Configuration Commands (Common AP)

.................................................................................................................................................. 1359
11.1 amc-policy........................................................................................................................................................................ 1362
11.2 air-scan-profile............................................................................................................................................................... 1363
11.3 air-scan-profile (radio profile view)........................................................................................................................ 1365
11.4 band-steer balance gap-threshold.......................................................................................................................... 1366
11.5 band-steer balance start-threshold......................................................................................................................... 1367
11.6 band-steer client-band-expire................................................................................................................................... 1369
11.7 band-steer deny-threshold......................................................................................................................................... 1370
11.8 band-steer disable......................................................................................................................................................... 1371
11.9 band-steer snr-threshold............................................................................................................................................. 1372
11.10 calibrate auto-bandwidth-selection...................................................................................................................... 1373
11.11 calibrate auto-channel-select................................................................................................................................. 1375
11.12 calibrate auto-txpower-select................................................................................................................................. 1376
11.13 calibrate enable { auto | manual | schedule time }......................................................................................... 1377
11.14 calibrate environment-deterioration-blacklist...................................................................................................1379
11.15 calibrate error-rate-check......................................................................................................................................... 1380
11.16 calibrate error-rate-threshold..................................................................................................................................1381
11.17 calibrate tpc threshold...............................................................................................................................................1382
11.18 calibrate flexible-radio...............................................................................................................................................1383
11.19 calibrate flexible-radio manual-recognize.......................................................................................................... 1385
11.20 calibrate max-tx-power............................................................................................................................................. 1386
11.21 calibrate min-tx-power..............................................................................................................................................1387
11.22 calibrate manual startup.......................................................................................................................................... 1389
11.23 calibrate noise-floor-threshold............................................................................................................................... 1389
11.24 calibrate policy............................................................................................................................................................. 1390
11.25 calibrate reference data-analysis disable............................................................................................................ 1392
11.26 calibrate reference data-analysis........................................................................................................................... 1393
11.27 calibrate sensitivity..................................................................................................................................................... 1394
11.28 cca-threshold................................................................................................................................................................ 1396
11.29 dca-channel bandwidth............................................................................................................................................ 1397
11.30 dca-channel channel-set.......................................................................................................................................... 1399

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxiv

Fat AP and Cloud AP
Command Reference Contents

11.31 dfs recover-delay......................................................................................................................................................... 1401

11.32 dfs smart-selection disable...................................................................................................................................... 1402
11.33 display air-scan-profile.............................................................................................................................................. 1403
11.34 display ap neighbor.................................................................................................................................................... 1405
11.35 display ap neighbor (Cloud AP)............................................................................................................................. 1406
11.36 display ap traffic statistics wireless....................................................................................................................... 1408
11.37 display channel switch-record.................................................................................................................................1412
11.38 display channel switch-record (Cloud AP)..........................................................................................................1415
11.39 display flexible-radio status..................................................................................................................................... 1419
11.40 display flexible-radio switch-record...................................................................................................................... 1420
11.41 display references air-scan-profile........................................................................................................................ 1422
11.42 display references rrm-profile................................................................................................................................. 1423
11.43 display rrm-profile...................................................................................................................................................... 1424
11.44 display sta-load-balance fairness.......................................................................................................................... 1432
11.45 display station neighbor........................................................................................................................................... 1433
11.46 display station neighbor all..................................................................................................................................... 1434
11.47 display station steer-history.................................................................................................................................... 1436
11.48 display station steer-info.......................................................................................................................................... 1439
11.49 display station steer-statistics................................................................................................................................. 1440
11.50 display station unsteerable...................................................................................................................................... 1442
11.51 display wlan calibrate channel-set........................................................................................................................ 1443
11.52 display wlan calibrate global configuration.......................................................................................................1444
11.53 display wlan calibrate statistics.............................................................................................................................. 1447
11.54 dynamic-edca enable................................................................................................................................................. 1448
11.55 dynamic-edca threshold............................................................................................................................................1449
11.56 high-density amc-optimize enable........................................................................................................................1450
11.57 interference adjacent-channel threshold............................................................................................................ 1451
11.58 interference co-channel threshold........................................................................................................................ 1452
11.59 interference detect-enable....................................................................................................................................... 1453
11.60 interference station threshold.................................................................................................................................1454
11.61 power auto-adjust enable........................................................................................................................................ 1455
11.62 reset ap traffic statistics wireless........................................................................................................................... 1456
11.63 reset station steer-history.........................................................................................................................................1457
11.64 reset station steer-statistics..................................................................................................................................... 1458
11.65 reset flexible-radio switch-record.......................................................................................................................... 1458
11.66 reset wlan calibrate statistics.................................................................................................................................. 1459
11.67 rrm-profile (WLAN view)......................................................................................................................................... 1460
11.68 rrm-profile (radio profile view).............................................................................................................................. 1462
11.69 scan-channel-set......................................................................................................................................................... 1463
11.70 scan-disable.................................................................................................................................................................. 1464
11.71 scan-enhancement..................................................................................................................................................... 1465
11.72 scan-interval..................................................................................................................................................................1466

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxv

Fat AP and Cloud AP
Command Reference Contents

11.73 scan-period.................................................................................................................................................................... 1467

11.74 smart-antenna { enable | disable }....................................................................................................................... 1468
11.75 smart-antenna throughput-triggered-training................................................................................................. 1469
11.76 smart-antenna training-interval............................................................................................................................ 1471
11.77 smart-antenna training-mpdu-number...............................................................................................................1472
11.78 smart-antenna valid-per-scope.............................................................................................................................. 1473
11.79 smart-roam advanced-scan disable...................................................................................................................... 1475
11.80 smart-roam disable.................................................................................................................................................... 1476
11.81 smart-roam quick-kickoff back-off-time............................................................................................................ 1477
11.82 smart-roam quick-kickoff-snr check-interval.................................................................................................... 1478
11.83 smart-roam quick-kickoff-snr p-n criteria.......................................................................................................... 1479
11.84 smart-roam quick-kickoff-threshold.....................................................................................................................1481
11.85 smart-roam quick-kickoff-threshold { check-snr | check-rate }.................................................................. 1482
11.86 smart-roam quick-kickoff-threshold disable..................................................................................................... 1484
11.87 smart-roam roam-threshold { check-snr | check-rate }................................................................................. 1485
11.88 smart-roam roam-threshold { snr | rate }.......................................................................................................... 1486
11.89 smart-roam snr-margin.............................................................................................................................................1488
11.90 smart-roam unable-roam-client expire-time.................................................................................................... 1489
11.91 sta-load-balance dynamic btm-fail-times.......................................................................................................... 1491
11.92 sta-load-balance dynamic deauth-fail-times.................................................................................................... 1492
11.93 sta-load-balance dynamic deny-threshold......................................................................................................... 1494
11.94 sta-load-balance dynamic disable.........................................................................................................................1495
11.95 sta-load-balance dynamic sta-number gap-threshold...................................................................................1496
11.96 sta-load-balance dynamic sta-number start-threshold................................................................................. 1498
11.97 sta-load-balance dynamic channel-utilization gap-threshold.....................................................................1499
11.98 sta-load-balance dynamic channel-utilization start-threshold................................................................... 1500
11.99 sta-load-balance dynamic probe-report interval............................................................................................. 1502
11.100 sta-load-balance dynamic rssi-diff-gap............................................................................................................ 1503
11.101 sta-load-balance dynamic rssi-threshold......................................................................................................... 1504
11.102 sta-load-balance dynamic steer-restrict auth-threshold............................................................................. 1505
11.103 sta-load-balance dynamic steer-restrict probe-threshold...........................................................................1507
11.104 sta-load-balance dynamic steer-restrict restrict-time.................................................................................. 1508
11.105 sta-load-balance mode........................................................................................................................................... 1509
11.106 uac channel-utilization threshold....................................................................................................................... 1511
11.107 uac enable................................................................................................................................................................... 1512
11.108 uac client-number threshold.................................................................................................................................1514
11.109 uac client-snr threshold.......................................................................................................................................... 1515
11.110 uac reach-access-threshold................................................................................................................................... 1517

12 WLAN Roaming Commands (Common AP)............................................................. 1519

12.1 display station roam-track..........................................................................................................................................1519
12.2 display station roam-statistics.................................................................................................................................. 1521
12.3 dot11r enable.................................................................................................................................................................. 1522

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxvi

Fat AP and Cloud AP
Command Reference Contents

13 WLAN Location Configuration Commands (Common AP)...................................1524

13.1 ble....................................................................................................................................................................................... 1525
13.2 ble low-power-threshold............................................................................................................................................. 1525
13.3 ble monitoring-list.........................................................................................................................................................1527
13.4 broadcaster enable........................................................................................................................................................1528
13.5 broadcasting-content................................................................................................................................................... 1529
13.6 broadcasting-interval................................................................................................................................................... 1532
13.7 display ble-profile.......................................................................................................................................................... 1533
13.8 display location-profile................................................................................................................................................ 1536
13.9 display references ble-profile.....................................................................................................................................1538
13.10 display references location-profile........................................................................................................................ 1539
13.11 display wlan ble global configuration..................................................................................................................1540
13.12 display wlan ble monitoring-list............................................................................................................................ 1541
13.13 display wlan ble site-info..........................................................................................................................................1542
13.14 location-profile............................................................................................................................................................. 1545
13.15 location-profile (WLAN view)................................................................................................................................. 1546
13.16 private mu protocol-version.................................................................................................................................... 1547
13.17 private mu-enable...................................................................................................................................................... 1549
13.18 private report-frequency........................................................................................................................................... 1549
13.19 private server................................................................................................................................................................ 1550
13.20 report-mode.................................................................................................................................................................. 1552
13.21 report-to-server............................................................................................................................................................1553
13.22 reset wlan ble site-info.............................................................................................................................................. 1555
13.23 sniffer enable................................................................................................................................................................ 1556
13.24 tx-power (BLE profile view).....................................................................................................................................1557

14 WLAN Security Configuration Commands (Common AP)....................................1559

14.1 anti-attack flood blacklist enable............................................................................................................................ 1560
14.2 anti-attack flood disable............................................................................................................................................. 1562
14.3 anti-attack flood sta-rate-threshold....................................................................................................................... 1564
14.4 arp anti-attack check user-bind enable................................................................................................................. 1566
14.5 brute-force-detect interval......................................................................................................................................... 1567
14.6 brute-force-detect quiet-time................................................................................................................................... 1568
14.7 brute-force-detect threshold..................................................................................................................................... 1569
14.8 contain............................................................................................................................................................................... 1571
14.9 contain-mode.................................................................................................................................................................. 1572
14.10 device report-interval................................................................................................................................................. 1573
14.11 dhcp trust port............................................................................................................................................................. 1575
14.12 display ap radio-environment................................................................................................................................. 1576
14.13 display wlan wids manual-contain device-mac-list........................................................................................ 1578
14.14 display wlan ids attack-detected........................................................................................................................... 1579
14.15 display wlan ids attack-detected statistics......................................................................................................... 1583
14.16 display wlan ids attack-history............................................................................................................................... 1585

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxvii

Fat AP and Cloud AP
Command Reference Contents

14.17 display wlan ids contain............................................................................................................................................1587

14.18 display wlan ids device-detected........................................................................................................................... 1590
14.19 display wlan ids device-detected statistics......................................................................................................... 1596
14.20 display wlan dynamic-blacklist............................................................................................................................... 1598
14.21 display wlan ids rogue-history................................................................................................................................ 1600
14.22 display wlan ids spoof-ssid fuzzy-match.............................................................................................................1603
14.23 dynamic-blacklist aging-time..................................................................................................................................1605
14.24 dynamic-blacklist enable.......................................................................................................................................... 1606
14.25 flood-detect interval...................................................................................................................................................1607
14.26 flood-detect quiet-time............................................................................................................................................. 1608
14.27 flood-detect threshold............................................................................................................................................... 1610
14.28 ip source check user-bind enable.......................................................................................................................... 1611
14.29 learn-client-address dhcp-strict..............................................................................................................................1612
14.30 learn-client-address disable (VAP profile view)............................................................................................... 1613
14.31 permit-ap....................................................................................................................................................................... 1614
14.32 reset wlan ids attack-detected................................................................................................................................1617
14.33 reset wlan ids attack-detected statistics............................................................................................................. 1619
14.34 reset wlan ids attack-history................................................................................................................................... 1619
14.35 reset wlan dynamic-blacklist................................................................................................................................... 1621
14.36 reset wlan ids rogue-history.................................................................................................................................... 1622
14.37 rogue-device log enable........................................................................................................................................... 1624
14.38 spoof-detect quiet-time............................................................................................................................................ 1624
14.39 spoof-ssid....................................................................................................................................................................... 1626
14.40 sta arp-nd-proxy before-assoc................................................................................................................................ 1627
14.41 weak-iv-detect quiet-time........................................................................................................................................ 1628
14.42 wids.................................................................................................................................................................................. 1630
14.43 wids attack detect enable........................................................................................................................................ 1630
14.44 wids contain enable................................................................................................................................................... 1632
14.45 wids device detect enable........................................................................................................................................ 1633
14.46 wids manual-contain................................................................................................................................................. 1634
14.47 work-mode.................................................................................................................................................................... 1635

15 WLAN Mesh Configuration Commands (Cloud AP)...............................................1637

15.1 display mesh-profile (Cloud AP).............................................................................................................................. 1638
15.2 display mesh-whitelist-profile (Cloud AP)............................................................................................................ 1641
15.3 display mesh vap (Cloud AP).................................................................................................................................... 1643
15.4 display references mesh-profile (Cloud AP)......................................................................................................... 1644
15.5 display references mesh-whitelist-profile (Cloud AP).......................................................................................1645
15.6 display wlan mesh link (Cloud AP)......................................................................................................................... 1646
15.7 link-aging-time (Cloud AP)........................................................................................................................................ 1649
15.8 link-report-interval (Cloud AP)................................................................................................................................. 1650
15.9 link-rssi-threshold (Cloud AP)................................................................................................................................... 1651
15.10 max-link-number (Cloud AP).................................................................................................................................. 1652

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxviii

Fat AP and Cloud AP
Command Reference Contents

15.11 mesh-id (Cloud AP).................................................................................................................................................... 1653

15.12 mesh-profile (Cloud AP)........................................................................................................................................... 1654
15.13 mesh-profile (WLAN radio interface view)(Cloud AP).................................................................................. 1655
15.14 mesh-whitelist-profile (Cloud AP).........................................................................................................................1657
15.15 mesh-whitelist-profile (WLAN radio interface view)(Cloud AP)................................................................ 1658
15.16 peer-ap mac (Mesh whitelist profile view) (Cloud AP)................................................................................. 1659
15.17 security-profile (Mesh profile view) (Cloud AP).............................................................................................. 1660

16 Vehicle-Ground Fast Link Handover Configuration Commands..........................1662

16.1 antenna-output.............................................................................................................................................................. 1663
16.2 client-mode enable....................................................................................................................................................... 1665
16.3 dhcp trust port (Mesh profile view)........................................................................................................................ 1666
16.4 display mesh vap........................................................................................................................................................... 1667
16.5 display mesh-handover-profile................................................................................................................................. 1668
16.6 display mesh-handover-trace.................................................................................................................................... 1671
16.7 display mesh-neighbor-rssi.........................................................................................................................................1673
16.8 display mesh-profile..................................................................................................................................................... 1675
16.9 display mesh-proxy-equip...........................................................................................................................................1678
16.10 display mesh-whitelist-profile................................................................................................................................ 1679
16.11 display references mesh-handover-profile......................................................................................................... 1681
16.12 display references mesh-profile............................................................................................................................. 1682
16.13 display references mesh-whitelist-profile........................................................................................................... 1683
16.14 display wlan mesh link.............................................................................................................................................. 1685
16.15 display wlan mesh switch-record all.................................................................................................................... 1687
16.16 link-aging-time.............................................................................................................................................................1688
16.17 link-hold-period........................................................................................................................................................... 1689
16.18 link-probe-interval...................................................................................................................................................... 1690
16.19 link-report-interval...................................................................................................................................................... 1691
16.20 link-rssi-threshold........................................................................................................................................................1692
16.21 location-based-algorithm enable.......................................................................................................................... 1693
16.22 max-link-number......................................................................................................................................................... 1695
16.23 max-rssi-threshold...................................................................................................................................................... 1696
16.24 mesh-handover-profile..............................................................................................................................................1697
16.25 mesh-handover-profile (Mesh profile view)......................................................................................................1699
16.26 mesh-id........................................................................................................................................................................... 1700
16.27 mesh-profile.................................................................................................................................................................. 1701
16.28 mesh-profile (WLAN radio interface view)........................................................................................................ 1702
16.29 mesh-proxy onboard-equip..................................................................................................................................... 1703
16.30 mesh-proxy trackside-equip.................................................................................................................................... 1705
16.31 mesh-whitelist-profile............................................................................................................................................... 1706
16.32 mesh-whitelist-profile (WLAN radio interface view)......................................................................................1707
16.33 min-rssi-threshold....................................................................................................................................................... 1709
16.34 peer-ap mac (Mesh whitelist profile view)........................................................................................................ 1710

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxix

Fat AP and Cloud AP
Command Reference Contents

16.35 priority-map dscp (Mesh profile view)................................................................................................................ 1711

16.36 priority-map trust (Mesh profile view)................................................................................................................1713
16.37 p-n criteria..................................................................................................................................................................... 1714
16.38 rssi-margin..................................................................................................................................................................... 1715
16.39 security-profile (Mesh profile view)..................................................................................................................... 1716
16.40 switch-probe-interval................................................................................................................................................. 1717
16.41 urgent-handover low-rate........................................................................................................................................ 1718
16.42 urgent-handover punishment................................................................................................................................. 1720

17 Hotspot2.0 Configuration Commands (Common AP)........................................... 1722

17.1 cellular-network-profile.............................................................................................................................................. 1724
17.2 cellular-network-profile (Hotspot2.0 profile view)............................................................................................1725
17.3 connection-capability-profile..................................................................................................................................... 1726
17.4 connection-capability-profile (Hotspot2.0 profile view).................................................................................. 1728
17.5 connection-capability................................................................................................................................................... 1729
17.6 display cellular-network-profile............................................................................................................................... 1730
17.7 display connection-capability-profile......................................................................................................................1732
17.8 display hotspot2-profile.............................................................................................................................................. 1735
17.9 display nai-realm-profile............................................................................................................................................. 1738
17.10 display operating-class-profile............................................................................................................................... 1740
17.11 display operator-domain-profile............................................................................................................................ 1741
17.12 display operator-name-profile................................................................................................................................1743
17.13 display references cellular-network-profile........................................................................................................1744
17.14 display references connection-capability-profile.............................................................................................. 1745
17.15 display references hotspot2-profile.......................................................................................................................1747
17.16 display references nai-realm-profile..................................................................................................................... 1748
17.17 display references operating-class-profile.......................................................................................................... 1749
17.18 display references operator-domain-profile...................................................................................................... 1750
17.19 display references operator-name-profile.......................................................................................................... 1751
17.20 display references roaming-consortium-profile................................................................................................1752
17.21 display references venue-name-profile............................................................................................................... 1754
17.22 display roaming-consortium-profile..................................................................................................................... 1755
17.23 display venue-name-profile..................................................................................................................................... 1757
17.24 domain-name............................................................................................................................................................... 1758
17.25 hessid............................................................................................................................................................................... 1760
17.26 hotspot2-profile........................................................................................................................................................... 1761
17.27 hotspot2-profile (VAP profile view)...................................................................................................................... 1762
17.28 ipv4-address-avail....................................................................................................................................................... 1764
17.29 nai-realm-profile......................................................................................................................................................... 1765
17.30 nai-realm-profile (Hotspot2.0 profile view)...................................................................................................... 1766
17.31 nai-realm........................................................................................................................................................................ 1767
17.32 network-authen-type................................................................................................................................................. 1769
17.33 network-type................................................................................................................................................................ 1770

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxx

Fat AP and Cloud AP
Command Reference Contents

17.34 operating-class-indication........................................................................................................................................ 1772

17.35 operating-class-profile.............................................................................................................................................. 1773
17.36 operating-class-profile (Hotspot2.0 profile view)............................................................................................1774
17.37 operator-domain-profile........................................................................................................................................... 1775
17.38 operator-domain-profile (Hotspot2.0 profile view)........................................................................................ 1777
17.39 operator-friendly-name............................................................................................................................................. 1778
17.40 operator-name-profile...............................................................................................................................................1780
17.41 operator-name-profile (Hotspot2.0 profile view)............................................................................................1781
17.42 p2p-cross-connect disable........................................................................................................................................1782
17.43 plmn-id........................................................................................................................................................................... 1783
17.44 roaming-consortium-oi............................................................................................................................................. 1784
17.45 roaming-consortium-profile.................................................................................................................................... 1785
17.46 roaming-consortium-profile (Hotspot2.0 profile view)................................................................................. 1787
17.47 venue-name-profile.................................................................................................................................................... 1788
17.48 venue-name-profile (Hotspot2.0 profile view)................................................................................................. 1789
17.49 venue-name.................................................................................................................................................................. 1790
17.50 venue-type..................................................................................................................................................................... 1792

18 IoT AP Configuration Commands............................................................................... 1794

18.1 iot-card reboot................................................................................................................................................................ 1794
18.2 iot-card reset-factory-configuration....................................................................................................................... 1795
18.3 iot-card reset-network-configuration..................................................................................................................... 1796
18.4 iot-card switch-firmware.............................................................................................................................................1797

19 WLAN Traffic Optimization Commands (Common AP)........................................1799

19.1 broadcast-suppression auto-detect......................................................................................................................... 1800
19.2 display wlan igmp-snooping vap-cac..................................................................................................................... 1801
19.3 igmp-snooping max-bandwidth (traffic profile view)...................................................................................... 1802
19.4 igmp-snooping max-user (traffic profile view)................................................................................................... 1803
19.5 igmp-snooping enable (traffic profile view)........................................................................................................ 1804
19.6 multicast-suppression auto-detect.......................................................................................................................... 1805
19.7 service-guarantee.......................................................................................................................................................... 1806
19.8 traffic-optimize arp-proxy enable............................................................................................................................ 1808
19.9 traffic-optimize bcmc deny all.................................................................................................................................. 1809
19.10 traffic-optimize bcmc unicast-send.......................................................................................................................1810
19.11 traffic-optimize bcmc unicast-send mismatch-action drop..........................................................................1811
19.12 traffic-optimize broadcast-suppression............................................................................................................... 1812
19.13 traffic-optimize multicast-suppression................................................................................................................ 1813
19.14 traffic-optimize multicast-unicast enable........................................................................................................... 1814
19.15 traffic-optimize multicast-unicast dynamic-adaptive disable......................................................................1815
19.16 traffic-optimize sta-bridge-forward disable....................................................................................................... 1816
19.17 traffic-optimize tcp adjust-mss.............................................................................................................................. 1817
19.18 traffic-optimize unicast-suppression.................................................................................................................... 1819
19.19 unicast-suppression auto-detect............................................................................................................................ 1820

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxi

Fat AP and Cloud AP
Command Reference Contents

19.20 unicast-suppression auto-detect disable............................................................................................................. 1821

20 WLAN Service Configuration Commands (Central AP).........................................1823

20.1 active-dull-client enable..............................................................................................................................................1827
20.2 advertise-ap-name enable..........................................................................................................................................1828
20.3 antenna-gain................................................................................................................................................................... 1829
20.4 ap auth-mode................................................................................................................................................................. 1831
20.5 ap blacklist....................................................................................................................................................................... 1832
20.6 ap data-collection enable........................................................................................................................................... 1833
20.7 ap data-collection interval......................................................................................................................................... 1834
20.8 ap modify......................................................................................................................................................................... 1835
20.9 ap whitelist...................................................................................................................................................................... 1836
20.10 ap-confirm..................................................................................................................................................................... 1838
20.11 ap-id................................................................................................................................................................................. 1839
20.12 ap-mac............................................................................................................................................................................ 1841
20.13 association-timeout.................................................................................................................................................... 1842
20.14 auto-off service............................................................................................................................................................ 1843
20.15 beacon-2g-rate.............................................................................................................................................................1845
20.16 beacon-5g-rate.............................................................................................................................................................1847
20.17 beacon-interval............................................................................................................................................................ 1848
20.18 beamforming enable..................................................................................................................................................1849
20.19 capwap control-link-priority.................................................................................................................................... 1850
20.20 capwap dtls control-link encrypt........................................................................................................................... 1852
20.21 capwap dtls psk........................................................................................................................................................... 1853
20.22 capwap dtls psk-mandatory-match enable........................................................................................................1855
20.23 capwap echo................................................................................................................................................................. 1856
20.24 capwap message-integrity psk............................................................................................................................... 1857
20.25 capwap message-integrity check disable........................................................................................................... 1859
20.26 capwap sensitive-info psk........................................................................................................................................ 1860
20.27 capwap source interface........................................................................................................................................... 1861
20.28 capwap source ip-address........................................................................................................................................ 1862
20.29 channel........................................................................................................................................................................... 1863
20.30 channel-switch announcement disable............................................................................................................... 1865
20.31 channel-switch mode................................................................................................................................................. 1866
20.32 copy-from.......................................................................................................................................................................1867
20.33 country-code................................................................................................................................................................. 1869
20.34 coverage distance........................................................................................................................................................ 1873
20.35 deny-broadcast-probe enable................................................................................................................................. 1875
20.36 dhcp option82 insert enable....................................................................................................................................1876
20.37 dhcp option82 format (VAP profile view).......................................................................................................... 1877
20.38 display ap....................................................................................................................................................................... 1879
20.39 display ap blacklist......................................................................................................................................................1888
20.40 display ap config-info................................................................................................................................................ 1889

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxii

Fat AP and Cloud AP
Command Reference Contents

20.41 display ap configurable channel............................................................................................................................ 1896

20.42 display ap global configuration..............................................................................................................................1898
20.43 display ap offline-record........................................................................................................................................... 1899
20.44 display ap online-fail-record................................................................................................................................... 1904
20.45 display ap sta-signal strength................................................................................................................................. 1908
20.46 display ap statistics..................................................................................................................................................... 1910
20.47 display ap unauthorized record.............................................................................................................................. 1911
20.48 display ap whitelist..................................................................................................................................................... 1912
20.49 display ap-group.......................................................................................................................................................... 1913
20.50 display capwap configuration................................................................................................................................. 1920
20.51 display radio.................................................................................................................................................................. 1922
20.52 display radio-2g-profile............................................................................................................................................. 1925
20.53 display radio-5g-profile............................................................................................................................................. 1932
20.54 display references radio-2g-profile....................................................................................................................... 1939
20.55 display references radio-5g-profile....................................................................................................................... 1940
20.56 display references regulatory-domain-profile................................................................................................... 1941
20.57 display references ssid-profile................................................................................................................................. 1942
20.58 display references vap-profile................................................................................................................................. 1943
20.59 display regulatory-domain-profile........................................................................................................................ 1945
20.60 display ssid-profile...................................................................................................................................................... 1947
20.61 display station.............................................................................................................................................................. 1953
20.62 display station online-fail-record........................................................................................................................... 1961
20.63 display station offline-record.................................................................................................................................. 1967
20.64 display station online-track..................................................................................................................................... 1972
20.65 display station statistics............................................................................................................................................ 1974
20.66 display vap..................................................................................................................................................................... 1980
20.67 display vap-profile...................................................................................................................................................... 1981
20.68 display vap create-fail-record................................................................................................................................. 1991
20.69 display vap-service-backup auth-server-down..................................................................................................1995
20.70 display wlan config-errors........................................................................................................................................1996
20.71 dot11a basic-rate.........................................................................................................................................................1997
20.72 dot11a supported-rate.............................................................................................................................................. 1999
20.73 dot11bg basic-rate...................................................................................................................................................... 2000
20.74 dot11bg supported-rate............................................................................................................................................ 2002
20.75 dtim-interval................................................................................................................................................................. 2004
20.76 eirp................................................................................................................................................................................... 2005
20.77 fragmentation-threshold.......................................................................................................................................... 2007
20.78 guard-interval-mode.................................................................................................................................................. 2008
20.79 ht a-mpdu disable....................................................................................................................................................... 2009
20.80 ht a-mpdu max-length-exponent..........................................................................................................................2010
20.81 legacy-station disable................................................................................................................................................ 2012
20.82 max-sta-number (SSID profile view)................................................................................................................... 2013

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxiii

Fat AP and Cloud AP
Command Reference Contents

20.83 multicast-rate............................................................................................................................................................... 2014

20.84 mu-mimo disable........................................................................................................................................................ 2016
20.85 mu-mimo optimize enable...................................................................................................................................... 2017
20.86 probe-response-retry..................................................................................................................................................2018
20.87 qbss-load enable......................................................................................................................................................... 2019
20.88 radio................................................................................................................................................................................. 2020
20.89 radio disable.................................................................................................................................................................. 2021
20.90 radio-2g-profile (WLAN view)................................................................................................................................ 2022
20.91 radio-2g-profile............................................................................................................................................................ 2024
20.92 radio-5g-profile (WLAN view)................................................................................................................................ 2025
20.93 radio-5g-profile............................................................................................................................................................ 2026
20.94 radio-type (2G radio profile view)........................................................................................................................ 2027
20.95 radio-type (5G radio profile view)........................................................................................................................ 2029
20.96 reach-max-sta.............................................................................................................................................................. 2030
20.97 regulatory-domain-profile (WLAN view)............................................................................................................2031
20.98 regulatory-domain-profile....................................................................................................................................... 2032
20.99 report-sta-assoc enable.............................................................................................................................................2034
20.100 reset ap offline-record............................................................................................................................................ 2035
20.101 reset ap online-fail-record..................................................................................................................................... 2035
20.102 reset ap unauthorized record............................................................................................................................... 2036
20.103 reset channel switch-record.................................................................................................................................. 2037
20.104 reset station offline-record.................................................................................................................................... 2038
20.105 reset station online-fail-record.............................................................................................................................2039
20.106 reset station statistics.............................................................................................................................................. 2040
20.107 reset vap create-fail-record all............................................................................................................................. 2041
20.108 rf-ping........................................................................................................................................................................... 2041
20.109 rts-cts-mode............................................................................................................................................................... 2043
20.110 rts-cts-threshold........................................................................................................................................................ 2044
20.111 service-mode disable............................................................................................................................................... 2045
20.112 service-vlan (VAP profile view)............................................................................................................................ 2046
20.113 short-preamble disable........................................................................................................................................... 2047
20.114 single-txchain enable.............................................................................................................................................. 2048
20.115 snmp-agent trap enable feature-name wlan..................................................................................................2049
20.116 ssid................................................................................................................................................................................. 2050
20.117 ssid-hide enable........................................................................................................................................................ 2052
20.118 ssid-profile (WLAN view)....................................................................................................................................... 2053
20.119 ssid-profile (VAP profile view)............................................................................................................................. 2054
20.120 sta-network-detect disable.................................................................................................................................... 2055
20.121 type (VAP profile view)...........................................................................................................................................2056
20.122 u-apsd enable............................................................................................................................................................ 2058
20.123 undo ap........................................................................................................................................................................ 2059
20.124 utmost-power.............................................................................................................................................................2060

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxiv

Fat AP and Cloud AP
Command Reference Contents

20.125 vap-profile (WLAN view)....................................................................................................................................... 2061

20.126 vap-profile................................................................................................................................................................... 2062
20.127 vap-service-backup auth-server-down.............................................................................................................. 2063
20.128 vht a-mpdu max-length-exponent..................................................................................................................... 2065
20.129 vht a-msdu enable................................................................................................................................................... 2067
20.130 vht a-msdu max-frame-num................................................................................................................................ 2068
20.131 vht mcs-map...............................................................................................................................................................2069
20.132 vht mcs-map (SSID profile)...................................................................................................................................2071
20.133 wlan............................................................................................................................................................................... 2072

21 RU Management Configuration Commands (Central AP)................................... 2074

21.1 access-user syslog-restrain enable...........................................................................................................................2079
21.2 access-user syslog-restrain period........................................................................................................................... 2080
21.3 ac-list (AP view)............................................................................................................................................................. 2081
21.4 ac-list (AP provisioning view).................................................................................................................................... 2082
21.5 address-mode (AP view)............................................................................................................................................. 2083
21.6 address-mode (AP provisioning view).................................................................................................................... 2084
21.7 alarm-restriction disable............................................................................................................................................. 2085
21.8 alarm-restriction period.............................................................................................................................................. 2086
21.9 ap lldp enable................................................................................................................................................................. 2087
21.10 ap manufacturer-config............................................................................................................................................ 2088
21.11 ap update ftp-server.................................................................................................................................................. 2089
21.12 ap update ftp-server max-connect-number...................................................................................................... 2092
21.13 ap update load............................................................................................................................................................. 2093
21.14 ap update mode.......................................................................................................................................................... 2095
21.15 ap update multi-load................................................................................................................................................. 2096
21.16 ap update multi-reset................................................................................................................................................ 2098
21.17 ap update reset............................................................................................................................................................ 2100
21.18 ap update sftp-server.................................................................................................................................................2101
21.19 ap update sftp-server max-connect-number.....................................................................................................2103
21.20 ap update update-filename..................................................................................................................................... 2104
21.21 ap update schedule-task.......................................................................................................................................... 2106
21.22 ap username................................................................................................................................................................. 2110
21.23 ap-group......................................................................................................................................................................... 2112
21.24 ap-group (AP view).................................................................................................................................................... 2114
21.25 ap-name......................................................................................................................................................................... 2115
21.26 ap-name (AP provisioning view)........................................................................................................................... 2116
21.27 ap-name (AP view).....................................................................................................................................................2117
21.28 ap password policy..................................................................................................................................................... 2119
21.29 ap-patch update load................................................................................................................................................ 2120
21.30 ap-patch update multi-load.................................................................................................................................... 2121
21.31 ap-patch update update-filename........................................................................................................................ 2123
21.32 ap-regroup..................................................................................................................................................................... 2124

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxv

Fat AP and Cloud AP
Command Reference Contents

21.33 ap-rename..................................................................................................................................................................... 2126

21.34 ap-reset........................................................................................................................................................................... 2128
21.35 ap-system-profile (WLAN view)............................................................................................................................ 2129
21.36 ap-system-profile (AP group view and AP view)............................................................................................. 2131
21.37 broadcast-suppression auto-detect (AP system profile view)..................................................................... 2132
21.38 channel-load-mode indoor...................................................................................................................................... 2133
21.39 clear configuration this............................................................................................................................................. 2134
21.40 commit (AP provisioning view).............................................................................................................................. 2135
21.41 console ble-mode (AP system profile view)...................................................................................................... 2136
21.42 console disable............................................................................................................................................................. 2137
21.43 coordinate...................................................................................................................................................................... 2138
21.44 cpu-usage threshold................................................................................................................................................... 2140
21.45 crc-alarm enable.......................................................................................................................................................... 2141
21.46 description (AP wired port profile view)............................................................................................................. 2142
21.47 dai enable (AP wired port profile view).............................................................................................................. 2143
21.48 dhcp client option12.................................................................................................................................................. 2144
21.49 display ap around-ssid-list....................................................................................................................................... 2146
21.50 display ap asyn-message err-info.......................................................................................................................... 2147
21.51 display ap config-fail-record................................................................................................................................... 2149
21.52 display ap coordinate................................................................................................................................................. 2150
21.53 display ap elabel.......................................................................................................................................................... 2151
21.54 display ap lldp neighbor........................................................................................................................................... 2154
21.55 display ap led................................................................................................................................................................ 2161
21.56 display ap optical-info............................................................................................................................................... 2162
21.57 display ap performance statistics.......................................................................................................................... 2165
21.58 display ap provision.................................................................................................................................................... 2168
21.59 display ap port............................................................................................................................................................. 2169
21.60 display ap power-workmode................................................................................................................................... 2172
21.61 display ap run-info......................................................................................................................................................2174
21.62 display ap service-config acl....................................................................................................................................2177
21.63 display ap uncontrol all.............................................................................................................................................2178
21.64 display ap update configuration............................................................................................................................ 2179
21.65 display ap update schedule-task........................................................................................................................... 2182
21.66 display ap update status........................................................................................................................................... 2183
21.67 display ap username.................................................................................................................................................. 2193
21.68 display ap version........................................................................................................................................................2194
21.69 display ap wired-port................................................................................................................................................. 2201
21.70 display ap-system-profile......................................................................................................................................... 2205
21.71 display ap-type............................................................................................................................................................. 2219
21.72 display distribute-ap...................................................................................................................................................2222
21.73 display mac-address ap-all...................................................................................................................................... 2229
21.74 display mac-address { ap-id | ap-name }............................................................................................................ 2231

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxvi

Fat AP and Cloud AP
Command Reference Contents

21.75 display management-vlan........................................................................................................................................2232

21.76 display port-link-profile............................................................................................................................................ 2233
21.77 display provision-ap parameter-list...................................................................................................................... 2237
21.78 display references ap-system-profile.................................................................................................................... 2239
21.79 display references port-link-profile....................................................................................................................... 2240
21.80 display references wired-port-profile................................................................................................................... 2241
21.81 display resource occupancy message................................................................................................................... 2243
21.82 display wired-port-profile.........................................................................................................................................2244
21.83 display wlan ble-link-info......................................................................................................................................... 2249
21.84 display wlan console ble statistics.........................................................................................................................2250
21.85 disk-usage threshold.................................................................................................................................................. 2252
21.86 eapol-response dest-address transform-condition.......................................................................................... 2253
21.87 eapol-response dest-address transform-to........................................................................................................ 2254
21.88 eapol-start dest-address transform-condition.................................................................................................. 2255
21.89 eapol-start dest-address transform-to................................................................................................................. 2257
21.90 eth-trunk (AP wired port profile view)................................................................................................................ 2258
21.91 high-temperature threshold.................................................................................................................................... 2259
21.92 ipsg enable (AP wired port profile view)............................................................................................................ 2260
21.93 ip-address (AP view).................................................................................................................................................. 2261
21.94 ip-address (AP provisioning view)......................................................................................................................... 2263
21.95 igmp-snooping enable (AP wired port profile view)...................................................................................... 2264
21.96 learn-client-address (AP wired port profile view)........................................................................................... 2265
21.97 led blink-time............................................................................................................................................................... 2266
21.98 led off.............................................................................................................................................................................. 2268
21.99 lldp admin-status........................................................................................................................................................ 2269
21.100 lldp dot3-tlv power (AP wired port link profile view)..................................................................................2270
21.101 lldp enable.................................................................................................................................................................. 2272
21.102 lldp message-transmission delay (AP system profile view).......................................................................2273
21.103 lldp message-transmission hold-multiplier (AP system profile view)....................................................2275
21.104 lldp message-transmission interval (AP system profile view).................................................................. 2276
21.105 lldp report enable..................................................................................................................................................... 2278
21.106 lldp report-interval................................................................................................................................................... 2279
21.107 lldp restart-delay....................................................................................................................................................... 2280
21.108 lldp tlv-enable (AP wired port link profile view)........................................................................................... 2281
21.109 lldp tlv-enable legacy-tlv four-pair-power (AP wired port link profile view)...................................... 2283
21.110 lldp tlv-enable legacy-tlv power-capability (AP wired port link profile view).................................... 2284
21.111 log-record-level......................................................................................................................................................... 2285
21.112 log-server..................................................................................................................................................................... 2287
21.113 low-temperature threshold................................................................................................................................... 2288
21.114 management-vlan.................................................................................................................................................... 2289
21.115 memory-usage threshold....................................................................................................................................... 2290
21.116 mode (AP wired port profile view)..................................................................................................................... 2291

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxvii

Fat AP and Cloud AP
Command Reference Contents

21.117 mtu (cloud central AP)........................................................................................................................................... 2293

21.118 mtu................................................................................................................................................................................ 2295
21.119 multicast-suppression auto-detect (AP system profile view)....................................................................2297
21.120 password alert before-expire (AP password policy view)........................................................................... 2298
21.121 password alert original (AP password policy view)...................................................................................... 2299
21.122 password expire (AP password policy view)....................................................................................................2300
21.123 password history record number (AP password policy view)....................................................................2301
21.124 poe af-inrush enable (AP system profile view).............................................................................................. 2302
21.125 poe disable (AP wired port link profile view)................................................................................................. 2304
21.126 poe force-power (AP wired port link profile view)....................................................................................... 2305
21.127 poe high-inrush enable (AP system profile view)......................................................................................... 2306
21.128 poe legacy enable (AP wired port link profile view).................................................................................... 2307
21.129 poe max-power (AP system profile view)........................................................................................................ 2308
21.130 poe power-reserved (AP system profile view)................................................................................................ 2309
21.131 poe power-threshold (AP system profile view).............................................................................................. 2310
21.132 poe power-off time-range (AP wired port link profile view).................................................................... 2311
21.133 poe priority (AP wired port link profile view).................................................................................................2313
21.134 port-link-profile (WLAN view)............................................................................................................................. 2314
21.135 port-link-profile (AP wired port profile view).................................................................................................2315
21.136 provision-ap................................................................................................................................................................ 2316
21.137 report-disassoc-request disable........................................................................................................................... 2317
21.138 report-sta-info enable............................................................................................................................................. 2318
21.139 reset mac-address..................................................................................................................................................... 2319
21.140 reset statistics............................................................................................................................................................. 2320
21.141 reset wlan console ble statistics.......................................................................................................................... 2321
21.142 sample-time................................................................................................................................................................ 2322
21.143 sftp server disable..................................................................................................................................................... 2323
21.144 shutdown (AP wired port link profile view).................................................................................................... 2324
21.145 ssh client first-time enable (AP system profile view).................................................................................. 2325
21.146 sta-ipv6-service enable........................................................................................................................................... 2326
21.147 stelnet server disable............................................................................................................................................... 2327
21.148 stp auto-shutdown enable (AP wired port profile view)............................................................................ 2327
21.149 stp auto-shutdown recovery-time (AP wired port profile view).............................................................. 2329
21.150 stp enable (AP wired port profile view)............................................................................................................2330
21.151 telnet enable.............................................................................................................................................................. 2331
21.152 traffic-filter (AP wired port profile view)......................................................................................................... 2332
21.153 traffic-remark (AP wired port profile view).................................................................................................... 2335
21.154 traffic-optimize (AP wired port profile view)..................................................................................................2337
21.155 traffic-optimize broadcast-suppression disable (AP system profile view)............................................ 2339
21.156 traffic-optimize broadcast-suppression rate-threshold (AP system profile view)..............................2341
21.157 traffic-optimize tcp adjust-mss............................................................................................................................ 2343
21.158 unicast-suppression auto-detect (AP system profile view)........................................................................ 2344

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxviii

Fat AP and Cloud AP
Command Reference Contents

21.159 unicast-suppression auto-detect disable (AP system profile view).........................................................2345

21.160 user-interface vty acl............................................................................................................................................... 2346
21.161 user-interface vty idle-timeout............................................................................................................................ 2348
21.162 user-interface vty screen-length.......................................................................................................................... 2349
21.163 user-isolate (AP wired port profile view)......................................................................................................... 2350
21.164 usb enable (AP system profile view)................................................................................................................. 2351
21.165 vlan pvid (AP wired port profile view).............................................................................................................. 2352
21.166 vlan (AP wired port profile view)........................................................................................................................ 2354
21.167 wired-port-profile (WLAN view)......................................................................................................................... 2356
21.168 wired-port-profile (AP group view and view).................................................................................................2358

22 WLAN Radio Resource Management Configuration Commands (Central AP)

.................................................................................................................................................. 2360
22.1 amc-policy........................................................................................................................................................................ 2364
22.2 air-scan-profile............................................................................................................................................................... 2365
22.3 air-scan-profile (radio profile view)........................................................................................................................ 2366
22.4 band-steer balance gap-threshold.......................................................................................................................... 2367
22.5 band-steer balance start-threshold......................................................................................................................... 2369
22.6 band-steer client-band-expire................................................................................................................................... 2370
22.7 band-steer deny-threshold......................................................................................................................................... 2371
22.8 band-steer disable......................................................................................................................................................... 2372
22.9 band-steer snr-threshold............................................................................................................................................. 2374
22.10 btm-fail-times.............................................................................................................................................................. 2375
22.11 calibrate auto-bandwidth-selection...................................................................................................................... 2376
22.12 calibrate auto-channel-select................................................................................................................................. 2377
22.13 calibrate auto-txpower-select................................................................................................................................. 2378
22.14 calibrate enable { auto | manual | schedule time }......................................................................................... 2379
22.15 calibrate environment-deterioration-blacklist...................................................................................................2381
22.16 calibrate error-rate-check......................................................................................................................................... 2382
22.17 calibrate error-rate-threshold..................................................................................................................................2384
22.18 calibrate tpc threshold...............................................................................................................................................2385
22.19 calibrate flexible-radio...............................................................................................................................................2386
22.20 calibrate flexible-radio disable............................................................................................................................... 2387
22.21 calibrate flexible-radio manual-recognize.......................................................................................................... 2388
22.22 calibrate max-tx-power............................................................................................................................................. 2389
22.23 calibrate min-tx-power..............................................................................................................................................2391
22.24 calibrate manual startup.......................................................................................................................................... 2392
22.25 calibrate noise-floor-threshold............................................................................................................................... 2393
22.26 calibrate policy............................................................................................................................................................. 2394
22.27 calibrate reference data-analysis disable............................................................................................................ 2396
22.28 calibrate reference data-analysis........................................................................................................................... 2397
22.29 calibrate sensitivity..................................................................................................................................................... 2398
22.30 calibrate virtual-group-size...................................................................................................................................... 2400

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xxxix

Fat AP and Cloud AP
Command Reference Contents

22.31 cca-threshold................................................................................................................................................................ 2401

22.32 channel-utilization gap-threshold......................................................................................................................... 2402
22.33 channel-utilization start-threshold....................................................................................................................... 2403
22.34 dca-channel bandwidth............................................................................................................................................ 2404
22.35 dca-channel channel-set.......................................................................................................................................... 2406
22.36 deauth-fail-times......................................................................................................................................................... 2408
22.37 deny-threshold............................................................................................................................................................. 2409
22.38 dfs recover-delay......................................................................................................................................................... 2410
22.39 dfs smart-selection disable...................................................................................................................................... 2411
22.40 display air-scan-profile.............................................................................................................................................. 2412
22.41 display ap neighbor.................................................................................................................................................... 2414
22.42 display ap neighbor (Cloud Central AP)..............................................................................................................2416
22.43 display ap traffic statistics wireless....................................................................................................................... 2419
22.44 display channel switch-record.................................................................................................................................2424
22.45 display channel switch-record (Cloud Central AP).......................................................................................... 2428
22.46 display flexible-radio status..................................................................................................................................... 2432
22.47 display flexible-radio switch-record...................................................................................................................... 2433
22.48 display references air-scan-profile........................................................................................................................ 2435
22.49 display references rrm-profile................................................................................................................................. 2436
22.50 display rrm-profile...................................................................................................................................................... 2437
22.51 display station neighbor........................................................................................................................................... 2449
22.52 display station neighbor all..................................................................................................................................... 2451
22.53 display station steer-history.................................................................................................................................... 2452
22.54 display station steer-info.......................................................................................................................................... 2455
22.55 display station steer-statistics................................................................................................................................. 2456
22.56 display station unsteerable...................................................................................................................................... 2458
22.57 display sta-load-balance fairness.......................................................................................................................... 2459
22.58 display sta-load-balance static-group.................................................................................................................. 2460
22.59 display wlan calibrate channel-set........................................................................................................................ 2464
22.60 display wlan calibrate global configuration.......................................................................................................2466
22.61 display wlan calibrate statistics.............................................................................................................................. 2468
22.62 dynamic-edca enable................................................................................................................................................. 2469
22.63 dynamic-edca threshold............................................................................................................................................2470
22.64 high-density amc-optimize enable........................................................................................................................2471
22.65 interference adjacent-channel threshold............................................................................................................ 2472
22.66 interference co-channel threshold........................................................................................................................ 2474
22.67 interference detect-enable....................................................................................................................................... 2475
22.68 interference station threshold.................................................................................................................................2476
22.69 member (static load balancing group view)..................................................................................................... 2477
22.70 mode (static load balancing group view)...........................................................................................................2478
22.71 power auto-adjust enable........................................................................................................................................ 2479
22.72 reset ap traffic statistics wireless........................................................................................................................... 2480

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xl

Fat AP and Cloud AP
Command Reference Contents

22.73 reset station steer-statistics..................................................................................................................................... 2481

22.74 reset wlan calibrate statistics.................................................................................................................................. 2482
22.75 rrm-profile (WLAN view)......................................................................................................................................... 2483
22.76 rrm-profile (radio profile view).............................................................................................................................. 2484
22.77 rssi-diff-gap................................................................................................................................................................... 2485
22.78 rssi-threshold................................................................................................................................................................ 2486
22.79 scan-channel-set......................................................................................................................................................... 2487
22.80 scan-disable.................................................................................................................................................................. 2489
22.81 scan-interval..................................................................................................................................................................2490
22.82 scan-period.................................................................................................................................................................... 2491
22.83 smart-antenna { enable | disable }....................................................................................................................... 2492
22.84 smart-antenna throughput-triggered-training................................................................................................. 2493
22.85 smart-antenna training-interval............................................................................................................................ 2494
22.86 smart-antenna training-mpdu-number...............................................................................................................2496
22.87 smart-antenna valid-per-scope.............................................................................................................................. 2497
22.88 smart-roam advanced-scan disable...................................................................................................................... 2498
22.89 smart-roam disable.................................................................................................................................................... 2499
22.90 smart-roam quick-kickoff back-off-time............................................................................................................ 2500
22.91 smart-roam quick-kickoff-snr check-interval.................................................................................................... 2501
22.92 smart-roam quick-kickoff-snr p-n criteria.......................................................................................................... 2503
22.93 smart-roam quick-kickoff-threshold.....................................................................................................................2504
22.94 smart-roam quick-kickoff-threshold { check-snr | check-rate }.................................................................. 2506
22.95 smart-roam quick-kickoff-threshold disable..................................................................................................... 2507
22.96 smart-roam roam-threshold { check-snr | check-rate }................................................................................. 2508
22.97 smart-roam roam-threshold { snr | rate }.......................................................................................................... 2510
22.98 smart-roam snr-margin.............................................................................................................................................2511
22.99 smart-roam unable-roam-client expire-time.................................................................................................... 2513
22.100 sta-load-balance dynamic btm-fail-times........................................................................................................2514
22.101 sta-load-balance dynamic channel-utilization gap-threshold.................................................................. 2516
22.102 sta-load-balance dynamic channel-utilization start-threshold.................................................................2517
22.103 sta-load-balance dynamic deauth-fail-times.................................................................................................. 2518
22.104 sta-load-balance dynamic deny-threshold...................................................................................................... 2520
22.105 sta-load-balance dynamic disable...................................................................................................................... 2521
22.106 sta-load-balance dynamic sta-number gap-threshold................................................................................ 2522
22.107 sta-load-balance dynamic probe-report interval........................................................................................... 2524
22.108 sta-load-balance dynamic rssi-diff-gap............................................................................................................ 2525
22.109 sta-load-balance dynamic rssi-threshold......................................................................................................... 2526
22.110 sta-load-balance dynamic sta-number start-threshold...............................................................................2528
22.111 sta-load-balance dynamic steer-restrict auth-threshold............................................................................. 2529
22.112 sta-load-balance dynamic steer-restrict probe-threshold...........................................................................2530
22.113 sta-load-balance dynamic steer-restrict restrict-time.................................................................................. 2532
22.114 sta-load-balance mode........................................................................................................................................... 2533

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xli

Fat AP and Cloud AP
Command Reference Contents

22.115 sta-load-balance static-group.............................................................................................................................. 2534

22.116 sta-number gap-threshold.....................................................................................................................................2535
22.117 sta-number start-threshold................................................................................................................................... 2537
22.118 steer-restrict auth-threshold................................................................................................................................. 2538
22.119 steer-restrict probe-threshold............................................................................................................................... 2540
22.120 steer-restrict restrict-time...................................................................................................................................... 2541
22.121 uac channel-utilization threshold....................................................................................................................... 2542
22.122 uac enable................................................................................................................................................................... 2544
22.123 uac client-number threshold.................................................................................................................................2545
22.124 uac client-snr threshold.......................................................................................................................................... 2547
22.125 uac reach-access-threshold................................................................................................................................... 2548

23 WLAN Roaming Commands (Central AP)................................................................ 2551

23.1 beacon disable................................................................................................................................................................ 2551
23.2 cts delay............................................................................................................................................................................ 2552
23.3 cts disable......................................................................................................................................................................... 2553
23.4 display station roam-statistics.................................................................................................................................. 2554
23.5 display station roam-track..........................................................................................................................................2557
23.6 dot11r enable.................................................................................................................................................................. 2558
23.7 sfn-roam enable............................................................................................................................................................. 2560
23.8 sfn-roam report-interval............................................................................................................................................. 2562
23.9 sfn-roam roam-check better-times......................................................................................................................... 2563
23.10 sfn-roam roam-check check-interval................................................................................................................... 2564
23.11 sfn-roam roam-check gap-rssi............................................................................................................................... 2565
23.12 sfn-roam roam-check high-threshold.................................................................................................................. 2566
23.13 sfn-roam roam-check low-threshold....................................................................................................................2567
23.14 sfn-roam roam-check rssi-accumulate................................................................................................................ 2568
23.15 sfn-roam roam-check sta-holding times............................................................................................................ 2569

24 WLAN Location Configuration Commands (Central AP)...................................... 2571

24.1 display ble-profile.......................................................................................................................................................... 2571
24.2 display location-profile................................................................................................................................................ 2575
24.3 display references location-profile...........................................................................................................................2577
24.4 display wlan ble site-info............................................................................................................................................ 2578
24.5 location-profile............................................................................................................................................................... 2581
24.6 location-profile (WLAN view)................................................................................................................................... 2582
24.7 private mu protocol-version.......................................................................................................................................2583
24.8 private mu-enable......................................................................................................................................................... 2585
24.9 private report-frequency............................................................................................................................................. 2585
24.10 private server................................................................................................................................................................ 2586
24.11 report-to-server............................................................................................................................................................2588
24.12 sniffer enable................................................................................................................................................................ 2589

25 WLAN Security Configuration Commands (Central AP)....................................... 2592

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlii

Fat AP and Cloud AP
Command Reference Contents

25.1 anti-attack flood blacklist enable............................................................................................................................ 2594

25.2 anti-attack flood disable............................................................................................................................................. 2596
25.3 anti-attack flood sta-rate-threshold....................................................................................................................... 2597
25.4 arp anti-attack check user-bind enable................................................................................................................. 2599
25.5 brute-force-detect interval......................................................................................................................................... 2600
25.6 brute-force-detect quiet-time................................................................................................................................... 2601
25.7 brute-force-detect threshold..................................................................................................................................... 2603
25.8 contain............................................................................................................................................................................... 2604
25.9 contain-mode.................................................................................................................................................................. 2605
25.10 device report-interval................................................................................................................................................. 2607
25.11 device synchronization-interval.............................................................................................................................. 2608
25.12 dhcp trust port............................................................................................................................................................. 2609
25.13 display ap radio-environment................................................................................................................................. 2610
25.14 display references wids-whitelist-profile............................................................................................................. 2613
25.15 display references wids-profile............................................................................................................................... 2614
25.16 display references wids-spoof-profile...................................................................................................................2615
25.17 display wids-whitelist-profile.................................................................................................................................. 2616
25.18 display wids-profile.....................................................................................................................................................2618
25.19 display wids-spoof-profile........................................................................................................................................ 2621
25.20 display station dynamic-blacklist........................................................................................................................... 2623
25.21 display wlan ids attack-detected........................................................................................................................... 2626
25.22 display wlan ids attack-detected statistics......................................................................................................... 2629
25.23 display wlan ids attack-history............................................................................................................................... 2632
25.24 display wlan ids contain............................................................................................................................................2634
25.25 display wlan ids device-detected........................................................................................................................... 2639
25.26 display wlan ids device-detected statistics......................................................................................................... 2645
25.27 display wlan dynamic-blacklist............................................................................................................................... 2647
25.28 display wlan ids rogue-history................................................................................................................................ 2649
25.29 display wlan ids spoof-ssid fuzzy-match.............................................................................................................2652
25.30 dynamic-blacklist aging-time..................................................................................................................................2654
25.31 dynamic-blacklist enable.......................................................................................................................................... 2655
25.32 flood-detect interval...................................................................................................................................................2656
25.33 flood-detect quiet-time............................................................................................................................................. 2657
25.34 flood-detect threshold............................................................................................................................................... 2659
25.35 ip source check user-bind enable.......................................................................................................................... 2660
25.36 learn-client-address dhcp-strict..............................................................................................................................2661
25.37 learn-client-address (VAP profile view)...............................................................................................................2662
25.38 permit-ap....................................................................................................................................................................... 2663
25.39 reset wlan ids attack-detected................................................................................................................................2667
25.40 reset wlan ids attack-detected statistics............................................................................................................. 2668
25.41 reset wlan ids attack-history................................................................................................................................... 2669
25.42 reset wlan dynamic-blacklist................................................................................................................................... 2670

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xliii

Fat AP and Cloud AP
Command Reference Contents

25.43 reset wlan ids rogue-history.................................................................................................................................... 2672

25.44 rogue-device log enable........................................................................................................................................... 2674
25.45 spoof-detect quiet-time............................................................................................................................................ 2674
25.46 spoof-ssid....................................................................................................................................................................... 2676
25.47 sta arp-nd-proxy before-assoc................................................................................................................................ 2677
25.48 weak-iv-detect quiet-time........................................................................................................................................ 2679
25.49 wids attack detect enable........................................................................................................................................ 2680
25.50 wids contain enable................................................................................................................................................... 2682
25.51 wids device detect enable........................................................................................................................................ 2683
25.52 wids manual-contain................................................................................................................................................. 2684
25.53 wids-whitelist-profile (WLAN view)..................................................................................................................... 2685
25.54 wids-whitelist-profile (WIDS profile view)......................................................................................................... 2687
25.55 wids-profile (WLAN view)........................................................................................................................................ 2688
25.56 wids-profile (AP group view and AP view)........................................................................................................ 2689
25.57 wids-spoof-profile (WLAN view)........................................................................................................................... 2690
25.58 wids-spoof-profile (WIDS profile view)............................................................................................................... 2692
25.59 work-mode.................................................................................................................................................................... 2693

26 Hotspot2.0 Configuration Commands (Central AP)...............................................2695

26.1 cellular-network-profile.............................................................................................................................................. 2697
26.2 cellular-network-profile (Hotspot2.0 profile view)............................................................................................2698
26.3 connection-capability-profile..................................................................................................................................... 2699
26.4 connection-capability-profile (Hotspot2.0 profile view).................................................................................. 2701
26.5 connection-capability................................................................................................................................................... 2702
26.6 display cellular-network-profile............................................................................................................................... 2703
26.7 display connection-capability-profile......................................................................................................................2705
26.8 display hotspot2-profile.............................................................................................................................................. 2708
26.9 display nai-realm-profile............................................................................................................................................. 2711
26.10 display operating-class-profile............................................................................................................................... 2713
26.11 display operator-domain-profile............................................................................................................................ 2714
26.12 display operator-name-profile................................................................................................................................2716
26.13 display references cellular-network-profile........................................................................................................2717
26.14 display references connection-capability-profile.............................................................................................. 2718
26.15 display references hotspot2-profile.......................................................................................................................2720
26.16 display references nai-realm-profile..................................................................................................................... 2721
26.17 display references operating-class-profile.......................................................................................................... 2722
26.18 display references operator-domain-profile...................................................................................................... 2723
26.19 display references operator-name-profile.......................................................................................................... 2724
26.20 display references roaming-consortium-profile................................................................................................2725
26.21 display references venue-name-profile............................................................................................................... 2727
26.22 display roaming-consortium-profile..................................................................................................................... 2728
26.23 display venue-name-profile..................................................................................................................................... 2730
26.24 domain-name............................................................................................................................................................... 2731

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xliv

Fat AP and Cloud AP
Command Reference Contents

26.25 hessid............................................................................................................................................................................... 2733

26.26 hotspot2-profile........................................................................................................................................................... 2734
26.27 hotspot2-profile (VAP profile view)...................................................................................................................... 2735
26.28 ipv4-address-avail....................................................................................................................................................... 2737
26.29 nai-realm-profile......................................................................................................................................................... 2738
26.30 nai-realm-profile (Hotspot2.0 profile view)...................................................................................................... 2739
26.31 nai-realm........................................................................................................................................................................ 2740
26.32 network-authen-type................................................................................................................................................. 2742
26.33 network-type................................................................................................................................................................ 2743
26.34 operating-class-indication........................................................................................................................................ 2745
26.35 operating-class-profile.............................................................................................................................................. 2746
26.36 operating-class-profile (Hotspot2.0 profile view)............................................................................................2747
26.37 operator-domain-profile........................................................................................................................................... 2748
26.38 operator-domain-profile (Hotspot2.0 profile view)........................................................................................ 2750
26.39 operator-friendly-name............................................................................................................................................. 2751
26.40 operator-name-profile...............................................................................................................................................2753
26.41 operator-name-profile (Hotspot2.0 profile view)............................................................................................2754
26.42 p2p-cross-connect disable........................................................................................................................................2755
26.43 plmn-id........................................................................................................................................................................... 2756
26.44 roaming-consortium-oi............................................................................................................................................. 2757
26.45 roaming-consortium-profile.................................................................................................................................... 2758
26.46 roaming-consortium-profile (Hotspot2.0 profile view)................................................................................. 2760
26.47 venue-name-profile.................................................................................................................................................... 2761
26.48 venue-name-profile (Hotspot2.0 profile view)................................................................................................. 2762
26.49 venue-name.................................................................................................................................................................. 2763
26.50 venue-type..................................................................................................................................................................... 2765

27 WLAN Traffic Optimization Commands (Central AP)...........................................2767

27.1 broadcast-suppression auto-detect......................................................................................................................... 2768
27.2 display wlan igmp-snooping vap-cac..................................................................................................................... 2769
27.3 igmp-snooping max-bandwidth (traffic profile view)...................................................................................... 2770
27.4 igmp-snooping max-user (traffic profile view)................................................................................................... 2771
27.5 igmp-snooping enable (traffic profile view)........................................................................................................ 2772
27.6 multicast-suppression auto-detect.......................................................................................................................... 2773
27.7 service-guarantee.......................................................................................................................................................... 2774
27.8 traffic-optimize arp-proxy enable............................................................................................................................ 2776
27.9 traffic-optimize bcmc deny all.................................................................................................................................. 2777
27.10 traffic-optimize bcmc unicast-send.......................................................................................................................2778
27.11 traffic-optimize bcmc unicast-send mismatch-action drop..........................................................................2779
27.12 traffic-optimize broadcast-suppression............................................................................................................... 2780
27.13 traffic-optimize multicast-suppression................................................................................................................ 2781
27.14 traffic-optimize multicast-unicast enable........................................................................................................... 2782
27.15 traffic-optimize multicast-unicast dynamic-adaptive disable......................................................................2783

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlv

Fat AP and Cloud AP
Command Reference Contents

27.16 traffic-optimize sta-bridge-forward disable....................................................................................................... 2784

27.17 traffic-optimize tcp adjust-mss.............................................................................................................................. 2785
27.18 traffic-optimize unicast-suppression.................................................................................................................... 2787
27.19 unicast-suppression auto-detect............................................................................................................................ 2788
27.20 unicast-suppression auto-detect disable............................................................................................................. 2789

28 VPN Configuration Commands................................................................................... 2790

28.1 IPSec Configuration Commands............................................................................................................................... 2790
28.1.1 alias................................................................................................................................................................................. 2790
28.1.2 ah authentication-algorithm.................................................................................................................................. 2791
28.1.3 anti-replay window.................................................................................................................................................... 2793
28.1.4 authentication-algorithm........................................................................................................................................ 2794
28.1.5 authentication-method............................................................................................................................................ 2795
28.1.6 certificate-request empty-payload enable........................................................................................................ 2796
28.1.7 dh..................................................................................................................................................................................... 2797
28.1.8 diagnose ipsec data-flow.........................................................................................................................................2798
28.1.9 diagnose ipsec interface.......................................................................................................................................... 2800
28.1.10 diagnose ipsec peer................................................................................................................................................. 2801
28.1.11 display ike error-info............................................................................................................................................... 2803
28.1.12 display ike global config........................................................................................................................................2809
28.1.13 display ike offline-info........................................................................................................................................... 2811
28.1.14 display ike identity...................................................................................................................................................2813
28.1.15 display ike peer (all views)................................................................................................................................... 2815
28.1.16 display ike peer (User view).................................................................................................................................2822
28.1.17 display ike proposal (all views)...........................................................................................................................2830
28.1.18 display ike proposal (User view)........................................................................................................................ 2833
28.1.19 display ike sa............................................................................................................................................................. 2836
28.1.20 display ike statistics.................................................................................................................................................2845
28.1.21 display ikev2 statistics............................................................................................................................................ 2849
28.1.22 display ipsec global config....................................................................................................................................2860
28.1.23 display ipsec interface brief..................................................................................................................................2863
28.1.24 display ipsec history record.................................................................................................................................. 2864
28.1.25 display ipsec policy (all views)............................................................................................................................ 2866
28.1.26 display ipsec policy (User view).......................................................................................................................... 2872
28.1.27 display ipsec policy-template (all views).........................................................................................................2878
28.1.28 display ipsec policy-template (User view)...................................................................................................... 2883
28.1.29 display ipsec proposal (All views)...................................................................................................................... 2887
28.1.30 display ipsec proposal (User view).................................................................................................................... 2889
28.1.31 display ipsec sa......................................................................................................................................................... 2891
28.1.32 display ipsec statistics............................................................................................................................................ 2897
28.1.33 display ipsec statistics route.................................................................................................................................2901
28.1.34 dn.................................................................................................................................................................................. 2904
28.1.35 dpd................................................................................................................................................................................ 2905

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlvi

Fat AP and Cloud AP
Command Reference Contents

28.1.36 dpd msg...................................................................................................................................................................... 2907

28.1.37 dpd msg notify-hash-sequence learning......................................................................................................... 2908
28.1.38 dpd packet receive if-related enable.................................................................................................................2909
28.1.39 dpd type...................................................................................................................................................................... 2910
28.1.40 dscp............................................................................................................................................................................... 2912
28.1.41 encapsulation-mode............................................................................................................................................... 2913
28.1.42 encryption-algorithm..............................................................................................................................................2914
28.1.43 esp authentication-algorithm..............................................................................................................................2915
28.1.44 esp encryption-algorithm......................................................................................................................................2917
28.1.45 exchange-mode........................................................................................................................................................ 2918
28.1.46 fqdn.............................................................................................................................................................................. 2919
28.1.47 ike call admission limit in-negotiation-sa....................................................................................................... 2920
28.1.48 ike dscp........................................................................................................................................................................ 2921
28.1.49 ike heartbeat............................................................................................................................................................. 2922
28.1.50 ike heartbeat-timer interval................................................................................................................................. 2924
28.1.51 ike heartbeat-timer timeout................................................................................................................................ 2925
28.1.52 ike identity..................................................................................................................................................................2926
28.1.53 ike local-name.......................................................................................................................................................... 2927
28.1.54 ike nat-keepalive-timer interval......................................................................................................................... 2928
28.1.55 ike peer........................................................................................................................................................................ 2929
28.1.56 ike proposal............................................................................................................................................................... 2930
28.1.57 ike-peer....................................................................................................................................................................... 2932
28.1.58 ike-proposal............................................................................................................................................................... 2933
28.1.59 ikev1 phase1-phase2 sa dependent.................................................................................................................. 2934
28.1.60 ikev2 authentication sign-hash........................................................................................................................... 2935
28.1.61 ikev2 cookie-challenge...........................................................................................................................................2937
28.1.62 ikev2 delete old child-sa enable......................................................................................................................... 2938
28.1.63 ikev2 fragmentation............................................................................................................................................... 2939
28.1.64 ikev2 id-match-certificate enable...................................................................................................................... 2940
28.1.65 ikev2 initial-contact enable.................................................................................................................................. 2941
28.1.66 inband crl.................................................................................................................................................................... 2942
28.1.67 inband ocsp................................................................................................................................................................ 2943
28.1.68 integrity-algorithm.................................................................................................................................................. 2944
28.1.69 ip address....................................................................................................................................................................2945
28.1.70 ipsec anti-replay enable........................................................................................................................................ 2946
28.1.71 ipsec anti-replay window...................................................................................................................................... 2948
28.1.72 ipsec decrypt check................................................................................................................................................. 2949
28.1.73 ipsec df-bit................................................................................................................................................................. 2950
28.1.74 ipsec fragmentation before-encryption........................................................................................................... 2951
28.1.75 ipsec invalid-spi-recovery enable........................................................................................................................2952
28.1.76 ipsec netmask........................................................................................................................................................... 2953
28.1.77 ipsec policy shared.................................................................................................................................................. 2955

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlvii

Fat AP and Cloud AP
Command Reference Contents

28.1.78 ipsec policy (interface view)................................................................................................................................ 2956

28.1.79 ipsec policy (system view).................................................................................................................................... 2957
28.1.80 ipsec policy-template............................................................................................................................................. 2960
28.1.81 ipsec proposal........................................................................................................................................................... 2961
28.1.82 ipsec remote traffic-identical accept................................................................................................................. 2962
28.1.83 ipsec sa global-duration........................................................................................................................................ 2964
28.1.84 ipsec tunnel-index based remote-ip.................................................................................................................. 2966
28.1.85 lifetime-notification-message enable............................................................................................................... 2967
28.1.86 local-address..............................................................................................................................................................2969
28.1.87 local-id-type...............................................................................................................................................................2970
28.1.88 local-id......................................................................................................................................................................... 2973
28.1.89 local-id-preference certificate enable (Central AP)..................................................................................... 2974
28.1.90 local-id-reflect enable............................................................................................................................................ 2975
28.1.91 match ike-identity................................................................................................................................................... 2976
28.1.92 nat traversal...............................................................................................................................................................2977
28.1.93 pfs..................................................................................................................................................................................2978
28.1.94 pki realm..................................................................................................................................................................... 2980
28.1.95 policy enable............................................................................................................................................................. 2981
28.1.96 pre-shared-key (IKE peer view).......................................................................................................................... 2982
28.1.97 prf.................................................................................................................................................................................. 2984
28.1.98 proposal...................................................................................................................................................................... 2985
28.1.99 re-authentication interval..................................................................................................................................... 2987
28.1.100 remote-address (IKE peer view)....................................................................................................................... 2988
28.1.101 remote-id..................................................................................................................................................................2990
28.1.102 remote-id-type....................................................................................................................................................... 2991
28.1.103 reset ike error-info.................................................................................................................................................2993
28.1.104 reset ike offline-info............................................................................................................................................. 2994
28.1.105 reset ike sa............................................................................................................................................................... 2995
28.1.106 reset ike statistics.................................................................................................................................................. 2996
28.1.107 reset ipsec history record.................................................................................................................................... 2997
28.1.108 reset ipsec sa........................................................................................................................................................... 2998
28.1.109 reset ipsec statistics.............................................................................................................................................. 3000
28.1.110 reset ipsec statistics route.................................................................................................................................. 3000
28.1.111 respond-only enable.............................................................................................................................................3001
28.1.112 route inject...............................................................................................................................................................3002
28.1.113 rsa signature-padding.......................................................................................................................................... 3004
28.1.114 sa authentication-hex.......................................................................................................................................... 3005
28.1.115 sa duration (IKE proposal view)....................................................................................................................... 3008
28.1.116 sa duration (ISAKMP IPSec policy view, IPSec policy template view, IPSec profile view)............ 3010
28.1.117 sa keep-holding-to hard-duration................................................................................................................... 3013
28.1.118 sa encryption-hex.................................................................................................................................................. 3014
28.1.119 sa spi.......................................................................................................................................................................... 3016

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlviii

Fat AP and Cloud AP
Command Reference Contents

28.1.120 sa string-key............................................................................................................................................................ 3018

28.1.121 sa trigger-mode......................................................................................................................................................3021
28.1.122 security acl............................................................................................................................................................... 3022
28.1.123 transform.................................................................................................................................................................. 3024
28.1.124 tunnel local.............................................................................................................................................................. 3025
28.1.125 tunnel remote (Manual IPSec policy view).................................................................................................. 3027
28.1.126 tunnel remote (ISAKMP IPSec policy view, IPSec policy template view, IPSec profile view)...... 3028
28.1.127 version....................................................................................................................................................................... 3029
28.1.128 user-fqdn.................................................................................................................................................................. 3030

29 Reliability Commands....................................................................................................3032
29.1 BFD Configuration Commands................................................................................................................................. 3032
29.1.1 bfd................................................................................................................................................................................... 3032
29.1.2 bfd bind peer-ip.......................................................................................................................................................... 3033
29.1.3 bfd bind peer-ip default-ip...................................................................................................................................... 3035
29.1.4 bfd bind peer-ip source-ip auto.............................................................................................................................3038
29.1.5 bfd one-arm-echo...................................................................................................................................................... 3040
29.1.6 bfd bfd-name............................................................................................................................................................... 3042
29.1.7 bfd session nonexistent-config-check................................................................................................................. 3044
29.1.8 commit........................................................................................................................................................................... 3044
29.1.9 default-ip-address...................................................................................................................................................... 3046
29.1.10 description (BFD session view)........................................................................................................................... 3047
29.1.11 detect-multiplier.......................................................................................................................................................3048
29.1.12 discriminator..............................................................................................................................................................3050
29.1.13 display bfd configuration...................................................................................................................................... 3051
29.1.14 display bfd interface............................................................................................................................................... 3055
29.1.15 display bfd session................................................................................................................................................... 3056
29.1.16 display bfd statistics................................................................................................................................................ 3062
29.1.17 display bfd statistics session................................................................................................................................ 3066
29.1.18 display bfd ttl............................................................................................................................................................ 3069
29.1.19 display snmp-agent trap feature-name bfd all............................................................................................. 3070
29.1.20 min-echo-rx-interval............................................................................................................................................... 3072
29.1.21 min-rx-interval.......................................................................................................................................................... 3073
29.1.22 min-tx-interval.......................................................................................................................................................... 3075
29.1.23 multi-hop.................................................................................................................................................................... 3076
29.1.24 peer-ip ttl.................................................................................................................................................................... 3078
29.1.25 process-interface-status........................................................................................................................................ 3079
29.1.26 reset bfd statistics.................................................................................................................................................... 3081
29.1.27 shutdown (BFD session view)............................................................................................................................. 3082
29.1.28 snmp-agent bfd trap-interval.............................................................................................................................. 3083
29.1.29 snmp-agent trap enable feature-name bfd....................................................................................................3084
29.1.30 tos-exp......................................................................................................................................................................... 3086
29.1.31 wtr................................................................................................................................................................................. 3087

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. xlix

Fat AP and Cloud AP
Command Reference Contents

29.2 VRRP Configuration Commands............................................................................................................................... 3088

29.2.1 admin-vrrp vrid........................................................................................................................................................... 3088
29.2.2 display snmp-agent trap feature-name vrrp all.............................................................................................. 3089
29.2.3 display vrrp................................................................................................................................................................... 3091
29.2.4 display vrrp admin-vrrp............................................................................................................................................3096
29.2.5 display vrrp binding admin-vrrp........................................................................................................................... 3097
29.2.6 display vrrp binding admin-vrrp member-vrrp................................................................................................ 3099
29.2.7 display vrrp protocol-information........................................................................................................................ 3101
29.2.8 display vrrp state-change interface vrid.............................................................................................................3102
29.2.9 display vrrp statistics................................................................................................................................................. 3106
29.2.10 reset vrrp statistics.................................................................................................................................................. 3109
29.2.11 snmp-agent trap enable feature-name vrrp.................................................................................................. 3110
29.2.12 vrrp gratuitous-arp timeout................................................................................................................................. 3111
29.2.13 vrrp gratuitous-arp timeout disable.................................................................................................................. 3113
29.2.14 vrrp recover-delay.................................................................................................................................................... 3113
29.2.15 vrrp timer-advertise learning enable................................................................................................................ 3115
29.2.16 vrrp un-check ttl.......................................................................................................................................................3116
29.2.17 vrrp version................................................................................................................................................................ 3117
29.2.18 vrrp version-3 send-packet-mode...................................................................................................................... 3118
29.2.19 vrrp vrid authentication-mode............................................................................................................................ 3119
29.2.20 vrrp vrid preempt-mode disable......................................................................................................................... 3121
29.2.21 vrrp vrid preempt-mode timer delay................................................................................................................ 3122
29.2.22 vrrp vrid priority....................................................................................................................................................... 3124
29.2.23 vrrp vrid timer advertise........................................................................................................................................ 3125
29.2.24 vrrp vrid track admin-vrrp vrid............................................................................................................................3126
29.2.25 vrrp vrid track bfd-session.................................................................................................................................... 3128
29.2.26 vrrp vrid track interface......................................................................................................................................... 3130
29.2.27 vrrp vrid version-3 send-packet-mode............................................................................................................. 3132
29.2.28 vrrp vrid virtual-ip....................................................................................................................................................3134

30 User Access and Authentication Commands........................................................... 3136

30.1 AAA Configuration Commands................................................................................................................................. 3136
30.1.1 aaa................................................................................................................................................................................... 3136
30.1.2 aaa-author session-timeout invalid-value enable.......................................................................................... 3137
30.1.3 aaa abnormal-offline-record..................................................................................................................................3138
30.1.4 aaa offline-record...................................................................................................................................................... 3139
30.1.5 aaa online-fail-record............................................................................................................................................... 3140
30.1.6 aaa-authen-bypass.................................................................................................................................................... 3141
30.1.7 aaa-author-bypass..................................................................................................................................................... 3142
30.1.8 aaa-author-cmd-bypass........................................................................................................................................... 3144
30.1.9 aaa-quiet administrator except-list......................................................................................................................3145
30.1.10 access-user remote authen-fail...........................................................................................................................3146
30.1.11 accounting dual-stack separate.......................................................................................................................... 3148

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. l

Fat AP and Cloud AP
Command Reference Contents

30.1.12 accounting interim-fail.......................................................................................................................................... 3149

30.1.13 accounting realtime................................................................................................................................................ 3151
30.1.14 accounting start-fail................................................................................................................................................3152
30.1.15 accounting-mode..................................................................................................................................................... 3154
30.1.16 accounting-scheme (AAA domain view)......................................................................................................... 3155
30.1.17 accounting-scheme (authentication profile view)....................................................................................... 3156
30.1.18 accounting-scheme (AAA view)......................................................................................................................... 3158
30.1.19 admin-user privilege level.................................................................................................................................... 3159
30.1.20 administrator remote authen-fail...................................................................................................................... 3162
30.1.21 authentication-mode (authentication scheme view)..................................................................................3163
30.1.22 authentication-scheme (AAA domain view).................................................................................................. 3166
30.1.23 authentication-scheme (authentication profile view)................................................................................ 3167
30.1.24 authentication-scheme (AAA view).................................................................................................................. 3168
30.1.25 authentication-type radius chap access-type admin...................................................................................3170
30.1.26 authentication { roam-accounting | update-ip-accounting } * enable.................................................. 3172
30.1.27 authentication roam-accounting update-session-mode............................................................................ 3173
30.1.28 authorization-cmd................................................................................................................................................... 3174
30.1.29 authorization-info check-fail policy................................................................................................................... 3176
30.1.30 authorization-mode................................................................................................................................................ 3177
30.1.31 authorization-modify mode................................................................................................................................. 3179
30.1.32 authorization-scheme (AAA domain view).................................................................................................... 3181
30.1.33 authorization-scheme (authentication profile view).................................................................................. 3182
30.1.34 authorization-scheme (AAA view).....................................................................................................................3183
30.1.35 cmd recording-scheme...........................................................................................................................................3185
30.1.36 cut access-user.......................................................................................................................................................... 3186
30.1.37 display aaa................................................................................................................................................................. 3189
30.1.38 display aaa configuration..................................................................................................................................... 3198
30.1.39 display aaa statistics access-type-authenreq................................................................................................. 3201
30.1.40 display aaa statistics offline-reason.................................................................................................................. 3202
30.1.41 display aaa-quiet administrator except-list.................................................................................................... 3203
30.1.42 display access-user (all views)............................................................................................................................ 3204
30.1.43 display accounting-scheme.................................................................................................................................. 3212
30.1.44 display authentication-scheme........................................................................................................................... 3215
30.1.45 display authorization-scheme............................................................................................................................. 3218
30.1.46 display domain......................................................................................................................................................... 3220
30.1.47 display local-access-code...................................................................................................................................... 3223
30.1.48 display local-user..................................................................................................................................................... 3224
30.1.49 display local-user expire-time............................................................................................................................. 3230
30.1.50 display local-aaa-user password policy............................................................................................................3231
30.1.51 display recording-scheme..................................................................................................................................... 3233
30.1.52 display remote-user authen-fail......................................................................................................................... 3234
30.1.53 display service-scheme...........................................................................................................................................3237

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. li

Fat AP and Cloud AP
Command Reference Contents

30.1.54 dns (service scheme view).................................................................................................................................... 3239

30.1.55 domain (AAA view)................................................................................................................................................. 3240
30.1.56 domain (system view)............................................................................................................................................3242
30.1.57 domain-location....................................................................................................................................................... 3243
30.1.58 domain-name-delimiter........................................................................................................................................ 3245
30.1.59 domainname-parse-direction.............................................................................................................................. 3246
30.1.60 idle-cut (service scheme view)............................................................................................................................ 3248
30.1.61 local-aaa-user wrong-password......................................................................................................................... 3249
30.1.62 local-access-code..................................................................................................................................................... 3251
30.1.63 local-aaa-user password policy access-user................................................................................................... 3253
30.1.64 local-aaa-user password policy administrator...............................................................................................3253
30.1.65 local-user (AAA view)............................................................................................................................................ 3255
30.1.66 local-user change-password................................................................................................................................ 3263
30.1.67 local-user expire-date............................................................................................................................................ 3264
30.1.68 local-user password................................................................................................................................................ 3266
30.1.69 local-user service-type........................................................................................................................................... 3268
30.1.70 local-user time-range............................................................................................................................................. 3271
30.1.71 outbound recording-scheme................................................................................................................................ 3273
30.1.72 password alert before-expire............................................................................................................................... 3274
30.1.73 password alert original.......................................................................................................................................... 3275
30.1.74 password expire........................................................................................................................................................ 3277
30.1.75 password history record number........................................................................................................................ 3278
30.1.76 permit-domain.......................................................................................................................................................... 3279
30.1.77 recording-mode hwtacacs.....................................................................................................................................3280
30.1.78 recording-scheme.................................................................................................................................................... 3281
30.1.79 redirect-acl................................................................................................................................................................. 3283
30.1.80 remote-user authen-fail unblock....................................................................................................................... 3284
30.1.81 reset aaa..................................................................................................................................................................... 3285
30.1.82 reset aaa statistics access-type-authenreq..................................................................................................... 3286
30.1.83 reset aaa statistics offline-reason...................................................................................................................... 3287
30.1.84 reset access-user statistics.................................................................................................................................... 3288
30.1.85 reset local-user password history record......................................................................................................... 3288
30.1.86 security-name enable............................................................................................................................................. 3289
30.1.87 security-name-delimiter........................................................................................................................................ 3290
30.1.88 server no-response accounting........................................................................................................................... 3292
30.1.89 service-scheme (aaa domain view)................................................................................................................... 3293
30.1.90 service-scheme (AAA view).................................................................................................................................. 3294
30.1.91 state (AAA domain view)...................................................................................................................................... 3295
30.1.92 statistic enable (AAA domain view).................................................................................................................. 3296
30.1.93 statistic enable (authentication profile view)................................................................................................ 3297
30.1.94 system recording-scheme..................................................................................................................................... 3298
30.1.95 user-group (AAA domain view).......................................................................................................................... 3299

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lii

Fat AP and Cloud AP
Command Reference Contents

30.1.96 user-password complexity-check........................................................................................................................3301

30.2 RADIUS Configuration Commands.......................................................................................................................... 3302
30.2.1 called-station-id mac-format................................................................................................................................. 3302
30.2.2 called-station-id wlan-user-format...................................................................................................................... 3303
30.2.3 calling-station-id mac-format................................................................................................................................ 3305
30.2.4 display radius-attribute............................................................................................................................................ 3307
30.2.5 display radius-attribute check................................................................................................................................3309
30.2.6 display radius-attribute disable............................................................................................................................. 3311
30.2.7 display radius-attribute translate......................................................................................................................... 3312
30.2.8 display radius-server accounting-stop-packet..................................................................................................3314
30.2.9 display radius-server authorization configuration.......................................................................................... 3315
30.2.10 display radius-server configuration................................................................................................................... 3318
30.2.11 display radius-server dead-interval dead-count detect-cycle...................................................................3323
30.2.12 display radius-server item..................................................................................................................................... 3324
30.2.13 display radius-server max-unresponsive-interval......................................................................................... 3327
30.2.14 display radius-server session-manage configuration.................................................................................. 3328
30.2.15 display snmp-agent trap feature-name radius all........................................................................................3329
30.2.16 radius-attribute check............................................................................................................................................ 3331
30.2.17 radius-attribute disable..........................................................................................................................................3332
30.2.18 radius-attribute nas-ip........................................................................................................................................... 3333
30.2.19 radius-attribute nas-ip (system view).............................................................................................................. 3335
30.2.20 radius-attribute service-type with-authenonly-reauthen.......................................................................... 3336
30.2.21 radius-attribute set..................................................................................................................................................3337
30.2.22 radius-attribute translate...................................................................................................................................... 3339
30.2.23 radius-reject local.................................................................................................................................................... 3343
30.2.24 radius-server (aaa domain view)....................................................................................................................... 3344
30.2.25 radius-server (authentication profile view).................................................................................................... 3345
30.2.26 radius-server accounting....................................................................................................................................... 3346
30.2.27 radius-server accounting-stop-packet resend................................................................................................ 3349
30.2.28 radius-server algorithm......................................................................................................................................... 3350
30.2.29 radius-server attribute message-authenticator access-request...............................................................3352
30.2.30 radius-server attribute translate......................................................................................................................... 3353
30.2.31 radius-server authentication................................................................................................................................ 3354
30.2.32 radius-server authorization.................................................................................................................................. 3357
30.2.33 radius-server authorization attribute-decode-sameastemplate..............................................................3359
30.2.34 radius-server authorization attribute-encode-sameastemplate..............................................................3361
30.2.35 radius-server authorization calling-station-id decode-mac-format....................................................... 3363
30.2.36 radius-server authorization match-type.......................................................................................................... 3365
30.2.37 radius-server dead-detect-condition by-server-ip........................................................................................ 3366
30.2.38 radius-server dead-interval dead-count detect-cycle..................................................................................3368
30.2.39 radius-server detect-server interval................................................................................................................... 3369
30.2.40 radius-server detect-server timeout.................................................................................................................. 3370

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. liii

Fat AP and Cloud AP
Command Reference Contents

30.2.41 radius-server detect-server up-server interval............................................................................................... 3373

30.2.42 radius-server format-attribute............................................................................................................................ 3374
30.2.43 radius-server hw-ap-info-format include-ap-ip............................................................................................ 3377
30.2.44 radius-server hw-dhcp-option-format.............................................................................................................. 3378
30.2.45 radius-server max-unresponsive-interval........................................................................................................ 3379
30.2.46 radius-server nas-identifier-format................................................................................................................... 3380
30.2.47 radius-server nas-port-format............................................................................................................................. 3381
30.2.48 radius-server nas-port-id-format........................................................................................................................3383
30.2.49 radius-server retransmit timeout....................................................................................................................... 3384
30.2.50 radius-server dead-time........................................................................................................................................ 3386
30.2.51 radius-server session-manage............................................................................................................................. 3387
30.2.52 radius-server shared-key (RADIUS server template view)........................................................................ 3388
30.2.53 radius-server shared-key (system view).......................................................................................................... 3390
30.2.54 radius-server support chargeable-user-identity............................................................................................ 3391
30.2.55 radius-server template........................................................................................................................................... 3393
30.2.56 radius-server testuser............................................................................................................................................. 3394
30.2.57 radius-server traffic-unit....................................................................................................................................... 3396
30.2.58 radius-server user-name domain-included..................................................................................................... 3397
30.2.59 reset radius-server accounting-stop-packet................................................................................................... 3399
30.2.60 snmp-agent trap enable feature-name radius.............................................................................................. 3400
30.2.61 test-aaa....................................................................................................................................................................... 3401
30.3 HWTACACS Configuration Commands.................................................................................................................. 3405
30.3.1 display hwtacacs-server accounting-stop-packet........................................................................................... 3405
30.3.2 display hwtacacs-server template........................................................................................................................ 3407
30.3.3 display hwtacacs-server template verbose........................................................................................................3410
30.3.4 hwtacacs enable......................................................................................................................................................... 3417
30.3.5 hwtacacs-server.......................................................................................................................................................... 3418
30.3.6 hwtacacs-server (authentication profile view)................................................................................................ 3419
30.3.7 hwtacacs-server accounting................................................................................................................................... 3420
30.3.8 hwtacacs-server accounting-stop-packet resend............................................................................................ 3422
30.3.9 hwtacacs-server authentication............................................................................................................................ 3423
30.3.10 hwtacacs-server authorization............................................................................................................................ 3425
30.3.11 hwtacacs-server shared-key................................................................................................................................. 3427
30.3.12 hwtacacs-server source-ip.................................................................................................................................... 3428
30.3.13 hwtacacs-server source-ip (system view)........................................................................................................3430
30.3.14 hwtacacs-server template.....................................................................................................................................3431
30.3.15 hwtacacs-server timer quiet................................................................................................................................ 3432
30.3.16 hwtacacs-server timer response-timeout........................................................................................................ 3433
30.3.17 hwtacacs-server traffic-unit................................................................................................................................. 3435
30.3.18 hwtacacs-server user-name domain-included............................................................................................... 3436
30.3.19 hwtacacs-user change-password hwtacacs-server...................................................................................... 3437
30.3.20 reset hwtacacs-server accounting-stop-packet............................................................................................. 3438

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. liv

Fat AP and Cloud AP
Command Reference Contents

30.3.21 reset hwtacacs-server statistics...........................................................................................................................3439

30.4 LDAP Configuration Commands (Central AP)..................................................................................................... 3440
30.4.1 display ldap-server configuration......................................................................................................................... 3440
30.4.2 display ldap-server template..................................................................................................................................3441
30.4.3 ldap-server authentication...................................................................................................................................... 3444
30.4.4 ldap-server authentication base-dn.................................................................................................................... 3446
30.4.5 ldap-server authentication manager...................................................................................................................3447
30.4.6 ldap-server authentication manager-anonymous enable............................................................................3450
30.4.7 ldap-server authentication manager-password...............................................................................................3451
30.4.8 ldap-server authentication manager-with-base-dn enable.........................................................................3453
30.4.9 ldap-server authorization bind-user enable..................................................................................................... 3454
30.4.10 ldap-server group-filter......................................................................................................................................... 3455
30.4.11 ldap-server server-type.......................................................................................................................................... 3456
30.4.12 ldap-server ssl version............................................................................................................................................ 3456
30.4.13 ldap-server template.............................................................................................................................................. 3458
30.4.14 ldap-server user-filter............................................................................................................................................. 3459
30.4.15 ldap-server (aaa domain view)...........................................................................................................................3460
30.4.16 ldap-server (authentication profile view)....................................................................................................... 3461
30.5 AD Configuration Commands (Central AP)......................................................................................................... 3462
30.5.1 ad-server authentication......................................................................................................................................... 3462
30.5.2 ad-server authentication base-dn........................................................................................................................ 3463
30.5.3 ad-server authentication host-name................................................................................................................... 3464
30.5.4 ad-server authentication ldap-port......................................................................................................................3465
30.5.5 ad-server authentication manager...................................................................................................................... 3466
30.5.6 ad-server authentication manager-anonymous enable............................................................................... 3468
30.5.7 ad-server authentication manager-with-base-dn enable............................................................................ 3469
30.5.8 ad-server authorization bind-user enable......................................................................................................... 3470
30.5.9 ad-server group-filter............................................................................................................................................... 3471
30.5.10 ad-server template.................................................................................................................................................. 3472
30.5.11 ad-server user-filter................................................................................................................................................ 3473
30.5.12 ad-server (aaa domain view).............................................................................................................................. 3474
30.5.13 ad-server (authentication profile view)........................................................................................................... 3475
30.5.14 display ad-server template................................................................................................................................... 3476
30.6 NAC Configuration Commands................................................................................................................................ 3478
30.6.1 access-domain............................................................................................................................................................. 3479
30.6.2 acl-id (user group view)...........................................................................................................................................3481
30.6.3 authentication event action authorize................................................................................................................3482
30.6.4 authentication event authen-server-up action re-authen........................................................................... 3484
30.6.5 authentication event client-no-response action authorize.......................................................................... 3485
30.6.6 authentication event portal-server-down action authorize........................................................................ 3486
30.6.7 authentication event portal-server-up action re-authen..............................................................................3488
30.6.8 authentication ip-address in-accounting-start................................................................................................ 3489

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lv

Fat AP and Cloud AP
Command Reference Contents

30.6.9 authentication ip-conflict-check enable............................................................................................................. 3490

30.6.10 authentication roam pre-authen mac-authen enable................................................................................ 3491
30.6.11 authentication single-access................................................................................................................................ 3492
30.6.12 authentication speed-limit auto......................................................................................................................... 3493
30.6.13 authentication user-alarm percentage............................................................................................................. 3494
30.6.14 authentication-profile (VAP profile view)....................................................................................................... 3495
30.6.15 authentication-profile (system view)............................................................................................................... 3497
30.6.16 authentication portal-ip-trigger......................................................................................................................... 3498
30.6.17 authentication termination-action reauthenticate...................................................................................... 3499
30.6.18 authorize..................................................................................................................................................................... 3500
30.6.19 display access-user.................................................................................................................................................. 3502
30.6.20 display authentication-profile configuration..................................................................................................3505
30.6.21 display authentication user-alarm configuration......................................................................................... 3514
30.6.22 display dot1x............................................................................................................................................................. 3515
30.6.23 display dot1x-access-profile configuration..................................................................................................... 3522
30.6.24 display dot1x quiet-user........................................................................................................................................ 3524
30.6.25 display free-rule-template configuration........................................................................................................ 3526
30.6.26 display mac-access-profile configuration........................................................................................................ 3527
30.6.27 display mac-authen................................................................................................................................................. 3532
30.6.28 display mac-authen quiet-user........................................................................................................................... 3537
30.6.29 display portal............................................................................................................................................................. 3538
30.6.30 display portal local-server connect.................................................................................................................... 3541
30.6.31 display portal local-server.................................................................................................................................... 3543
30.6.32 display portal local-server page-information................................................................................................ 3551
30.6.33 display portal local-server wechat-authen user (Central AP).................................................................. 3552
30.6.34 display portal user-logout..................................................................................................................................... 3554
30.6.35 display portal-access-profile configuration.................................................................................................... 3555
30.6.36 display portal quiet-user....................................................................................................................................... 3559
30.6.37 display portal url-encode configuration.......................................................................................................... 3560
30.6.38 display server-detect state.................................................................................................................................... 3561
30.6.39 display url-template................................................................................................................................................3563
30.6.40 display user-group................................................................................................................................................... 3566
30.6.41 display web-auth-server configuration............................................................................................................ 3568
30.6.42 display webmng configuration........................................................................................................................... 3575
30.6.43 dot1x abnormal-track cache-record-num....................................................................................................... 3577
30.6.44 dot1x authentication-method............................................................................................................................. 3578
30.6.45 dot1x eap-notify-packet........................................................................................................................................ 3580
30.6.46 dot1x quiet-period................................................................................................................................................... 3581
30.6.47 dot1x quiet-times.....................................................................................................................................................3582
30.6.48 dot1x reauthenticate mac-address.................................................................................................................... 3583
30.6.49 dot1x reauthenticate.............................................................................................................................................. 3584
30.6.50 dot1x retry.................................................................................................................................................................. 3586

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lvi

Fat AP and Cloud AP
Command Reference Contents

30.6.51 dot1x timer................................................................................................................................................................ 3587

30.6.52 dot1x timer tx-period............................................................................................................................................. 3589
30.6.53 dot1x timer quiet-period....................................................................................................................................... 3590
30.6.54 dot1x-access-profile (authentication profile view)...................................................................................... 3591
30.6.55 dot1x-access-profile (system view)................................................................................................................... 3592
30.6.56 free-rule...................................................................................................................................................................... 3593
30.6.57 free-rule-template (authentication profile view)......................................................................................... 3596
30.6.58 free-rule-template (system view)...................................................................................................................... 3597
30.6.59 http get-method enable........................................................................................................................................ 3599
30.6.60 http-method post.................................................................................................................................................... 3600
30.6.61 mac-access-profile (authentication profile view).........................................................................................3605
30.6.62 mac-access-profile (system view)...................................................................................................................... 3606
30.6.63 mac-authen authentication-method.................................................................................................................3608
30.6.64 mac-authen quiet-times........................................................................................................................................ 3609
30.6.65 mac-authen reauthenticate mac-address........................................................................................................3610
30.6.66 mac-authen reauthenticate.................................................................................................................................. 3611
30.6.67 mac-authen timer quiet-period.......................................................................................................................... 3612
30.6.68 mac-authen timer reauthenticate-period........................................................................................................3613
30.6.69 mac-authen username........................................................................................................................................... 3615
30.6.70 parameter................................................................................................................................................................... 3618
30.6.71 polling-time (Central AP)......................................................................................................................................3620
30.6.72 port (Portal server template view).................................................................................................................... 3621
30.6.73 portal captive-adaptive enable........................................................................................................................... 3622
30.6.74 portal captive-bypass enable............................................................................................................................... 3624
30.6.75 portal https-redirect enable (Cloud AP).......................................................................................................... 3625
30.6.76 portal http-proxy-redirect enable.......................................................................................................................3626
30.6.77 portal local-server access-code........................................................................................................................... 3627
30.6.78 portal local-server ad-image load..................................................................................................................... 3628
30.6.79 portal local-server anonymous........................................................................................................................... 3630
30.6.80 portal local-server authentication-method.................................................................................................... 3632
30.6.81 portal local-server background-color............................................................................................................... 3633
30.6.82 portal local-server background-image load................................................................................................... 3634
30.6.83 portal local-server enable..................................................................................................................................... 3636
30.6.84 portal local-server ip...............................................................................................................................................3637
30.6.85 portal local-server keep-alive.............................................................................................................................. 3639
30.6.86 portal local-server load..........................................................................................................................................3640
30.6.87 portal local-server logo load................................................................................................................................3642
30.6.88 portal local-server max-user................................................................................................................................ 3644
30.6.89 portal local-server................................................................................................................................................... 3645
30.6.90 portal local-server page-text load..................................................................................................................... 3647
30.6.91 portal local-server policy-text load....................................................................................................................3649
30.6.92 portal local-server pre-auth-suppression (Central AP)...............................................................................3651

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lvii

Fat AP and Cloud AP
Command Reference Contents

30.6.93 portal local-server redirect-url enable.............................................................................................................. 3652

30.6.94 portal local-server timer pre-auth time (Central AP)................................................................................. 3653
30.6.95 portal local-server timer session-timeout....................................................................................................... 3655
30.6.96 portal local-server url............................................................................................................................................. 3656
30.6.97 portal local-server syslog-limit enable............................................................................................................. 3657
30.6.98 portal local-server syslog-limit period..............................................................................................................3658
30.6.99 portal local-server default-language................................................................................................................ 3659
30.6.100 portal local-server wechat (Central AP)........................................................................................................ 3660
30.6.101 portal local-server wechat-authen (Central AP)........................................................................................ 3661
30.6.102 portal logout different-server enable............................................................................................................. 3662
30.6.103 portal logout resend timeout............................................................................................................................ 3663
30.6.104 portal max-user..................................................................................................................................................... 3664
30.6.105 portal pass dns enable.........................................................................................................................................3665
30.6.106 portal quiet-period................................................................................................................................................ 3666
30.6.107 portal quiet-times................................................................................................................................................. 3667
30.6.108 portal redirect-http-port..................................................................................................................................... 3668
30.6.109 portal redirect js enable...................................................................................................................................... 3669
30.6.110 portal timer quiet-period.................................................................................................................................... 3670
30.6.111 portal url-encode enable.................................................................................................................................... 3671
30.6.112 portal user-alarm percentage........................................................................................................................... 3672
30.6.113 portal user-roam-out reply enable.................................................................................................................. 3673
30.6.114 portal web-authen-server...................................................................................................................................3674
30.6.115 portal-access-profile (authentication profile view)...................................................................................3676
30.6.116 portal-access-profile (system view)................................................................................................................ 3677
30.6.117 public-account (Central AP).............................................................................................................................. 3679
30.6.118 force-push................................................................................................................................................................ 3680
30.6.119 protocol..................................................................................................................................................................... 3682
30.6.120 priority....................................................................................................................................................................... 3683
30.6.121 remote-access-user manage............................................................................................................................. 3684
30.6.122 reset dot1x statistics............................................................................................................................................. 3686
30.6.123 reset mac-authen statistics................................................................................................................................ 3687
30.6.124 server-detect........................................................................................................................................................... 3687
30.6.125 server-detect type..................................................................................................................................................3689
30.6.126 server-ip (Portal server template view)......................................................................................................... 3691
30.6.127 shared-key (Portal server template view).................................................................................................... 3692
30.6.128 shop-id (Central AP).............................................................................................................................................3693
30.6.129 source-interface (Portal server template view).......................................................................................... 3695
30.6.130 source-ip (Portal server template view)........................................................................................................ 3697
30.6.131 url (URL template view)..................................................................................................................................... 3698
30.6.132 url (Portal server template view).................................................................................................................... 3700
30.6.133 url-parameter mac-address format.................................................................................................................3701
30.6.134 url-parameter......................................................................................................................................................... 3702

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lviii

Fat AP and Cloud AP
Command Reference Contents

30.6.135 url-parameter set.................................................................................................................................................. 3706

30.6.136 url-template name................................................................................................................................................ 3708
30.6.137 url-template (Portal server template view)................................................................................................. 3709
30.6.138 user-group................................................................................................................................................................ 3710
30.6.139 user-isolated............................................................................................................................................................ 3712
30.6.140 user-sync................................................................................................................................................................... 3713
30.6.141 user-vlan................................................................................................................................................................... 3714
30.6.142 web-auth-server listening-port.........................................................................................................................3715
30.6.143 web-auth-server reply-message....................................................................................................................... 3716
30.6.144 web-auth-server source-ip................................................................................................................................. 3717
30.6.145 web-auth-server (Portal access profile view).............................................................................................. 3719
30.6.146 web-auth-server (system view)........................................................................................................................3721
30.6.147 web-auth-server version..................................................................................................................................... 3722
30.6.148 web-description..................................................................................................................................................... 3723
30.6.149 web-redirection disable (Portal server template view)............................................................................3724
30.6.150 wechat-server-ip (Central AP)...........................................................................................................................3725
30.7 Security Policy Configuration Commands............................................................................................................. 3727
30.7.1 display references security-profile........................................................................................................................ 3727
30.7.2 display security-profile............................................................................................................................................. 3728
30.7.3 display wlan wapi certificate.................................................................................................................................. 3733
30.7.4 pmf.................................................................................................................................................................................. 3735
30.7.5 security dot1x.............................................................................................................................................................. 3736
30.7.6 security open................................................................................................................................................................3738
30.7.7 security psk................................................................................................................................................................... 3739
30.7.8 security wapi................................................................................................................................................................ 3742
30.7.9 security wep................................................................................................................................................................. 3744
30.7.10 security wpa2-wpa3 psk-sae................................................................................................................................ 3747
30.7.11 security wpa3 dot1x................................................................................................................................................ 3749
30.7.12 security wpa3 sae.................................................................................................................................................... 3750
30.7.13 security-profile (WLAN view).............................................................................................................................. 3752
30.7.14 security-profile (VAP profile view).....................................................................................................................3753
30.7.15 wapi asu...................................................................................................................................................................... 3754
30.7.16 wapi bk........................................................................................................................................................................ 3755
30.7.17 wapi cert-retrans-count......................................................................................................................................... 3757
30.7.18 wapi import certificate........................................................................................................................................... 3758
30.7.19 wapi import private-key........................................................................................................................................ 3760
30.7.20 wapi key-update.......................................................................................................................................................3761
30.7.21 wapi msk..................................................................................................................................................................... 3763
30.7.22 wapi sa-timeout....................................................................................................................................................... 3764
30.7.23 wapi usk...................................................................................................................................................................... 3765
30.7.24 wep default-key........................................................................................................................................................3766
30.7.25 wep key....................................................................................................................................................................... 3767

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lix

Fat AP and Cloud AP
Command Reference Contents

30.7.26 wpa ptk-update enable..........................................................................................................................................3770

30.7.27 wpa ptk-update ptk-update-interval.................................................................................................................3771
30.8 Security Policy Configuration Commands (Central AP)................................................................................... 3772
30.8.1 display references security-profile........................................................................................................................ 3772
30.8.2 display security-profile............................................................................................................................................. 3773
30.8.3 display wlan wapi certificate.................................................................................................................................. 3778
30.8.4 pmf.................................................................................................................................................................................. 3779
30.8.5 security dot1x.............................................................................................................................................................. 3781
30.8.6 security open................................................................................................................................................................3783
30.8.7 security psk................................................................................................................................................................... 3783
30.8.8 security wapi................................................................................................................................................................ 3787
30.8.9 security wep................................................................................................................................................................. 3789
30.8.10 security-profile (WLAN view).............................................................................................................................. 3792
30.8.11 security-profile (VAP profile view).....................................................................................................................3793
30.8.12 wapi asu...................................................................................................................................................................... 3794
30.8.13 wapi bk........................................................................................................................................................................ 3795
30.8.14 wapi cert-retrans-count......................................................................................................................................... 3796
30.8.15 wapi import certificate........................................................................................................................................... 3797
30.8.16 wapi import private-key........................................................................................................................................ 3799
30.8.17 wapi key-update.......................................................................................................................................................3801
30.8.18 wapi msk..................................................................................................................................................................... 3802
30.8.19 wapi sa-timeout....................................................................................................................................................... 3803
30.8.20 wapi usk...................................................................................................................................................................... 3804
30.8.21 wep default-key........................................................................................................................................................3805
30.8.22 wep key....................................................................................................................................................................... 3806
30.8.23 wpa ptk-update enable..........................................................................................................................................3810
30.8.24 wpa ptk-update ptk-update-interval.................................................................................................................3811
30.9 STA Blacklist and Whitelist Configuration Commands..................................................................................... 3812
30.9.1 display references sta-blacklist-profile............................................................................................................... 3812
30.9.2 display references sta-whitelist-profile............................................................................................................... 3813
30.9.3 display sta-blacklist-profile..................................................................................................................................... 3814
30.9.4 display sta-whitelist-profile.................................................................................................................................... 3815
30.9.5 oui.................................................................................................................................................................................... 3817
30.9.6 sta-access-mode......................................................................................................................................................... 3819
30.9.7 sta-blacklist-profile.................................................................................................................................................... 3820
30.9.8 sta-mac.......................................................................................................................................................................... 3821
30.9.9 sta-whitelist-profile................................................................................................................................................... 3823
30.10 STA Blacklist and Whitelist Configuration Commands (Central AP).........................................................3824
30.10.1 display references sta-blacklist-profile............................................................................................................. 3824
30.10.2 display references sta-whitelist-profile............................................................................................................ 3825
30.10.3 display sta-blacklist-profile.................................................................................................................................. 3826
30.10.4 display sta-whitelist-profile.................................................................................................................................. 3828

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lx

Fat AP and Cloud AP
Command Reference Contents

30.10.5 oui................................................................................................................................................................................. 3829

30.10.6 sta-access-mode....................................................................................................................................................... 3831
30.10.7 sta-blacklist-profile................................................................................................................................................. 3832
30.10.8 sta-mac........................................................................................................................................................................3834
30.10.9 sta-whitelist-profile................................................................................................................................................. 3835

31 Security Commands....................................................................................................... 3837

31.1 ACL Configuration Commands................................................................................................................................. 3837
31.1.1 acl name........................................................................................................................................................................ 3838
31.1.2 acl (system view)....................................................................................................................................................... 3840
31.1.3 description.................................................................................................................................................................... 3842
31.1.4 display acl..................................................................................................................................................................... 3843
31.1.5 display acl resource................................................................................................................................................... 3845
31.1.6 display time-range..................................................................................................................................................... 3846
31.1.7 passthrough-domain................................................................................................................................................. 3848
31.1.8 rule (advanced ACL view)....................................................................................................................................... 3849
31.1.9 rule (basic ACL view)................................................................................................................................................ 3861
31.1.10 rule (layer 2 ACL view).......................................................................................................................................... 3864
31.1.11 rule (user ACL view)............................................................................................................................................... 3868
31.1.12 rule description......................................................................................................................................................... 3880
31.1.13 step............................................................................................................................................................................... 3882
31.1.14 time-range..................................................................................................................................................................3883
31.2 Local Attack Defense Configuration Commands................................................................................................ 3887
31.2.1 application-apperceive............................................................................................................................................. 3888
31.2.2 auto-defend enable................................................................................................................................................... 3889
31.2.3 auto-defend action.................................................................................................................................................... 3890
31.2.4 auto-defend alarm enable...................................................................................................................................... 3892
31.2.5 auto-defend alarm threshold................................................................................................................................. 3893
31.2.6 auto-defend protocol................................................................................................................................................ 3894
31.2.7 auto-defend threshold.............................................................................................................................................. 3896
31.2.8 auto-defend trace-type............................................................................................................................................ 3898
31.2.9 cpu-defend application-apperceive enable....................................................................................................... 3899
31.2.10 cpu-defend-policy.................................................................................................................................................... 3901
31.2.11 cpu-defend policy.................................................................................................................................................... 3902
31.2.12 deny.............................................................................................................................................................................. 3903
31.2.13 description (attack defense policy view)......................................................................................................... 3904
31.2.14 display auto-defend attack-source.................................................................................................................... 3905
31.2.15 display auto-defend configuration.................................................................................................................... 3907
31.2.16 display cpu-defend configuration...................................................................................................................... 3909
31.2.17 display cpu-defend policy..................................................................................................................................... 3911
31.2.18 display cpu-defend statistics................................................................................................................................ 3913
31.2.19 packet-type................................................................................................................................................................ 3915
31.2.20 packet-type priority.................................................................................................................................................3916

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxi

Fat AP and Cloud AP
Command Reference Contents

31.2.21 rate-limit all-packets.............................................................................................................................................. 3918

31.2.22 reset auto-defend attack-source........................................................................................................................ 3919
31.2.23 reset cpu-defend statistics.................................................................................................................................... 3919
31.3 Attack Defense Configuration Commands........................................................................................................... 3921
31.3.1 anti-attack abnormal enable................................................................................................................................. 3921
31.3.2 anti-attack enable...................................................................................................................................................... 3922
31.3.3 anti-attack fragment enable.................................................................................................................................. 3923
31.3.4 anti-attack fragment car......................................................................................................................................... 3924
31.3.5 anti-attack icmp-flood enable............................................................................................................................... 3925
31.3.6 anti-attack icmp-flood car...................................................................................................................................... 3926
31.3.7 anti-attack tcp-syn enable...................................................................................................................................... 3927
31.3.8 anti-attack tcp-syn car............................................................................................................................................. 3928
31.3.9 anti-attack udp-flood enable................................................................................................................................. 3929
31.3.10 display anti-attack statistics.................................................................................................................................3931
31.3.11 reset anti-attack statistics..................................................................................................................................... 3932
31.4 Traffic Suppression and Storm Control Configuration Commands.............................................................. 3934
31.4.1 broadcast-suppression (interface view)............................................................................................................. 3934
31.4.2 display flow-suppression interface....................................................................................................................... 3935
31.4.3 icmp rate-limit.............................................................................................................................................................3936
31.4.4 icmp rate-limit enable.............................................................................................................................................. 3937
31.4.5 multicast-suppression (interface view)...............................................................................................................3938
31.4.6 unicast-suppression (interface view)................................................................................................................... 3939
31.5 ARP Security Configuration Commands................................................................................................................ 3940
31.5.1 arp anti-attack entry-check enable..................................................................................................................... 3940
31.5.2 arp anti-attack log-trap-timer............................................................................................................................... 3942
31.5.3 arp anti-attack packet-check sender-mac......................................................................................................... 3943
31.5.4 arp anti-attack rate-limit......................................................................................................................................... 3944
31.5.5 arp anti-attack rate-limit alarm enable............................................................................................................. 3946
31.5.6 arp anti-attack rate-limit alarm threshold........................................................................................................ 3947
31.5.7 arp anti-attack rate-limit enable.......................................................................................................................... 3948
31.5.8 arp gratuitous-arp send enable.............................................................................................................................3949
31.5.9 arp gratuitous-arp send interval........................................................................................................................... 3950
31.5.10 arp learning disable................................................................................................................................................ 3951
31.5.11 arp learning strict (interface view).................................................................................................................... 3952
31.5.12 arp learning strict (system view)....................................................................................................................... 3953
31.5.13 arp speed-limit source-mac................................................................................................................................. 3954
31.5.14 arp speed-limit source-ip...................................................................................................................................... 3956
31.5.15 arp validate................................................................................................................................................................ 3957
31.5.16 arp-fake expire-time............................................................................................................................................... 3959
31.5.17 arp-limit...................................................................................................................................................................... 3960
31.5.18 arp-miss anti-attack rate-limit............................................................................................................................ 3962
31.5.19 arp-miss anti-attack rate-limit alarm enable................................................................................................ 3963

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxii

Fat AP and Cloud AP
Command Reference Contents

31.5.20 arp-miss anti-attack rate-limit alarm threshold........................................................................................... 3965

31.5.21 arp-miss anti-attack rate-limit enable............................................................................................................. 3966
31.5.22 arp-miss speed-limit source-ip............................................................................................................................ 3967
31.5.23 display arp anti-attack configuration............................................................................................................... 3968
31.5.24 display arp learning strict..................................................................................................................................... 3972
31.5.25 display arp packet statistics................................................................................................................................. 3973
31.5.26 display arp-limit....................................................................................................................................................... 3974
31.5.27 reset arp anti-attack statistics rate-limit......................................................................................................... 3976
31.5.28 reset arp packet statistics..................................................................................................................................... 3977
31.6 DHCP Snooping Configuration Commands.......................................................................................................... 3978
31.6.1 arp dhcp-snooping-detect enable........................................................................................................................ 3978
31.6.2 dhcp option82 enable............................................................................................................................................... 3979
31.6.3 dhcp option82 encapsulation.................................................................................................................................3981
31.6.4 dhcp option82 format...............................................................................................................................................3982
31.6.5 dhcp option82 subscriber-id format.................................................................................................................... 3988
31.6.6 dhcp option82 vendor-specific format................................................................................................................3989
31.6.7 dhcp server detect......................................................................................................................................................3991
31.6.8 dhcp snooping alarm dhcp-rate enable............................................................................................................. 3992
31.6.9 dhcp snooping alarm dhcp-rate threshold........................................................................................................ 3993
31.6.10 dhcp snooping alarm enable............................................................................................................................... 3995
31.6.11 dhcp snooping alarm threshold.......................................................................................................................... 3996
31.6.12 dhcp snooping check dhcp-giaddr enable...................................................................................................... 3999
31.6.13 dhcp snooping check dhcp-rate.......................................................................................................................... 4000
31.6.14 dhcp snooping check dhcp-rate enable........................................................................................................... 4002
31.6.15 dhcp snooping check dhcp-chaddr enable..................................................................................................... 4004
31.6.16 dhcp snooping check dhcp-request enable.................................................................................................... 4005
31.6.17 dhcp snooping disable........................................................................................................................................... 4007
31.6.18 dhcp snooping enable............................................................................................................................................ 4008
31.6.19 dhcp snooping enable no-user-binding........................................................................................................... 4010
31.6.20 dhcp snooping max-user-number...................................................................................................................... 4012
31.6.21 dhcp snooping user-alarm percentage.............................................................................................................4014
31.6.22 dhcp snooping user-bind autosave.................................................................................................................... 4015
31.6.23 dhcp snooping user-transfer enable..................................................................................................................4017
31.6.24 display dhcp option82 configuration................................................................................................................ 4018
31.6.25 display dhcp snooping............................................................................................................................................4020
31.6.26 display dhcp snooping configuration................................................................................................................ 4025
31.6.27 display dhcp snooping statistics......................................................................................................................... 4027
31.6.28 display dhcp snooping user-bind........................................................................................................................ 4029
31.6.29 reset dhcp snooping statistics............................................................................................................................. 4032
31.6.30 reset dhcp snooping user-bind............................................................................................................................ 4033
31.7 IP Source Guard Configuration Commands..........................................................................................................4034
31.7.1 display dhcp static user-bind.................................................................................................................................. 4035

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxiii

Fat AP and Cloud AP
Command Reference Contents

31.7.2 user-bind static............................................................................................................................................................4036

31.8 PKI Configuration Commands................................................................................................................................... 4038
31.8.1 auto-enroll.................................................................................................................................................................... 4038
31.8.2 ca id................................................................................................................................................................................ 4040
31.8.3 cdp-url............................................................................................................................................................................ 4041
31.8.4 certificate-check..........................................................................................................................................................4042
31.8.5 common-name............................................................................................................................................................ 4045
31.8.6 country (PKI entity view).........................................................................................................................................4046
31.8.7 crl auto-update enable.............................................................................................................................................4047
31.8.8 crl cache........................................................................................................................................................................ 4048
31.8.9 crl http............................................................................................................................................................................4048
31.8.10 crl scep......................................................................................................................................................................... 4049
31.8.11 crl update-period..................................................................................................................................................... 4050
31.8.12 display pki ca-capability........................................................................................................................................ 4051
31.8.13 display pki cert-req.................................................................................................................................................. 4052
31.8.14 display pki certificate.............................................................................................................................................. 4055
31.8.15 display pki certificate built-in-ca........................................................................................................................ 4058
31.8.16 display pki certificate enroll-status....................................................................................................................4062
31.8.17 display pki certificate filename........................................................................................................................... 4063
31.8.18 display pki credential-storage-path................................................................................................................... 4066
31.8.19 display pki crl............................................................................................................................................................ 4067
31.8.20 display pki entity...................................................................................................................................................... 4069
31.8.21 display pki ocsp cache detail............................................................................................................................... 4071
31.8.22 display pki ocsp cache statistics..........................................................................................................................4073
31.8.23 display pki ocsp server down-information...................................................................................................... 4074
31.8.24 display pki realm...................................................................................................................................................... 4076
31.8.25 display pki rsa built-in-ca public........................................................................................................................ 4080
31.8.26 display pki rsa local-key-pair............................................................................................................................... 4081
31.8.27 email............................................................................................................................................................................ 4083
31.8.28 enrollment self-signed........................................................................................................................................... 4084
31.8.29 enrollment-request signature message-digest-method............................................................................. 4085
31.8.30 enrollment-url........................................................................................................................................................... 4086
31.8.31 entity............................................................................................................................................................................ 4088
31.8.32 fingerprint...................................................................................................................................................................4089
31.8.33 fqdn.............................................................................................................................................................................. 4091
31.8.34 ip-address................................................................................................................................................................... 4092
31.8.35 key-usage....................................................................................................................................................................4093
31.8.36 locality......................................................................................................................................................................... 4095
31.8.37 ocsp nonce enable................................................................................................................................................... 4096
31.8.38 ocsp signature enable............................................................................................................................................ 4096
31.8.39 ocsp url........................................................................................................................................................................ 4097
31.8.40 ocsp-url from-ca.......................................................................................................................................................4098

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxiv

Fat AP and Cloud AP
Command Reference Contents

31.8.41 organization-unit..................................................................................................................................................... 4099

31.8.42 organization............................................................................................................................................................... 4101
31.8.43 password (PKI realm view)...................................................................................................................................4102
31.8.44 pki built-in-ca match-rsa-key.............................................................................................................................. 4103
31.8.45 pki create-certificate............................................................................................................................................... 4104
31.8.46 pki delete-certificate............................................................................................................................................... 4105
31.8.47 pki delete-certificate built-in-ca......................................................................................................................... 4106
31.8.48 pki delete-crl............................................................................................................................................................. 4107
31.8.49 pki enroll-certificate................................................................................................................................................ 4108
31.8.50 pki entity..................................................................................................................................................................... 4110
31.8.51 pki export-certificate.............................................................................................................................................. 4111
31.8.52 pki export-certificate default............................................................................................................................... 4113
31.8.53 pki export built-in-ca rsa-key-pair..................................................................................................................... 4114
31.8.54 pki export rsa-key-pair........................................................................................................................................... 4117
31.8.55 pki file-format........................................................................................................................................................... 4119
31.8.56 pki generate built-in-ca certificate.................................................................................................................... 4120
31.8.57 pki get-certificate..................................................................................................................................................... 4121
31.8.58 pki get-crl................................................................................................................................................................... 4123
31.8.59 pki http........................................................................................................................................................................ 4124
31.8.60 pki import-certificate.............................................................................................................................................. 4125
31.8.61 pki import-certificate built-in-ca........................................................................................................................ 4127
31.8.62 pki import-crl............................................................................................................................................................ 4128
31.8.63 pki import built-in-ca rsa-key-pair.................................................................................................................... 4129
31.8.64 pki import rsa-key-pair.......................................................................................................................................... 4131
31.8.65 pki match-rsa-key.................................................................................................................................................... 4133
31.8.66 pki ocsp response cache enable..........................................................................................................................4134
31.8.67 pki ocsp response cache number....................................................................................................................... 4134
31.8.68 pki ocsp response cache refresh interval......................................................................................................... 4135
31.8.69 pki realm (system view)........................................................................................................................................ 4136
31.8.70 pki rsa built-in-ca.....................................................................................................................................................4137
31.8.71 pki rsa local-key-pair create.................................................................................................................................4139
31.8.72 pki rsa local-key-pair destroy.............................................................................................................................. 4140
31.8.73 pki set-certificate expire-prewarning................................................................................................................ 4142
31.8.74 pki validate ocsp-server-certificate enable..................................................................................................... 4143
31.8.75 pki validate-certificate........................................................................................................................................... 4144
31.8.76 reset pki ocsp response cache............................................................................................................................. 4145
31.8.77 reset pki ocsp server down-information.......................................................................................................... 4145
31.8.78 rsa local-key-pair..................................................................................................................................................... 4146
31.8.79 source........................................................................................................................................................................... 4148
31.8.80 state (PKI entity view)........................................................................................................................................... 4149
31.9 SSL Configuration Commands.................................................................................................................................. 4150
31.9.1 ciphersuite.................................................................................................................................................................... 4150

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxv

Fat AP and Cloud AP
Command Reference Contents

31.9.2 display ssl connection statistics............................................................................................................................. 4152

31.9.3 display ssl policy......................................................................................................................................................... 4153
31.9.4 pki-realm....................................................................................................................................................................... 4156
31.9.5 prefer-ciphersuite....................................................................................................................................................... 4157
31.9.6 reset ssl connection statistics................................................................................................................................. 4159
31.9.7 server-verify enable................................................................................................................................................... 4160
31.9.8 session............................................................................................................................................................................ 4161
31.9.9 ssl policy........................................................................................................................................................................ 4162
31.9.10 ssl renegotiation-rate............................................................................................................................................. 4163
31.9.11 version (client SSL policy view).......................................................................................................................... 4164
31.9.12 version (server SSL policy view)......................................................................................................................... 4165
31.10 HTTPS Configuration Commands.......................................................................................................................... 4166
31.10.1 http secure-server enable..................................................................................................................................... 4167
31.10.2 http secure-server ssl-policy.................................................................................................................................4168
31.10.3 http secure-server port.......................................................................................................................................... 4169
31.11 URL Filtering Configuration Commands (Common AP)................................................................................4170
31.11.1 blacklist....................................................................................................................................................................... 4170
31.11.2 default-action............................................................................................................................................................ 4172
31.11.3 defence-profile (system view)............................................................................................................................. 4173
31.11.4 defence-profile (user group view)..................................................................................................................... 4174
31.11.5 defence-profile (VAP profile view).................................................................................................................... 4175
31.11.6 display defence-profile...........................................................................................................................................4176
31.11.7 display references defence-profile..................................................................................................................... 4177
31.11.8 display url-filter statistics (Common AP)........................................................................................................ 4178
31.11.9 display url-filter-profile..........................................................................................................................................4179
31.11.10 profile type url-filter.............................................................................................................................................4181
31.11.11 profile type url-filter (attack defense profile view)...................................................................................4182
31.11.12 reset url-filter statistics........................................................................................................................................4183
31.11.13 whitelist.................................................................................................................................................................... 4184
31.12 URL Filtering Configuration Commands (Central AP)................................................................................... 4186
31.12.1 add { blacklist | whitelist } (URL filtering profile view).............................................................................. 4186
31.12.2 add referer-host........................................................................................................................................................ 4189
31.12.3 default action (URL filtering profile view)...................................................................................................... 4191
31.12.4 defence engine enable........................................................................................................................................... 4192
31.12.5 defence engine log timeout................................................................................................................................. 4193
31.12.6 defence-profile (interface view)......................................................................................................................... 4194
31.12.7 defence-profile (system view)............................................................................................................................. 4195
31.12.8 defence-profile (user group view)..................................................................................................................... 4196
31.12.9 defence-profile (VAP profile view).................................................................................................................... 4196
31.12.10 display references defence-profile................................................................................................................... 4197
31.12.11 display defence-profile........................................................................................................................................ 4198
31.12.12 description (URL filtering profile view)......................................................................................................... 4200

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxvi

Fat AP and Cloud AP
Command Reference Contents

31.12.13 display profile type url-filter..............................................................................................................................4201

31.12.14 display url-filter statistics................................................................................................................................... 4204
31.12.15 profile type url-filter copy.................................................................................................................................. 4205
31.12.16 profile type url-filter (attack defense profile view)...................................................................................4206
31.12.17 profile type url-filter name................................................................................................................................ 4207
31.12.18 referer-filter whitelist-all enable...................................................................................................................... 4208
31.12.19 rename (URL filtering profile view)................................................................................................................ 4209
31.12.20 reset url-filter statistics........................................................................................................................................4210
31.12.21 url-filter anti-bypass enable.............................................................................................................................. 4211
31.12.22 url-filter high-performance mode enable.....................................................................................................4212
31.12.23 url-filter https-filter consistency-check enable........................................................................................... 4213
31.13 IAE Advanced Configuration Commands (Central AP).................................................................................. 4214
31.13.1 display engine information...................................................................................................................................4214
31.13.2 display engine session statistics..........................................................................................................................4216
31.13.3 display engine session table.................................................................................................................................4218
31.13.4 display engine statistics......................................................................................................................................... 4220
31.13.5 display fragment-reassemble configuration...................................................................................................4222
31.13.6 display fragment-reassemble session table.................................................................................................... 4224
31.13.7 display fragment-reassemble statistics............................................................................................................ 4225
31.13.8 display profile............................................................................................................................................................ 4227
31.13.9 display stream-reassemble configuration....................................................................................................... 4228
31.13.10 decoding uri-cache............................................................................................................................................... 4230
31.13.11 engine configuration commit............................................................................................................................4231
31.13.12 engine enhanced-detection............................................................................................................................... 4232
31.13.13 engine http status-code...................................................................................................................................... 4233
31.13.14 engine log enable.................................................................................................................................................. 4234
31.13.15 engine pass-through enable.............................................................................................................................. 4235
31.13.16 fragment-reassemble enable............................................................................................................................ 4235
31.13.17 fragment-reassemble overflow-mode............................................................................................................4236
31.13.18 fragment-reassemble user-configure............................................................................................................. 4237
31.13.19 reset engine session statistics........................................................................................................................... 4238
31.13.20 reset engine session table.................................................................................................................................. 4239
31.13.21 reset engine statistics...........................................................................................................................................4240
31.13.22 reset fragment-reassemble statistics.............................................................................................................. 4241
31.13.23 stream-reassemble enable................................................................................................................................. 4242
31.13.24 stream-reassemble enhanced-mode.............................................................................................................. 4242
31.13.25 stream-reassemble overflow-mode................................................................................................................ 4243
31.13.26 stream-reassemble overlap-mode................................................................................................................... 4244
31.13.27 stream-reassemble session-cache................................................................................................................... 4245
31.13.28 stream-reassemble session-timeout............................................................................................................... 4246
31.13.29 stream-reassemble tcp-option check............................................................................................................. 4247
31.13.30 stream-reassemble timestamp check.............................................................................................................4248

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxvii

Fat AP and Cloud AP
Command Reference Contents

31.13.31 stream-reassemble user-configure defense-check.................................................................................... 4249

31.14 Updating Signature Databases Configuration Commands (Central AP)................................................. 4249
31.14.1 display update configuration............................................................................................................................... 4250
31.14.2 display update host source................................................................................................................................... 4252
31.14.3 display update information all-sdb................................................................................................................... 4253
31.14.4 display update status..............................................................................................................................................4254
31.14.5 display version (engine or signature database)............................................................................................ 4256
31.14.6 update abort.............................................................................................................................................................. 4257
31.14.7 update apply..............................................................................................................................................................4258
31.14.8 update confirm......................................................................................................................................................... 4259
31.14.9 update download-server aging-time................................................................................................................ 4260
31.14.10 update force apply................................................................................................................................................ 4261
31.14.11 update force local................................................................................................................................................. 4263
31.14.12 update force online...............................................................................................................................................4264
31.14.13 update force restore sdb-default..................................................................................................................... 4265
31.14.14 update force rollback........................................................................................................................................... 4266
31.14.15 update host source............................................................................................................................................... 4267
31.14.16 update local.............................................................................................................................................................4269
31.14.17 update online.......................................................................................................................................................... 4270
31.14.18 update online-mode............................................................................................................................................. 4271
31.14.19 update proxy........................................................................................................................................................... 4272
31.14.20 update proxy enable.............................................................................................................................................4274
31.14.21 update restore sdb-default................................................................................................................................ 4274
31.14.22 update rollback...................................................................................................................................................... 4275
31.14.23 update schedule..................................................................................................................................................... 4276
31.14.24 update schedule enable...................................................................................................................................... 4278
31.14.25 update schedule retry-download interval.....................................................................................................4279
31.14.26 update schedule retry-load interval................................................................................................................4280
31.14.27 update server.......................................................................................................................................................... 4281
31.15 Intrusion Prevention Configuration Commands (Central AP)..................................................................... 4283
31.15.1 action (IPS signature filter view)........................................................................................................................ 4283
31.15.2 action (user-defined IPS signature view)........................................................................................................ 4284
31.15.3 application (IPS signature filter view).............................................................................................................. 4285
31.15.4 assoc-check enable..................................................................................................................................................4286
31.15.5 category (IPS signature filter view)................................................................................................................... 4287
31.15.6 check (user-defined signature rule view)........................................................................................................4288
31.15.7 cnc domain-filter enable....................................................................................................................................... 4289
31.15.8 cnc domain-filter exception domain-name.................................................................................................... 4291
31.15.9 collect-attack-evidence enable (intrusion prevention profile view).......................................................4292
31.15.10 condition (user-defined signature rule view).............................................................................................. 4293
31.15.11 condition associated (user-defined signature rule view)........................................................................ 4297
31.15.12 condition move (user-defined signature rule view).................................................................................. 4299

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxviii

Fat AP and Cloud AP
Command Reference Contents

31.15.13 context-awareness enable.................................................................................................................................. 4301

31.15.14 description (intrusion prevention profile view).......................................................................................... 4302
31.15.15 description (user-defined IPS signature view)............................................................................................ 4303
31.15.16 destination-ip (user-defined signature rule view)..................................................................................... 4304
31.15.17 destination-port (user-defined signature rule view)................................................................................ 4305
31.15.18 display cnc domain-filter domain statistics..................................................................................................4306
31.15.19 display cnc domain-filter exception................................................................................................................ 4308
31.15.20 display cnc domain-filter statistics.................................................................................................................. 4309
31.15.21 display cnc information....................................................................................................................................... 4310
31.15.22 display context-awareness information statistics...................................................................................... 4311
31.15.23 display context-awareness statistics............................................................................................................... 4313
31.15.24 display ips signature-id rule...............................................................................................................................4314
31.15.25 display ips signature-state................................................................................................................................. 4317
31.15.26 display ips statistics.............................................................................................................................................. 4318
31.15.27 display ips signature-action............................................................................................................................... 4320
31.15.28 display ips-signature.............................................................................................................................................4322
31.15.29 display ips-signature cve-id............................................................................................................................... 4328
31.15.30 display ips-signature statistics.......................................................................................................................... 4330
31.15.31 display ips-signature vendor-id.........................................................................................................................4331
31.15.32 display profile type ips.........................................................................................................................................4333
31.15.33 dns domain check................................................................................................................................................. 4344
31.15.34 dns domain length check................................................................................................................................... 4345
31.15.35 dns malformed-packet check............................................................................................................................ 4346
31.15.36 dns request-type check........................................................................................................................................4347
31.15.37 dns session request-times check...................................................................................................................... 4348
31.15.38 exception ips-signature-id.................................................................................................................................. 4349
31.15.39 http multi-host check...........................................................................................................................................4351
31.15.40 http ssh-over-http check..................................................................................................................................... 4352
31.15.41 http x-forwarded-for check................................................................................................................................ 4353
31.15.42 http x-forwarded-for whitelist.......................................................................................................................... 4354
31.15.43 http x-online-host blacklist................................................................................................................................ 4355
31.15.44 http x-online-host check..................................................................................................................................... 4356
31.15.45 ips associated pre-defined..................................................................................................................................4357
31.15.46 ips collect-attack-evidence max-session-number...................................................................................... 4359
31.15.47 ips log based-on-session..................................................................................................................................... 4361
31.15.48 ips log extend enable........................................................................................................................................... 4362
31.15.49 ips log merge enable............................................................................................................................................4363
31.15.50 ips signature-action.............................................................................................................................................. 4363
31.15.51 ips signature-id.......................................................................................................................................................4365
31.15.52 ips signature-state.................................................................................................................................................4366
31.15.53 name (user-defined IPS signature view)....................................................................................................... 4368
31.15.54 os (IPS signature filter view)............................................................................................................................. 4369

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxix

Fat AP and Cloud AP
Command Reference Contents

31.15.55 profile type ips (attack defense profile view)..............................................................................................4371

31.15.56 profile type ips copy............................................................................................................................................. 4372
31.15.57 profile type ips name........................................................................................................................................... 4373
31.15.58 protocol (IPS signature filter view)................................................................................................................. 4374
31.15.59 protocol (user-defined IPS signature view)..................................................................................................4375
31.15.60 rename (intrusion prevention profile view)................................................................................................. 4376
31.15.61 rename (IPS signature filter view).................................................................................................................. 4377
31.15.62 rename (user-defined signature rule view)................................................................................................. 4378
31.15.63 reset cnc domain-filter statistics...................................................................................................................... 4379
31.15.64 reset context-awareness information statistics...........................................................................................4380
31.15.65 reset context-awareness statistics................................................................................................................... 4380
31.15.66 reset ips statistics.................................................................................................................................................. 4381
31.15.67 reset ips-signature statistics.............................................................................................................................. 4382
31.15.68 rule name (user-defined IPS signature view).............................................................................................. 4383
31.15.69 scope (user-defined signature rule view)..................................................................................................... 4384
31.15.70 severity (IPS signature filter view).................................................................................................................. 4385
31.15.71 severity (user-defined IPS signature view)................................................................................................... 4387
31.15.72 signature-set move............................................................................................................................................... 4388
31.15.73 signature-set name............................................................................................................................................... 4389
31.15.74 source-ip (user-defined signature rule view).............................................................................................. 4390
31.15.75 source-port (user-defined signature rule view).......................................................................................... 4391
31.15.76 target (IPS signature filter view)......................................................................................................................4392
31.15.77 target (user-defined IPS signature view)...................................................................................................... 4393
31.16 Antivirus Configuration Commands (Central AP)............................................................................................4394
31.16.1 av extract hash enable........................................................................................................................................... 4394
31.16.2 av log merge enable............................................................................................................................................... 4395
31.16.3 collect-attack-evidence enable (antivirus profile view)............................................................................. 4396
31.16.4 description (antivirus profile view)....................................................................................................................4397
31.16.5 display av statistics.................................................................................................................................................. 4398
31.16.6 display av-signature................................................................................................................................................ 4400
31.16.7 display profile type av............................................................................................................................................ 4402
31.16.8 exception application............................................................................................................................................. 4404
31.16.9 exception av-signature-id..................................................................................................................................... 4406
31.16.10 ftp-detect................................................................................................................................................................. 4407
31.16.11 http-detect............................................................................................................................................................... 4409
31.16.12 imap-detect............................................................................................................................................................. 4411
31.16.13 nfs-detect................................................................................................................................................................. 4412
31.16.14 pop3-detect............................................................................................................................................................. 4413
31.16.15 profile type av copy.............................................................................................................................................. 4414
31.16.16 profile type av (attack defense profile view).............................................................................................. 4415
31.16.17 profile type av name............................................................................................................................................ 4416
31.16.18 rename (antivirus profile view)........................................................................................................................ 4418

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxx

Fat AP and Cloud AP
Command Reference Contents

31.16.19 reset av statistics................................................................................................................................................... 4418

31.16.20 smb-detect............................................................................................................................................................... 4419
31.16.21 smtp-detect............................................................................................................................................................. 4421
31.17 Global IAE Configuration Commands (Central AP)........................................................................................ 4422
31.17.1 display file-frame information............................................................................................................................ 4422
31.17.2 display file-frame statistics...................................................................................................................................4424
31.17.3 file-frame breakpoint-resume-blocking protocol......................................................................................... 4427
31.17.4 file-frame decompress depth...............................................................................................................................4429
31.17.5 file-frame decompress depth action................................................................................................................. 4430
31.17.6 file-frame decompress size................................................................................................................................... 4431
31.17.7 file-frame decompress size action..................................................................................................................... 4432
31.17.8 reset file-frame statistics....................................................................................................................................... 4433

32 QoS Commands............................................................................................................... 4435

32.1 Traffic Policing Commands........................................................................................................................................ 4435
32.1.1 display qos car statistics.......................................................................................................................................... 4435
32.1.2 qos car............................................................................................................................................................................ 4437
32.1.3 reset qos car statistics...............................................................................................................................................4441
32.2 ACL-based Simplified Traffic Policy Commands................................................................................................. 4442
32.2.1 display traffic-filter applied-record...................................................................................................................... 4442
32.2.2 display traffic-filter statistics.................................................................................................................................. 4444
32.2.3 reset traffic-filter statistics...................................................................................................................................... 4445
32.2.4 traffic-filter (interface view)...................................................................................................................................4446
32.2.5 traffic-remark (interface view).............................................................................................................................. 4449
32.3 Commands for Configuring Global Rate Limiting for Broadcast and Multicast Packets......................4451
32.3.1 display traffic-optimize configuration.................................................................................................................4451
32.3.2 traffic-optimize broadcast-suppression disable (system view).................................................................. 4455
32.3.3 traffic-optimize broadcast-suppression rate-threshold (system view).................................................... 4457
32.4 WLAN QoS Configuration Commands (Common AP)..................................................................................... 4458
32.4.1 airtime-fair-schedule enable.................................................................................................................................. 4459
32.4.2 car (QoS profile view).............................................................................................................................................. 4460
32.4.3 description (QoS profile view)............................................................................................................................... 4463
32.4.4 display qos car............................................................................................................................................................. 4464
32.4.5 display qos-profile......................................................................................................................................................4465
32.4.6 display references traffic-profile........................................................................................................................... 4467
32.4.7 display references user-profile............................................................................................................................... 4469
32.4.8 display traffic-profile................................................................................................................................................. 4470
32.4.9 display traffic-remark applied-record................................................................................................................. 4475
32.4.10 display user-profile.................................................................................................................................................. 4477
32.4.11 multimedia-air-optimize enable......................................................................................................................... 4478
32.4.12 multimedia-air-optimize threshold....................................................................................................................4480
32.4.13 priority-map downstream dot1p........................................................................................................................ 4481
32.4.14 priority-map downstream dscp...........................................................................................................................4482

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxi

Fat AP and Cloud AP
Command Reference Contents

32.4.15 priority-map downstream trust.......................................................................................................................... 4484

32.4.16 qos car......................................................................................................................................................................... 4485
32.4.17 qos car (user profile view)....................................................................................................................................4488
32.4.18 qos-profile.................................................................................................................................................................. 4489
32.4.19 qos-profile (user group view).............................................................................................................................. 4490
32.4.20 rate-limit..................................................................................................................................................................... 4491
32.4.21 rate-limit client dynamic....................................................................................................................................... 4492
32.4.22 rate-limit client dynamic disable........................................................................................................................ 4493
32.4.23 remark 8021p (QoS profile view)...................................................................................................................... 4494
32.4.24 remark dscp (QoS profile view)..........................................................................................................................4496
32.4.25 remark local-precedence (QoS profile view)................................................................................................. 4497
32.4.26 traffic-filter (traffic profile view)........................................................................................................................4498
32.4.27 traffic-profile (WLAN view)................................................................................................................................. 4503
32.4.28 traffic-profile (VAP profile view)........................................................................................................................ 4504
32.4.29 traffic-remark (traffic profile view)................................................................................................................... 4505
32.4.30 user-isolate (traffic profile view)........................................................................................................................ 4507
32.4.31 user-priority (user profile view).......................................................................................................................... 4508
32.4.32 user-profile (VAP profile view)........................................................................................................................... 4509
32.4.33 user-profile................................................................................................................................................................. 4510
32.4.34 wmm edca-ap........................................................................................................................................................... 4512
32.4.35 wmm edca-client (SSID profile view)............................................................................................................... 4515
32.4.36 wmm disable............................................................................................................................................................. 4518
32.4.37 wmm mandatory enable.......................................................................................................................................4519
32.5 WLAN QoS Configuration Commands (Central AP)......................................................................................... 4520
32.5.1 airtime-fair-schedule enable.................................................................................................................................. 4520
32.5.2 car (QoS profile view).............................................................................................................................................. 4521
32.5.3 description (QoS profile view)............................................................................................................................... 4525
32.5.4 display qos car............................................................................................................................................................. 4526
32.5.5 display qos-profile......................................................................................................................................................4527
32.5.6 display references traffic-profile........................................................................................................................... 4529
32.5.7 display references user-profile............................................................................................................................... 4531
32.5.8 display traffic-profile................................................................................................................................................. 4532
32.5.9 display traffic-remark applied-record................................................................................................................. 4537
32.5.10 display user-profile.................................................................................................................................................. 4538
32.5.11 multimedia-air-optimize enable......................................................................................................................... 4540
32.5.12 multimedia-air-optimize threshold....................................................................................................................4541
32.5.13 priority-map downstream dot1p........................................................................................................................ 4543
32.5.14 priority-map downstream dscp........................................................................................................................... 4544
32.5.15 priority-map downstream trust.......................................................................................................................... 4546
32.5.16 qos car......................................................................................................................................................................... 4547
32.5.17 qos car (user profile view)....................................................................................................................................4550
32.5.18 qos-profile.................................................................................................................................................................. 4551

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxii

Fat AP and Cloud AP
Command Reference Contents

32.5.19 qos-profile (user group view).............................................................................................................................. 4552

32.5.20 rate-limit..................................................................................................................................................................... 4553
32.5.21 rate-limit client dynamic....................................................................................................................................... 4554
32.5.22 rate-limit client dynamic disable........................................................................................................................ 4555
32.5.23 remark 8021p (QoS profile view)...................................................................................................................... 4556
32.5.24 remark dscp (QoS profile view)..........................................................................................................................4558
32.5.25 remark local-precedence (QoS profile view)................................................................................................. 4559
32.5.26 traffic-filter (traffic profile view)........................................................................................................................4560
32.5.27 traffic-profile (WLAN view)................................................................................................................................. 4563
32.5.28 traffic-profile (VAP profile view)........................................................................................................................ 4564
32.5.29 traffic-remark (traffic profile view)................................................................................................................... 4565
32.5.30 user-isolate (traffic profile view)........................................................................................................................ 4568
32.5.31 user-priority (user profile view).......................................................................................................................... 4569
32.5.32 user-profile (VAP profile view)........................................................................................................................... 4570
32.5.33 user-profile................................................................................................................................................................. 4571
32.5.34 wmm edca-ap........................................................................................................................................................... 4572
32.5.35 wmm edca-client (SSID profile view)............................................................................................................... 4575
32.5.36 wmm disable............................................................................................................................................................. 4579
32.5.37 wmm mandatory enable.......................................................................................................................................4580
32.6 SAC Configuration Commands (Common AP).................................................................................................... 4581
32.6.1 application-group car (SAC profile view).......................................................................................................... 4581
32.6.2 application-group deny (SAC profile view)....................................................................................................... 4583
32.6.3 application-group remark (SAC profile view).................................................................................................. 4584
32.6.4 display references sac-profile................................................................................................................................. 4586
32.6.5 display sac application-group................................................................................................................................ 4587
32.6.6 display sac information............................................................................................................................................ 4588
32.6.7 display sac-profile...................................................................................................................................................... 4590
32.6.8 display sac application-list...................................................................................................................................... 4592
32.6.9 display sac protocol-statistic.................................................................................................................................. 4593
32.6.10 reset sac protocol-statistic.................................................................................................................................... 4595
32.6.11 sac enable................................................................................................................................................................... 4596
32.6.12 sac update-signature online.................................................................................................................................4597
32.6.13 sac-profile................................................................................................................................................................... 4598
32.6.14 sac-profile (user group view).............................................................................................................................. 4599
32.6.15 sac-profile (VAP profile view)..............................................................................................................................4600
32.6.16 sac restore-signature.............................................................................................................................................. 4601
32.6.17 sac update-signature.............................................................................................................................................. 4602
32.6.18 sac update-signature schedule............................................................................................................................4603
32.6.19 sac update-signature schedule enable............................................................................................................. 4604
32.6.20 sac update-signature server................................................................................................................................. 4605
32.6.21 user-protocol-statistic enable.............................................................................................................................. 4606
32.6.22 vap-protocol-statistic enable............................................................................................................................... 4607

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxiii

Fat AP and Cloud AP
Command Reference Contents

32.7 SAC Configuration Commands (Central AP)........................................................................................................4608

32.7.1 application-group car (SAC profile view).......................................................................................................... 4608
32.7.2 application-group deny (SAC profile view)....................................................................................................... 4610
32.7.3 application-group remark (SAC profile view).................................................................................................. 4611
32.7.4 application name cache type aging-time.......................................................................................................... 4612
32.7.5 detect max-bytes........................................................................................................................................................ 4613
32.7.6 detect max-packets................................................................................................................................................... 4614
32.7.7 detect max-time......................................................................................................................................................... 4615
32.7.8 detect uni-direction................................................................................................................................................... 4616
32.7.9 display application..................................................................................................................................................... 4617
32.7.10 display application name aging-time............................................................................................................... 4620
32.7.11 display references sac-profile.............................................................................................................................. 4621
32.7.12 display sac application-group.............................................................................................................................. 4622
32.7.13 display sac information..........................................................................................................................................4624
32.7.14 display sac-profile.................................................................................................................................................... 4625
32.7.15 display sac application-list....................................................................................................................................4627
32.7.16 display sac protocol-statistic................................................................................................................................ 4629
32.7.17 port-identification packet-number-threshold................................................................................................ 4631
32.7.18 reset sac protocol-statistic.................................................................................................................................... 4632
32.7.19 sa................................................................................................................................................................................... 4633
32.7.20 sac-profile................................................................................................................................................................... 4634
32.7.21 sac-profile (user group view).............................................................................................................................. 4635
32.7.22 sac-profile (VAP profile view)..............................................................................................................................4636
32.7.23 user-protocol-statistic enable.............................................................................................................................. 4637
32.7.24 vap-protocol-statistic enable............................................................................................................................... 4638

33 Network Management and Monitoring Commands..............................................4640

33.1 SNMP Configuration Commands............................................................................................................................. 4640
33.1.1 display snmp-agent community........................................................................................................................... 4640
33.1.2 display snmp-agent extend error-code status..................................................................................................4642
33.1.3 display snmp-agent group...................................................................................................................................... 4643
33.1.4 display snmp-agent local-engineid...................................................................................................................... 4646
33.1.5 display snmp-agent mib-view................................................................................................................................4647
33.1.6 display snmp-agent statistics................................................................................................................................. 4649
33.1.7 display snmp-agent sys-info...................................................................................................................................4652
33.1.8 display snmp-agent target-host............................................................................................................................ 4653
33.1.9 display snmp-agent trap all....................................................................................................................................4655
33.1.10 display snmp-agent trap feature-name all..................................................................................................... 4657
33.1.11 display snmp-agent trap feature-name snmp all......................................................................................... 4658
33.1.12 display snmp-agent trap-source......................................................................................................................... 4659
33.1.13 display snmp-agent usm-user............................................................................................................................. 4660
33.1.14 enable snmp trap updown................................................................................................................................... 4662
33.1.15 snmp-agent................................................................................................................................................................ 4663

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxiv

Fat AP and Cloud AP
Command Reference Contents

33.1.16 snmp-agent community........................................................................................................................................ 4664

33.1.17 snmp-agent community complexity-check disable..................................................................................... 4667
33.1.18 snmp-agent extend error-code enable.............................................................................................................4668
33.1.19 snmp-agent group................................................................................................................................................... 4669
33.1.20 snmp-agent local-engineid.................................................................................................................................. 4672
33.1.21 snmp-agent mib-view............................................................................................................................................ 4674
33.1.22 snmp-agent protocol get-bulk timeout........................................................................................................... 4676
33.1.23 snmp-agent protocol source-interface............................................................................................................. 4677
33.1.24 snmp-agent sys-info............................................................................................................................................... 4678
33.1.25 snmp-agent target-host trap-hostname..........................................................................................................4680
33.1.26 snmp-agent target-host trap-paramsname....................................................................................................4682
33.1.27 snmp-agent trap disable....................................................................................................................................... 4685
33.1.28 snmp-agent trap enable........................................................................................................................................ 4686
33.1.29 snmp-agent trap enable feature-name........................................................................................................... 4687
33.1.30 snmp-agent trap enable feature-name snmp............................................................................................... 4688
33.1.31 snmp-agent trap life............................................................................................................................................... 4689
33.1.32 snmp-agent trap queue-size................................................................................................................................ 4689
33.1.33 snmp-agent trap source........................................................................................................................................ 4690
33.1.34 snmp-agent usm-user............................................................................................................................................ 4691
33.2 Mirroring Configuration Commands.......................................................................................................................4695
33.2.1 display mirror-port..................................................................................................................................................... 4696
33.2.2 display mirror-vap...................................................................................................................................................... 4697
33.2.3 display observe-port.................................................................................................................................................. 4698
33.2.4 mirror (interface view)............................................................................................................................................. 4699
33.2.5 mirror vap..................................................................................................................................................................... 4700
33.2.6 observe-port................................................................................................................................................................. 4702
33.3 Ping and Tracert Configuration Commands......................................................................................................... 4703
33.3.1 ping................................................................................................................................................................................. 4703
33.3.2 tracert............................................................................................................................................................................. 4713
33.4 LLDP Configuration Commands............................................................................................................................... 4718
33.4.1 display lldp local......................................................................................................................................................... 4718
33.4.2 display lldp neighbor.................................................................................................................................................4728
33.4.3 display lldp neighbor brief ..................................................................................................................................... 4737
33.4.4 display lldp statistics................................................................................................................................................. 4738
33.4.5 display lldp tlv-config............................................................................................................................................... 4739
33.4.6 display snmp-agent trap feature-name lldptrap all.......................................................................................4744
33.4.7 lldp clear neighbor..................................................................................................................................................... 4746
33.4.8 lldp dot3-tlv power.................................................................................................................................................... 4747
33.4.9 lldp enable (interface view)................................................................................................................................... 4749
33.4.10 lldp enable (system view).....................................................................................................................................4750
33.4.11 lldp management-address.................................................................................................................................... 4751
33.4.12 lldp message-transmission delay....................................................................................................................... 4753

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxv

Fat AP and Cloud AP
Command Reference Contents

33.4.13 lldp message-transmission hold-multiplier.................................................................................................... 4754

33.4.14 lldp message-transmission interval................................................................................................................... 4756
33.4.15 lldp restart-delay...................................................................................................................................................... 4758
33.4.16 lldp tlv-enable........................................................................................................................................................... 4759
33.4.17 lldp tlv-enable legacy-tlv four-pair-power...................................................................................................... 4764
33.4.18 lldp tlv-enable legacy-tlv power-capability.................................................................................................... 4765
33.4.19 lldp trap-interval...................................................................................................................................................... 4766
33.4.20 reset lldp statistics................................................................................................................................................... 4767
33.4.21 snmp-agent trap enable feature-name lldptrap........................................................................................... 4768
33.5 Packet Obtaining Configuration Command......................................................................................................... 4770
33.5.1 capture-packet............................................................................................................................................................ 4770
33.6 Service Diagnosis Configuration Commands....................................................................................................... 4773
33.6.1 display trace information........................................................................................................................................ 4773
33.6.2 display trace instance............................................................................................................................................... 4775
33.6.3 display trace object.................................................................................................................................................... 4777
33.6.4 reset trace instance....................................................................................................................................................4780
33.6.5 save trace information............................................................................................................................................. 4781
33.6.6 trace enable..................................................................................................................................................................4782
33.6.7 trace object................................................................................................................................................................... 4783
33.6.8 trace syslog source..................................................................................................................................................... 4787
33.7 Managing WLAN Access Site Information Commands.................................................................................... 4788
33.7.1 coordinate..................................................................................................................................................................... 4788
33.7.2 display wireless-access-specification configuration....................................................................................... 4790
33.7.3 location.......................................................................................................................................................................... 4791
33.7.4 report.............................................................................................................................................................................. 4792
33.7.5 report enable............................................................................................................................................................... 4794
33.7.6 site................................................................................................................................................................................... 4796
33.7.7 wireless-access-specification.................................................................................................................................. 4797
33.7.8 wireless-access-specification report..................................................................................................................... 4798
33.8 WMI Commands............................................................................................................................................................ 4799
33.8.1 collect-item (WMI view).......................................................................................................................................... 4799
33.8.2 display wmi status..................................................................................................................................................... 4802
33.8.3 keepalive (WMI view)............................................................................................................................................... 4806
33.8.4 log module................................................................................................................................................................... 4808
33.8.5 max-packet-size (WMI view)................................................................................................................................. 4809
33.8.6 report-interval (WMI view).....................................................................................................................................4810
33.8.7 server (WMI view)..................................................................................................................................................... 4811
33.8.8 wmi-server (system view)....................................................................................................................................... 4812

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. lxxvi

Fat AP and Cloud AP
Command Reference 1 About This Document

1 About This Document

Overview
This document provides the configuration commands of each feature supported by
the device, including the syntax, view, default level, description, parameters, usage
guideline, related commands, and example of each command.

This document together with the Configuration Guide provides intended readers
with detailed usage of each command.

Intended Audience
This document is intended for network engineers responsible for WLAN
configuration and management. You should be familiar with basic Ethernet
knowledge and have extensive experience in network deployment and
management.

Symbol Conventions
The symbols that may be found in this document are defined as follows.

Symbol Description

Indicates a potentially hazardous

situation which, if not avoided, could
result in equipment damage, data loss,
performance deterioration, or
unanticipated results.
NOTICE is used to address practices
not related to personal injury.

Supplements the important

information in the main text.
NOTE is used to address information
not related to personal injury,
equipment damage, and environment
deterioration.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 1

Fat AP and Cloud AP
Command Reference 1 About This Document

Command Conventions
The command conventions that may be found in this document are defined as
follows.

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are

optional.

{ x | y | ... } Optional items are grouped in braces and separated

by vertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and

separated by vertical bars. One item is selected or
no item is selected.

{ x | y | ... }* Optional items are grouped in braces and separated

by vertical bars. A minimum of one item or a
maximum of all items can be selected.

[ x | y | ... ]* Optional items are grouped in brackets and

separated by vertical bars. Several items or no item
can be selected.

&<1-n> The parameter before the & sign can be repeated 1

to n times.

# A line starting with the # sign is comments.

NOTE

The interface types, command outputs, and device models provided in this manual vary
according to device configurations and may differ from the actual information.
To obtain better user experience, you are advised to set the number of columns displayed
on the command line editor to 132 or higher.

Interface Numbering Conventions

Interface numbers used in this manual are examples. In device configuration, use
the existing interface numbers on devices.

Security Conventions
● Password setting
When configuring a password, the cipher text is recommended. To ensure
device security, do not disable password complexity check, and change the
password periodically.
When configuring a plaintext password, do not start and end it with %$%$,
%^%#, %#%#, %@%@, or @%@%, which are considered valid ciphertext

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 2

Fat AP and Cloud AP
Command Reference 1 About This Document

characters. The device can decrypt such as password and display the same
plaintext password as that configured by the user in the configuration file.
Ciphertext passwords starting and ending with %$%$, %^%#, %#%#, %@
%@, or @%@% are valid. However, ciphertext passwords for different
features are not interchangeable. For example, the ciphertext password
generated for Authentication, Authorization, Accounting (AAA) cannot be
configured for other features.
● Encryption algorithm
Currently, the device uses the following encryption algorithms: DES, 3DES,
AES, RSA, SHA1, SHA2, MD5, SMS4, and RC4. The encryption algorithm
depends on the applicable scenario. Use the recommended encryption
algorithm; otherwise, security protection requirements may not be met.
– For the symmetrical encryption algorithm, use AES with the key of 128
bits or more.
– For the asymmetrical encryption algorithm, use RSA with the key of 2048
bits or more.
– For the hash algorithm, use SHA2 with the key of 256 bits or more.
– For the HMAC algorithm, use HMAC-SHA2.
– The encryption algorithms DES/3DES/RSA (RSA-1024 or lower)/MD5 (in
digital signature scenarios and password encryption)/SHA1 (in digital
signature scenarios) have a low security, which may bring security risks. If
protocols allowed, using more secure encryption algorithms, such as
AES/RSA (RSA-2048 or higher)/SHA2/HMAC-SHA2, is recommended.
– SHA2 is irreversible encryption algorithm. The irreversible encryption
algorithm must be used for the administrator password.
● Personal data
Some personal data (such as the MAC or IP addresses of users) may be
obtained or used during operation or fault location of your purchased
products, services, features, so you have an obligation to make privacy policies
and take measures according to the applicable law of the country to protect
personal data.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 3

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

2 How to Use Command Lines

About This Chapter

2.1 Entering Command Views

2.2 Setting Command Levels
2.3 Editing Command Lines
2.4 Using Command Line Online Help
2.5 Interpreting Command Line Error Messages
2.6 Using the undo Command Line
2.7 Displaying History Commands
2.8 Using Command Line Shortcut Keys

2.1 Entering Command Views

The device has many functions; therefore various configuration commands and
query commands are provided to facilitate device management and maintenance.
The wireless access point registers commands to different command views based
on the functions of the commands, so users can easily use them. To use a
function, enter the corresponding command view first and then run corresponding
commands.
The device provides various command views. For the methods of entering the
command views except the following views, see the Command Reference.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 4

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

Common Command Views

Name How To Enter Function

User When a user logs in to the In the user view, you can view
view device, the user enters the user the running status and statistics
view and the following prompt is of the device.
displayed on the screen:
<HUAWEI>

System Run the system-view command In the system view, you can set
view and press Enter in the user view. the system parameters of the
The system view is displayed. device, and enter other function
<HUAWEI> system-view views from this view.
Enter system view, return user view with
Ctrl+Z.
[HUAWEI]

Interface Run the interface command and You can configure interface
view specify an interface type and parameters in the interface view.
number to enter an interface The interface parameters include
view. physical attributes, link layer
[HUAWEI] interface gigabitethernet protocols, and IP addresses.
X/Y/Z
[HUAWEI-GigabitEthernetX/Y/Z]
NOTE
● X/Y/Z indicates the number of an
interface that needs to be
specified. It is in the format of
slot number/sub card number/
interface sequence number.
● The interface GigabitEthernet is
only an example.

WLAN Run the wlan command and In the WLAN view, you can
view press Enter in the system view. configure most WLAN
The WLAN view is displayed. parameters.
[HUAWEI] wlan
[HUAWEI-wlan-
view]

NOTE

● The command line prompt HUAWEI is the default host name (sysname). The prompt
indicates the current view. For example, <> indicates the user view and [] indicates all
other views except user view.
● Some commands can be executed in multiple views, but they have different functions
after being executed in different views. For example, you can run the lldp enable
command in the system view to enable LLDP globally and in the interface view to
enable LLDP on an interface.
● In the system view, you can run the diagnose command to enter the diagnostic view.
Diagnostic commands are used for device fault diagnosis. If you run some commands in
the diagnostic view, the device may run improperly or services may be interrupted.
Contact technical support personnel and use these diagnostic commands with caution.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 5

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

Quitting Command Views

You can run the quit command to return from the current view to an upper-level
view.
For example, return from the interface view to the system view and run the quit
command to return to the user view.
[HUAWEI-GigabitEthernet0/0/1] quit
[HUAWEI]quit
<HUAWEI>

To return from the interface view directly to the user view, press Ctrl+Z or run the
return command.
# Press Ctrl+Z to return directly to the user view.
[HUAWEI-GigabitEthernet0/0/1] #Press Ctrl+Z.
<HUAWEI>

# Run the return command to return directly to the user view.

[HUAWEI-GigabitEthernet0/0/1] return
<HUAWEI>

2.2 Setting Command Levels

Context
The system divides commands into four levels and sets the command level in the
specified view. The device administrator can change the command level as
required, so that a lower-level user can use some high-level commands. The device
administrator can also change the command level to a larger value to improve
device security.
● The system grants users different access permissions based on their roles.
User levels are classified into sixteen levels, which correspond to the
command levels. Users can use only the commands at the same or lower level
than their own levels. By default, there are four command levels 0 to 3 and
sixteen user levels 0 to 15. Table 2-1 describes the relationship between
command levels and user levels.

Table 2-1 Relationship between command levels and user levels

User Com Name Description
Leve man
l d
Leve
l

0 0 Visit level Commands of this level include network

diagnosis tool commands (such as ping and
tracert), and commands for accessing external
devices from the local device (such as STelnet).

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 6

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

User Com Name Description

Leve man
l d
Leve
l

1 0, 1 Monitorin Commands of this level are used for system

g level maintenance, including display commands.
NOTE
Some display commands are not at this level. For
example, the display current-configuration and
display saved-configuration commands are at level
3. For details about command levels, see the
Command Reference.

2 0, 1, Configura Commands of this level are used for service

2 tion level configuration to provide direct network services,
including routing commands and commands of
each network layer.

3 to 0, 1, Managem Commands of this level are used for basic

15 2, 3 ent level system operations, including file system, FTP,
TFTP download, user management, command
level configuration, and debugging.

NOTICE

Changing the default command level without the guidance of technical personnel
is not recommended. This may result in inconvenience for operation and
maintenance and bring about security problems.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run command-privilege level level view view-name command-key
The command level is set in the specified view.

----End

2.3 Editing Command Lines

Editing Feature
You can edit commands in a CLI that supports multi-line edition. Each command
can contain a maximum of 512 characters. The keywords in the commands are
case insensitive. Whether a command parameter is case sensitive or not depends
on what the parameter is.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 7

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

Table 2-2 lists keys that are frequently used for command editing.

Table 2-2 Keys for command editing

Key Function

Common key Inserts a character at the current location of the cursor

if the editing buffer is not full, and the cursor moves to
the right. Otherwise, an alarm is generated.

Backspace Deletes the character on the left of the cursor and the
cursor moves to the left. When the cursor reaches the
head of the command, an alarm is generated.

Left cursor key ← or Moves the cursor to the left by the space of a
Ctrl+B character. When the cursor reaches the head of the
command, an alarm is generated.

Right cursor key → or Moves the cursor to the right by the space of a
Ctrl+F character. When the cursor reaches the end of the
command, an alarm is generated.

Operating Techniques
Incomplete Keyword
You can enter incomplete keywords on the device. In the current view, you do not
need to enter complete keywords if the entered characters can match a unique
keyword. This function improves operating efficiency.
For example, to execute the display current-configuration command, you can
enter d cu, di cu, or dis cu, but you cannot enter d c or dis c because they do not
match unique keywords.

NOTE

The maximum length of a command (including the incomplete command) to be entered is

512 characters. If a command in incomplete form is configured, the system saves the
command to the configuration file in its complete form, which may cause the command to
have more than 512 characters. In this case, the command in incomplete form cannot be
restored after the system restarts. Therefore, when you configure a command in incomplete
form, pay attention to the length of the command.

Tab
Enter an incomplete keyword and press Tab to complete the keyword.
● When a unique keyword matches the input, the system replaces the
incomplete input with the unique keyword and displays it in a new line with
the cursor leaving a space behind. For example:
a. Enter an incomplete keyword.
[HUAWEI] info-
b. Press Tab.
The system replaces the entered keyword and displays it in a new line
with the complete keyword followed by a space.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 8

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

[HUAWEI] info-center
● When the input has multiple matches, press Tab repeatedly to display the
keywords beginning with the incomplete input in a circle until the desired
keyword is displayed. In this case, the cursor closely follows the end of the
keyword. For example:
a. Enter an incomplete keyword.
[HUAWEI] info-center log
b. Press Tab.
The system displays the prefixes of all the matched keywords. In this
example, the prefix is log.
[HUAWEI] info-center logbuffer
Press Tab to switch from one matched keyword to another. In this case,
the cursor closely follows the end of a word.
[HUAWEI] info-center logfile
[HUAWEI] info-center loghost
Stop pressing Tab when the desired keyword is displayed.
● When an incorrect keyword is entered, press Tab and it is displayed in a new
line without being changed. For example:
a. Enter an incorrect keyword.
[HUAWEI] info-center loglog
b. Press Tab.
[HUAWEI] info-center loglog
The system displays information in a new line, but the keyword loglog
remains unchanged and there is no space between the cursor and the
keyword, indicating that this keyword does not exist.

2.4 Using Command Line Online Help

When entering command lines, you can enter a question mark (?) at any time to
obtain online help. You can choose to obtain full help or partial help.

Full Help
When entering a command, you can use the full help function to obtain keywords
and parameters for the command. Use any of the following methods to obtain full
help from a command line.
● Enter a question mark (?) in any command view to obtain all the commands
and their simple descriptions. For example:
<HUAWEI> ?
User view commands:
autosave <Group> autosave command group
backup Backup information
cd Change current directory
clear Clear
clock Specify the system clock
cls Clear screen
compare Compare configuration file
copy Copy from one file to another
...
● Enter some keywords of a command and a question mark (?) separated by a
space. All keywords associated with this command, as well as simple
descriptions, are displayed. For example:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 9

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

<HUAWEI> system-view
[HUAWEI] user-interface vty 0 4
[HUAWEI-ui-vty0-4] authentication-mode ?
aaa AAA authentication
password Authentication through the password of a user terminal interface
[HUAWEI-ui-vty0-4] authentication-mode aaa ?
<cr> Please press ENTER to execute command
[HUAWEI-ui-vty0-4] authentication-mode aaa

– "aaa" and "password" are keywords. "AAA authentication" and

"Authentication through the password of a user terminal interface"
describe the keywords respectively.
– <cr> indicates that there is no keyword or parameter in this position. You
can press Enter to run this command.
● Enter some keywords of a command and a question mark (?) separated by a
space. All parameters associated with this keyword, as well as simple
descriptions, are listed. For example:
<HUAWEI> system-view
[HUAWEI] ftp timeout ?
INTEGER<1-35791> The value of FTP timeout (in minute)
[HUAWEI] ftp timeout 35 ?
<cr> Please press ENTER to execute command
[HUAWEI] ftp timeout 35

"INTEGER<1-35791>" describes the value range of the parameter. "The value

of FTP timeout (in minutes)" briefly describes the function of this parameter.

Partial Help
If you enter only the first or first several characters of a command keyword, partial
help provides keywords that begin with this character or character string. Use any
of the following methods to obtain partial help from a command line.

● Enter a character string followed directly by a question mark (?) to display all
keywords that begin with this character string. For example:
<HUAWEI> d?
debugging <Group> debugging command group
delete Delete a file
dir List files on a filesystem
display Display information
<HUAWEI>d

● Enter a command and a string followed directly by a question mark (?) to

display all the keywords that begin with this string. For example:
<HUAWEI> display b?
binding Display binding relation of profile
bridge Bridge MAC
bridge-link Bridge link
bridge-profile Display Bridge profile
bridge-whitelist Bridge Whitelist

● Enter the first several letters of a keyword in a command and press Tab to
display a complete keyword. The first several letters, however, must uniquely
identify the keyword. If they do not identify a specific keyword, press Tab
continuously to display different keywords and you can select one as required.

NOTE

The command output obtained through the online help function is used for reference only.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 10

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

2.5 Interpreting Command Line Error Messages

Table 2-3 lists the common error messages.

Table 2-3 Common error messages of the command line

Error Message Cause of the Error

Error: Unrecognized command No command is found.

found at '^' position.
No keyword is found.

Error: Wrong parameter found at The parameter type is incorrect.

'^' position.
The parameter value exceeds the limit.

Error: Incomplete command The entered command is incomplete.

found at '^' position.

Error: Too many parameters Too many parameters are entered.

found at '^' position.

Error: Ambiguous command Indefinite command is entered.

found at '^' position.

2.6 Using the undo Command Line

If a command line begins with the keyword undo, it is an undo command line.
The undo command lines restore default settings of parameters, disable functions,
or delete configurations. Almost each configuration command line has a
corresponding undo command.
Some examples of using the undo command are listed as follows:
● The undo command restores the default setting.
The sysname command sets a device host name. For example:
<HUAWEI> system-view
[HUAWEI] sysname Server
[Server] undo sysname
[HUAWEI]
● The undo command disables a specified function.
The ftp server enable command enables the FTP server function on the
device. For example:
<HUAWEI> system-view
[HUAWEI] ftp server enable
Warning: FTP is not a secure protocol, and it is recommended to use SFTP.
Info: Succeeded in starting the FTP server
[HUAWEI] undo ftp server
Info: Succeeded in closing the FTP server.
● The undo command deletes a specified configuration.
The header command configures the header information displayed on
terminals when users log in. For example:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 11

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

<HUAWEI> system-view
[HUAWEI] header login information "Hello!"

Log out of the terminal and re-log in. A message "Hello!" is displayed before
authentication. Run the undo header login command.
Hello!

Username:admin
Password:
<HUAWEI> system-view
[HUAWEI] undo header login

Log out of the terminal and re-log in. No message is displayed before
authentication.
Login authentication

Username:admin
Password:
<HUAWEI>

NOTE

The command output provided here is used for reference only. The actual output
information may differ from the preceding information.

2.7 Displaying History Commands

By default, the system saves 10 history commands for each user. Run the history-
command max-size size-value command to reset the number of history
commands that are allowed to be saved in a specified user interface view. The
maximum number is 256.

NOTE

If the value is too large, it may take a long time to obtain a required history command.
Therefore, a large value is not recommended.

Table 2-4 shows operations of history commands.

Table 2-4 Accessing history commands

Action Command or Key Result

Display history display history-command Display history

commands. commands entered by
the current user.

Display the earlier Up arrow key ↑ or Ctrl+P If there is an earlier

history command. history command, the
earlier history command
is displayed. Otherwise,
an alarm is generated.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 12

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

Action Command or Key Result

Display the later Down arrow key ↓ or Ctrl+N If there is a later history
history command. command, the later
history command is
displayed. Otherwise, the
command is cleared and
an alarm is generated.

When using history commands, note the following:

● The saved history commands are the same as that those entered by users. For
example, if the user enters an incomplete command, the saved command also
is incomplete.
● If the user runs the same command several times, only the latest command is
saved. If the command is entered in different forms, they are considered as
different commands.
For example, if the display current-configuration command is run several
times, only one history command is saved. If the display current-
configuration command and the dis curr command are used, both of them
are saved.

2.8 Using Command Line Shortcut Keys

There are two types of shortcut keys:
● User-defined shortcut keys: include Ctrl+G, Ctrl+L, Ctrl+O, and Ctrl+U. You can
associate these shortcut keys with any commands. When a shortcut key is
pressed, the system runs the corresponding command.
● System-defined shortcut keys: shortcut keys defined in the system that have
fixed functions. Users cannot define these shortcut keys. Table 2-5 lists the
frequently used system-defined shortcut keys.

NOTE

The terminal in use may affect the functions of the shortcut keys. For example, if the
shortcut keys defined by the terminal conflict with those defined in the system, the shortcut
keys entered by the user are captured by the terminal program and the commands
corresponding to the shortcut keys are not executed.

User-defined Shortcut Keys

When a user frequently uses a command or some commands, the user can use
shortcut keys to define these commands. Only management-level users and
configuration-level users have the rights to define shortcut keys. The
configurations are as follows:
1. Run the system-view command to enter the system view.
2. Run the hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } command-text
command to configure a shortcut key corresponding to a command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 13

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

The system supports four user-defined shortcut keys and the default values are as
follows:
● Ctrl+G: display current-configuration
● Ctrl+L: undo idle-timeout
● Ctrl+O: undo debugging all
● Ctrl+U: Null

NOTE

● When defining shortcut keys, use double quotation marks to define the command if this
command contains several keywords separated by spaces. For example, hotkey ctrl_l
"display tcp status". Do not use double quotation marks to define a command if the
command contains only one keyword.
● Run the display hotkey command to view the status of the defined, undefined, and
system-defined shortcut keys.
● Run the undo hotkey command to restore default values of the configured shortcut
keys.
● Shortcut keys are executed in the same way as commands. The system can record
commands in their original formats in the command buffer and logs to help query and
locate the fault.
● The user-defined shortcut keys are available to all users. If a user does not have the
rights to use the command defined by a shortcut key, the system displays an error
message when this shortcut key is executed.

System-defined Shortcut Keys

Table 2-5 System-defined shortcut keys

Key Function

Ctrl+A Moves the cursor to the beginning of the

current line.

Ctrl+B Moves the cursor back one character.

Ctrl+C Stops performing current functions.

Ctrl+D Deletes the character where the cursor is

located at.

Ctrl+E Moves the cursor to the end of the last

line.

Ctrl+F Moves the cursor forward one character.

Ctrl+H Deletes the character on the left side of

the cursor.

Ctrl+I Provides the same function as Tab.

Ctrl+J Provides the same function as Enter.

Ctrl+M Provides the same function as Enter.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 14

Fat AP and Cloud AP
Command Reference 2 How to Use Command Lines

Key Function

Ctrl+N Displays the next command in the history

command buffer.

Ctrl+P Displays the previous command in the

history command buffer.

Ctrl+T Provides the same function as a question

mark.

Ctrl+W Deletes a character string on the left side

of the cursor.

Ctrl+X Deletes all the characters on the left side

of the cursor.

Ctrl+Y Deletes all the characters on the right

side of the cursor and the character
where the cursor is located at.

Ctrl+Z Returns to the user view.

Ctrl+] Stops incoming connections or redirects

the connections.

Esc+B Moves the cursor back one word.

Esc+D Deletes one word on the right side of the

cursor.

Esc+F Moves the cursor forward one word.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 15

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3 Basic Configurations Commands

About This Chapter

3.1 CLI Overview Commands

3.2 First Login Commands
3.3 UI Configuration Commands
3.4 User Login Configuration Commands
3.5 File Management Commands
3.6 Configuring System Startup Commands
3.7 Upgrade Commands
3.8 HTTP Server Commands

3.1 CLI Overview Commands

3.1.1 cls

Function
The cls command clears the current screen.

Format
cls

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 16

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
User view

Default Level
1: Monitoring level

Usage Guidelines
This command only clears the screen and does not clear the screen buffer.

Example
# Clear screen.
<HUAWEI> cls
Info: Current terminal monitor is off.
Info: Current terminal debugging is off.

3.1.2 command-privilege level

Function
The command-privilege level command sets the command level in a specified
view.
The undo command-privilege command restores the default command level.
By default, each command in each view has a default command level.

Format
command-privilege level level view view-name command-key
undo command-privilege view view-name command-key

Parameters
Parameter Description Value
level level Specifies the command level. The value is an
integer that
ranges from 0 to
15.
view view-name Specifies the view name. You can enter a -
question mark (?) in the terminal GUI to
obtain all view names in the command
view.

command-key Specifies a command. The command must -

be entered manually because automatic
command line completion is not supported.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 17

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

The system divides commands into four levels and sets the command level in the
specified view. The device administrator can change the command level as
required, so that a lower-level user can use some high-level commands. The device
administrator can also change the command level to a larger value to improve
device security.

You can run the command-privilege level command to change the level of one
command line based on Table 3-1.

Table 3-1 Common Views

View View Name

cli_8f All views

user User view

system System view

aaa AAA view

eth-trunk Eth-Trunk interface view

gigabitethernet GE interface view

multige MultiGE interface view

loopBack Loopback interface view

vlanif VLANIF interface view

Precautions

You are advised not to change the default command level. If you need to change
it, consult with professional personnel to ensure that routine operations and
maintenance are not affected and security risk is avoided.

When you run this command to lower the level of a command, pay attention to
relative commands in the upper-layer view of the command. If the level of
commands in the upper-layer view is lower the current command level, users of
the corresponding level cannot run the command for which the level is lowered
because the users cannot enter the upper-layer view.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 18

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The rules for using this command to set the command level of a specified view are
as follows:
● When you degrade the target command, all keywords in the command are
degraded.
● When you upgrade the target command, only the last keyword in the
command is upgraded.
● When you set a level for the target command, the levels of all commands (in
the same view) starting with this command are changed.
● When you set a level for the target command, the keyword level in other
commands having the same index as the keyword whose level is changed is
also changed.
● If the level of keywords that have the same index is modified for multiple
times, the latest configured level takes effect.
You cannot change the command level of some commands, including:
● config lock
● config unlock interval time
● diagnose
● quit
● return
● cls

Example
# Set the privilege level of the save command to 5.
<HUAWEI> system-view
[HUAWEI] command-privilege level 5 view user save

3.1.3 diagnose
Function
The diagnose command enters the diagnostic view from the system view.

Format
diagnose

Parameters
None

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 19

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Diagnostic commands are mainly used for fault diagnosis. However, running some
commands may cause device faults or service interruptions. Therefore, use these
commands under the instruction of technical support personnel.

Example
# Enter the diagnostic view.
<HUAWEI> system-view
[HUAWEI] diagnose
[HUAWEI-diagnose]

3.1.4 display history-command

Function
The display history-command command displays the historical commands stored
on the current device.

Format
display history-command

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

You can run this command to check historical commands the user has executed
recently, facilitating information search. Historical commands are recorded in
circular mode. You can run the history-command max-size command to set the
maximum number of historical commands to be recorded.

Precautions

All the historical commands entered by a user are automatically saved on the
terminal, that is, any input that ends with Enter is saved as a historical command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 20

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

NOTE

● Historical commands are saved in the same format as that used in the input. If a
command that is entered by a user is in an incomplete format, the saved historical
command is also in the incomplete format.
● If a user runs a command several times, only the latest command is saved on the device.
If the command is entered in different formats, they are considered as different
commands.

You can view historical commands using the following methods:

● To view the previous historical command, press the Up arrow key or Ctrl+P.
If there is an earlier historical command, the earlier historical command is
displayed.
● To view the next historical command, press the Down arrow key or Ctrl+N.
If there is a new historical command, the new historical command is
displayed.

Example
# Display the historical commands that have been executed on the current
terminal.
<HUAWEI> display history-command
quit
user privilege level 15
user-interface vty 0 4
system-view

3.1.5 display language

Function
The display language command displays the language that the system supports
and version information.

Format
display language

Parameters
None

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 21

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
You can use this command to check the language supported by the system or the
running version information. The system can display information in different
languages according to customer requirements.

By default, the system supports English.

Example
# Display the languages that the system supports and the version information.
<HUAWEI> display language
General:
Description: ENGLISH
Version: V200R003C00
Encoding: ANSI

Table 3-2 Description of the display language command output

Item Description

General General language.

Description Language name.

Version Version information.

Encoding Encoding format, including DEFAULT,

GBK, ISO8859-1, UTF-8, and ANSI.

3.1.6 display this

Function
The display this command displays the running configuration in the current view.

Format
display this

Parameters
None

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 22

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

After the configurations are complete in a certain view, run the display this
command to check the current configurations.

Precautions

If a configuration parameter uses the default value, this parameter is not

displayed. Configurations of the functions that do not take effect are not
displayed.

If you run the display this command in an interface view, configuration of the
interface view is displayed. If you run this command in a protocol view,
configuration of the protocol view is displayed.

Example
# Display the running configuration in the current view.
<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] display this
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password irreversible-cipher %$%$I6.ASV)hJET,p"Dn.YM%3aXO%$%$
local-user admin service-type http
#
return

3.1.7 header

Function
The header command configures the header information displayed on a terminal
when users log in to a connected device.

The undo header command deletes the header information displayed on a

terminal when users log in to a connected device.

By default, no header information is displayed on terminals when users log in to a

connected device.

Format
header { login | shell } { information text | file file-name }

undo header { login | shell }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 23

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

login Indicates header -

information displayed on
a terminal when a user
logs in to the device and a
connection between the
terminal and the device is
activated.

shell Indicates the header -

displayed on a terminal
when the session is set up
after the user logs in to
the connected device.

information Specifies the header and The value is a string with spaces
text content. and carriage returns supported. The
maximum length of the string that
can be entered at one time is 480
characters, if a linefeed is contained
in the first line. If no linefeed is
contained in the first line, a
maximum of 510 characters can be
entered at one time, and the total
string length ranges from 1 to 2038
characters.

file file-name Specifies the file name The value is a string of 5 to 64

that the header uses. characters. The size of the specified
file must be smaller than or equal
to 128 KB. If the size is greater than
128 KB, only the first 128 KB
contents are displayed.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To provide some prompts or alarms to users, you can use the header command to
configure a title on the device. If a user logs in to the device, the title is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 24

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Procedure
If information is specified, the header text starts and ends with the same
character. You can set the header text in either of the following modes:
● Non-interactive: enter the header text behind the start character.
Use the same character at the beginning and end of the header and press
Enter. If the start and end characters are inconsistent, the system prompts an
error message.
● Interactive: enter the start character and press Enter.
The system displays a message prompting the correct header information.
Then enter the required information and enter the same character at the
beginning and end of the header, and press Enter. The system quits the
interactive process.
During interaction, you can press Enter at any time to enter information in
the next line.
Precautions
● Before setting the login parameter, you must set login authentication
parameters; otherwise, no header information about authentication is
displayed.
● Before setting the file parameter, ensure that the file containing the header
exists; otherwise, the file name cannot be obtained.
● If the file parameter is set, save the file containing the header in the root
directory of the default storage media. To save the file to another directory,
you must use a full path.
● If you use SSH1.X to log in to the device, the shell header rather than the
login header is displayed.
● If you use SSH2.0 to log in to the device, both login and shell headers are
displayed in the login process.
● If the header command is configured several times, only the latest
configuration takes effect.
● After the login title is configured, any user that logs in to the system can view
the title.
● The start and end characters in the header text can be double quotation
marks (""). However, the header text content cannot contain double
quotation marks ("").

Example
# Configure a shell header in non-interactive mode.
<HUAWEI> system-view
[HUAWEI] header shell information &Hello! Welcome to system!& # Enter the header text behind
the start character '&' and enter '&' at the end of the header text, and press Enter.

# Display the shell header if the login succeeds.

Hello! Welcome to system!

# Configure a shell header in interactive mode.

<HUAWEI> system-view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 25

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

[HUAWEI] header shell information % # Press Enter after entering the start character % to start the
interactive process.
Info: Input banner text, and quit with the character '%'. Hello!
Welcome to system!%
[HUAWEI] quit
<HUAWEI> quit # Log off.

# Press Enter. The shell header is displayed when the user logs in again.
Hello!
Welcome to system!
<HUAWEI>

# Specify the file that stores a login header.

<HUAWEI> system-view
[HUAWEI] header login file flash:/header-file.txt

3.1.8 display hotkey

Function
The display hotkey command displays the status of the defined, undefined, and
system hotkeys.

Format
display hotkey

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
After you understand the defined, undefined, and system hotkeys in the system,
you can use hotkeys to quickly enter commands. To redefine hotkeys for a
command, run the hotkey command.
The system allows hotkeys in places where commands can be entered, and
displays the commands corresponding to hotkeys. You can run the display hotkey
command to view the commands corresponding to hotkeys.

Example
# Display defined, undefined, and system hotkeys.
<HUAWEI> display hotkey
----------------- HOTKEY -----------------

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 26

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configuration
CTRL_L undo idle-timeout
CTRL_O undo debugging all

=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL

=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the first line
CTRL_B Move the cursor one character left
CTRL_C Stop current command function
CTRL_D Erase current character
CTRL_E Move the cursor to the end of the Last line
CTRL_F Move the cursor one character right
CTRL_H Erase the character left of the cursor
CTRL_I Perform the same fucntion as the "Tab" key
CTRL_J Perform the same fucntion as the "Enter" key
CTRL_K Kill outgoing connection when connecting
CTRL_M Perform the same fucntion as the "Enter" key
CTRL_N Display the next command from the history buffer
CTRL_T Function as a question mark
CTRL_P Display the previous command from the history buffer
CTRL_W Delete the word left of the cursor
CTRL_X Delete all characters up to the cursor
CTRL_Y Delete all characters after the cursor
CTRL_Z Return to the user view
CTRL_] Kill incoming connection or redirect connection
ESC_B Move the cursor one word back
ESC_D Delete remainder of word
ESC_F Move the cursor forward one word

Table 3-3 Description of the display hotkey command output

Item Description

Defined hotkeys Defined hotkeys.

Undefined hotkeys Undefined hotkeys.

System hotkeys System hotkeys.

3.1.9 hotkey
Function
The hotkey command sets a shortcut key for a command.
The undo hotkey restores the system shortcut keys to the default values.
By default, the system sets the default values for three shortcut keys CTRL+G,
CTRL+L, and CTRL+O, while does not set default value for CTRL+U.

Format
hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } command-text
undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 27

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
CTRL_G Specifies the shortcut key Ctrl+G for a -
command.
CTRL_L Specifies the shortcut key Ctrl+L for a -
command.
CTRL_O Specifies the shortcut key Ctrl+O for a -
command.
CTRL_U Specifies the shortcut key Ctrl+U for a -
command.
command-text Specifies the associated command line for The value is a string
shortcut keys. of 1 to 240
characters.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
You can set a shortcut key for a command that is often used; you can also change
the default value of the shortcut key that is defined by the system according to
your requirements.
Precautions
Four shortcut keys are customized by users: CTRL+G, CTRL+L, CTRL+O, and CTRL
+U.
● By default, the shortcut key CTRL+G corresponds to the display current-
configuration command which displays current configuration.
● By default, the shortcut key CTRL+L corresponds to the undo idle-timeout
command which restores the default timeout period.
● By default, the shortcut key CTRL+O corresponds to the undo debugging all
command which stops the output of all debugging information.
After you use the hotkey command to set a shortcut key for a command, you can
run the command by pressing the shortcut key or entering a command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 28

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

NOTE

One shortcut key can be set for only one command. If you set a shortcut key for multiple
commands, only the latest configuration takes effect.
When assigning a command for a shortcut key, you need to mark the command with
double quotation marks if the command consists of several words, that is, the command
includes spaces. You do not need to mark the command with double quotation marks if the
command consists of only one word.

Example
# Assign the display tcp status command for the shortcut key CTRL+L.
<HUAWEI> system-view
[HUAWEI] hotkey ctrl_l "display tcp status"
[HUAWEI] display hotkey
----------------- HOTKEY -----------------

=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configuration
CTRL_L display tcp status
CTRL_O undo debugging all

=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL

3.1.10 quit
Function
The quit command returns from the current view to a lower-level view. If the
current view is the user view, this command exits from the system.

Format
quit

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 29

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
None

Views
All views

Default Level
0: Visit level

Usage Guidelines
Usage Scenario
Three types of views are available and they are listed as follows from a lower level
to a higher level:
● User view
● System view
● Service view, such as route protocol view or interface view
Run the quit command to return to a lower-level command view from the current
view. If you are in the user view currently, after you run the quit command, you
quit from the system.

Example
# Return to the system view from the AAA view, and then return to the user view.
After this, quit the system.
<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] quit
[HUAWEI] quit
<HUAWEI> quit

3.1.11 return
Function
The return command returns to the user view from other views except the user
view.

Format
return

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 30

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
1: Monitoring level

Usage Guidelines
In other views, you can use the return command to return to the user view.
● Run this command to return to the user view if the current view is another
view except the user view.
● If the current view is the user view, no change occurs after running this
command.
● The shortcut keys<Ctrl+Z> have the same function as the return command.

Example
# Return to the user view from the user interface view.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] return
<HUAWEI>

3.1.12 system-view
Function
The system-view command enables you to enter the system view from the user
view.

Format
system-view

Parameters
None

Views
User view

Default Level
2: Configuration level

Usage Guidelines
You must configure the device in the system view. Run this command in the user
view to enter the system view.

Example
# Enter the system view.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 31

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI]

3.2 First Login Commands

3.2.1 clock datetime

Function
The clock datetime command sets the current date and time on the wireless
access point.

Format
clock datetime HH:MM:SS YYYY-MM-DD

Parameters
Parameter Description Value
HH:MM:SS Specifies the current HH specifies the hour, which is an integer
time on the wireless ranging from 0 to 23. MM specifies the
access point. minute, which is an integer ranging from 0
to 59. SS specifies the second, which is an
integer ranging from 0 to 59.
YYYY-MM- Specifies the current YYYY specifies the year, which is an integer
DD date (year, month, ranging from 2000 to 2030. MM specifies
and day) on the the month, which is an integer ranging
wireless access point. from 1 to 12. DD specifies the day, which
is an integer ranging from 1 to 31.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
In the scenario where accurate absolute time is required, the current date and
time must be set on the wireless access point.
Prerequisite
The time zone and daylight saving time have been configured using the clock
timezone and clock daylight-saving-time commands. If the time zone and

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 32

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

daylight saving time are not configured, the clock datetime command sets a UTC
time.

Precautions

● The specified time must be in 24-hour format. If you do not specify MM and
SS, their values are 0. You must enter at least one digit to specify HH. For
example, when you enter 0, the time is 00:00:00.
● The specified year must be a four-digit number and the specified month and
day can be a one-digit number. For example, when you enter 2012-9-1, the
time is 2012-09-01.
● If the device is configured to restart at a specified time and if the system time
is changed to be more than 10 minutes later than the specified restart time,
the scheduled restart function will be disabled.
● This configuration is not reset after the reset factory-configuration
command is executed.

Example
# Set the current time and date of the system to 0:0:0 2012-01-01.
<HUAWEI> clock datetime 0:0:0 2012-01-01

3.2.2 clock daylight-saving-time

Function
The clock daylight-saving-time command sets the name, start time, and end
time of the daylight saving time (DST).

The undo clock daylight-saving-time command cancels the DST settings.

By default, the DST is not used.

Format
clock daylight-saving-time time-zone-name one-year start-time start-date end-
time end-date offset

clock daylight-saving-time time-zone-name repeating start-time { { first |

second | third | fourth | last } weekday month | start-date1 } end-time { { first |
second | third | fourth | last } weekday month | end-date1 } offset [ start-year
[ end-year ] ]

undo clock daylight-saving-time

Parameters

Parameter Description Value

time-zone- Specifies the name The value is a string of 1 to 32 characters.
name of the DST zone.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 33

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

one-year Specifies the -
absolute DST.
repeating Specifies the periodic -
DST.
start-time Specifies the start The start time is in the 24-hour format
time of the DST. HH:MM. HH specifies the hour, which is an
integer ranging from 0 to 23. MM specifies
the minute, which is an integer ranging
from 0 to 59. If MM is not specified, the
DST starts on the hour. You must enter at
least one digit to specify HH. For example,
when you enter 0, the start time is 00:00.

start-date Specifies the start The start date is in the format YYYY-MM-
date of the DST. DD. The value of YYYY ranges from 2000
to 2030, the value of MM ranges from 1 to
12, and the value of DD ranges from 1 to
31.
end-time Specifies the end The start time is in the 24-hour format
time of the DST. HH:MM. HH specifies the hour, which is an
integer ranging from 0 to 23. MM specifies
the minute, which is an integer ranging
from 0 to 59. If MM is not specified, the
DST starts on the hour. You must enter at
least one digit to specify HH. For example,
when you enter 0, the start time is 00:00.

end-date Specifies the end The end date is in the format YYYY-MM-
date of the DST. DD. The value of YYYY ranges from 2000
to 2030, the value of MM ranges from 1 to
12, and the value of DD ranges from 1 to
31.
first Specifies the first -
workday in a month.
second Specifies the second -
workday in a month.
third Specifies the third -
workday in a month.
fourth indicates the fourth -
workday in a month.
last Specifies the last -
workday in a month.
weekday Specifies a day of The value is Mon, Tue, Wed, Thu, Fri, Sat,
the week. or Sun.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 34

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

month Specifies a month. The value is Jan, Feb, Mar, Apr, May, Jun,
Jul, Aug, Sep, Oct, Nov, or Dec.
start-date1 Specifies the start The start date is in the format MM-DD.
date of the DST. The value of MM ranges from 1 to 12, and
the value of DD ranges from 1 to 31.
end-date1 Specifies the end The end date is in the format MM-DD. The
date of the DST. value of MM ranges from 1 to 12, and the
value of DD ranges from 1 to 31.
offset Specifies the DST The offset is in the 24-hour format
offset. HH:MM. HH specifies the hour, which is an
integer ranging from 0 to 2. MM specifies
the minute, which is an integer ranging
from 0 to 59. If MM is not specified, the
offset is the specified hours. You must
enter at least one digit to specify HH.
The offset should be shorter than or equal
to 2 hours.

start-year Specifies the start The value is in the format YYYY and ranges
year. from 2000 to 2030.
end-year Specifies the end The value is in the format YYYY and ranges
year. from 2000 to 2030.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Daylight Saving Time (DST), also referred to as summer time, is a convention

established by people for saving resources. In high latitude areas, it is earlier in
summer than in winter at sunrise. To reduce evening usage of incandescent
lighting and save energy, clocks are adjusted forward one hour.

Users can customize the DST zone according to their countries' or regions'
convention. In addition, users can set how long clocks are adjusted forward,
usually an hour. With DST enabled, when it is time to start DST, the system time is
adjusted according to the user-specified DST. When it is time to end DST, the
system time automatically returns to original time.

Configuration Impact

To configure the DST, note the following:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 35

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● The time in logs and debugging information uses the local time adjusted
based on the time zone and the configured DST.
● The time in the output of the display commands uses the local time adjusted
based on the time zone and the configured DST.
To remove configurations for the DST, note the following:
● If the DST already takes effect when you remove the configurations, the
device will adjust its clock by subtracting the value of the offset parameter
from the current time.
● If the DST does not take effect, removing the configurations will not affect
the system time.
Precautions
● The DST is configured in the summer. The DST duration ranges from one day
to one year.
● You can configure the start time and end time for periodic DST in one of the
following modes: date+date, week+week, date+week, and week+date.
● This configuration is not reset after the reset factory-configuration
command is executed.

Example
# Set the periodic DST.
<HUAWEI> clock daylight-saving-time bj repeating 0 first sun jan 0 first sun apr 2 2009 2009

# Set the periodic DST by day.

<HUAWEI> clock daylight-saving-time bj repeating 12:11 1-1 1:0 3-4 1

# Set the absolute DST.

<HUAWEI> clock daylight-saving-time bj one-year 12:11 2010-10-2 1:00 2010-11-4 1

3.2.3 clock timezone

Function
The clock timezone command sets the local time zone.
The undo clock timezone command deletes the local time zone.
By default, the system uses Default Zone Name as the time zone name.

Format
clock timezone time-zone-name { add | minus } offset
undo clock timezone

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 36

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
time-zone- Specifies the time zone name. The name is a string of 1 to 32
name case-sensitive characters without
spaces.
add Specifies the offset from the -
UTC for the time zone
specified by time-zone-name.
That is, the sum of the
default UTC time zone and
offset is equal to the time
zone specified by time-zone-
name.
minus Specifies the offset from the -
UTC for the time zone
specified by time-zone-name.
That is, the remainder
obtained by subtracting offset
from the default UTC time
zone is equal to the time zone
specified by time-zone-name.
offset Specifies the offset from the Format: HH:MM:SS
UTC.
● HH specifies the hour.
– If the local time is earlier
than the UTC, the value is an
integer ranging from 0 to 14.
– If the local time is later than
the UTC, the value is an
integer ranging from 0 to 12.
● MM and SS specify the minute
and second respectively, and
both of them range from 0 to
59.
● When HH is set to the
maximum value, the MM and
SS values must be 0.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 37

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

The system clock is the time indicated by the system timestamp. Because the rules
governing local time differ in different regions, the system clock can be configured
to comply with the rules of any given region.

System clock = UTC + Time zone offset + DST offset

To ensure the normal communication between devices, set an accurate system

clock. You can run the clock timezone and clock daylight-saving-time
commands to set the time zone and DST offsets.

The time zone of Fat APs is set to Beijing time zone in factory settings.

Precautions

● The specified time must be in 24-hour format. If you do not specify MM and
SS, their values are 0. You must enter at least one digit to specify HH. For
example, when you enter 0, the time is 00:00:00.
● After configuring the local time zone, run the display clock command to view
the configuration. The time in logs and diagnostic information uses the local
time adjusted based on the time zone and DST.
● This configuration is not reset after the reset factory-configuration
command is executed.

Example
# Set the local time zone name for Beijing China to BJ.

If the default UTC is London time 2012-12-01 00:00:00, Beijing time is London
time plus 08:00 because the offset from UTC is 8 hours.
<HUAWEI> clock datetime 0:0:0 2012-12-01
<HUAWEI> clock timezone BJ add 08:00:00

3.2.4 display clock

Function
The display clock command displays the current date and clock setting.

Format
display clock

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 38

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

You can run the display clock command to view the system date and clock setting
and adjust the setting if necessary.

Precautions

The system clock is set using the clock datetime, clock timezone, and clock
daylight-saving-time commands.

● If the three commands are not used, the original system clock is displayed
after you run the display clock command.
● You can use any combination of the three commands to configure the system
time. Table 3-4 lists the formats of the configured time.

The table assumes that the original system time is 08:00:00 on January 1, 2010.
● 1: indicates that the clock datetime command is used, in which the current
time and date is date-time.
● 2: indicates that the clock timezone command is used, in which the time
zone parameter is set and the time offset is zone-offset.
● 3: indicates that the clock daylight-saving-time command is used, in which
the DST parameters are set and the time offset is offset.
● [1]: indicates that the clock datetime command is optional.

Table 3-4 System clock setting examples

Action Configured System Example

Time

1 date-time Command: clock datetime 8:0:0

2011-11-12
Configured system time:
2011-11-12 08:00:02
Saturday
Time Zone(Default Zone Name) : UTC+00:00:00

2 Original system time Command: clock timezone BJ add 8

± zone-offset Configured system time:
2010-01-01 16:00:27
Friday
Time Zone(BJ) : UTC+08:00:00

1, 2 date-time ± zone- Commands: clock datetime 8:0:0

offset 2011-11-12 and clock timezone BJ add 8
Configured system time:
2011-11-12 16:00:17
Saturday
Time Zone(BJ) : UTC+08:00:00

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 39

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Action Configured System Example

Time

[1], 2, 1 date-time Commands: clock timezone NJ add 8 and

clock datetime 9:0:0 2011-11-12
Configured system time:
2011-11-12 09:00:03
Saturday
Time Zone(NJ) : UTC+08:00:00

3 If the original system Command: clock daylight-saving-time BJ

time is not in the DST one-year 6:0 2011-8-1 6:0 2011-10-01 1
segment, the original Configured system time:
system time is
2010-01-01 08:00:51
displayed. Friday
Time Zone(Default Zone Name) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00

If the original system Command: clock daylight-saving-time BJ

time is in the DST one-year 6:0 2010-1-1 6:0 2010-9-1 2
segment, the Configured system time:
configured system
2010-01-01 10:00:08 DST
time is the original Friday
system time plus Time Zone(BJ) : UTC+00:00:00
offset. Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2010
End year : 2010
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00

1, 3 If date-time is not in Commands: clock datetime 9:0:0

the DST segment, the 2011-11-12 and clock daylight-saving-
configured system time BJ one-year 6:0 2012-8-1 6:0
time is date-time. 2012-10-01 1
Configured system time:
2011-11-12 09:00:26
Saturday
Time Zone(Default Zone Name) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 40

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Action Configured System Example

Time

If date-time is in the Commands: clock datetime 9:0:0

DST segment, the 2011-11-12 and clock daylight-saving-
configured system time BJ one-year 9:0 2011-11-12 6:0
time is date-time 2011-12-01 2
+offset. Configured system time:
2011-11-12 11:02:21 DST
Saturday
Time Zone(BJ) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 11-12 09:00:00
End time : 12-01 06:00:00
Saving time : 02:00:00

[1], 3, 1 If date-time is not in Commands: clock daylight-saving-time BJ

the DST segment, the one-year 6:0 2012-8-1 6:0 2012-10-01 1
configured system and clock datetime 9:0 2011-11-12
time is date-time. Configured system time:
2011-11-12 09:00:02
Saturday
Time Zone(Default Zone Name) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00

If date-time is in the Commands: clock daylight-saving-time BJ

DST segment, the one-year 1:0 2011-1-1 1:0 2011-9-1 2 and
configured system clock datetime 3:0 2011-1-1
time is date-time. Configured system time:
2011-01-01 03:00:19 DST
Saturday
Time Zone(BJ) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 41

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Action Configured System Example

Time

2, 3 or 3, If the result of Commands: clock timezone BJ add 8 and

2 original system time clock daylight-saving-time BJ one-year
± zone-offset is not in 6:0 2011-1-1 6:0 2011-9-1 2
the DST segment, the Configured system time:
configured system
2010-01-01 16:01:29
time is equal to the Friday
original system time Time Zone(BJ) : UTC+08:00:00
± zone-offset. Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00

If the result of Commands: clock daylight-saving-time BJ

original system time one-year 1:0 2010-1-1 1:0 2010-9-1 2 and
± zone-offset is in the clock timezone BJ add 8
DST segment, the Configured system time:
configured system
2010-01-01 18:05:31 DST
time is equal to the Friday
original system time Time Zone(BJ) : UTC+08:00:00
± zone-offset ± Daylight saving time :
Name : BJ
offset. Repeat mode : one-year
Start year : 2010
End year : 2010
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00

1, 2, 3 or If the value of date- Commands: clock datetime 8:0:0

1, 3, 2 time ± zone-offset is 2011-11-12, clock timezone BJ add 8, and
not in the DST clock daylight-saving-time BJ one-year
segment, the 6:0 2012-1-1 6:0 2012-9-1 2
configured system Configured system time:
time is equal to date-
2011-11-12 08:01:40
time ± zone-offset. Saturday
Time Zone(BJ) : UTC+08:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 42

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Action Configured System Example

Time

If the value of date- Commands: clock datetime 8:0:0

time ± zone-offset is 2011-1-1, clock daylight-saving-time BJ
in the DST segment, one-year 6:0 2011-1-1 6:0 2011-9-1 2 and
the configured clock timezone BJ add 8
system time is equal Configured system time:
to date-time ± zone-
2011-01-01 10:00:43 DST
offset + offset. Saturday
Time Zone(BJ) : UTC+08:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00

[1], 2, 3, 1 If date-time is not in Commands: clock daylight-saving-time BJ

or [1], 3, the DST segment, the one-year 6:0 2012-1-1 6:0 2012-9-1 2,
2, 1 configured system clock timezone BJ add 8, and clock
time is date-time. datetime 8:0:0 2011-11-12
Configured system time:
2011-11-12 08:00:03
Saturday
Time Zone(BJ) : UTC+08:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00

If date-time is in the Commands: clock timezone BJ add 8,

DST segment, the clock daylight-saving-time BJ one-year
configured system 1:0 2011-1-1 1:0 2011-9-1 2, and clock
time is date-time. datetime 3:0:0 2011-1-1
Configured system time:
2011-01-01 03:00:03 DST
Saturday
Time Zone(BJ) : UTC+08:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00

Example
# Display the current system date and time.
<HUAWEI> display clock

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 43

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

2012-05-15 20:34:53
Tuesday
Time Zone(Default Zone Name) : UTC+00:00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00

Table 3-5 Description of the display clock command output

Item Description

Time Zone Time zone.

Daylight saving time DST.

Name DST name.

Repeat mode DST mode.

● one-year: absolute DST
● repeating: periodic DST

Start year Year from which the DST takes effect.

End year Year when the DST becomes ineffective.

Start time Time when the DST takes effect.

End time Time when the DST becomes ineffective.

Saving time Storage time.

3.2.5 sysname
Function
The sysname command sets the device host name.
The undo sysname command restores the default device host name.
By default, the device host name is HUAWEI.

Format
sysname host-name
undo sysname

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 44

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

host-name Specifies the host name. The value is a string of 1 to 246 case-
sensitive characters with spaces.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Changing the host name affects the prompt of the command interface. For
example, if the host name is HUAWEI, the prompt of the user interface is
<HUAWEI>.

Example
# Set the host name to HUAWEIA.
<HUAWEI> system-view
[HUAWEI] sysname HUAWEIA
[HUAWEIA]

3.2.6 ip domain-name

Function
The ip domain-name command sets the default domain name suffix.

The undo ip domain-name command deletes the default domain name suffix.

By default, no default domain name suffix is provided.

Format
ip domain-name domain-name

undo ip domain-name

Parameters
Parameter Description Value

domain-name Specifies the domain name The value is a string of 1 to 255

suffix. characters.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 45

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
For a central AP: system view, AP view, AP group view
For a command AP: system view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Devices with the same system name may exist in different domains. In this case,
you can configure a fully qualified domain name (FQDN) for a device to uniquely
identify it. The FQDN of a device consists of the default domain name suffix and
device name. You can run the ip domain-name command to set the default
domain name suffix and the sysname command to set the device name.
Running the ip domain-name command in the system view can set the default
domain name suffix for the device itself. When running this command in the AP or
AP group view, you can set the default domain name suffix for APs managed the
device.
Precautions
If you run the ip domain-name command multiple times, the latest configuration
overrides the previous configurations.

Example
# Set the domain name suffix to com.cn.
<HUAWEI> system-view
[HUAWEI] ip domain-name com.cn

3.3 UI Configuration Commands

3.3.1 acl (user interface view)

Function
The acl command uses an ACL to restrict login rights of users on a terminal.
The undo acl command cancels the configuration.
By default, login rights are not restricted.

Format
acl acl-number { inbound | outbound }
undo acl { inbound | outbound }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 46

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

acl-number Specifies the number of an ACL. The value is an integer ranging

from 2000 to 3999.
● 2000-2999: restricts the
source address using the basic
ACL.
● 3000-3999: restricts the
source and destination
addresses using the advanced
ACL.

inbound Restricts users with an address or -

within an address segment to log
in to the device.

outbound Restricts users who have logged -

in to the device from logging in
to other devices.

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
This command restricts the login rights of a user interface based on the source IP
address, destination IP address, source port, or destination port. You can use this
command to permit or deny access to a destination or from a source.
Prerequisites
Before running this command, run the acl (system view) in the system view and
run the rule (basic ACL view) or rule (advanced ACL view) command to
configure an ACL.
If no rule is configured, login rights on the user interface are not restricted when
the acl command is executed.
Precautions
After the configurations of the ACL take effect, all users on the user interface are
restricted by the ACL.
Only one ACL (an inbound or outbound ACL) can be configured on a user
interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 47

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Restrict the Telnet login rights on user interface VTY 0.
<HUAWEI> system-view
[HUAWEI] acl 3001
[HUAWEI-acl-adv-3001] rule deny tcp source any destination-port eq telnet
[HUAWEI-acl-adv-3001] quit
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] acl 3001 outbound

# Remove the restriction on the Telnet login rights on user interface VTY 0.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] undo acl outbound

3.3.2 authentication-mode (user interface view)

Function
The authentication-mode command configures an authentication mode for the
user interface login.
The undo authentication-mode command deletes the authentication mode
configured for the user interface login.
By default, aaa is used for console login authentication and aaa is used for VTY
login authentication.

Format
authentication-mode { aaa | password }
undo authentication-mode

Parameters
Parameter Description Value

aaa Specifies the AAA authentication mode. -

password Specifies the password authentication mode. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 48

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

When a user needs to log in to the device through console, Telnet, or SSH, run this
command to configure the authentication mode for the user interface login. After
the configuration is complete, you can still run this command to change the
authentication mode for the user interface login as required.

The AAA authentication mode is more secure and therefore recommended.

Precautions

An authentication mode must be configured for the user interface login.

Otherwise, users cannot log in to the device.

● When password is used for the user interface login, you also need to run the
set authentication password command to configure the authentication
password. You need to enter the correct login password to log in to the
device. Therefore, keep the login password properly. The levels of commands
accessible to a user depend on the level configured for the user interface to
which the user logs in.
● When aaa is used for user interface login authentication, the passwords set
for the user interface are automatically deleted. You need to enter the correct
user name and password to log in to the device. Therefore, keep the login
user name and password properly. The levels of commands accessible to a
user depend on the priority of the local user specified in the AAA
configuration. If no user level is configured for a local AAA user, the user level
of the current user interface is used by default.
● When the undo authentication-mode command is run to delete the
authentication mode configured for the user interface login, you are
prompted to confirm whether to clear the password of the user interface.

Example
# Configure password for VTY login authentication.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] authentication-mode password

3.3.3 auto-execute command

Function
The auto-execute command command configures auto-run commands.

The undo auto-execute command command cancels auto-run commands.

By default, the auto-run function is disabled.

Format
auto-execute command command

undo auto-execute command

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 49

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

command Specifies an auto-run command. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the auto-execute command command to make the device run a
command automatically on the corresponding interface.
You can run the auto-execute command command to enable automatic
execution for the Telnet command.
Precautions
● The auto-execute command command is applicable to the VTY user
interface.
● When you log in to the device, the device automatically runs the commands
that are configured by the auto-execute command command. The user's
terminal disconnects from the device.
● Before saving the configuration of the auto-execute command command,
ensure that you can log in to the device in other ways so that you can cancel
the command configuration.
● If you use the auto-execute command command, you cannot configure the
device in the user interface view. Therefore, use this command with caution.

Example
# Configure the display version command to automatically run after a user logs
in to the device using the VTY0 interface.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] auto-execute command display version
Warning: The system will not be configured through ui-vty0.Continue? [Y/N]: y

3.3.4 databits
Function
The databits command sets the number of data bits of the user interface.
The undo databits command restores the default number of data bits.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 50

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

By default, the number of data bits of the user interface is 8.

Format
databits { 5 | 6 | 7 | 8 }

undo databits

Parameters
Parameter Description Value
5 Indicates that the number of data bits is 5. -
6 Indicates that the number of data bits is 6. -
7 Indicates that the number of data bits is 7. -
8 Indicates that the number of data bits is 8. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Use this command only when necessary. If the number of data bits of a device's
user interface is changed, ensure that the same number of data bits is set on the
HyperTerminal used for login.

This function takes effect for only serial interfaces.

NOTE

The data bit of the console user interface does not support 5 and 6.

Example
# Set the number of data bits to 7.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] databits 7

3.3.5 display mib-index interface

Function
The display mib-index interface command displays the index value of an
interface in the MIB.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 51

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
display mib-index interface [ interface-type [ interface-number ] ]

Parameters
Parameter Description Value
interface-type Specifies the interface for which the index value is -
interface- displayed.
number
● interface-type: specifies the interface type, for
example, Ethernet.
If the interface type is not specified, the index values
of all interfaces are displayed.
● interface-number: specifies the number of an
interface. It is used with interface-type to specify an
interface.
If the interface number is not specified, the index
values of all interfaces of the type are displayed.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display mib-index interface command as an NMS user to view
the index values of interfaces.

Example
# Display indexes of all interfaces.
<HUAWEI> display mib-index interface
IfName IfIndex PortIndex
--------------------------------------------------
GigabitEthernet0/0/0 8 0
NULL0 2 --
Vlanif1 13 --
Vlanif33 14 --
Vlanif2001 5 --
Wlan-Bss0 7 1
Wlan-Radio0/0/0 6 --

Table 3-6 Description of the display mib-index interface command output

Item Description

IfName Interface name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 52

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

IfIndex Index value of an interface.

PortIndex Index value of a port.

3.3.6 display user-interface

Function
The display user-interface command displays information about a user interface.

Format
display user-interface [ ui-type ui-number1 | ui-number ] [ summary ]

Parameters
Parameter Description Value
ui-type Displays information about a The value can be Console or VTY.
specified user interface.
ui-number1 Displays information about a The minimum value is 0. The
user interface with a specified maximum value is smaller by 1
relative number. than the number of user interfaces
the system supports.
ui-number Displays information about a The value is an integer ranging
user interface with a specified from 0 to 25. The value varies
absolute number. according to the device type.

summary Displays the summary of a -

user interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Using the display user-interface command, you can view detailed configuration
information about all user interfaces or a specified user interface.

NOTE

Lower-level users cannot gain access to a user interface information about users of higher
levels.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 53

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Display detailed information about the user interface with the absolute number
0.
<HUAWEI> display user-interface 0
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
+ 0 CON 0 9600 - 15 15 P -
+ : Current UI is active.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Auth : The authentication mode of UIs.
A: Authenticate use AAA.
N: Current UI need not authentication.
P: Authenticate use current UI's password.
Int : The physical location of UIs.

# Display detailed information about all user interfaces.

<HUAWEI> display user-interface
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
+ 0 CON 0 9600 - 15 15 P -
+ 129 VTY 0 - 0 15 A -
130 VTY 1 - 0 0 A -
131 VTY 2 - 0 0 A -
132 VTY 3 - 0 0 A -
133 VTY 4 - 0 0 A -
145 VTY 16 - 0 0 A -
146 VTY 17 - 0 0 A -
147 VTY 18 - 0 0 A -
148 VTY 19 - 0 0 A -
149 VTY 20 - 0 0 A -
150 Web 0 - 15 0 A -
151 Web 1 - 15 0 A -
152 Web 2 - 15 0 A -
153 Web 3 - 15 0 A -
154 Web 4 - 15 0 A -
155 XML 0 - 0 0 A -
156 XML 1 - 0 0 A -
157 XML 2 - 0 0 A -
+ 168 XML 0 - 15 15 N -
UI(s) not in async mode -or- with no hardware support:
1-128
+ : Current UI is active.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Auth : The authentication mode of UIs.
A: Authenticate use AAA.
N: Current UI need not authentication.
P: Authenticate use current UI's password.
Int : The physical location of UIs.

Table 3-7 Description of the display user-interface command output

Parameter Description

+ Active user interface.

Idx Absolute number of a user interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 54

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description

Type Type and relative number of a user interface.

● CON: Login through the console port
● VTY: Login through Telnet or SSH.
● Web: Login through the web platform
● XML: Login through the upper-layer NMS, which
communicates with the local device using
NETCONF

Tx/Rx Data transfer rate of the user interface.

Modem Type of the modem. The value - indicates that the

hardware does not support the modem.

Privi Authority configured on a user interface.

ActualPrivi Actual permission of a user interface. In the case of

the AAA authentication mode, the level of a local
user in AAA configuration is the actual permission.

Auth Authentication mode on a user interface.

● A: AAA authentication.
● N: No authentication on the current user
interface.
● P: Password authentication.

Int User interface.

UI(s) not in async mode - Interfaces numbered from 1 to 128 are UI interfaces
or- with no hardware that are working in synchronous mode or are not
support: 1-128 supported by the hardware. Currently, the WLAN
supports only the asynchronous mode.

3.3.7 display user-interface maximum-vty

Function
The display user-interface maximum-vty command displays the maximum
number of VTY users.

Format
display user-interface maximum-vty

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 55

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display user-interface maximum-vty command to view the
maximum number of users who connect to the device using Telnet or SSH. By
default, the total number of Telnet users and SSH users is five maximum.

Example
# Display the maximum number of VTY users.
<HUAWEI> display user-interface maximum-vty
Maximum of VTY user : 5

Table 3-8 Description of the display user-interface maximum-vty command output

Parameter Description

Maximum of VTY user Maximum number of VTY users.

The maximum number of VTY users can be
configured using the user-interface maximum-
vty command.

3.3.8 display users

Function
The display users command displays login information for each user interface.

Format
display users [ all ]

Parameters
Parameter Description Value
all Displays information about all users who log in to the device -
through user interfaces, including information about user
interfaces that are not used. If the all parameter is not used,
the command displays only information about user interfaces
that have been connected.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 56

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
All views

Default Level
3: Management level

Usage Guidelines
You can run this command to view information about users who are connected to
the device. The information includes the user name, IP address, and authentication
and authorization information.

NOTE

Lower-level users cannot gain access to information about users of higher levels.

Example
# Run the display users command to view information about users who log in to
the device through the user interface.
<HUAWEI> display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 130 VTY 1 00:00:00 TEL 10.164.6.15 pass
Username : user2
Network Address : 172.16.1.1
,

Table 3-9 Description of the display users command output

Item Description

+ Terminal line in use.

User-Intf The number in the first column indicates the absolute

number of the user interface, and the number in the second
column indicates the relative number of the user interface.

Delay Interval from the user's latest input to the current time, in
seconds.

Type Connection type.

● Console
● Telnet
● SSH
● Web

Network Indicates the initial connection location.

Address

Username User name for logging in to the device. If the user name is
not specified, Unspecified is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 57

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

AuthenStatus Whether the authentication succeeds.

AuthorcmdFlag Command line authorization status.

3.3.9 display vty lines

Function
The display vty lines command lists the number of rows displayed on the VTY
screen.

Format
display vty lines

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# List the number of lines displayed on the VTY screen.
<HUAWEI> display vty lines
Current VTY lines is 24

3.3.10 display vty mode

Function
The display vty mode command displays the current VTY mode.

Format
display vty mode

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 58

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
VTY modes are classified into the man-to-machine mode and machine-to-machine
mode. You can run this command to check the current VTY mode.

Example
# Display the VTY mode.
<HUAWEI> display vty mode
Current user-interface mode is Human-Machine interface.

3.3.11 free user-interface

Function
The free user-interface command disconnects the device from a specified user
interface.

Format
free user-interface { ui-number | ui-type ui-number1 }

Parameters
Parameter Description Value
ui-number Specifies the absolute The value is an integer ranging from 0
number of a user interface. to 25. The value varies according to the
device type.

ui-type Specifies the type of a user The value can be Console, or VTY.
interface.
ui-number1 Specifies the relative The minimum value is 0. The
number of a user interface. maximum value is smaller by 1 than
the number of user interfaces the
system supports.

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 59

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If a user logs in to the device and does not perform an operation or you want to
forbid a user from performing operations on the device, you can run the free
user-interface command to disconnect a specified user's terminal from the device.
After the command is executed, the device logs out the user.
Precautions
The free user-interface command cannot be executed on the current user
interface. For example, if the current user interface is VTY 2, the free user-
interface vty 2 command fails to be executed on VTY 2 and an error message is
displayed.

Example
# Disconnect the device from user-interface 0.
<HUAWEI> free user-interface 0
Warning: User interface Console0 will be freed. Continue? [Y/N]:y

3.3.12 history-command max-size

Function
The history-command max-size command sets the size of the historical
command buffer.
The undo history-command max-size command restores the default size of the
historical command buffer.
By default, a maximum of 10 previously-used commands can be saved in the
buffer.

Format
history-command max-size size-value
undo history-command max-size

Parameters
Parameter Description Value
size-value Specifies the size of the historical The value is an integer ranging
command buffer. from 0 to 256.

Views
User interface view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 60

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
The CLI can automatically save the historical commands that you enter. This
function is similar to that of Doskey. You can invoke and run the historical
commands at any time.

Example
# Set the size of the historical command buffer to 20.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] history-command max-size 20

3.3.13 idle-timeout

Function
The idle-timeout command sets the timeout duration for disconnection from a
user interface.

The undo idle-timeout command restores the default timeout duration.

By default, the timeout duration is 5 minutes.

Format
idle-timeout minutes [ seconds ]

undo idle-timeout

Parameters
Parameter Description Value

minutes Specifies the idle timeout The value is an integer ranging from
duration, in minutes. 0 to 35791, in minutes.

seconds Specifies the idle timeout The value is an integer ranging from
duration, in seconds. 0 to 59, in seconds.

Views
User interface view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 61

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

If a user logs in to the device and does not perform an operation, the user
interface is occupied unnecessarily. You can run the idle-timeout command to
disconnect the user's terminal from the device.

Precautions

● To disable the user interface disconnection function, run the idle-timeout 0 0

command.
● If the user interface disconnection function is not configured, user connection
will never times out, bringing security risks, and other users may fail to log in
to the device.
● You are advised to set the timeout duration to 10-15 minutes.
NOTE

If AAA authentication is required for login users, the timeout duration configured by the
local-user idle-timeout command takes effect. If no timeout duration is configured or the
undo local-user idle-timeout command is executed in the AAA view, the timeout duration
configured by the idle-timeout command on the user interface takes effect.

Example
# Set the timeout duration to 1 minute and 30 seconds.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] idle-timeout 1 30

3.3.14 mmi-mode enable

Function
The mmi-mode enable command enters the machine-to-machine mode.

The undo mmi-mode enable command enters the man-to-machine mode.

By default, a user is in man-to-machine mode.

Format
mmi-mode enable

undo mmi-mode enable

Parameters
None

Views
User view, system view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 62

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
0: Visit level

Usage Guidelines
Usage Scenario
For example, to execute a series of commands that have been commissioned, you
can switch the VTY mode to the machine-to-machine mode.
Precautions
After you enter the machine-to-machine mode using the mmi-mode enable
command, commands that you need to use with caution can be used directly.
Therefore, in man-to-machine mode, do not use this command unless necessary.

Example
# Enter the machine-to-machine mode.
<HUAWEI> system-view
[HUAWEI] mmi-mode enable

3.3.15 parity
Function
The parity command sets the parity bit of a user interface.
The undo parity command disables the parity check.
By default, no parity check is configured.

Format
parity { even | none | odd }
undo parity

Parameters
Parameter Description Value
even Specifies even parity check. -
none Specifies no parity check. -
odd Specifies odd parity check. -

Views
User interface view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 63

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
This function takes effect for only serial interfaces.

Example
# Set the transmission parity bit on the console interface to odd parity.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] parity odd

3.3.16 protocol inbound

Function
The protocol inbound command specifies the protocols that the VTY user
interface supports.
By default, the system supports SSH.
NOTE

If Telnet is enabled on a device before it is upgraded, Telnet and SSH are enabled by default
after the device is upgraded.

Format
protocol inbound { all | ssh | telnet }

Parameters
Parameter Description Value
all Indicates that all protocols including SSH and Telnet are -
supported.
ssh Indicates that only SSH is supported. -
telnet Indicates that only Telnet is supported. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To manage and monitor login users, configure the VTY user interface for login
users and run the protocol inbound command to configure the protocols that the
VTY user interface supports.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 64

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Prerequisites
If SSH is configured for the user interface using the protocol inbound command,
you must configure the authentication-mode aaa authentication mode to ensure
successful logins. If the password authentication mode is configured, the protocol
inbound ssh command cannot be executed.
Precautions
● The configuration takes effect at the next login.
● When SSH is specified for the VTY user interface, the SSH server function is
enabled, and the RSA key is not configured, a user cannot log in to the SSH
server using SSH.

Example
# Configure SSH for user interfaces VTY0 to VTY4.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0 4
[HUAWEI-ui-vty0-4] authentication-mode aaa
[HUAWEI-ui-vty0-4] protocol inbound ssh

3.3.17 screen-length
Function
The screen-length command sets the number of lines on each terminal screen
after you run a command.
The undo screen-length command restores the default configuration.
By default, the number of lines to be displayed on a terminal screen is 24.

Format
screen-length screen-length [ temporary ]
undo screen-length [ temporary ]

Parameters
Parameter Description Value

screen-length Specifies the number of lines The value is an integer that

displayed on a terminal screen. ranges from 0 to 512. The
value 0 indicates that all
command output is
displayed on one screen.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 65

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

temporary Specifies the number of lines -

temporarily displayed on a terminal
screen.
In the user view, the temporary
parameter is mandatory.

Views
User interface view, User view

Default Level
3: Management level (User interface view)

0: Visit level (User view)

Usage Guidelines
If you run a command and its output is displayed in more lines than you can see
on one screen, you can reduce the number of lines displayed on each screen.

In general, you do not need to change the number of lines displayed on each
screen. Setting the number of lines to 0 is not recommended. The configuration
takes effect after you log in to the system again.

Example
# Set the number of lines on each screen of the terminal to 30.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] screen-length 30

3.3.18 screen-width

Function
The screen-width command sets the number of columns displayed on a terminal
screen.

The undo screen-width command restores the default configuration.

By default, 132 columns are displayed on a terminal screen.

Format
screen-width screen-width [ temporary ]

undo screen-width [ temporary ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 66

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

screen-width Specifies the width of a terminal The value is an integer

screen. ranging from 60 to 512.

temporary Specifies the temporary width of a -

terminal screen.

Views
Console user interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
When logging in to a device using the terminal tool, you can run this command to
adjust the screen width on the device to the same as that specified by the
terminal tool to prevent garbled lines.
Precautions
The configured number of columns displayed on a terminal screen takes effect
only on users logging in through the console port but does not affect those
logging in through VTY or other interfaces.
If you run the screen-width command multiple times, only the latest configuration
takes effect.

Example
# Set the screen width to 100.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] screen-width 100

3.3.19 set authentication password

Function
The set authentication password command configures a local authentication
password.
By default, no local authentication password is configured.

Format
set authentication password cipher

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 67

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

cipher Indicates a password in ciphertext. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run this command to change the password for users requiring password
authentication.
Pre-configuration Tasks
Password authentication has been configured for the user interface.
Precautions
● The password must meet the following requirements:
– The local user password is a string of 8 to 128 case-sensitive characters.
– The password must contain at least two of the following characters:
upper-case character, lower-case character, digit, and special character.
The special characters include spaces and the following: `~!@#$%^&*()-
_=+\|[{}];:'",<.>/?
● A password entered in interactive mode is not displayed on the screen. The
configuration file displays only the password encrypted using an irreversible
encryption algorithm.
● You can press CTRL_C to cancel the password setting in interaction mode.
● If a password in ciphertext is configured, enter a ciphertext password contains
68 characters but users must obtain the clear text password. When logging in
to the system, you must enter the password in clear text.
● If password authentication is configured but no password is configured, the
user cannot log in to the device.
● If the set authentication password command is executed multiple times, the
latest configuration overrides the previous ones. You can run this command to
change the local authentication password. After the password is changed, a
user who wants to log in to the device must enter the latest password for
login authentication.

Example
# Set a local authentication password for the user interfaces VTY 0-4.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 68

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> system-view
[HUAWEI] user-interface vty 0 4
[HUAWEI-ui-vty0-4] set authentication password cipher
Info: A plain text password is a string of 8 to 128 case-sensitive characters and must be a combination of at
least two of the follo
wing: uppercase letters A to Z, lowercase letters a to z, digits, and special characters (including spaces and
the following :`~!@#$
%^&*()-_=+\|[{}];:'",<.>/?). A cipher text password contains 68 characters.
New Password:
Confirm New Password:

3.3.20 shell
Function
The shell command enables terminal services on a user interface.
The undo shell command disables terminal services on a user interface.
By default, terminal services are enabled on all user interfaces.

Format
shell
undo shell

Parameters
None

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To log in to a device through a console, or Virtual Type Terminal (VTY), you can
use the shell command to enable terminal services on the user interface.
Otherwise, you will fail in logging in to the device through the user interface.
To configure or maintain the parameters of a user interface, the undo shell
command can be used to disable terminal services on the user interface. During
this period, you cannot log in to the device using the interface. After completing
the configuration for the parameters of the user interface, the shell command
must be used to enable terminal services on the user interface. Otherwise,
authorized users may fail to log in to the device through the interface.
Implementation Procedure
When the undo shell command is executed, determine whether to disable
terminal services on the user interface when the system displays a message like

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 69

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Warning: ui-vty0-4 will be disabled. Continue? [Y/N]:. Users may fail to log in
to the device through the port after the terminal services are disabled. Exercise
caution before disabling terminal interfaces on a user interface.
Precautions
After the undo shell command is executed in the VTY user interface view to
disable terminal services on the VTY user interface, users cannot log in to the
device using Telnet, Stelnet, and SFTP through the VTY user interface.
The undo shell command cannot be used in the interface view through which the
user logs in.
The console user interface does not support this command.

Example
# Disable terminal services on VTY 0 to VTY 4.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0 4
[HUAWEI-ui-vty0-4] undo shell
Warning: ui-vty0-4 will be disabled. Continue? [Y/N]:y

3.3.21 speed (user interface view)

Function
The speed command sets the data transfer rate of a user interface.
The undo speed command restores the default data transfer rate of a user
interface.
By default, the data transfer rate is 9600 bit/s.

Format
speed speed-value
undo speed

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 70

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
speed-value Specifies the data The value is expressed in bit/s.
transfer rate of a
user interface. The asynchronous serial interface supports the
following data transfer rates:
● 600 bit/s
● 1200 bit/s
● 4800 bit/s
● 9600 bit/s
● 19200 bit/s
● 38400 bit/s
● 57600 bit/s
● 115200 bit/s
NOTE
The console user interface does not support 600 bit/s
and 1200 bit/s.

Views
User interface view

Default Level
3: Management level

Usage Guidelines
This function takes effect for only serial interfaces.

Example
# Set the data transfer rate of a user interface to 115200 bit/s.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] speed 115200

3.3.22 stopbits

Function
The stopbits command sets the stop bit of a user interface.

The undo stopbits command restores the default stop bit of a user interface.

By default, the stop bit is 1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 71

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
stopbits { 1.5 | 1 | 2 }

undo stopbits

Parameters
Parameter Description Value
1.5 Sets the stop bit to 1.5. -
1 Sets the stop bit to 1. -
2 Sets the stop bit to 2. -

Views
User interface view

Default Level
3: Management level

Usage Guidelines
If the stop bit is 1, the corresponding data bit is 7 or 8.

If the stop bit is 1.5, the corresponding data bit is 5.

If the stop bit is 2, the corresponding data bit is 6, 7, or 8.

This function takes effect for only serial interfaces.

NOTE

On the console user interface, the stop bit 1.5 is not supported.

Example
# Set the stop bit of a user interface to 2.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0] stopbits 2

3.3.23 user privilege

Function
The user privilege command configures the user level.

The undo user privilege command restores the default user level.

By default, users who log in to the device using the console interface are at level
15 and other users are at level 0.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 72

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
user privilege level level

undo user privilege level

Parameters
Parameter Description Value

level level Specifies the user level. The value is an integer ranging from 0 to
15.

Views
User interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

The system manages users at levels to control their access permissions. Users who
log in to the device can use only commands at the same or lower level than their
own levels.

Commands are classified into the visit level, monitoring level, configuration level,
and management level that map levels 0, 1, 2, and 3, as listed in Table 3-10.

Table 3-10 Introduction to command levels

User Comm Permiss Description

Level and ion
Level

0 0 Visit Commands at this level are diagnosis commands

such as ping and tracert commands and
commands that are used to access a remote
device such as STelnet clients.

1 0 and 1 Monitor Commands at this level are system maintenance

ing commands such as display commands.
NOTE
Some display commands are not at this level. For
example, the display current-configuration and
display saved-configuration commands are at level 3.

2 0, 1, Configu Commands at this level are service configuration

and 2 ration commands.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 73

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

User Comm Permiss Description

Level and ion
Level

3-15 0, 1, 2, Manage Commands at this level are system basic

and 3 ment operation commands that support services,
including file system, FTP, TFTP, user management
commands, command level configuration
commands, and debugging commands.

Precautions

If refined right management is required, run the command-privilege level

command to upgrade command levels.

Example
# Set the user level on the VTY0 user interface to 2.
<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] user privilege level 2

# Log in to the device using STelnet and view detailed information about the VTY0
user interface.
<HUAWEI> display user-interface vty0
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
+ 129 VTY 0 - 2 15 N -
+ : Current UI is active.
F : Current UI is active and work in async mode.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Auth : The authentication mode of UIs.
A: Authenticate use AAA.
N: Current UI need not authentication.
P: Authenticate use current UI's password.
Int : The physical location of UIs.

Table 3-11 Description of the user privilege level command output.

Item Description

+ Current user interface is active.

F Current user interface is active and work is in

asynchronous mode.

Idx Absolute index of user interface.

Type Type and relative index of user interface.

Privi The privilege of user interface.

ActualPrivi The actual privilege of user interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 74

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

Auth The authentication mode of user interface.

Int The physical location of UIs.

A Authenticate use AAA.

N The current user interface need not be

authenticated.

P Authenticates the user using the password

configured on the current user interface.

3.3.24 user-interface
Function
The user-interface command displays one or multiple user interface views.

Format
user-interface [ ui-type ] first-ui-number [ last-ui-number ]

Parameters
Parameter Description Value
ui-type Specifies the type of a user interface. The value can be console
or vty.
● If the user interface is specified,
the relative number is used.
● If the user interface is not
specified, the absolute number is
used.

first-ui- Specifies the number of the first user ● If ui-type is set to

number interface. console, the first-ui-
number value is 0.
● If ui-type is set to vty,
the first-ui-number
value ranges from 0 to
the maximum number
of VTY user interfaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 75

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

last-ui- Specifies the number of the last user -
number interface. When you select this
parameter, you enter multiple user
interface views at the same time.
This parameter is valid only when ui-
type is set to VTY. The last-ui-number
value must be larger than the first-
ui-number number.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When the network administrator logs in to the device using the console interface,
Telnet, or SSH, the system manages and monitors the session between the user
and the device on the corresponding user interface. Each user interface
corresponds a user interface view. The network administrator can set parameters
such as authentication and user level to manage sessions in a unified manner.

Precautions

The user interface varies according to the login mode. The user interface views can
be numbered using absolute numbers or relative numbers. Table 3-12 describes
absolute and relative numbers of user interfaces.

NOTE

● The relative numbering uniquely specifies a user interface or a group of user interfaces
of the same type.
● The absolute numbering specifies a user interface or a group of user interfaces.

Table 3-12 Absolute and relative numbers of user interfaces

User Description Absolute Relative Number

Interface Number

Console Manages and controls 0 0

user users that log in to the
interface device using the console
interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 76

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

User Description Absolute Relative Number

Interface Number

VTY user Manages and controls 5 to 19 The first one is VTY 0,

interface users that log in to the the second one is VTY
device using Telnet or 1, and so forth.
SSH. Absolute numbers 5 to
19 map relative
numbers VTY 0 to VTY
14.

After you log in to the device, you can run the display user-interface command
to view the supported user interfaces and the corresponding relative and absolute
numbers.

Example
# Enter the Console 0 user interface.
<HUAWEI> system-view
[HUAWEI] user-interface console 0
[HUAWEI-ui-console0]

# Enter the VTY 1 user interface.

<HUAWEI> system-view
[HUAWEI] user-interface vty 1
[HUAWEI-ui-vty1]

# Enter the VTY 1 to VTY 3 user interfaces.

<HUAWEI> system-view
[HUAWEI] user-interface vty 1 3
[HUAWEI-ui-vty1-3]

3.3.25 user-interface current

Function
The user-interface current command displays the current user interface view.

Format
user-interface current

Parameters
None

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 77

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
To enter the current user interface view, run the display user-interface command
without the user interface number.

Example
# Enter the current user view.
<HUAWEI> system-view
[HUAWEI] user-interface current
[HUAWEI-ui-vty1]

3.3.26 user-interface maximum-vty

Function
The user-interface maximum-vty command configures the maximum number of
login users.

The undo user-interface maximum-vty command restores the default maximum

number of login users.

By default, the maximum number of Telnet and SSH users is 5.

Format
user-interface maximum-vty number

undo user-interface maximum-vty

Parameters
Parameter Description Value
number Specifies the maximum number of The value is an integer ranging
Telnet and SSH users. from 0 to 15.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 78

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The user-interface maximum-vty command configures the maximum number of

login users.
Precautions
● If the maximum number that you set is smaller than the number of current
online users, the system displays a configuration failure message.
● The maximum number of login users set by the user-interface maximum-vty
command is the total number of Telnet and SSH users.
● If the maximum number of login users is set to 0, no user is allowed to log in
to the device using Telnet or SSH.

Example
# Set the maximum number of Telnet users to 7.
<HUAWEI> system-view
[HUAWEI] user-interface maximum-vty 7

3.4 User Login Configuration Commands

3.4.1 config lock

Function
The config lock command locks the system configuration.
The undo config lock command unlocks the system configuration.
By default, the system configuration is unlocked.

Format
config lock
undo config lock

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 79

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

To prevent other users from modifying or deleting configured data, you can run
the config lock command to lock the configuration management plane before
data configuration. After completing data configuration, run the undo config lock
command to unlock the configuration management plan so that other users can
perform data configuration.

Precautions

The locked system configuration can be unlocked by only the user who locks it,
the super administrator (run the user privilege command to set the user level to
15), or the network management system (NMS) user.

Example
# Lock the system configuration.
<HUAWEI> system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI] config lock
The system config is locked

# Unlock the system configuration.

<HUAWEI> system-view
Enter system view, return user view with Ctrl+Z.
[HUAWEI] undo config lock
The system config is unlocked

3.4.2 config unlock interval

Function
The config unlock interval command configures the interval for unlocking a
device.

The default interval is 5 minutes.

Format
config unlock interval time

Parameters
Parameter Description Value
time Specifies the interval for The value is an integer ranging from
unlocking a device. 1 to 255, in minutes.

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 80

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

If the device configuration is clocked by the config lock command, other users
cannot modify the configuration. In this case, the config unlock interval
command can be used to configure the unlock interval, after which the device
configuration is unlocked automatically.

Precautions

This command can be used by only the super administrator (run the user
privilege command to set the user level to 15) and NMS user.

If you run the command multiple times, only the latest configuration takes effect.

The unlocking interval starts from the last time the current user configures the
system.

Example
# Set the unlock interval to 2 minutes.
<HUAWEI>system-view
[HUAWEI]config unlock interval 2

# The following message is displayed when the configured unlock interval arrives.
[HUAWEI]
The system config is unlocked

3.4.3 console ble-mode (system view)

Function
The console ble-mode command configures the mode of Bluetooth-based
console port login.

The undo console ble-mode command restores the default mode of Bluetooth-
based console port login.

By default, the mode of Bluetooth-based console port login on a Fat AP is

persistent, and the mode of Bluetooth-based console port login on a cloud AP is
dynamic.

This command is available only for Bluetooth-supported APs.

Format
Command format for Fat APs: console ble-mode { persistent | disable }

Command format for cloud APs: console ble-mode { dynamic | persistent |

disable }

undo console ble-mode

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 81

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

dynamic Sets the mode of Bluetooth-based console port login to -

dynamic. In this mode, when a cloud AP is disconnected from
the SDN controller, Bluetooth-based console port login is
automatically enabled; when the link between the AP and
SDN controller is normal, Bluetooth-based console port login
is disabled.

persistent Sets the mode of Bluetooth-based console port login to -

persistent. Bluetooth-based console port login remains
enabled in this mode.

disable Disables Bluetooth-based console port login. -

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

If Bluetooth-based console port login is enabled on an AP, STAs can be connected

to the AP through Bluetooth and use the CloudCampus APP to log in to the AP
through the console port, facilitating fault diagnosis and debugging of the AP.

Example
# Set the mode of Bluetooth-based console port login to persistent.
<HUAWEI> system-view
[HUAWEI] console ble-mode persistent

3.4.4 display config lock

Function
The display config lock command displays lock information about the system
configuration.

Format
display config lock

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 82

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
None

Views
All views

Default Level
2: Configuration level

Usage Guidelines
The information includes whether the system configuration is locked and the lock
duration If you cannot configure the AP after login, run this command. The
command output helps you locate faults. If the system configuration is locked, the
command output includes the following: type, name, and IP address of the user
who locks the configuration. If no IP address is available, locked user IP address
is blank.

If the current system configuration is locks by a user (user A), only users at the
same level as or higher level than user A can query user A information. If users at
a lower level queries user A information, the system displays a message indicating
that the system configuration is locked by a user with a higher level.

Example
# Display lock information about the system configuration (when configuration is
not locked).
<HUAWEI> display config lock
------------------------------------------------------------------------------
automatically unlocked interval(minute): 5
locked state: unlocked
------------------------------------------------------------------------------

Table 3-13 Description of the display config lock command output

Item Description

automatically unlocked Interval after which the system

interval(minute) automatically unlocks the
configuration, in minutes.

locked state Whether the system configuration is

locked. The values are as follows:
● locked: indicates that the system
configuration is locked.
● unlocked: indicates that the system
configuration is not locked.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 83

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

# Display lock information about the system configuration (when configuration is

locked).
<HUAWEI> display config lock
------------------------------------------------------------------------------
automatically unlocked interval(minute): 5
locked state: locked
locked user type: telnet
locked user name: test
locked user IP address: 192.168.0.1
------------------------------------------------------------------------------

Table 3-14 Description of the display config lock command output

Item Description

automatically unlocked Interval after which the system

interval(minute) automatically unlocks the
configuration, in minutes.

locked state Whether the system configuration is

locked. The values are as follows:
● locked: indicates that the system
configuration is locked.
● unlocked: indicates that the system
configuration is not locked.

locked user type Type of the user who locks the system
configuration. The user can be any of
the following types: NMS user, serial
port user, Telnet user, and web user.

locked user name Name of the user who locks the system
configuration.

locked user IP address IP address of the user who locks the

system configuration. If no IP address is
available, locked user IP address is
blank.

3.4.5 display console ble-mode

Function
The display console ble-mode command displays the mode of Bluetooth-based
console port login.

This command is available only for Bluetooth-supported APs.

Format
display console ble-mode

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 84

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run this command to check the mode of Bluetooth-based console port
login. To configure the mode of Bluetooth-based console port login, run the
console ble-mode command.

Example
# Display the mode of Bluetooth-based console port login.
<HUAWEI> display console ble-mode
Current ble console mode is persistent

Table 3-15 Description of the display console ble-mode command output

Item Description

Current ble console mode is persistent Displays the current mode of

Bluetooth-based console port login is
persistent mode.

3.4.6 display rsa local-key-pair public

Function
The display rsa local-key-pair public command displays information about public
keys in the local key pair.

Format
display rsa local-key-pair public

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 85

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
1: Monitoring level

Usage Guidelines
You can run this command on the client and configure the client public key in the
command output to the SSH server. This ensures that the SSH client validity check
by the SSH server is successful and enables the secure data exchange between the
SSH server and client.

Example
# Display information about public keys in the local key pair.
<HUAWEI> display rsa local-key-pair public
=====================================================

Time of Key pair created: 2011-10-06 16:26:37+00:00

Key name: Host
Key type: RSA encryption Key
=====================================================

Key code:
3047
0240
D538B7FC 3AFE1F5B F6C921F9 3D8C5322
905F623A
F0123161 3DA61EEB F5E897CF DC126060
546CC84E
B2AB7424 3EFF5D71 D84C5FE2 3E2BF5B3
D82DD979
A22E4AA1
0203
010001

=====================================================

Time of Key pair created: 2011-10-06 16:26:53+00:00

Key name: Server
Key type: RSA encryption Key
=====================================================

Key code:
3067
0260
C51C2C01 56B06E6C EBF9055C F7AD9781
46B41A31
5FC87282 E53CFE30 8E6321D3 AC74E948
0A010339
E67C290E 2E0E8E40 BF5E1C97 F9C856EF
568DC159
1A6D28ED AFFB474B 43EFB632 CFB0875F
85420EEA
1919095B A5BC38D0 5FFF169E
0BDB3DC3
0203
010001

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 86

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-16 Description of the display rsa local-key-pair public command output
Item Description

Time of Key pair created Time and date when the public key was
created.

Key name Public key name. The value can be the

host or server public key. The server
public key is saved only when the key
type is RSA.

Key type Public key type.

Key code Public key code.

3.4.7 display rsa peer-public-key

Function
The display rsa peer-public-key command displays the peer public key saved on
the local host. If no parameter is specified, the command displays detailed
information about all peer public keys.

Format
display rsa peer-public-key [ brief | name key-name ]

Parameters
Parameter Description Value
brief Displays the brief information -
about all peer public keys.
name key-name Specifies the key name. The value is a string of 1 to 30
case-insensitive characters
without spaces.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
You can run this command to check detailed information about the RSA public key
and whether the local and peer public keys are the same.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 87

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Precautions
You must complete the RSA public key configuration before running this
command.

Example
# Display the brief information about all RSA public keys.
<HUAWEI> display rsa peer-public-key brief
Name Bits
-------------------------------------
rsakey001 780

Table 3-17 Description of the display rsa peer-public-key brief command output
Item Description

Bits Bits in the public key.

Name Name of the public key.

# Display the detailed information about the RSA public key named rsakey001.
<HUAWEI> display rsa peer-public-key name rsakey001

=====================================
Key name: rsakey001
=====================================
Key Code:
3067
0260
A3158E6C F252C039 135FFC45 F1E4BA9B 4AED2D88 D99B2463 3E42E13A 92A95A37
45CDF037 1AF1A910 AAE3601C 2EB70589 91AF1BB5 BD66E31A A9150911 859CAB0E
1E10548C D70D000C 55A1A217 F4EA2F06 E44BD438 DA472F14 3FB7087B 45E77C05
0203
010001

Table 3-18 Description of the display rsa peer-public-key name command output
Item Description

Key name Name of the public key.

Key Code Code of the public key.

3.4.8 display ssh server

Function
The display ssh server command displays the SSH server information.

Format
display ssh server { status | session }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 88

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

status Displays the global configuration on the SSH server. -

session Displays the current session connection information on the -

SSH server.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
After configuring the SSH attributes, you can run this command to view the
configuration or session connection information on the SSH server to verify that
the SSH connection has been established.

Example
# Display the global configuration on the SSH server.
<HUAWEI> display ssh server status
SSH version :2.0
SSH connection timeout :120 seconds
SSH server key generating interval :0 hours
SSH Authentication retries :3 times
SFTP Server :Enable
Stelnet server :Enable

Table 3-19 Description of the display ssh server status command output

Item Description

SSH version SSH protocol version.

SSH connection timeout SSH connection timeout interval, in seconds.

To configure this parameter, run the ssh server
timeout command.

SSH server key generating Key update period of the SSH server.
interval To configure this parameter, run the ssh server
rekey-interval command.

SSH Authentication retries Number of times for retrying SSH authentication.

To configure this parameter, run the ssh server
authentication-retries command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 89

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

SFTP Server Whether the SFTP server is enabled.

To configure this parameter, run the sftp server
enable command.

Stelnet server Whether the STelnet server is enabled.

To configure this parameter, run the stelnet
server enable command.

# Display the current session connection information on the SSH server.

<HUAWEI> display ssh server session
--------------------------------------------------------------------
Conn Ver Encry State Auth-type Username
--------------------------------------------------------------------
VTY 0 2.0 AES128_CBC run password john
--------------------------------------------------------------------

Table 3-20 Description of the display ssh server session command output
Item Description

Conn VTY connection.

Ver Version number.

Encry Encryption mode: 3DES_CBC,

AES128_CBC, AES256_CBC,
AES128_CTR, and AES256_CTR

State Session status on the SSH server.

Auth-type Authentication mode for an SSH user.

The options are as follows:
● password
● rsa
● password-rsa (password and RSA)
● ecc
● password-ecc (password and ecc)
● all (password, ECC, or RSA)
To configure this parameter, run the ssh
user authentication-type command.

Username User name for SSH server

authentication.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 90

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.9 display ssh user-information

Function
The display ssh user-information command displays the configuration of all SSH
users.

Format
display ssh user-information [ username ]

Parameters

Parameter Description Value

username Displays the SSH user The value is a string of 1 to 64 case-

name. insensitive characters without spaces.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
This command displays the SSH user name, bound RSA public key name, and
service type.

Example
# Display the configuration of all SSH users.
<HUAWEI> display ssh user-information
-------------------------------------------------------------------------------
Username Auth-type User-public-key-name
-------------------------------------------------------------------------------
a password null
-------------------------------------------------------------------------------

Table 3-21 Description of the display ssh user-information command output

Item Description

Username SSH user name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 91

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

Auth-type Authentication mode for an SSH user. The options

are as follows:
● password
● rsa
● password-rsa (password and RSA)
● all (password or RSA)
Run the ssh user authentication-type command
to set this item.

User-public-key-name Peer RSA public key assigned to an SSH user.

Run the rsa peer-public-key command to set this
item.

3.4.10 display telnet server status

Function
The display telnet server status command displays the status and configuration
of the Telnet server.

Format
display telnet server status

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
● You can run this command to check whether the device functions as a Telnet
server.
● You can run this command to check the listening port number of the Telnet
server if you have set the port number by running the telnet server port
port-number command.

Example
# Display the status and configuration of the Telnet server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 92

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> display telnet server status

TELNET IPV4 server :Enable
TELNET server port :23

Table 3-22 Description of the display telnet server status command output

Item Description

TELNET IPV4 server IPv4 Telnet server.

TELNET server port Listening port number of the Telnet

server.

3.4.11 display telnet-client

Function
The display telnet-client command displays the source parameters when the
device works as a Telnet client.

Format
display telnet-client

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
After setting source parameters of the Telnet client, you can run this command to
check the setting result. If you have not set telnet client-source, the default
source IP address is 0.0.0.0.

Example
# Display the source parameters for the device that works as a Telnet client.
<HUAWEI> display telnet-client
The source address of telnet client is 1.1.1.1

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 93

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-23 Description of the display telnet-client command output

Item Description

The source address of telnet client is The source IP address of the Telnet
1.1.1.1 client is 1.1.1.1.

3.4.12 display ecc local-key-pair public

Function
The display ecc local-key-pair public command displays information about the
public key in the local Elliptic Curves Cryptography (ECC) key pair.

Format
display ecc local-key-pair public

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the display ecc local-key-pair public command to check information
about the public key in the local ECC key pair on a client and then copy the public
key to the server. The public key enables a server to authenticate users and
ensures the login of authorized users.
Pre-configuration Tasks
You must run the ecc local-key-pair create command to generate a local ECC
host key pair before using the command.

Example
# Display information about the public key in the local ECC key pair on a client.
<HUAWEI> display ecc local-key-pair public
=====================================================
Time of Key pair created:2016-10-19 11:50:20+00:00
Key name : HUAWEI_Host_ECC
Key modulus : 521
Key type : ECC encryption Key

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 94

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Key fingerprint:
=====================================================
Key code:
0401CE1E 5EF3B843 CD917648 1D70EF8F CECE8518 5B32ED5F 529E9DC4 D16EDF1A
5F6E6389 10AAE2D4 74FD9DA7 F05AB123 9AF3EE64 9F0BAF99 A0CBF55B E319B2D1
8EDEBB01 7C63469B C62A2256 3EAEA0BD 486F9524 8559C7EF 24D969D1 11093BBF
27F770E7 03E28ABA BB357E5B 28EF04CC EA931C81 C7D7EBD8 5797B1CD 05D9B497
56D91126 E9

Host public key for PEM format code:

---- BEGIN SSH2 PUBLIC KEY ----
AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHOHl7zuEPN
kXZIHXDvj87OhRhbMu1fUp6dxNFu3xpfbmOJEKri1HT9nafwWrEjmvPuZJ8Lr5mg
y/Vb4xmy0Y7euwF8Y0abxioiVj6uoL1Ib5UkhVnH7yTZadERCTu/J/dw5wPiirq7
NX5bKO8EzOqTHIHH1+vYV5exzQXZtJdW2REm6Q==
---- END SSH2 PUBLIC KEY ----

Public key code for pasting into OpenSSH authorized_keys file :

ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHOHl7z
uEPNkXZIHXDvj87OhRhbMu1fUp6dxNFu3xpfbmOJEKri1HT9nafwWrEjmvPuZJ8Lr5mgy/Vb4xmy0Y7e
uwF8Y0abxioiVj6uoL1Ib5UkhVnH7yTZadERCTu/J/dw5wPiirq7NX5bKO8EzOqTHIHH1+vYV5exzQXZ
tJdW2REm6Q== ecdsa-key

Table 3-24 Description of the display ecc local-key-pair public command output
Item Description

Time of Key pair created Time when the public key in the local ECC
key pair is generated, in the format of
YYYY-MM-DD HH:MM:SS.

Key name Name of the public key in the local ECC

key pair.

Key modulus Length of the public key in the local ECC

key pair on a client.

Key type Type of the public key in the local ECC

key pair. "ECC encryption Key" indicates
an ECC public key.

Key code Code of the public key in the local ECC

key pair configured using the ecc local-
key-pair create command.

Host public key for PEM format PEM code of the public key in the local
code ECC key pair on a client.

Public key code for pasting into Public key in the local ECC key pair on a
OpenSSH authorized_keys file client that is used for OpenSSH
authorization. This information can be
used after being copied to the OpenSSH
authorized_keys file.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 95

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.13 display ecc peer-public-key

Function
The display ecc peer-public-key command displays information about the Elliptic
Curves Cryptography (ECC) public key configured on the remote end.

Format
display ecc peer-public-key [ brief | name key-name ]

Parameters
Parameter Description Value
brief Displays the brief information about -
the ECC public key configured on the
remote end.
name key-name Displays information about an ECC The value is a string of 1
public key with a specified name to 30 case-sensitive
configured on the remote end. characters, spaces not
supported.

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can run the display ecc peer-public-key command on a client to check
information about the public key configured on the remote end. The public key
enables a server to authenticate users and ensures the login of authorized users.

Example
# Display the information about the ECC public keys of 127.0.0.1.
<HUAWEI> display ecc peer-public-key
=====================================
Key name: 127.0.0.1
Encoding type: DER
=====================================
Key Code:
04013184 A3311697 89DF558B 7F67BF9D BD95DBD5 280D659F 0E29852C AEC2FFBA
1913AC2A 88247ADA 46BEBEBE 1829C0DA 3BABC8FC 8F6EAD28 2AE2C6A8 116BAA3A
540E6B00 34E033D8 9D84841B 0D33DAD8 DEDD1C09 2B70B3DB 5AF0FCB2 37DF1C82
C4C622A6 85B23698 195DA60F 06858ADB DD743937 B4A29C4C FB28B40B BCEEE036
1DE61BD2 24

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 96

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

# Display the brief information about all the ECC public keys.
<HUAWEI> display ecc peer-public-key brief
Bits Name
----------------------
521 127.0.0.1
384 10.54.131.203

Table 3-25 Description of the display ecc peer-public-key command output

Item Description

Bits Length of the ECC public key configured

on the remote end.

Name Name of the ECC public key configured

on the remote end.

Key name Name of the ECC public key configured

on the remote end.

Encoding type Encoding type of the ECC public key

configured on the remote end.
● OPENSSH
If OpenSSH is specified, data is Base64
encoded.
OpenSSH is derived from PEM.
● PEM
If PEM is specified, data is Base64
encoded.
● DER
If DER is specified, data is Base16
encoded.

Key Code Code of the public key in the local ECC

key pair configured using the ecc local-
key-pair create command.

3.4.14 display wlan ble-link-info

Function
The display wlan ble-link-info command displays connection information about
the Bluetooth-based air interface on an AP.

Format
display wlan ble-link-info

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 97

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run this command to check connection information about the Bluetooth-
based air interface on an AP.

Example
# Display connection information about the Bluetooth-based air interface on an
AP.
<HUAWEI> display wlan ble-link-info
Info: This operation may take a few seconds. Please wait for a moment.done.
-------------------------------------------------------------------------------------
BLE access MAC : xxxx-xxxx-xxxx
Status : paired
Link status changed time : 2019-04-11 09:12:46
-------------------------------------------------------------------------------------

Table 3-26 Description of the display wlan ble-link-info command output

Item Description

BLE access MAC MAC address of a STA accessed

through Bluetooth. This address is
randomly generated when the STA
establishes a Bluetooth connection
with the AP.

Status Bluetooth connection status between a

STA and the AP.
● link established: The link is
established between the STA and
AP.
● paired: The STA and AP are
successfully paired.

Link status changed time Time when the connection status is

updated.

3.4.15 ecc local-key-pair create

Function
The ecc local-key-pair create command generates a local Elliptic Curves
Cryptography (ECC) host key pair.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 98

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

By default, no local ECC host key pair exists in the system.

Format
ecc local-key-pair create

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
A local key pair is a prerequisite to a successful SSH login. Compared with the RSA
algorithm used by the rsa local-key-pair create command, the ECC algorithm
shortens the key length, accelerates the encryption, and improves the security. The
length of the server key pair and the host key pair can be 256 bits, 384 bits and
521 bits. By default, the length of the key pair is 521 bits.
Follow-up Procedure
Perform other SSH configurations.
Precautions
● The generated ECC host key pair is named in the format of wireless access
point name_Host_ECC, such as HUAWEI_Host_ECC. The local DSA private key
is saved in PKCS#8 format to the hostkey_ecc file.
● The ecc local-key-pair create and ecc local-key-pair destroy commands are
not saved in the configuration file. They only need to be run once and take
effect even after the wireless access point restarts.
● Do not delete the ECC key file from the wireless access point. If the ECC key
file is deleted, the ECC key pair cannot be restored after the wireless access
point is restarted.

Example
# Generate a local ECC host key pair.
<HUAWEI> system-view
[HUAWEI] ecc local-key-pair create
Info: The key name will be: HUAWEI_Host_ECC.
Info: The ECC host key named HUAWEI_Host_ECC already exists.
Warning: Do you want to replace it ? [Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:521

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 99

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Info: Generating keys...

Info: Succeeded in creating the ECC host keys.

# Enter an incorrect key length and re-enters the key length for a maximum
number of retry attempts.
<HUAWEI> system-view
[HUAWEI] ecc local-key-pair create
Info: The key name will be: HUAWEI_Host_ECC.
Info: The ECC host key named HUAWEI_Host_ECC already exists.
Warning: Do you want to replace it ?[Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:123
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:1024
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:512
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:2048
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:4096
Error: Invalid ECC key modulus.
Error: The maximum number of retries has reached, and the command has already been canceled.

3.4.16 ecc local-key-pair destroy

Function
The ecc local-key-pair destroy command deletes the local Elliptic Curves
Cryptography (ECC) keys.

Format
ecc local-key-pair destroy

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If you no longer need the local ECC key pairs, run the ecc local-key-pair destroy
command to delete them.
Configuration Impact
After the ecc local-key-pair destroy command is run, the ECC key files on the
master and slave main control boards are cleared. Exercise caution when running
the command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 100

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Precautions

● The ecc local-key-pair create and ecc local-key-pair destroy commands are
not saved in the configuration file. They only need to be run once and take
effect even after the wireless access point restarts.
● Do not delete the ECC key file from the wireless access point. If the ECC key
file is deleted, the ECC key pair cannot be restored after the wireless access
point is restarted.

Example
# Delete the local ECC host key pair and server key pair.
<HUAWEI> system-view
[HUAWEI] ecc local-key-pair destroy
Info: The name of the key which will be destroyed is HUAWEI_Host_ECC.
Warning: These keys will be destroyed. Continue? [Y/N]:Y
Info: Succeeded in destroying the ECC host keys.

3.4.17 ecc peer-public-key

Function
The ecc peer-public-key command creates an ECC public key and enters the
Elliptic Curves Cryptography (ECC) public key view.

The undo ecc peer-public-key command deletes an ECC public key.

By default, no ECC public key is created.

Format
ecc peer-public-key key-name encoding-type { der | openssh | pem }

undo ecc peer-public-key key-name

Parameters
Parameter Description Value
key-name Specifies an ECC public key name. The value is a
string of 1 to 64
case-sensitive
characters, spaces
not supported.
encoding- Indicates the encoding type of an ECC public -
type key.
der Specifies DER as the encoding type of an -
ECC public key.
If DER is specified, data is encoded in
hexadecimal notation.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 101

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

openssh Specifies OpenSSH as the encoding type of -
an ECC public key.
If OpenSSH is specified, data is Base64
encoded.
OpenSSH is derived from PEM.

pem Specifies PEM as the encoding type of an -

ECC public key.
If PEM is specified, data is Base64 encoded.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When ECC public key authentication is used, a client's public key must be specified
on the server for an SSH user. When the client logs in to the server, the server
performs authentication on the client based on the public key of the SSH user.

After an ECC public key is created and the ECC public key view is displayed, run
the public-key-code begin command, then you can manually copy the client's
public key to the server.

The client's public key is randomly generated by the client software.

If an ECC public key has been assigned to an SSH client, delete the binding
between the public key and the SSH client before deleting the ECC public key.
Otherwise, the undo dsa peer-public-key command will fail to delete the ECC
public key.

Follow-up Procedure

After copying the client's ECC public key to the server, run the following
commands to quit the ECC public key view:
1. Run the public-key-code end command to return to the ECC public key view.
2. Run the peer-public-key end command to quit the ECC public key view and
return to the system view.

Precautions

A maximum of 20 ECC public keys can be created.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 102

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Create an ECC public key and enter the ECC public key view.
<HUAWEI> system-view
[HUAWEI] ecc peer-public-key ecc-peer-key encoding-type pem
Info: Enter (ECC public key) view, return system view with (peer-public-key end).
[HUAWEI-ecc-public-key] public-key-code begin
Info: Enter (ECC key code) view, return the last view with (public-key-code end).
[HUAWEI-ecc-key-code] ---- BEGIN SSH2 PUBLIC KEY ----
[HUAWEI-ecc-key-code]
AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACDBL5J4v3pqi5S
[HUAWEI-ecc-key-code] ALI9lvLw4cdvtpD2AC6sEJXg9GDCD5vGBnkXlKmnOy6d1TyrXx57ZPNnrSdqVkHC
[HUAWEI-ecc-key-code] sMBa63vSwg1XsVW2qZgx8H57+FJiTPY61b1Vfst9GUif1ymfpB7XrbdYZDownoh0
[HUAWEI-ecc-key-code] FZNadZtIf2CRc0OeiKXbCSPP25dfoT/DTcc=
[HUAWEI-ecc-key-code] ---- END SSH2 PUBLIC KEY ----
[HUAWEI-ecc-key-code] public-key-code end
[HUAWEI-ecc-public-key] peer-public-key end

# Delete an ECC public key.

<HUAWEI> system-view
[HUAWEI] undo ecc peer-public-key ecc-peer-key
Warning: The public key named ecc-peer-key will be deleted. Continue? [Y/N]:Y

3.4.18 lock

Function
The lock command locks the current user interface to prevent unauthorized users
from operating the interface.

By default, the system does not automatically lock the current user interface.

Format
lock

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Lock the current user interface using this command to prevent other users from
operating the interface. The user interfaces consist of console ports, and Virtual
Type Terminals (VTYs).

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 103

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

After using the lock command, you are prompted to input the password twice. If
you input the correct password for twice, the user interface is locked.
Precautions
● The passwords must meet the following requirements:
– The password is a string of 8 to 128 case-sensitive characters.
– The password must contain at least two of the following characters:
upper-case character, lower-case character, digit, and special character.
The special characters include spaces and the following:
`~!@#$%^&*()-_=+\|[{}];:'",<.>/?
● Password entered in interactive mode is not displayed on the screen.
● When you run the lock command to lock the user interface and set a locking
password, you can press CTRL_C to cancel the operation.
● To unlock the user interface, press Enter, and then input the correct password
as prompted by the system.

Example
# Lock the current user interface after logging in through the console port.
<HUAWEI> lock
Info: A plain text password is a string of 8 to 128 case-sensitive characters and must be a combination of at
least two of the follow
ing: uppercase letters A to Z, lowercase letters a to z, digits, and special characters (including spaces and
the following :`~!@#$%
^&*()-_=+|[{}];:'",<.>/?).
Enter Password:
Confirm Password:
Info: The terminal is locked.

# To log in to the system after the system is locked, you must press Enter. The
following information is displayed:
Enter Password:

# Enter the correct password and return to the user view.

3.4.19 matched upper-view

Function
The matched upper-view command allows the system to search for the undo
command in the upper view, and returns to the upper view.
The undo matched upper-view command prohibits the system from searching for
the undo command in the upper view.
By default, the system does not search for the undo command in the upper view.

Format
matched upper-view
undo matched upper-view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 104

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
When you run the undo command in a view, which is not registered in the current
view, the system searches for the command in the upper view if the system is
allowed to search for the undo command in the upper view. If the system finds
the same undo command, the system executes this command in the upper view. If
the system does not find the same undo command in the upper view, the system
continues to search for this command in other upper views till the system view.

Running this command brings security risks. For example, if you run the undo
ospf command in the interface view, while this command is not registered in the
interface view, the system automatically searches for it in the upper view, that is,
the system view. In this manner, the system disables the OSPF feature globally.

The matched upper-view command is valid only for current login users who run
this command.

Example
# Allow the undo command to be searched for in the upper view.
<HUAWEI> system-view
[HUAWEI] matched upper-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo ftp server
Info: Succeeded in closing the FTP server.
[HUAWEI]

# Prohibit the undo command from being searched for in the upper view.
<HUAWEI> system-view
[HUAWEI] undo matched upper-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo ftp server
^
Error: Unrecognized command found at '^' position.
[HUAWEI-GigabitEthernet0/0/1]

3.4.20 peer-public-key end

Function
The peer-public-key end command returns to the system view from the public
key view and saves the configured public keys.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 105

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
peer-public-key end

Parameters
None

Views
Public key view

Default Level
3: Management level

Usage Guidelines
You must save the public key generated on the remote host to the local host,
which ensures that the validity check on the remote end is successful. After editing
a public key in the public key view, you can run this command to return to the
system view.

Example
# Return to the system view from the public key view.
<HUAWEI> system-view
[HUAWEI] rsa peer-public-key rsakey001
[HUAWEI-rsa-public-key] public-key-code begin
[HUAWEI-rsa-key-code] 308188
[HUAWEI-rsa-key-code] 028180
[HUAWEI-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[HUAWEI-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[HUAWEI-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[HUAWEI-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[HUAWEI-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[HUAWEI-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[HUAWEI-rsa-key-code] 171896FB 1FFC38CD
[HUAWEI-rsa-key-code] 0203
[HUAWEI-rsa-key-code] 010001
[HUAWEI-rsa-key-code] public-key-code end
[HUAWEI-rsa-public-key] peer-public-key end
[HUAWEI]

3.4.21 public-key-code begin

Function
The public-key-code begin command displays the public key editing view.

Format
public-key-code begin

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 106

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
Public key view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You must save the public key generated on the remote host to the local host,
which ensures that the validity check on the remote end is successful. Run the
public-key-code begin command to display the public key editing view, and enter
the key data. The key characters can contain spaces. You can press Enter to enter
data in another line.

Prerequisite

A key name has been specified by running the rsa peer-public-key command.

Precautions

● The public key must be a hexadecimal character string in the public key
encoding format, and generated by the client or server that supports SSH.
● The public keys displayed by running the display rsa local-key-pair public
command can be used as the key data to enter.
● You can successfully edit the public key in a public key pair by entering the
public key in the server key pair or client key pair. In SSH application, only the
public key in the client key pair can be entered as key data. If you enter the
public key in the server key pair, authentication fails during SSH login.

Example
# Display the public key editing view and enter the key data.
<HUAWEI> system-view
[HUAWEI] rsa peer-public-key rsakey001
[HUAWEI-rsa-public-key] public-key-code begin
[HUAWEI-rsa-key-code] 308188
[HUAWEI-rsa-key-code] 028180
[HUAWEI-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[HUAWEI-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[HUAWEI-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[HUAWEI-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[HUAWEI-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[HUAWEI-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[HUAWEI-rsa-key-code] 171896FB 1FFC38CD
[HUAWEI-rsa-key-code] 0203
[HUAWEI-rsa-key-code] 010001
[HUAWEI-rsa-key-code] public-key-code end
[HUAWEI-rsa-public-key] peer-public-key end
[HUAWEI]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 107

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.22 public-key-code end

Function
The public-key-code end command returns to the public key view from the public
key editing view and saves the configured public keys.

Format
public-key-code end

Parameters
None

Views
Public key editing view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
After this command is run, the process of editing the public key ends. Before
saving the public key, the system will check the validity of the key.
● If there are illegal characters in the public key character string configured by
the user, the system will display a relevant error prompt. The public key
previously configured by the user is discarded, thus the configuration fails.
● If the public key configured is valid, it is saved in the public key chain table of
the client.
Precautions
● Generally, in the public key view, only the public-key-code end command can
be used to exit. Thus, in this instance the quit command cannot be used.
● If the legal key coding is not input, the key cannot be generated after the
public-key-code end command is used. The system prompts that generating
the incorrect key fails.
● If the key is deleted in another window, the system prompts that the key does
not exist and returns to the system view directly after you run the public-key-
code end command.

Example
# Exit from the RSA public key editing view and saves the RSA key configuration.
<HUAWEI> system-view
[HUAWEI] rsa peer-public-key rsakey001
[HUAWEI-rsa-public-key] public-key-code begin

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 108

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

[HUAWEI-rsa-key-code] 308188
[HUAWEI-rsa-key-code] 028180
[HUAWEI-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[HUAWEI-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[HUAWEI-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[HUAWEI-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[HUAWEI-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[HUAWEI-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[HUAWEI-rsa-key-code] 171896FB 1FFC38CD
[HUAWEI-rsa-key-code] 0203
[HUAWEI-rsa-key-code] 010001
[HUAWEI-rsa-key-code] public-key-code end
[HUAWEI-rsa-public-key] peer-public-key end
[HUAWEI]

3.4.23 rsa local-key-pair create

Function
The rsa local-key-pair create command generates local RSA host and server key
pairs.

By default, no local RSA host or server key pairs are generated.

Format
rsa local-key-pair create

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

To implement secure data exchange between the server and client, run this
command to generate a local key pair.

Precautions

If the RSA key pair exists, the system prompts you to confirm whether to replace
the original key pair.

After you run this command, the system prompts you to enter the number of
digits in the host key. The difference between the bits in the server and host key
pairs must be at least 128 bits. The minimum length of the server key pair and
host key pair is 512 bits, the maximum length is 2048 bits, and the default length
is 2048 bits.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 109

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

NOTE

An RSA key pair with less than 1024 bits is insecure and not recommended.

The premise to log in to the SSH server successfully is to configure and generate a
local RSA key pair. Before performing other SSH configurations, you must use the
rsa local-key-pair create command to generate the local key pair.

After you run this command, the generated key pair is saved on the device and
will not be lost after the device restarts.

Example
# Configure a device to generate the local host and server key pairs.
<HUAWEI> system-view
[HUAWEI] rsa local-key-pair create
The key name will be: Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 2048]:3072
Generating keys...
......................++++++++
........................................................++++++++
........+++++++++
.....+++++++++

3.4.24 rsa local-key-pair destroy

Function
The rsa local-key-pair destroy command deletes all local RSA keys, including the
host and server key pairs.

Format
rsa local-key-pair destroy

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 110

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

To delete local key pairs, run the rsa local-key-pair destroy command. If the host
and server key pairs of an SSH server are deleted, run the rsa local-key-pair
create command to create a host key pair and server key pair for the SSH server.
After you run this command, verify that all local RSA keys are deleted. The
command configuration takes effect only once and is not saved into the
configuration file.
Prerequisites
The local RSA keys that can be deleted exist.

Example
# Delete all RSA server keys.
<HUAWEI> system-view
[HUAWEI] rsa local-key-pair destroy
The name for the keys which will be destroyed is Host.
Confirm to destroy these keys? (y/n)[n]:y

3.4.25 rsa peer-public-key

Function
The rsa peer-public-key command displays the view of the RSA public key, and
specifies an RSA public key name.
The undo rsa peer-public-key command deletes a rsa public key.
By default, no public key is configured.

Format
rsa peer-public-key key-name [ encoding-type { der | openssh | pem } ]
undo rsa peer-public-key key-name

Parameters
Parameter Description Value

key-name Specifies the rsa public key name. The value is a string
of 1 to 30 case-
insensitive
characters without
spaces.

encoding-type Specifies an encoding format for an RSA -

public key.

der Specifies the DER format for an RSA public -

key.
DER encodes data in hexadecimal format.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 111

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

openssh Specifies the OpenSSH format for an RSA -

public key.
OpenSSH encodes data in base-64 format.
OpenSSH is an encoding format based on
PEM.

pem Specifies the PEM format for an RSA public -

key.
PEM encodes data in base-64 format.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
When you use an RSA public key for authentication, you must specify the public
key of the corresponding client for an SSH user on the server. When the client logs
in to the server, the server uses the specified public key to authenticate the client.
You can also save the public key generated on the server to the client. Then the
client can be successfully authenticated by the server when it logs in to the server
for the first time.
Third-party software, such as PuTTY, OpenSSH, and OpenSSL, can be used to
generate RSA keys in different formats. The details are as follows:
● The PuTTY generates RSA keys in PEM format.
● The OpenSSH generates RSA keys in OpenSSH format.
● The OpenSSL generates RSA keys in DER format.
After you configure an encoding format for an RSA public key, the device
automatically generates an RSA public key in the configured encoding format and
enters the RSA public key view. Then you can run the public-key-code begin
command and manually copy the RSA public key generated on the peer device to
the local device.
Prerequisite
The rsa public key in hexadecimal notation on the remote host has been obtained
and recorded.
Follow-up Procedure
After you copy the RSA public key generated on the peer device to the local
device, perform the following operations to exit the RSA public key view:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 112

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

1. Run the public-key-code end command to return to the RSA public key view.
2. Run the peer-public-key end command to exit the RSA public key view and
return to the system view.

Precautions

If an RSA public key has assigned to an SSH client, release the binding relationship
between the public key and the SSH client. If you do not release the binding
relationship between them, the undo rsa peer-public-key command will fail to
delete the RSA public key.

Example
# Display the rsa public key view.
<HUAWEI> system-view
[HUAWEI] rsa peer-public-key rsakey001
[HUAWEI-rsa-public-key]

# Configure an encoding format for an RSA public key and enter the RSA public
key view.
<HUAWEI> system-view
[HUAWEI] rsa peer-public-key RsaKey001 encoding-type openssh
[HUAWEI-rsa-public-key]

3.4.26 ssh client assign

Function
The ssh client assign command specifies the host public key of an SSH server on
an SSH client.

The undo ssh client assign command cancels the specified host public key of an
SSH server on the SSH client.

By default, no host public keys of servers are specified on SSH clients.

Format
ssh client servername assign { rsa-key | ecc-key } keyname

undo ssh client servername assign { rsa-key | ecc-key }

Parameters
Parameter Description Value

servername Specifies the host name or IP The value is a string of 1 to

address of an SSH server. 64 characters without spaces.

rsa-key Specifies an RSA public key. -

ecc-key Specifies an ECC public key. -

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 113

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

keyname Specifies the public key name of an The value is a string of 1 to

SSH server that has been configured 64 case-insensitive characters
on an SSH client. without spaces.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If an SSH client connects to an SSH server for the first time and first
authentication is not enabled on the SSH client using the ssh client first-time
enable command, the SSH client must determine whether the server is reliable. To
do so, run the ssh client assign command to specify the host public key of the
SSH server and the mapping between the key and SSH server on the SSH client.
The client then uses the correct public key to determine whether the server is
reliable based on the mapping.
Precautions
Ensure that the RSA or ECC public key to be assigned to an SSH server has been
configured on the SSH client using the rsa peer-public-key or ecc peer-public-
key command. If the key is not configured, the verification for the RSA or ECC
public key of the SSH server on the SSH client fails.

Example
# Assign an ECC public key to the SSH server.
<HUAWEI> system-view
[HUAWEI] ssh client 10.164.39.120 assign ecc-key sshecckey01

# Delete the ECC public key from the SSH server.

<HUAWEI> system-view
[HUAWEI] undo ssh client 10.164.39.120 assign ecc-key

3.4.27 ssh client first-time enable

Function
The ssh client first-time enable command enables the first authentication on the
SSH client.
The undo ssh client first-time enable command disables the first authentication
on the SSH client.
By default, first authentication is disabled on the SSH client.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 114

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
ssh client first-time enable
undo ssh client first-time enable

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
When the SSH client accesses the SSH server for the first time and the public key
of the SSH server is not configured on the SSH client, you can enable the first
authentication for the SSH client to access the SSH server and save the public key
on the SSH client. When the SSH client accesses the SSH server next time, the
saved public key is used to authenticate the SSH server.
Precautions
You can run the ssh client assign command to pre-assign the RSA public key to
the SSH server. In this manner, you can log in to the SSH server successfully at the
first time.

Example
# Enable the first authentication on the SSH client.
<HUAWEI> system-view
[HUAWEI] ssh client first-time enable

3.4.28 ssh client key-exchange

Function
The ssh client key-exchange command configures a key exchange algorithm list
on an SSH client.
The undo ssh client key-exchange command restores the default configuration.
By default, the key exchange list supported by an SSH client includes
dh_group14_sha1.

Format
ssh client key-exchange { dh_group_exchange_sha1 | dh_group14_sha1 } *

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 115

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

undo ssh client key-exchange

Parameters
Parameter Description Value

dh_group_exchange_sha1 Adds the diffie-hellman-group-exchange- -

sha1 algorithm to the key exchange
algorithm list configured on the SSH client.

dh_group14_sha1 Adds the diffie-hellman-group14-sha1 -

algorithm to the key exchange algorithm list
of an SSH client.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The client and server negotiate the key exchange algorithm used for packet
transmission. You can run the ssh client key-exchange command to configure a
key exchange algorithm list on the SSH client. The SSH server compares the
configured key exchange algorithm list with the counterpart sent by the client and
then selects the first matched key exchange algorithm for packet transmission. If
the key exchange algorithm list sent by the client does not match any algorithm in
the key exchange algorithm list configured on the server, the negotiation fails.
Precautions
The following key exchange algorithms are listed in descending order of security
level: dh_group_exchange_sha1 > dh_group14_sha1. It is recommended that the
dh_group_exchange_sha1 be used.

Example
# Configure a key exchange algorithm list to contain dh_group_exchange_sha1
and dh_group14_sha1 for the SSH client.
<HUAWEI> system-view
[HUAWEI] ssh client key-exchange dh_group_exchange_sha1 dh_group14_sha1

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 116

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.29 ssh client secure-algorithms hmac

Function
The ssh client secure-algorithms hmac command configures an HMAC algorithm
list for an SSH client.

The undo ssh client secure-algorithms hmac command restores the default
HMAC algorithm list of an SSH client.

By default, an SSH client supports the SHA2_256 HMAC algorithm.

Format
ssh client secure-algorithms hmac { sha2_256 } *

undo ssh client secure-algorithms hmac

Parameters
Parameter Description Value

sha2_256 Specifies the HMAC SHA2_256 algorithm. -

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

An SSH server and a client need to negotiate an HMAC algorithm for the packets
exchanged between them. You can run the ssh client secure-algorithms hmac
command to configure an HMAC algorithm list for the SSH client. After the list is
configured, the server matches the list of a client against the local list after
receiving a packet from the client and selects the first HMAC algorithm that
matches the local list. If no HMAC algorithms in the list of the client match the
local list, the negotiation fails.

Precautions

Example
# Configure the HMAC SHA2_256 algorithm for an SSH client.
<HUAWEI> system-view
[HUAWEI] ssh client secure-algorithms hmac sha2_256

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 117

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.30 ssh client secure-algorithms cipher

Function
The ssh client secure-algorithms cipher command configures an encryption
algorithm list for an SSH client.

The undo ssh client secure-algorithms cipher command restores the default
encryption algorithm list of an SSH client.

By default, an SSH client supports two encryption algorithms: AES128_CTR and

AES256_CTR.

Format
ssh client secure-algorithms cipher { aes128_ctr | aes256_ctr } *

undo ssh client secure-algorithms cipher

Parameters

Parameter Description Value

aes128_ctr Specifies the CTR AES128 encryption algorithm. -

aes256_ctr Specifies the CTR AES256 encryption algorithm. -

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

An SSH server and a client need to negotiate an encryption algorithm for the
packets exchanged between them. You can run the ssh client secure-algorithms
cipher command to configure an encryption algorithm list for the SSH client. After
the list is configured, the server matches the encryption algorithm list of a client
against the local list after receiving a packet from the client and selects the first
encryption algorithm that matches the local list. If no encryption algorithms in the
list of the client match the local list, the negotiation fails.

Precautions

aes256_ctr provides the highest security, followed by aes128_ctr.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 118

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Configure CTR encryption algorithms for an SSH client.
<HUAWEI> system-view
[HUAWEI] ssh client secure-algorithms cipher aes128_ctr aes256_ctr

3.4.31 ssh server authentication-retries

Function
The ssh server authentication-retries command sets the maximum number of
authentication retries for an SSH connection.
The undo ssh server authentication-retries command restores the default
maximum number of authentication retries for an SSH connection.
The default maximum number of authentication retries for an SSH connection is
3.

Format
ssh server authentication-retries times
undo ssh server authentication-retries

Parameters
Parameter Description Value
times Specifies the maximum number of The value is an integer that
authentication retries for an SSH ranges from 1 to 5.
connection.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run this command to configure the maximum number of authentication
retries for an SSH connection, which prevents server overload due to malicious
access.
Precautions
The configured number of retries takes effect upon the next login.
The total number of RSA and password authentication retries on the SSH client
cannot exceed the maximum number that is set using this command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 119

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Set the maximum number of times for retrying login authentication to 4.
<HUAWEI> system-view
[HUAWEI] ssh server authentication-retries 4

3.4.32 ssh server key-exchange

Function
The ssh server key-exchange command configures a key exchange algorithm list
on an SSH server.
The undo ssh server key-exchange command restores the default configuration.
By default, the key exchange list supported by an SSH server includes
dh_group14_sha1.

Format
ssh server key-exchange { dh_group_exchange_sha1 | dh_group14_sha1 } *

undo ssh server key-exchange

Parameters
Parameter Description Value

dh_group_exchange_sha1 Adds the diffie-hellman-group-exchange- -

sha1 algorithm to the key exchange
algorithm list of an SSH server.

dh_group14_sha1 Adds the diffie-hellman-group14-sha1 -

algorithm to the key exchange algorithm list
of an SSH server.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
An SSH server and a client need to negotiate a key exchange algorithm for the
packets exchanged between them. You can run the ssh server key-exchange
command to configure a key exchange algorithm list for the SSH server. After the
list is configured, the server matches the key exchange algorithm list of a client

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 120

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

against the local list after receiving a packet from the client and selects the first
key exchange algorithm that matches the local list. If no key exchange algorithms
in the list of the client match the local list, the negotiation fails.

Precautions

The following key exchange algorithms are listed in descending order of security
level: dh_group_exchange_sha1 > dh_group14_sha1. It is recommended that the
dh_group_exchange_sha1 be used.

Example
# Configure a key exchange algorithm list to contain dh_group_exchange_sha1
and dh_group14_sha1 for the SSH server.
<HUAWEI> system-view
[HUAWEI] ssh server key-exchange dh_group_exchange_sha1 dh_group14_sha1

3.4.33 ssh server permit interface

Function
The ssh server permit interface command specifies physical interfaces on the
SSH server to which clients can connect.

The undo ssh server permit interface command restores the default physical
interfaces on the SSH server to which clients can connect.

By default, clients can connect to all the physical interfaces on the SSH server.

Format
ssh server permit interface { interface-type interface-number } &<1-5>

undo ssh server permit interface

Parameters
Parameter Description Value

interface-type interface-type specifies the interface type. -

interface-number
interface-number specifies the interface number.
interface-number and interface-type specify an
interface.

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 121

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

To prevent a client from connecting to the SSH server through an unauthorized

physical interface or attacking the SSH server by sending a large number of SSH
packets, you can run the ssh server permit interface command to specify physical
interfaces on the SSH server to which the client can connect.

Precautions
● By default, clients can connect to all the physical interfaces on the SSH server.
Once a physical interface is specified using the ssh server permit interface
command, a client cannot connect to the SSH server using other physical
interfaces (excluding MEth interfaces).
● This command can be used only on a Layer 2 physical interface but not on a
Layer 3 physical interface, logical interface, or a non-Ethernet interface.
● A physical interface specified using this command cannot be added to an Eth-
Trunk. If it is added to an Eth-Trunk, a client cannot connect to the SSH server
through this physical interface.

Example
# Specify physical interfaces on the SSH server to which clients can connect.
<HUAWEI> system-view
[HUAWEI] ssh server permit interface gigabitethernet 0/0/1
Info: Succeeded in setting ssh permit interface.

# Restore the default physical interfaces on the SSH server to which clients can
connect.
<HUAWEI> system-view
[HUAWEI] undo ssh server permit interface

3.4.34 ssh server port

Function
The ssh server port command changes the listening port number of the SSH
server.

The undo ssh server port command restores the default listening port number of
the SSH server.

The default listening port number of the SSH server is 22.

Format
ssh server port port-number

undo ssh server port

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 122

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
port-number Specifies the listening port The value is 22 or an integer
number of the SSH server. ranging from 1025 to 55535.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
Configure the listening port number of the SSH server to prevent from malicious
access to the SSH service standard port and ensure security.
Precautions
The SSH client can log in successfully with no port specified only when the server
is listening on port 22. If the server is listening on another port, the port number
must be specified upon login.
Before changing the current port number, disconnect all devices from the port.
After the port number is changed, the server starts to listen on the new port.

Example
# Set the listening port number of the SSH server is 1025.
<HUAWEI> system-view
[HUAWEI] ssh server port 1025

3.4.35 ssh server rekey-interval

Function
The ssh server rekey-interval command sets the interval for updating the SSH
server key pair.
The undo ssh server rekey-interval command restores the default interval for
updating the SSH server key pair.
The default interval for updating the SSH server key pair is 0, indicating that the
key pair is never updated.

Format
ssh server rekey-interval hours
undo ssh server rekey-interval

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 123

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

hours Specifies the interval for The value is an integer that ranges
updating the server key pair. from 1 to 24, in hours.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If the server key pair is not updated for a long time, the key is easy to decrypt and
the server is insecure. After the interval for updating the SSH server key pair is set
using this command, the system will automatically update the key pair at
intervals.
Precautions
If the client is connected to the server, the server public key on the client is not
updated immediately. This key is updated only when the client is reconnected to
the server.

Example
# Set the interval for updating the SSH server key pair to 2 hours.
<HUAWEI> system-view
[HUAWEI] ssh server rekey-interval 2

3.4.36 ssh server secure-algorithms hmac

Function
The ssh server secure-algorithms hmac command configures an HMAC
algorithm list for an SSH server.
The undo ssh server secure-algorithms hmac command restores the default
HMAC algorithm list of an SSH server.
By default, an SSH server supports the SHA2_256 HMAC algorithm.
By default, an SSH server supports the SHA2_256 HMAC algorithm.

Format
ssh server secure-algorithms hmac { sha2_256 } *

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 124

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

undo ssh server secure-algorithms hmac

Parameters
Parameter Description Value

sha2_256 Specifies the HMAC SHA2_256 algorithm. -

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
An SSH server and a client need to negotiate an HMAC algorithm for the packets
exchanged between them. You can run the ssh server secure-algorithms hmac
command to configure an HMAC algorithm list for the SSH server. After the list is
configured, the server matches the list of a client against the local list after
receiving a packet from the client and selects the first HMAC algorithm that
matches the local list. If no HMAC algorithms in the list of the client match the
local list, the negotiation fails.
Precautions

Example
# Configure the HMAC SHA2_256 algorithm for an SSH server.
<HUAWEI> system-view
[HUAWEI] ssh server secure-algorithms hmac sha2_256

3.4.37 ssh server secure-algorithms cipher

Function
The ssh server cipher command configures an encryption algorithm list for an
SSH server.
The undo ssh server cipher command restores the default encryption algorithm
list of an SSH server.
By default, an SSH server supports two encryption algorithms: AES128_CTR and
AES256_CTR.

Format
ssh server secure-algorithms cipher { aes128_ctr | aes256_ctr } *

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 125

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

ssh server secure-algorithms cipher

Parameters
Parameter Description Value

aes128_ctr Specifies the CTR AES128 encryption algorithm. -

aes256_ctr Specifies the CTR AES256 encryption algorithm. -

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

An SSH server and a client need to negotiate an encryption algorithm for the
packets exchanged between them. You can run the ssh server secure-algorithms
cipher command to configure an encryption algorithm list for the SSH server.
After the list is configured, the server matches the encryption algorithm list of a
client against the local list after receiving a packet from the client and selects the
first encryption algorithm that matches the local list. If no encryption algorithms
in the list of the client match the local list, the negotiation fails.

Precautions

aes256_ctr provides the highest security, followed by aes128_ctr.

Example
# Configure CTR encryption algorithms for an SSH server.
<HUAWEI> system-view
[HUAWEI] ssh server secure-algorithms cipher aes256_ctr aes128_ctr

3.4.38 ssh server timeout

Function
The ssh server timeout command sets the timeout interval for SSH connection
authentication.

The undo ssh server timeout restores the default timeout interval for SSH
connection authentication.

The default timeout interval for SSH connection authentication is 60 seconds.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 126

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
ssh server timeout seconds

undo ssh server timeout

Parameters
Parameter Description Value
seconds Specifies the timeout interval for The value is an integer ranging
SSH connection authentication. from 60 to 120, in seconds.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

If you have not logged in successfully at the timeout interval for SSH connection
authentication, the current connection is terminated to ensure security. You can
run the display ssh server command to query the current timeout interval.

Precautions

The setting for the timeout interval takes effect upon next login.

If a very short timeout period is configured for SSH connection authentication,

user login may fail due to a connection timeout. Using the default timeout period
is recommended.

Example
# Set the SSH connection authentication timeout interval to 90 seconds.
<HUAWEI> system-view
[HUAWEI] ssh server timeout 90

3.4.39 ssh user assign

Function
The ssh user assign command assigns an existing public key to a user.

The undo ssh user assign command deletes the mapping between a user and a
public key.

By default, no public key is assigned to a user.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 127

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
ssh user user-name assign { rsa-key | ecc-key } key-name

undo ssh user user-name assign { rsa-key | ecc-key }

Parameters
Parameter Description Value

user-name Specifies the name of an SSH The value is a string of 1 to 64

user. case-insensitive characters without
spaces.

rsa-key Specifies an RSA public key. -

ecc-key Specifies an ECC public key. -

key-name Specifies the client public key The value is a string of 1 to 30

name. case-insensitive characters without
spaces.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When an SSH client needs to log in to the SSH server in RSA or ECC mode, run
this command to assign a public key to the client. If the client has been assigned
keys, the latest assigned key takes effect.

Precautions

The newly configured public key takes effect upon next login.

When a public key is assigned to an SSH user but user-name does not exist, an
SSH user named user-name is created. The authentication type of the new SSH
user is the configured one.

Example
# Assign key1 to the user john.
<HUAWEI> system-view
[HUAWEI] ssh user john assign ecc-key key1

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 128

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.40 ssh user authentication-type

Function
The ssh user authentication-type command configures an authentication type
for an SSH user.
The undo ssh user authentication-type command restores the default
authentication mode for an SSH user.
By default, the password authentication mode is used for SSH users.

Format
ssh user user-name authentication-type { password | rsa | password-rsa | ecc |
password-ecc | all }
undo ssh user user-name authentication-type

Parameters
Parameter Description Value

user-name Specifies the name of an SSH user. The value is a string of 1

to 64 case-insensitive
characters without
spaces.

password Specifies the password authentication -

mode.

rsa Specifies the RSA authentication mode. -

password-rsa Specifies the password-RSA -

authentication mode.

ecc Specifies the ECC authentication mode. -

password-ecc Specifies the password-ECC -

authentication mode.

all Specifies the password, ECC, or RSA -

authentication mode.

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 129

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

A new SSH user cannot log in to the SSH server unless being configured with an
authentication mode. The newly configured authentication mode takes effect
upon next login.

When an authentication type is configured for an SSH user but user-name does
not exist, an SSH user named user-name is created. The authentication type of the
new SSH user is the configured one.
NOTE

To improve security, the ECC algorithm is recommended for login authentication.

Table 3-27 describes the application scenarios of various authentication modes.

Table 3-27 Application scenarios of various authentication modes

Authentication Mode Application Scenario

RSA authentication It is a public key encryption

architecture and an asymmetric
encryption algorithm. RSA is mainly
used to transmit the keys of the
symmetric encryption algorithm, which
improves encryption efficiency and
simplifies key management. The server
checks whether the SSH user, public
key, and digital user signature are
valid. If all of them are valid, user
authentication succeeds; if any of
them is invalid, user authentication
fails, and the user is denied access to
the server.

ECC authentication Like RSA authentication, ECC

authentication requires the server to
check whether the SSH user, public
key, and digital user signature are
valid. If all of them are valid, user
authentication succeeds; if any of
them is invalid, user authentication
fails, and the user is denied access to
the server. Compared with RSA
authentication, ECC authentication has
the following advantages:
● Provides the same security with a
shorter key length.
● Requires less computing and
achieves faster processing.
● Requires less storage space.
● Requires lower bandwidth.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 130

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Authentication Mode Application Scenario

Password authentication On the server, the AAA module assigns

each authorized user a password for
login. The server has the mappings
between user names and passwords.
When a user requests to access the
server, the server authenticates the
user name and password. If either of
them fails to be authenticated, the
access request of the user is denied.

Password-RSA and password-ECC The SSH server authenticates a client

authentication by checking both the public key and
password. The client can be
authenticated only when both the
public key and password meet the
requirement.

All The server authenticates a client by

checking the public key or password,
and the client can be authenticated
when either the public key or
password meets the requirement.
NOTE
In all authentication mode, the user
priority depends on the authentication
mode selected.
● If password authentication is selected,
the user priority is the same as that
specified on the AAA module.
● If RSA or ECC authentication is selected,
the user priority depends on the priority
of the VTY interface used during user
access.
If all authentication is selected and an AAA
user with the same name as the SSH user
exists, user priorities may be different in
the preceding authentication modes. Set
relevant parameters as needed.

Precautions

A new SSH user cannot log in to the SSH server unless being configured with an
authentication mode. The newly configured authentication mode takes effect
upon next login.

Only one login user can be created on an AP. Therefore, user-name must be set to
the name of the current login user.

Example
# Configure password authentication for the SSH user john.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 131

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.41 stelnet

Function
The stelnet command enables you to use the STelnet protocol to log in to another
device from the current device.

Format
stelnet [ -a source-address ] host-ip [ port-number ] [ [ identity-key { rsa |
ecc } ] | [ user-identity-key { rsa | ecc } ] | [ prefer_kex prefer_key-exchange ] |
[ prefer_ctos_cipher prefer_ctos_cipher ] | [ prefer_stoc_cipher
prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ] | [ prefer_stoc_hmac
prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]

Parameters

Parameter Description Value

-a source-address Specifies the STelnet The value is in dotted

source IP address. decimal notation.

host-ip Specifies the IPv4 address The value is a string of 1 to

or host name of the 255 case-insensitive
remote IPv4 STelnet characters without spaces.
server.

port-number Specifies the port number The value is an integer that

that the SSH server is ranges from 1 to 65535. The
listening on. default value 22 is the
standard port number.

prefer_kex prefer_key- Indicates the preferred Preferred key exchange

exchange key exchange algorithm. algorithms supported
depend on the ssh client
key-exchange command
settings.

prefer_ctos_cipher Indicates the preferred Preferred encryption

prefer_ctos_cipher encryption algorithm for algorithms supported
packets sent from the depend on the ssh client
client to the server. secure-algorithms cipher
command settings.

prefer_stoc_cipher Indicates the preferred Preferred encryption

prefer_stoc_cipher encryption algorithm for algorithms supported
packets sent from the depend on the ssh client
server to the client. secure-algorithms cipher
command settings.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 132

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

prefer_ctos_hmac Indicates the preferred Preferred HMAC algorithms

prefer_ctos_hmac HMAC algorithm for supported depend on the
packets sent from the ssh client secure-
client to the server. algorithms hmac command
settings.

prefer_stoc_hmac Indicates the preferred Preferred HMAC algorithms

prefer_stoc_hmac HMAC algorithm for supported depend on the
packets sent from the ssh client secure-
server to the client. algorithms hmac command
settings.

-ki aliveinterval Specifies the interval for The value is an integer that
sending keepalive packets ranges from 1 to 3600, in
when no packet is seconds.
received.

-kc alivecountmax Specifies the number of The value is an integer that

times for no reply of ranges from 3 to 10. The
keepalive packets. default value is 5.

Views
System view

Default Level
0: Visit level

Usage Guidelines
Usage Scenario
Logins through Telnet bring security risks because Telnet does not provide any
authentication mechanism and data is transmitted using TCP in plain text.
Compared with Telnet, SSH guarantees secure file transfer on a traditional
insecure network by authenticating clients and encrypting data in bidirectional
mode. The SSH protocol supports STelnet. You can run this command to use
STelnet to log in to another device from the current device.
STelnet is a secure Telnet service. SSH users can use the STelnet service in the
same way as the Telnet service.
When a fault occurs in the connection between the client and server, the client
needs to detect the fault in real time and proactively release the connection. You
need to set the interval for sending keepalive packets and the maximum number
of times on the client that logs in to the server through STelnet.
● Interval for sending keepalive packets: If a client does not receive any packet
within the specified interval, the client sends a keepalive packet to the server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 133

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● Maximum number of times the server has no response: If the number of

times that the server does not respond exceeds the specified value, the client
proactively releases the connection.
Precautions
● Enable the STelnet service on the SSH server by stelnet server enable
command, before connecting the SSH server by using the stelnet command.
● The SSH client can log in to the SSH server with no port specified only when
the server is listening on port 22. If the server is listening on another port, the
port number must be specified upon login.
● To ensure security, you are advised to use an encryption algorithm with a
higher security level.

Example
# Set keepalive parameters when the client logs in to the server through STelnet.
<HUAWEI> system-view
[HUAWEI] stelnet 10.164.39.209 -ki 10 -kc 4

3.4.42 stelnet ap (Central AP)

Function
The stelnet ap command enables users to log in to a Fit AP through STelnet.

Format
stelnet ap { ap-name ap-name | ap-id ap-id }

Parameters
Parameter Description Value

ap-name ap- Specifies an AP name. The AP name must

name already exist.

ap-id ap-id Specifies an AP ID. The AP ID must

already exist.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 134

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

You can run this command to log in to a Fit AP through STelnet on the AP. You
only need to specify the AP's name or ID but does not need to enter its IP address.

Prerequisites

First-time authentication has been enabled on the SSH client using the ssh client
first-time enable command on the AP.

Example
# Log in to a Fit AP through STelnet by specifying the name of the Fit AP on the
AP.
<HUAWEI> system-view
[HUAWEI] stelnet ap ap-name area_1
Trying 192.168.109.253 ...
Press CTRL+K to abort
Connected to 192.168.109.253 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 192.168.109.253. Please wait...

Info: Current mode: Fit .

Info: Change the password to ensure security.
<area_1>

3.4.43 stelnet server enable

Function
The stelnet server enable command enables the STelnet service on the SSH
server.

The undo stelnet server enable command disables the STelnet service on the
SSH server.

By default, the STelnet service is enabled on the SSH server.

Format
stelnet server enable

undo stelnet server enable

Parameters
None

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 135

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario

To connect a client to the SSH server through STelnet, you must enable the
STelnet service on the SSH server.

Precautions

After you disable the STelnet service on the SSH server, all clients that have logged
in through STelnet are disconnected.

Example
# Enable the STelnet service.
<HUAWEI> system-view
[HUAWEI] stelnet server enable

3.4.44 telnet

Function
The telnet command enables you to use the Telnet protocol to log in to another
device from the current device.

Format
# Log in to another device through Telnet based on IPv4.

telnet [ -a source-ip-address ] host-ip [ port-number ]

Parameters

Parameter Description Value

-a source-ip- By specifying a source IP address, you The value is in dotted

address can use this address to communicate decimal notation.
with the server for high network
security. If no source address is
specified, the system will use the IP
address of the local outbound
interface to initiate a Telnet
connection.

host-ip Specifies the IPv4 address or host The value is a string of

name of the remote device. 1 to 255 case-
insensitive characters
without spaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 136

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

port-number Specifies the number of the TCP port The value is an integer
that is used by the remote device to that ranges from 1 to
provide the Telnet service. 65535. The default
value is 23.

Views
User view

Default Level
0: Visit level

Usage Guidelines
Usage Scenario
If one or multiple devices on the network need to be configured and managed,
you do not need to connect each device to your terminal for local maintenance. If
you have learned the IP address of the device, you can run this command to log in
to the device from your terminal for remote device configuration. By doing this,
you can use one terminal to maintain multiple devices on the network.
You can press Ctrl_K to terminate an active connection between the local and
remote devices.
Precautions
● Before you run the telnet command to connect to the Telnet server, the
Telnet client and server must be able to communicate through Layer 3 and
the Telnet service must be enabled on the Telnet server.
● Logins through Telnet bring security risks because Telnet does not provide any
authentication mechanism and data is transmitted using TCP in plain text.
The STelnet mode is recommended for the network that has the high security
requirement.

Example
# Connect to a remote device through Telnet.
<HUAWEI> telnet 10.1.1.1

3.4.45 telnet client-source

Function
The telnet client-source command specifies the source IP address and interface
for a Telnet client.
The undo telnet client-source command restores the default settings.
The default source IP address of the Telnet client is 0.0.0.0.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 137

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
telnet client-source { -a source-ip-address | -i interface-type interface-number }
undo telnet client-source

Parameters
Parameter Description Value
-a source-ip-address Specifies the IPv4 address of the local -
wireless access point.
-i interface-type interface- Specifies the outbound interface of the -
number local wireless access point.

Views
System view

Default Level
3: Management level

Usage Guidelines
If the source IP address and interface are not specified in the telnet command,
use the default settings specified by telnet client-source. If the source IP address
and interface are specified in the telnet command, use the specified settings.
Check the current Telnet connection on the server. The IP address displayed is the
specified source IP address or the primary IP address of the specified interface.

Example
# Set the source IP address of the Telnet client to 1.1.1.1.
<HUAWEI> system-view
[HUAWEI] telnet client-source -a 1.1.1.1

3.4.46 telnet server permit interface

Function
The telnet server permit interface command specifies physical interfaces on the
Telnet server to which clients can connect.
The undo telnet server permit interface command restores the default physical
interfaces on the Telnet server to which clients can connect.
By default, clients can connect to all physical interfaces on the Telnet server.

Format
telnet server permit interface { interface-type interface-number } &<1-5>

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 138

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

undo telnet server permit interface

Parameters

Parameter Description Value

interface-type interface-type specifies the interface type. -

interface-number
interface-number specifies the interface number.
interface-number and interface-type together
specify an interface.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To prevent a client from connecting to the Telnet server through an unauthorized

physical interface or attacking the Telnet server by sending a large number of
Telnet packets, you can run the telnet server permit interface command to
specify physical interfaces on the Telnet server to which the client can connect.

Precautions

● By default, clients can connect to all physical interfaces on the Telnet server.
Once a specific physical interface is specified, a client cannot connect to the
Telnet server using other physical interfaces.
● This command can be used only on a Layer 2 physical interface but not on a
Layer 3 physical interface, logical interface, or non-Ethernet interface.

Example
# Specify physical interfaces on the Telnet server to which clients can connect.
<HUAWEI> system-view
[HUAWEI] telnet server permit interface gigabitethernet 0/0/0
Info: Succeeded in setting telnet permit interface.

# Restore the default physical interfaces on the Telnet server to which clients can
connect.
<HUAWEI> system-view
[HUAWEI] undo telnet server permit interface

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 139

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.47 telnet server port

Function
The telnet server port command configures the listening port number of a Telnet
server.
The default listening port of a Telnet server is 23.

Format
telnet server port port-number

Parameters
Parameter Description Value

port-number Specifies the listening The value is an integer that is 23 or

port number of a Telnet ranges from 1025 to 55535. The default
server. value 23 is the standard Telnet server
port number.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To protect the Telnet standard port against attacks and ensure network security,
configure the listening port number of the Telnet server.
Precautions
A Telnet client can log in to the server with no port specified only when the server
is listening on port 23. If the server is listening on another port, the port number
must be specified upon login.
Before changing the current port number, disconnect all devices from the port.
After the port number is changed, the server starts to listen on the new port.

Example
# Configure the listening port number to 1026.
<HUAWEI> system-view
[HUAWEI] telnet server port 1026
Warning: After the command is executed, the current Telnet port number is disabled and all Telnet users
are disconnected. Continue? (Y/N):y

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 140

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.4.48 telnet server enable

Function
The telnet server enable command starts a Telnet server.

The undo telnet server enable command stops a Telnet server.

By default, the Telnet server is disabled.

Format
telnet server enable

undo telnet server enable

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
You can run this command to enable and disable the Telnet server. A Telnet server
can be connected only when it starts.

When the undo telnet server enable command is executed to disable the Telnet
server, an online Telnet user goes offline because the Telnet service is disabled.

When a Telnet server stops, you can log in to the device only through the console
port or SSH.

NOTE

The Telnet protocol poses a security risk, and therefore the STelnet V2 mode is
recommended.

Example
# Start a Telnet server.
<HUAWEI> system-view
[HUAWEI] telnet server enable
Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.

# Stop a Telnet server.

<HUAWEI> system-view
[HUAWEI] undo telnet server enable

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 141

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5 File Management Commands

NOTE

The AD9430DN-12 supports both flash: and flash1:, while flash1: is used as the storage
space for the attack defense function.

3.5.1 ascii
Function
The ascii command sets the file transfer mode to ASCII on an FTP client.
The default file transfer mode is ASCII.

Format
ascii

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Files can be transferred in ASCII or binary modes.
The ASCII mode is used to transfer plain text files, and the binary mode is used to
transfer application files such as system software (files with name extension .cc,
and .pat.), images, video files, compressed files, and database files.

Example
# Set the file transfer mode to ASCII.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] ascii
200 Type set to A.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 142

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.2 binary

Function
The binary command sets the file transmission mode to binary on an FTP client.

The default file transfer mode is ASCII.

Format
binary

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Files can be transferred in ASCII or binary modes.

The ASCII mode is used to transfer plain text files, and the binary mode is used to
transfer application files such as system software (files with name extension .cc,
and .pat.), images, video files, compressed files, and database files.

Example
# Set the file transmission mode to binary.
<HUAWEI> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User logged in.
[HUAWEI-ftp] binary
200 Type set to I.

3.5.3 bye

Function
The bye command terminates the connection with the remote FTP server and
enters the user view.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 143

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
bye

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
This command is equivalent to the quit command.
You can use the close and disconnect commands to terminate the connection
with the remote FTP server and retain the FTP client view.

Example
# Terminate the connection with the remote FTP server and enter the user view.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] bye
221 server closing.
<HUAWEI>

3.5.4 cd (FTP client view)

Function
The cd command changes the working directory of the FTP server.

Format
cd remote-directory

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 144

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
remote- Specifies the name of a The value is a string of 1 to 64
directory working directory on the FTP case-insensitive characters
server. without spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
The FTP server authorizes users to access files in certain directories and their
subdirectories.

NOTE
If the new working directory of the FTP server is on the same file drive as the current
working directory, you do not need to specify the name of the file drive in the command
but only need to specify the differences between two working directories. For example:
● If the current working directory is flash:/ and you want to change it to flash:/temp/
subtemp, run the cd temp/subtemp command.
● If the current working directory is flash:/temp and you want to change it to flash:/temp/
subtemp, run the cd subtemp command.
● If the current working directory is flash:/temp/subtemp and you want to change it to
flash:/temp, run the cd /temp command.
● If the current working directory is flash:/temp and you want to change it to flash:/, run
the cd / command.

Example
# Change the working directory to d:/temp.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] cd d:/temp
250 "D:/temp" is current directory.

3.5.5 cd (SFTP client view)

Function
The cd command changes the working directory of the SFTP server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 145

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
cd [ remote-directory ]

Parameters
Parameter Description Value

remote-directory Specifies the name of a The value is a string of 1 to 64

directory on the SFTP server. case-insensitive characters
without spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
● The SFTP server authorizes users to access files in certain directories and their
subdirectories.
● The specified working directory must exist on the SFTP server. If the remote-
directory parameter is not included in the cd command, only the current
working directory of an SSH user is displayed as the command output.

Example
# Change the current working directory of the SFTP server to /bill.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> cd bill
Current directory is:
/bill

3.5.6 cd (user view)

Function
The cd command changes the current working directory of a user.

By default, the current working directory is flash:.

Format
cd directory

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 146

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

directory Specifies the The value is a string of 1 to 64 case-sensitive

current working characters without spaces in the [ drive ] path
directory of a format.
user.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters ~,
*, /, \, :, ', " cannot be used in the directory name.
For example, a directory name is flash:/selftest/
test/.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

The following describes the drive name.

● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.

The path can be an absolute path or relative path.

● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.

Precautions

● The directory specified in the cd command must exist; otherwise, the error
messages will be displayed.
You can perform the following operations to rectify faults:
a. Run the pwd command to view the current working directory.
b. Run the dir command to view the current working directory and verify
that the directory specified in the cd command exists.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 147

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Change the current working directory from flash:/temp to flash:.
<HUAWEI> pwd
flash:/temp
<HUAWEI> cd flash:
<HUAWEI> pwd
flash:

# Change the current working directory from flash: to flash:/t1/t2.

<HUAWEI> pwd
flash:
<HUAWEI> cd flash:/t1/t2
<HUAWEI> pwd
flash:/t1/t2

# Change the current working directory from flash:/selftest to flash:/logfile.

<HUAWEI> pwd
flash:/selftest
<HUAWEI> cd /logfile/
<HUAWEI> pwd
flash:/logfile

# Change the current working directory from flash:/selftest to flash:/selftest/

test.
<HUAWEI> pwd
flash:/selftest
<HUAWEI> cd test/
<HUAWEI> pwd
flash:/selftest/test

3.5.7 cdup (SFTP client view)

Function
The cdup command changes the current working directory of an SSH user to its
parent directory.

Format
cdup

Parameters
None

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 148

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

You can run the cdup command to change the current working directory to its
parent directory.
Precautions
If the current working directory is the SFTP authorization directory, the command
cannot change the current working directory.

Example
# Change the current working directory to its parent directory.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> cd dhcp
Current directory is:
/dhcp
sftp-client> cdup
Current directory is:
/
sftp-client> cdup
Error: Failed to change the current directory.
sftp-client>

3.5.8 cdup (FTP client view)

Function
The cdup command enables you to return to the upper-level directory.

Format
cdup

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To exit from the current directory and return to the upper-level directory, run the
cdup command.
Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 149

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The accessible directories for an FTP user are restricted by the authorized directory
configured for the user.

Example
# Exit from the current directory and return to the upper-level directory.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] cd security
250 "D:\security" is current directory.
[HUAWEI-ftp] cdup
250 "D:\" is current directory.

3.5.9 close
Function
The close command terminates the connection with the remote FTP server and
retains the FTP client view.

Format
close

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
This command is equivalent to the disconnect command.
You can run the bye and quit commands to terminate the connection with the
remote FTP server and enter the user view.
Precautions
To enter the user view from the FTP client view, you can run the bye or quit
command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 150

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Terminate the connection with the remote FTP server and enters the FTP client
view.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] close
221 Server closing.

[HUAWEI-ftp]

3.5.10 copy
Function
The copy command copies a file.

Format
copy source-filename destination-filename

Parameters
Parameter Description Settings

source-filename Specifies the path and The value is a string of 1

the name of a source to 64 case-sensitive
file. characters without
spaces in the [ drive ]
[ path ] file name
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 151

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Settings

destination-filename Specifies the path and The value is a string of 1

the name of a to 64 case-sensitive
destination file. characters without
spaces in the [ drive ]
[ path ] file name
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The following describes the drive name.
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
Precautions
● If the destination file name is not specified, the designation file and the
source file have the same name. If the source file and the destination file are
in the same directory, you must specify the destination file name. If the

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 152

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

destination file name is not specified, you cannot copy the source file
successfully.
● If the destination file name is the same as that of an existing file, the system
prompts you whether to overwrite the existing file. The system prompt is
displayed only when file prompt is set to alert.

Example
# Copy the file config.cfg from the root directory of the flash card to flash:/temp.
The destination file name is temp.cfg.
<HUAWEI> copy flash:/config.cfg flash:/temp/temp.cfg
Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done

# If the current directory is the root directory of the flash card, you can perform
the preceding configuration using the relative path.
<HUAWEI> pwd
flash:
<HUAWEI> dir
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 6,721,804 Mar 19 2012 12:31:58 devicesoft.cc
1 -rw- 910 Mar 19 2012 12:32:58 config.cfg
2 drw- - Mar 05 2012 09:54:34 temp
...
1,927,220 KB total (1,130,464 KB free)
<HUAWEI> copy config.cfg temp/temp.cfg
Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done

# Copy the file config.cfg from the root directory of the flash card to flash:/temp.
The destination file name is config.cfg.
<HUAWEI> pwd
flash:
<HUAWEI> dir
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 6,721,804 Mar 19 2012 12:31:58 devicesoft.cc
1 -rw- 910 Mar 19 2012 12:32:58 config.cfg
2 drw- - Mar 05 2012 09:54:34 temp
...
1,927,220 KB total (1,130,464 KB free)
<HUAWEI> copy config.cfg temp
Copy flash:/config.cfg to flash:/temp/config.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/config.cfg...Done

# Copy the file backup.zip to backup1.zip in the test directory from the current
working directory flash:/test/.
<HUAWEI> pwd
flash:/test
<HUAWEI> copy backup.zip backup1.zip
Copy flash:/test/backup.zip to flash:/test/backup1.zip?(y/n)[n]:y
100% complete
Info: Copied file flash:/test/backup.zip to flash:/test/backup1.zip...Done

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 153

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.11 debugging
Function
The debugging command enables the debugging function of the FTP client.
The undo debugging command disables the debugging function of the FTP client.
By default, the debugging function of the FTP client is disabled.

Format
debugging
undo debugging

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
You can run the debugging command to check the session information sent by
the FTP client to the FTP server.

Example
# Enable the debugging function of the FTP client.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL + K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):ftp
331 Password required for ftp.
Enter password:
230 User logged in.
[ftp] debugging

3.5.12 delete (user view)

Function
The delete command deletes a specified file in the storage device.

Format
delete [ /unreserved ] [ /force ] { filename | devicename }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 154

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
/unreserved Deletes a specified file. -
The deleted file cannot be
restored.

/force Deletes a file directly -

without any confirmation.

filename Specifies the name of a The value is a string of 1 to 64 case-

file to be deleted. sensitive characters without spaces in
the [ drive ] [ path ] file name
format.
In the preceding parameter, drive
specifies the storage device name, and
path specifies the directory and
subdirectory.
You are advised to add : and /
between the storage device name and
directory. Characters ~, *, /, \, :, ', "
cannot be used in the directory name.

devicename Deletes all the files in the -

storage device.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 155

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Like devicename, drive specifies the storage device name.

Precautions
● The wildcard (*) can be used in the delete command.
● If the parameter /unreserved is not included, the file is stored in the recycle
bin. To display all files including deleted files that are displayed in square
brackets ([ ]), run the dir /all command. To restore these files that are
displayed in square brackets ([ ]), run the undelete command. To clear these
files from the recycle bin, run the reset recycle-bin command.

NOTICE

If you delete a file using the /unreserved parameter, the file cannot be
deleted.

● If you delete a specified storage device, all files are deleted from the root
directory of the storage device.
● If you delete two files with the same name from different directories, the last
file deleted is kept in the recycle bin.
● If you attempt to delete a protected file, such as a configuration file, patch
file, or patch status file, a system prompt is displayed.
● You cannot delete a directory by running the delete command. To delete a
directory, run the rmdir (user view) command.

Example
# Delete the file test.txt from the flash:/test/ directory.
<HUAWEI> delete flash:/test/test.txt
Delete flash:/test/test.txt?(y/n)[n]:y
Info: Deleting file flash:/test/test.txt...succeed.

# Delete the file test.txt from the current working directory flash:/selftest.
<HUAWEI> delete test.txt
Delete flash:/selftest/test.txt?(y/n)[n]:y
Info: Deleting file flash:/selftest/test.txt...succeed.

3.5.13 dir (user view)

Function
The dir command displays information about files and directories stored on the
storage device.

Format
dir [ /all ] [ filename | directory ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 156

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Settings

/all Displays all files and -

directories stored in the
current directory,
including files and
directories moved to the
recycle bin from the
current directory.

filename Specifies the file name. The value is a string of 1

to 64 case-sensitive
characters without
spaces in the [ drive ]
[ path ] file name
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

directory Specifies the file The value is a string of 1

directory. to 64 case-sensitive
characters without
spaces in the [ drive ]
path format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 157

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The wildcard (*) can be used in the dir command. If no parameter is specified, this
command displays information about the files and directories in the current
directory.
The following describes the drive name:
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
You can use the dir /all command to view information about all files and
directories of the storage device, including those stored in the recycle bin. The
name of a file in the recycle bin is placed in square brackets ([]), for example,
[test.txt].
Precautions
If the device name has been changed or the device generates logs during device
name restoration, the logs are recorded in log files with different device names.
With the dir command, you are advised to search for logs by timestamp instead of
by device name.

Example
# Display information about all files and directories stored in the current directory.
<HUAWEI> dir /all
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 889 Feb 25 2012 10:00:58 private-data.txt
1 -rw- 6,311 Feb 17 2012 14:05:04 backup.cfg
2 -rw- 836 Jan 01 2012 18:06:20 rr.dat
3 drw- - Jan 01 2012 18:08:20 syslogfile
4 -rw- 836 Jan 01 2012 18:06:20 rr.bak
5 drw- - Feb 27 2012 00:00:54 security
6 -rw- 523,240 Mar 16 2011 11:21:36 53hib66.txt
7 -rw- 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg
8 -rw- 812 Dec 12 2011 15:43:10 hostkey
9 drw- - Jan 01 2012 18:05:48 compatible

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 158

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

10 -rw- 25,841,428 Nov 17 2011 09:48:10 basicsoft.cc

11 -rw- 540 Dec 12 2011 15:43:12 serverkey
12 -rw- 26,101,692 Dec 21 2011 11:44:52 devicesoft.cc
13 -rw- 6,292 Feb 14 2012 11:14:32 1.cfg
14 -rw- 6,311 Feb 17 2012 10:22:56 1234.cfg
15 -rw- 6,311 Feb 25 2012 17:22:30 [11.cfg]

1,927,220 KB total (1,130,464 KB free)

# Display information about file vrpcfg.cfg in the current directory.

<HUAWEI> dir vrpcfg.cfg
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg

1,927,220 KB total (1,130,464 KB free)

# Display information about all .txt files stored in the current directory.
<HUAWEI> dir *.txt
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 889 Feb 25 2012 10:00:58 private-data.txt

1,927,220 KB total (1,130,464 KB free)

Table 3-28 Description of the dir command output

Item Description

d Indicates a directory. If there is no output for this parameter, the

command output indicates a file. For example, devicesoft.cc is a
file and security is a directory.

r Indicates that the file or directory can be read.

w Indicates that the file or directory is editable.

[] Indicates a file stored in the recycle bin.

3.5.14 delete (FTP client view)

Function
The delete command deletes a file from the FTP server.

Format
delete remote-filename

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 159

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
remote- Specifies the name of a file The value is a string of 1 to 64
filename to be deleted. case-insensitive characters
without spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
A file deleted in the FTP client view cannot be restored.

Example
Delete the file temp.c.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] delete temp.c
Warning: The contents of file temp.c cannot be recycled. Continue? (y/n)[n]:y
250 File deleted from remote host.

3.5.15 dir/ls (FTP client view)

Function
The dir and ls commands display all files or specified files that are stored on the
FTP server, and save them to a local disk.

Format
dir [ remote-filename [ local-filename ] ]
ls [ remote-filename [ local-filename ] ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 160

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

remote- Specifies the name and The value is a string of 1 to 64

filename directory of a file stored on the case-insensitive characters
FTP server. without spaces.

local-filename Specifies the name of the local The value is a string of 1 to 64

file that saves the FTP server case-insensitive characters
file information. without spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The following describes differences between the dir and ls commands.
● After you run the dir command, detailed file information is displayed,
including the file size, date when the file is created, whether the file is a
directory, and whether the file is editable. After you run the ls command, only
the file name is displayed.
● The dir command is used to save detailed file information, while the ls
command is used to save only the file name even if the file is specified and
saved in a local directory.
Precautions
The wildcard (*) can be used in commands dir and ls.

Example
# Display the name or detailed information about a file that is saved in the test
directory.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] cd test
250 CWD command successfully.

[HUAWEI-ftp] dir

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 161

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

200 Port command okay.

150 File Listing Follows in ASCII mode
drwxrwxrwx 1 noone nogroup 0 Mar 24 10:48 . drwxrwxrwx 1 noone nogroup 0 Mar 26
15:52 .. drwxrwxrwx 1 noone nogroup 0 Mar 23 16:04 yourtest -rwxrwxrwx 1 noone
nogroup 5736 Mar 24 10:38 backup.txt -rwxrwxrwx 1 noone nogroup 5736 Mar 24 10:38
backup1.txt
226 Transfer finished successfully.
[HUAWEI-ftp] ls
200 Port command okay.
150 File Listing Follows in ASCII mode
yourtest
backup.txt
backup1.txt
226 Transfer finished successfully.
FTP: 10 byte(s) received in 0.110 second(s) 90.90byte(s)/sec.

# Display the detailed information in file temp.c, and save the displayed
information in file temp1.
[HUAWEI-ftp] dir temp.c temp1
200 PORT command okay
150 File Listing Follows in ASCII mode
\
226 Transfer finished successfully.
FTP: 62 byte(s) received in 0.050 second(s) 1.24Kbyte(s)/sec.

[HUAWEI-ftp] quit
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye

<HUAWEI> more temp1

-rwxrwxrwx 1 noone nogroup 3929 Apr 27 18:13 temp.c

# Display the name of file test.bat, and save the displayed information in file test.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] ls test.bat test
200 Port command okay.
150 Opening ASCII mode data connection for test.bat.

226 Transfer complete.

[HUAWEI-ftp] quit

221 Server closing.

<HUAWEI> more test
test.bat

Table 3-29 Description of the dir/Is command output

Parameter Description

d in the Indicates a directory. If there is no output for this parameter, the

command command output indicates a file.
output

r in the Indicates that the file or directory can be read.

command
output

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 162

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description

w in the Indicates that the file or directory is editable.

command
output

3.5.16 dir/ls (SFTP client view)

Function
dir and ls commands display a list of specified files that are stored on the SFTP
server.

Format
dir [ -l | -a ] [ remote-directory ]
ls [ -l | -a ] [ remote-directory ]

Parameters
Parameter Description Value
-l Displays detailed information about -
all files and directories in a specified
directory.
-a Displays names of all files and -
directories in a specified directory.
remote-directory Specifies the name of a directory on The value is a string of
the SFTP server. 1 to 64 case-insensitive
characters without
spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
The dir and ls commands are equivalent.
● If -l and -a parameters are not specified, detailed information about all files
and directories in a specified directory is displayed after you run the dir or ls
command. The effect is the same as the dir -l command output.
● By default, if the remote-directory parameter is not specified, the list of
current directory files is displayed after you run the dir or ls command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 163

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Displays a list of files in the test directory of the SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> dir test
drwxrwxrwx 1 noone nogroup 0 Mar 24 18:48 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 14:52 ..
-rwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 yourtest
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup1.txt
sftp-client> dir -a test
.
..
yourtest
backup.txt
backup1.txt
sftp-client> ls test
drwxrwxrwx 1 noone nogroup 0 Mar 24 18:48 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 14:52 ..
-rwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 yourtest
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup1.txt
sftp-client> ls -a test
.
..
yourtest
backup.txt
backup1.txt

3.5.17 disconnect
Function
The disconnect command terminates the connection with the remote FTP server
and displays the FTP client view.

Format
disconnect

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
This command is equivalent to the close command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 164

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

You can run the bye and quit commands to terminate the connection with the
remote FTP server and enter the user view.
To enter the user view from the FTP client view, you can run the bye or quit
command.

Example
# Terminate the connection with the remote FTP server and enter the FTP client
view.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] disconnect
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye

[HUAWEI-ftp]

3.5.18 display ftp-server

Function
The display ftp-server command displays FTP server parameter settings.

Format
display ftp-server

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run this command to display FTP server parameter settings.

Example
# Display FTP server parameter settings.
<HUAWEI> display ftp-server
FTP server is running

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 165

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Max user number 15

User count 1
Timeout value(in minute) 30
Listening port 21
Acl number 2010
FTP server's source address 10.1.1.1

Table 3-30 Description of the display ftp-server command output

Parameter Description

FTP server is running The FTP server starts.

You can run the ftp server enable
command to start the FTP server.

Max user number Maximum number of users who can

access the FTP server.

User count Number of users who are accessing

the FTP server.

Timeout value(in minute) Idle timeout duration of FTP users.

You can run the ftp timeout
command to set the idle timeout
duration of FTP users.

Listening port Number of the listening port on the

FTP server. The default value is 21.
If the value is not 21, you can run the
ftp server port command to
configure the listening port number.

Acl number Number of the ACL of the FTP server.

The default value is 0. You can run the
ftp acl command to change the ACL
number.

FTP server's source address Source IP address for the FTP server to
send packets. The default value is
0.0.0.0.
You can run the ftp server-source
command to configure the source IP
address for the FTP server. Here, the
source IP address 10.1.1.1 is displayed.
If a source interface is configured, this
field displays "FTP server's source
interface LoopBack0."

3.5.19 display ftp-users

Function
The display ftp-users command displays FTP user parameters on the FTP server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 166

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
display ftp-users

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can check FTP user parameters on the FTP server, such as the FTP user name,
IP address of the client host, port number, idle duration, and the authorized
directory.

Example
# Display FTP user parameters.
<HUAWEI> display ftp-users
username host port idle topdir
test 10.137.217.159 51156 0 flash:

The preceding information indicates that two users are connected to the FTP
server.

Table 3-31 Description of the display ftp-users command output

Parameter Description

username FTP user name.

host IP address of the client host.

port Port number of the client host.

idle Idle duration.

topdir Authorized directory of a user.

You can run the local-user ftp-directory command to
configure the authorized directory.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 167

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.20 display ftp-client

Function
The display ftp-client command displays the source IP address configured for the
FTP client.

Format
display ftp-client

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
The default source IP address is 0.0.0.0 if ftp client-source is not configured.

Example
# Display the source IP address of the FTP client.
<HUAWEI> display ftp-client
Info: The source address of FTP client is 10.1.1.1.

Table 3-32 Description of the display ftp-client command output

Parameter Description

Info: The source address of FTP client is 10.1.1.1 is the source IP address of the
10.1.1.1. FTP client.
You can run the ftp client-source
command to configure the source IP
address.
If the IP address is configured for the
source port, the message "The source
interface of FTP client is LoopBack0"
is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 168

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.21 display sftp-client

Function
The display sftp-client command displays the source IP address configured for
the SFTP client.

Format
display sftp-client

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display sftp client command to display the source IP address of
the SFTP client. By default, the source IP address is 0.0.0.0 if sftp client-source is
not configured.

Example
# Display the source IP address configured for the SFTP client.
<HUAWEI> display sftp-client
Info: The source address of SFTP client is 1.1.1.1

Table 3-33 Description of the display sftp-client command output

Parameter Description

Info: The source address of SFTP client 1.1.1.1 is the source IP address of the
is 1.1.1.1 SFTP client.
You can run the sftp client-source
command to configure the source IP
address for the SFTP client.
If the IP address is configured for the
source port, the message "The source
interface of SFTP client is LoopBack0"
is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 169

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.22 display tftp-client

Function
The display tftp-client command displays the source IP address configured for
the TFTP client.

Format
display tftp-client

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
You can run the display tftp client command to query source IP address of the
TFTP client. The default source IP address is 0.0.0.0 if tftp client-source is not
configured.

Example
# Display the source IP address configured for the TFTP client.
<HUAWEI> display tftp-client
Info: The source address of TFTP client is 1.1.1.1.

Table 3-34 Description of the display tftp-client command output

Parameter Description

Info: The source address of TFTP client 1.1.1.1 is the source IP address of the
is 1.1.1.1. TFTP client.
You can run the tftp client-source
command to configure the source IP
address for the TFTP client.
If the IP address is configured for the
source port, the message "The source
interface of TFTP client is LoopBack0"
is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 170

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.23 execute
Function
The execute command executes a specified batch file.

Format
execute batch-filename

Parameters
Parameter Description Value

batch-filename Specifies the name of a The value is a string of 5 to 64 case-

batch file. sensitive characters without spaces.
The file name extension is .bat.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If a series of commands are frequently executed, write these commands in a batch
file, and store this file in system. In this way, you can only execute this command
to run multiple commands which were manually entered before. This command
improves maintenance and management efficiency.

NOTE

● The batch file is edited in .txt format. When editing the file, ensure that one command
occupies one line. After editing the file, save the file and change the file name extension
to .bat.
● Transfer the batch file in file transmission mode to the device.

Prerequisites
Before running the execute command, ensure that the batch file to be processed
is in the current directory; otherwise, the system cannot find the batch file.
Precautions
● The commands in a batch file are run one by one. A batch file cannot contain
invisible characters (control characters or escape characters, such as \r, \n, and
\b). If any invisible character is detected, the execute command exits from the
current process and no rollback is performed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 171

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● The execute command does not ensure that all commands can be run. If the
system runs a wrong or immature command, it displays the error and goes to
next command. The execute command does not perform the hot backup
operation, and the command format or content is not restricted.

Example
# Execute the test.bat file in the directory flash:/. The test.bat file contains three
commands: system-view, aaa and local-user test service-type web.
<HUAWEI> system-view
[HUAWEI] execute test.bat
[HUAWEI] system-view
^
Error: Unrecognized command found at '^' position.
[HUAWEI] aaa
[HUAWEI-aaa] local-user test service-type web
[HUAWEI-aaa]

When the system runs the first command system-view in current system view, it
displays an error and continues to run the following commands.
The system displays the execution of a batch file in AAA view.
[HUAWEI-aaa] display this
local-user test service-type web

3.5.24 file prompt

Function
The file prompt command changes the prompt mode when you perform
operations on files.
The default prompt mode is alert.

Format
file prompt { alert | quiet }

Parameters
Parameter Description Value
alert Display a prompt message before users perform an -
operation.
quiet Display no prompt message before users perform an -
operation.

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 172

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines

NOTICE

If the prompt mode is set to quiet, the system does not provide prompt messages
when data is lost because of misoperations such as the operation of deleting or
overwriting files. Therefore, this prompt mode should be used with caution.

Example
# Set the prompt mode to quiet. When you rename a copied file test.txt using an
existing file name test1.txt, no prompt message is displayed.
<HUAWEI> system-view
[HUAWEI] file prompt quiet
[HUAWEI] quit
<HUAWEI> copy test.txt test1.txt
Deleting file permanently from flash will take a long time if needed...Done.
100% complete
Info: Copied file flash:/test.txt to flash:/test1.txt...Done

# Set the prompt mode to alert.

<HUAWEI> system-view
[HUAWEI] file prompt alert
[HUAWEI] quit
<HUAWEI> copy test.txt test1.txt
Copy flash:/test.txt to flash:/test1.txt?(y/n)[n]:y
The file flash:/test1.txt exists. Overwrite it?(y/n)[n]:y
Deleting file permanently from flash will take a long time if needed...Done.
100% complete
Info: Copied file flash:/test.txt to flash:/test1.txt...Done

3.5.25 format
Function
The format command formats a storage device.

NOTE

Only the AD9430DN-24 and AD9430DN-12 support this command.

Format
format drive

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 173

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters

Parameter Description Value

drive Specifies the name of a The value is of the enumerated type:

storage device to be ● usb
formatted.
● sdcard
The value sdcard: is supported only by
the AD9430DN-12.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When the file system fault cannot be rectified or the data on the storage device is
no longer needed, the storage device can be formatted. When you run the format
command, all files and directories are cleared from the storage device.

Currently, only the USB flash drive and micro SD card of the device can be
formatted.

Precautions

NOTICE

After the format command is run, files and directories are cleared from the
specified storage device and cannot be restored. Therefore, this command should
be used with caution.

If the storage device is still unavailable after the format command is run, a
physical exception may have occurred.

Example
# Format the storage device.
<HUAWEI> format usb:
All data(include configuration and system startup file) on usb: will be lost , proceed with format? (y/n)[n]:y
%Format usb: completed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 174

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.26 ftp

Function
The ftp command connects the FTP client to the FTP server and enters the FTP
client view.

Format
# Connect the FTP client to the FTP server based on the IPv4 address.

ftp [ [ -a source-ip-address | -i interface-type interface-number ] host-ip [ port-

number ] ]

Parameters
Parameter Description Value

-a source-ip- Specifies the source IP address for The value is in dotted

address connecting to the FTP client. You are decimal notation.
advised to use a loopback interface
IP address as the source IP address.

-i interface-type Specifies the source interface type -

interface- and ID. You are advised to use a
number loopback interface as the source
interface.
The IP address configured for the
interface is the source IP address for
sending packets. If no IP address is
configured for the source interface,
the FTP connection cannot be set up.

host-ip Specifies the IP address or host The value is a string of

name of the remote IPv4 FTP server. characters. The value of
the IPv4 host name is a
string of 1 to 255 case-
insensitive characters
without spaces.

port-number Specifies the port number of an FTP The value is an integer

server. that ranges from 1 to
65535. The default value
is the standard port
number 21.

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 175

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
Before accessing the FTP server on the FTP client, you must run this command to
connect the FTP client to the FTP server.
Precautions
● You can set the source IP address to the source or destination IP address in
the ACL rule when the parameter -a or -i is specified on the IPv4 network.
This shields the IP address differences and interface status impact, and filters
incoming and outgoing packets, improving device security.
● If no parameter is set in this command, only the FTP view is displayed, and no
connection is set up between the FTP server and client.
● If the port number used by the FTP server is not a standard one, you must
specify a standard port number; otherwise, the FTP server and client cannot
be connected.
● When you run this command, the system prompts you to enter the user name
and password for logging in to the FTP server. You can log in to the FTP server
only when the user name and password are correct.
● If the number of login users exceeds the maximum value allowed by the FTP
server, new authorized users cannot log in to the FTP server. To allow new
authorized users to log in to the FTP server, users who have completed FTP
services need to disconnect their clients from the FTP server. You can run the
bye or quit command to disconnect the FTP client from the FTP server and
return to the user view, or run the close or disconnect command to
disconnect the FTP client from the FTP server and stay in the FTP client view.
● During the connection to the FTP server, you can press Ctrl+K to terminate
the current connection.

Example
# Connect to the remote FTP server whose address is 10.1.1.1.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp]

3.5.27 ftp acl

Function
The ftp acl command specifies an ACL number for the current FTP server so that
the FTP client with the same ACL number can access the FTP server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 176

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The undo ftp acl command deletes an ACL number of the current FTP server.
By default, no ACL is configured for FTP server.

Format
ftp acl acl-number
undo ftp acl

Parameters
Parameter Description Value
acl-number Specifies the number of the The value is an integer that ranges
ACL. from 2000 to 2999.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To ensure the security of an FTP server, you need to configure an ACL for it to
specify FTP clients that can access the current FTP server.
Precautions
● The ftp acl command takes effect only after you run the rule command to
configure the ACL rule.
● The FTP only supports the basic ACL whose number ranges from 2000 to
2999.

Example
# Allow the client whose ACL number is 2000 to log in to the FTP server.
<HUAWEI> system-view
[HUAWEI] acl 2000
[HUAWEI-acl-basic-2000] rule permit source 10.10.10.1 0
[HUAWEI-acl-basic-2000] quit
[HUAWEI] ftp acl 2000

3.5.28 ftp client-source

Function
The ftp client-source command specifies the source IP address for the FTP client
to send packets.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 177

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The undo ftp client-source command restores the default source IP address for
the FTP client to send packets.
The default source IP address for the FTP client to send packets is 0.0.0.0.

Format
ftp client-source { -a source-ip-address | -i interface-type interface-number }
undo ftp client-source

Parameters
Parameter Description Value
-a source-ip- The value is
Specifies the source IP address. You are
address in dotted
advised to use the loopback interface IP
decimal
address.
notation.
-i interface-type Specifies the source interface. You are -
interface-number advised to use the loopback interface.
The IP address configured for the source
interface is the source IP address for sending
packets. If no IP address is configured for the
source interface, the FTP connection cannot
be set up.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If no source IP address is specified, the client uses the source IP address that the
router specifies to send packets. The source IP address must be configured for an
interface with stable performance. The loopback interface is recommended. Using
the loopback interface as the source interface simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, and incoming and filters outgoing packets, and implements security
authentication.
Precautions
● You can also run the ftp command to configure the source IP address whose
priority is higher than that of the source IP address specified by the ftp client-
source command. If you specify the source IP addresses by running the ftp

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 178

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

client-source and ftp commands, the source IP address specified by the ftp
command is used for data communication and is available only for the
current FTP connection, while the source IP address specified by the ftp
client-source command is available for all FTP connections.
● The IP address that a user displays on the FTP server is the specified source IP
address or source interface IP address.

Example
# Set the source IP address of the FTP client to 1.1.1.1.
<HUAWEI> system-view
[HUAWEI] ftp client-source -a 1.1.1.1
Info: Succeeded in setting the source address of the FTP client to 1.1.1.1.

3.5.29 ftp server enable

Function
The ftp server enable command enables the FTP server function to allow FTP
users to log in to the FTP server.

The undo ftp server command disables the FTP server function so that FTP users
cannot log in to the FTP server.

By default, the FTP function is disabled.

Format
ftp server enable

undo ftp server

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To manage FTP server files on a client, you must run the ftp server enable
command to enable the FTP server function to allow FTP users to log in to the
FTP server.

Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 179

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

If the security FTP server function is disabled, no user can log in to the FTP server,
and users who have logged in to the FTP server can perform only the logout
operation.

NOTE

The FTP protocol will bring risk to device security. The SFTP V2 mode is recommended.

Example
# Enable the FTP server function.
<HUAWEI> system-view
[HUAWEI] ftp server enable
Warning: FTP is not a secure protocol, and it is recommended to use SFTP.
Info: Succeeded in starting the FTP server

3.5.30 ftp server permit interface

Function
The ftp server permit interface command specifies physical interfaces on the FTP
server to which clients can connect.

The undo ftp permit interface command restores the default physical interfaces
on the FTP server to which clients can connect.

By default, clients can connect to all the physical interfaces on the FTP server.

Format
ftp server permit interface { interface-type interface-number } &<1-5>

undo ftp server permit interface

Parameters
Parameter Description Value

interface-type interface-type: specifies the interface type. -

interface-number
interface-number: specifies the interface number.
interface-number and interface-type together
specify an interface.

Views
System view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 180

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario
To prevent a client from connecting to the FTP server through an unauthorized
physical interface or attacking the FTP server by sending a large number of FTP
packets, you can run the ftp server permit interface command to specify physical
interfaces on the FTP server to which the client can connect.
Precautions
● By default, clients can connect to all the physical interfaces on the FTP server.
Once a physical interface is specified using the ftp server permit interface
command, a client cannot connect to the FTP server through other physical
interfaces.
● This command can be used only on a Layer 2 physical interface but not on a
Layer 3 physical interface, logical interface, or non-Ethernet interface.
● A physical interface specified using this command cannot be added to an Eth-
Trunk. If it is added to an Eth-Trunk, a client cannot connect to the FTP server
through this physical interface.

Example
# Specify physical interfaces on the FTP server to which clients can connect.
<HUAWEI> system-view
[HUAWEI] ftp server permit interface gigabitethernet 0/0/0
Info: Succeeded in setting ftp permit interface.

# Restore the default physical interfaces on the FTP server to which clients can
connect.
<HUAWEI> system-view
[HUAWEI] undo ftp server permit interface

3.5.31 ftp server port

Function
The ftp server port command specifies the listening port number of the FTP
server.
The undo ftp server port command restores the default listening port number of
the FTP server.
The default listening port number of the FTP server is 21.

Format
ftp server port port-number

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 181

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters

Parameter Description Value

port port-number Specifies the listening port The value is 21 or an integer

number of the FTP server. that ranges from 1025 to
55535

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

By default, the listening port number of the FTP server is 21. Attackers may
frequently access the default listening port, which wastes bandwidth, deteriorates
server performance, and prevents authorized users from accessing the FTP server
through the listening port. You can run the ftp server port command to specify
another listening port number to prevent attackers from accessing the listening
port.

Prerequisites

Before running the ftp server port command to specify the listening port number,
you must first run the undo ftp server command to disable FTP services.

Precautions

● After the ftp server port command is executed, the FTP server disconnects all
FTP connections and uses the new listening port.
● If the current listening port number is 21, FTP client users do not need to
specify the port number for logging in to the FTP server. If the current
listening port number is not 21, FTP client users must use the FTP server's
listening port number to log in to the FTP server.
● After the listening port number is changed, you must run the ftp server
enable command to enable FTP services to make the configuration take
effect.

Example
# Change the port number of the FTP server to 1028.
<HUAWEI> system-view
[HUAWEI] undo ftp server
[HUAWEI] ftp server port 1028

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 182

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.32 ftp server-source

Function
The ftp server-source command specifies the source IP address for the FTP server
to send packets.

The undo ftp server-source command restores the default source IP address for
the FTP server to send packets.

The default source IP address for the FTP server to send packets is 0.0.0.0.

Format
ftp server-source { -a source-ip-address | -i interface-type interface-number }

undo ftp server-source

Parameters
Parameter Description Value

-a source-ip-address Specifies the source IP address. You are advised to -

use the loopback interface IP address.

-i interface-type Specifies the source interface. You are advised to -

interface-number use the loopback interface.
The IP address configured for the source interface
is the source IP address for sending packets. If no
IP address is configured for the source interface,
the FTP connection cannot be set up.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

If no source IP address (0.0.0.0 by default) is specified, the FTP server uses the
source IP address that the router specifies to send packets. The source IP address
must be configured for an interface with stable performance. The loopback
interface is recommended. Using the loopback interface as the source interface
simplifies the ACL rule and security policy configuration. This shields the IP
address differences and interface status impact, and incoming and filters outgoing
packets, and implements security authentication.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 183

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Precautions
● After the source IP address is specified for the FTP server, you must use the
specified IP address to log in to the FTP server.
● If FTP services have been enabled, the FTP service restarts after the ftp
server-source command is executed.

Example
# Set the source IP address of the FTP server to the IP address of LoopBack0.
<HUAWEI> system-view
[HUAWEI] ftp server-source -i loopback0
Warning: To make the server source configuration take effect, the FTP server will be restarted. Continue?
(y/n)[n]: y
Info: Succeeded in setting the source interface of the FTP server to LoopBack0
Warning: FTP is not a secure protocol, and it is recommended to use SFTP.
Info: Succeeded in starting the FTP server

3.5.33 ftp timeout

Function
The ftp timeout command configures the idle timeout duration of the FTP server.
The undo ftp timeout command restores the default idle timeout duration.
By default, the idle timeout duration of the FTP server is 30 minutes.

Format
ftp timeout minutes
undo ftp timeout

Parameters
Parameter Description Value
minutes Specifies idle timeout The value is an integer that ranges from 1 to
duration. 35791, in minutes. By default, the idle
timeout duration is 30 minutes.

Views
System view

Default Level
3: Management level

Usage Guidelines
After a user logs in to the FTP server, a connection is set up between the FTP
server and the user's client. The idle timeout duration is configured to release the

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 184

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

connection when the connection is interrupted or when the user performs no

operation for a specified time.

Example
# Set the idle timeout duration to 36 minutes.
<HUAWEI> system-view
[HUAWEI] ftp timeout 36

3.5.34 get (FTP client view)

Function
The get command downloads a file from the FTP server and saves the file to the
local device.

Format
get remote-filename [ local-filename ]

Parameters
Parameter Description Value
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be downloaded from the case-sensitive characters
FTP server. without spaces.
local-filename Specifies the name of a The value is a string of 1 to 64
downloaded file to be saved to case-sensitive characters
the local device. without spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the get command to download system software, backup
configuration files, and patch files from the FTP server to upgrade devices.
Precautions
● If the downloaded file name is not specified on the local device, the original
file name is used.
● If the name of the downloaded file is the same as that of an existing local
file, the system prompts you whether to overwrite the existing file.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 185

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Download the system software devicesoft.cc from the FTP server.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] get devicesoft.cc

3.5.35 get (SFTP client view)

Function
The get command downloads a file from the SFTP server and saves the file to the
local device.

Format
get remote-filename [ local-filename ]

Parameters
Parameter Description Value
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be downloaded from the case-sensitive characters
SFTP server. without spaces.
local-filename Specifies the name of a The value is a string of 1 to 64
downloaded file to be saved to case-sensitive characters
the local device. without spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the get command to download files from the FTP server to upgrade
devices.
Precautions
● If the local-filename is not specified on the local device, the original file name
is used.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 186

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● If the name of the downloaded file is the same as that of an existing local
file, the system prompts you whether to overwrite the existing file.

Example
# Download a file from the SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> get test.txt

3.5.36 help (SFTP client view)

Function
The help command displays the help information in the SFTP client view.

Format
help [ all | command-name ]

Parameters
Parameter Description Value

all Displays all commands in the SFTP client view. -

command-name Displays the format and parameters of a specified -

command in the SFTP client view.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

In the SFTP view, you can only enter the question mark (?) to obtain all
commands in the SFTP client view. If you enter a command keyword and the
question mark (?) to query command parameters, an error message is displayed,
as shown in the following:
sftp-client> dir ?
Error: Failed to list files.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 187

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

You can run the help command to obtain the help information and display all
commands or a command format in the SFTP client view.

Precautions

If you specify no parameter when running the help command, all commands in
the SFTP client view is displayed. This has the same effect as the help all
command or directly entering the question mark (?) in the SFTP client view.

Example
# Display the format of the command get.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> help get
get Remote file name STRING<1-64> [Local file name STRING<1-64>] Download file
Default local file name is the same with remote file.

# Display all commands in the SFTP client view.

sftp-client> help all
cd
cdup
dir
get
help
ls
mkdir
put
pwd
quit
rename
remove
rmdir

3.5.37 mkdir (FTP client view)

Function
The mkdir command creates a directory on the remote FTP server.

Format
mkdir remote-directory

Parameters

Parameter Description Value

remote- Specifies the directory The value is a string of case-sensitive
directory to be created. characters without spaces. The
absolute path length ranges from 1 to
64

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 188

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
● You can run the mkdir command to create a subdirectory in a specified
directory, and the subdirectory name must be unique.
● If no path is specified when you create a subdirectory, the subdirectory is
created in the current directory.
● The created directory is stored on the FTP server.

Example
# Create a directory test on the remote FTP server.
<HUAWEI> ftp 172.16.104.110
Trying 172.16.104.110 ...
Press CTRL+K to abort
Connected to 172.16.104.110.
220 FTP service ready.
User(172.16.104.110:(none)):huawei
331 Password required for huawei
Enter password:
230 User logged in.
[HUAWEI-ftp] mkdir test
257 "test" new directory created.

3.5.38 mkdir (SFTP client view)

Function
The mkdir command creates a directory on the remote SFTP server.

Format
mkdir remote-directory

Parameters
Parameter Description Value
remote- Specifies the The value is a string of case-sensitive
directory directory to be characters without spaces. The absolute
created. path length ranges from 1 to 64, while the
directory name length ranges from 1 to 15.

Views
SFTP client view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 189

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Example
# Create a directory on the SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> mkdir ssh
Info: Succeeded in creating a directory.

3.5.39 mkdir (User view)

Function
The mkdir command creates a directory in the current storage device.

Format
mkdir directory

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 190

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Settings

directory Specifies a directory or The value is a string of

directory and its path. case-sensitive characters
in the [ drive ] [ path ]
directory format. The
absolute path length
ranges from 1 to 64,
while the directory name
length ranges from 1 to
15.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
Characters such as ~, *, /,
\, :, ', " cannot be used in
the directory name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The following describes the drive name.
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
If you only the subdirectory name is specified, a subdirectory is created in the
current working directory. You can run the pwd command to query the current
working directory. If the subdirectory name and directory path are specified, the
subdirectory is created in the specified directory.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 191

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Precautions
● The subdirectory name must be unique in a directory; otherwise, the message
"Error: Directory already exists" is displayed.
● A maximum of four directory levels are supported when you create a
directory.

Example
# Create the subdirectory new in the flash card.
<HUAWEI> mkdir flash:/new
Info: Create directory flash:/new......Done

3.5.40 lcd
Function
The lcd command displays and changes the local working directory of the FTP
client in the FTP client view.

Format
lcd [ local-directory ]

Parameters
Parameter Description Value
local-directory Specifies the local working The value is a string of 1 to 64
directory of the FTP client. case-sensitive characters without
spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the lcd command to display the local working directory of the FTP
client when uploading or downloading files, and set the upload or download path
to the path of the local working directory.
Precautions
The lcd command displays the local working directory of the FTP client, while the
pwd command displays the working directory of the FTP server. If you specify the
parameter local-directory in the lcd command, you can directly change the local
working directory in the FTP client view.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 192

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Change the local working directory to flash:/test.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] lcd
The current local directory is flash:.
[HUAWEI-ftp] lcd flash:/test
The current local directory is flash:/test.

3.5.41 more

Function
The more command displays the content of a specified file.

Format
more [ /binary ] filename [ offset ] [ all ]

Parameters

Parameter Description Value

/binary Displays the file -

content in the binary
mode.

filename Specifies the file The value is a string of 1 to 64 case-

name. sensitive characters without spaces in the
[ drive ] [ path ] file name format.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory.
Characters ~, *, /, \, :, ', " cannot be used in
the directory name.

offset Specifies the file The value is an integer that ranges from 0
offset. to 2147483647, in bytes.

all Displays all the file -

content on one screen.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 193

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the more command to display the file content directly on a device.
● The following describes the drive name.
– drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary
space to store feature files required for the attack defense function.
Startup files and configuration files can be stored only in flash:, while
other files can be flexibly stored in flash: or flash1.
● The path can be an absolute path or relative path.
– flash:/my/test/ is an absolute path.
– selftest/ is related to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● You are not advised to use this command to display non-text files; otherwise,
the terminal is shut down or displays garbled characters, which is harmless to
the system.
● Files are displayed in text format.
● You can display the file content flexibly by specifying parameters before
running the more command:
– You can run the more filename command to view a specified text file.
The content of the specified text file is displayed on multiple screens. You
can press the spacebar consecutively on the current session GUI to
display all content of the file.
To display the file content on multiple screens, you must ensure that:

▪ The number of lines that can be displayed on a terminal screen is

greater than 0. (The number of lines that can be displayed on a
terminal screen is set by running the screen-length command.)

▪ The total number of file lines is greater than the number of lines
that can be displayed on a terminal screen. (The number of lines that
can be displayed on a terminal screen is set by running the screen-
length command.)
– You can run the more filename offset command to view a specified file.
The content of the specified text file starting from offset is displayed on
multiple screens. You can press the spacebar consecutively on the current
session GUI to display all content of the file.
To display the file content on multiple screens, you must ensure that:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 194

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

▪ The number of lines that can be displayed on a terminal screen is

greater than 0. (The number of lines that can be displayed on a
terminal screen is set by running the screen-length command.)

▪ The number of lines starting from offset in the file is greater than
the number of lines that can be displayed on a terminal screen. (The
number of lines that can be displayed on a terminal screen is set by
running the screen-length command.)
– You can run the more file-name all command to view a specified file.
The file content is displayed on one screen.

Example
# Display the content of the file test.bat.
<HUAWEI> more test.bat
user-interface vty 12 14
authentication-mode aaa
protocol inbound ssh
user privilege level 5
quit
ssh user sftpuser authentication-type password
sftp server enable

# Display the content of the file test.bat and set the offset to 10.
<HUAWEI> more test.bat 10
user-interface vty 12 14
authentication-mode aaa
protocol inbound ssh
user privilege level 5
quit
ssh user sftpuser authentication-type password
sftp server enable

# Display the content of the file test.bat.

<HUAWEI> more test.bat all
user-interface vty 12 14
authentication-mode aaa
protocol inbound ssh
user privilege level 5
quit
ssh user sftpuser authentication-type password
sftp server enable

3.5.42 mount
Function
The mount command uploads a storage device.
By default, after being installed on the device, the storage device is automatically
uploaded to the device.
NOTE

This command is supported only by devices that support extended storage devices such as
USB.

Format
mount driver

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 195

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

driver Specifies the driver that The enumerated values

requires hot loading. are:
● usb:
● sdcard:
The value sdcard: is
supported only by the
AD9430DN-12.

Views
User view

Default Level
3: Management level

Usage Guidelines
After being installed on the device, the storage device is automatically uploaded to
the device. Therefore, you do not need to run this command to upload the storage
device. If you run the umount command to unload the storage device and the
storage device is not removed from the device, run the mount command to
upload the storage device again.

Example
# Upload a USB flash drive.
<HUAWEI> mount usb:
Info: Mount USB device success!

3.5.43 move
Function
The move command moves the source file from a specified directory to a
destination directory.

Format
move source-filename destination-filename

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 196

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Settings

source-filename Specifies the directory The value is a string of 1

and name of a source to 64 case-sensitive
file. characters without
spaces in the [ drive ]
[ path ] file name
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

destination-filename Specifies the directory The value is a string of 1

and name of a to 64 case-sensitive
destination file. characters without
spaces in the [ drive ]
[ path ] file name
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 197

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario
The following describes the drive name.
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
Precautions
● If the destination file has the same name as an existing file, the system
prompts you whether to overwrite the existing file. The system prompt is
displayed only when file prompt is set to alert.
● This command cannot be used to move files between storage devices.
● The move and copy commands have different effects:
– The move command moves the source file to the destination directory.
– The copy command copies the source file to the destination directory.

Example
# Move a file from flash:/test/sample.txt to flash:/sample.txt.
<HUAWEI> move flash:/test/sample.txt flash:/sample.txt
Move flash:/test/sample.txt to flash:/sample.txt ?(y/n)[n]: y
%Moved file flash:/test/sample.txt to flash:/sample.txt.

3.5.44 open
Function
The open command connects the FTP client and server.

Format
# Connect the FTP client to the FTP server based on the IPv4 address.
open [ -a source-ip-address | -i interface-type interface-number ] host-ip [ port-
number ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 198

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

-a source-ip- Specifies the source IP address for The value is in dotted

address connecting to the FTP client. You are decimal notation.
advised to use the loopback interface
IP address.

-i interface-type Specifies the source interface type -

interface-number and ID. You are advised to use the
loopback interface.
The IP address configured for this
interface is the source IP address for
sending packets. If no IP address is
configured for the source interface,
the FTP connection cannot be set up.

host-ip Specifies the IP address or host name The value is a string of

of the remote IPv4 FTP server. 1 to 255 case-
insensitive characters
without spaces.

port-number Specifies the port number of the FTP The value is an integer
server. that ranges from 1025
to 55535, or 21. The
default value is the
standard port number
21.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the open command in the FTP client view to connect the FTP client to
the server to transmit files and manage files and directories of the FTP server.
Precautions
● You can run the ftp command in the user view to connect the FTP client and
server and enter the FTP client view.
● You can set the source IP address to the source or destination IP address in
the ACL rule when the -a or -i parameter is specified on the IPv4 network.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 199

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

This shields the IP address differences and interface status impact, and
incoming and filters outgoing packets, and implements security
authentication.
● If the port number that the FTP server uses is non-standard, you must specify
a standard port number; otherwise, the FTP server and client cannot be
connected.
● When you run the open command, the system prompts you to enter the user
name and password for logging in to the FTP server. You can log in to the FTP
client and enter the FTP client view if the user name and password are
correct.

Example
# Connect the FTP client with the FTP server whose IP address is 10.137.217.204.
<HUAWEI> ftp
[HUAWEI-ftp] open 10.137.217.204
Trying 10.137.217.204 ...
Press CTRL+K to abort
Connected to 10.137.217.204.
220 FTP service ready.
User(10.137.217.204:(none)):test
331 Password required for test.
Enter password:
230 User logged in.

[HUAWEI-ftp]

3.5.45 passive

Function
The passive command sets the data transmission mode to passive.

The undo passive command sets the data transmission mode to active.

By default, the data transmission mode is active.

Format
passive

undo passive

Parameters
None

Views
FTP client view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 200

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
The device supports the active and passive data transmission modes. In active
mode, the server initiates a connection request, and the client and server need to
enable and monitor a port to establish a connection. In passive mode, the client
initiates a connection request, and only the server needs to monitor the
corresponding port. This command is used together with the firewall function.
When the client is configured with the firewall function, FTP connections are
restricted between internal clients and external FTP servers if the FTP transmission
mode is active. If the FTP transmission mode is passive, FTP connections between
internal clients and external FTP servers are not restricted.

Example
# Set the data transmission mode to passive.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] passive
Info: Succeeded in switching passive on.

3.5.46 put (FTP client view)

Function
The put command uploads a local file to the remote FTP server.

Format
put local-filename [ remote-filename ]

Parameters
Parameter Description Value

local-filename Specifies the local file name The value is a string of 1 to 64

of the FTP client. case-sensitive characters
without spaces.

remote- Specifies the name of the file The value is a string of 1 to 64

filename to be uploaded to the remote case-sensitive characters
FTP server. without spaces.

Views
FTP client view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 201

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the put command to upload a local file to the remote FTP server for
further check and backup. For example, you can upload the local log file to the
FTP server for other users to check, and upload the configuration file to the FTP
server as a backup before upgrading the device.
Precautions
● If the file name is not specified on the remote FTP server, the local file name
is used.
● If the name of the uploaded file is the same as that of an existing file on the
FTP server, the system overwrites the existing file.

Example
# Upload the configuration file vrpcfg.zip to the remote FTP server as a backup,
and save it as backup.zip.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] put vrpcfg.zip backup.zip
200 Port command successful.
150 Opening BINARY mode data connection for file transfer.
226 Transfer complete
FTP: 1098 byte(s) sent in 0.131 second(s) 8.38Kbyte(s)/sec.

3.5.47 put (SFTP client view)

Function
The put command uploads a local file to a remote SFTP server.

Format
put local-filename [ remote-filename ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 202

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters

Parameter Description Value

local-filename Specifies a local file The value is a case-sensitive character
name on the SFTP client. string without spaces. The file name
(including the absolute path) contains
1 to 64 characters.
remote- Specifies the name of the The value is a case-sensitive character
filename file uploaded to the string without spaces. The file name
remote SFTP server. (including the absolute path) contains
1 to 64 characters.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

This command enables you to upload files from the local device to a remote SFTP
server to view the file contents or back up the files. For example, you can upload
log files of a device to an SFTP server and view the logs in the server. During an
upgrade, you can upload the configuration file of the device to the SFTP server for
backup.

Precautions

● If remote-filename is not specified, the uploaded file is saved on the remote

SFTP server with the original file name.
● If the specified remote-filename is the same as an existing file name on the
SFTP server, the uploaded file overwrites the existing file on the server.

Example
# Upload a file to the SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> put wm.cfg
local file: wm.cfg ---> Remote file: /wm.cfg
Info: Uploading file successfully ended.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 203

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.48 pwd (FTP client view)

Function
The pwd command displays the FTP client's working directory on the remote FTP
server.

Format
pwd

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
After logging in to the FTP server, you can run the pwd command to display the
FTP client's working directory on the remote FTP server.

If the displayed working directory is incorrect, you can run the cd command to
change the FTP client's working directory on the remote FTP server.

Example
# Display the FTP client's working directory on the remote FTP server.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] pwd
257 "/" is current directory.

3.5.49 pwd (SFTP client view)

Function
The pwd command displays the SFTP client's working directory on the remote FTP
server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 204

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
pwd

Parameters
None

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
After logging in to the SFTP server, you can run the pwd command to display the
SFTP client's working directory on the remote SFTP server.

If the displayed working directory is incorrect, you can run the cd command to
change the SFTP client's working directory on the remote SFTP server.

Example
# Display the SFTP client's working directory on the remote SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> pwd
/
sftp-client> cd test
Current directory is:
/test
sftp-client> pwd
/test

3.5.50 pwd (user view)

Function
The pwd command displays the current working directory.

Format
pwd

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 205

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
User view

Default Level
3: Management level

Usage Guidelines
You can run the pwd command in any directory to display the current working
directory. To change the current working directory, you can run the cd command.

Example
# Display the current working directory.
<HUAWEI> pwd
flash:/test

3.5.51 quit (FTP client view)

Function
The quit command terminates the FTP session from the remote server and exit
from FTP view.

Format
quit

Parameters
None

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

By executing the quit command quits from the current view and return to
previous view.

If you execute the quit command in user view, you log out of the system.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 206

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Disconnect from the remote FTP server and return to the user view using quit
command.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] quit

3.5.52 quit (SFTP client view)

Function
The quit command enables the system to disconnect from the remote SFTP server
and return to the SFTP client view.

Format
quit

Parameters
None

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can use this command to return to the system view from the SFTP client view.

Example
# Disconnect from SFTP server using quit command.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> quit

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 207

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.53 remotehelp
Function
The remotehelp command displays the help information about an FTP command
when the FTP client and server are connected.

Format
remotehelp [ command ]

Parameters
Parameter Description Value

command Specifies the FTP The value is a string of 1 to 16

command. characters.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
You can run the remotehelp command to display the help information about an
FTP command.
● The help information is provided by the remote server. Different remote
servers may provide different help information for an FTP command.
● The help information can be displayed for FTP commands user, pass, cwd,
cdup, quit, port, pasv, type, retr, stor, dele, rmd, mkd, pwd, list, nlst, syst,
help, xcup, xcwd, xmkd, xpwd, and xrmd.

Example
# Display the syntax of the command cdup.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] remotehelp
214-The following commands are recogized(*=>'s unimplemented). USER PASS ACCT*
CWD CDUP SMNT* QUIT REIN* PORT PASV TYPE STRU* MODE* RETR STOR
STOU* APPE* ALLO* REST* RNFR* RNTO* ABOR* DELE RMD

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 208

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

MKD PWD LIST NLST SITE* SYST STAT* HELP NOOP* XCUP XCWD XMKD
XPWD XRMD 214 Direct comments to Huawei Tech.

[HUAWEI-ftp] remotehelp cdup

214 Syntax: CDUP <change to parent directory>.

3.5.54 remove (SFTP client view)

Function
The remove command deletes specified files from the remote SFTP server.

Format
remove remote-filename &<1-10>

Parameters

Parameter Description Value

remote- Specifies the name of the file The value is a string of 1 to 64
filename to be deleted from the remote case-insensitive characters
SFTP server. without spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
● You can configure a maximum of 10 file names in the command and separate
them using spaces and delete them at one time.
● If the file to be deleted is not in the current directory, you must specify the file
path.

Example
# Delete the file 3.txt from the server and backup1.txt from the test directory.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> remove 3.txt test/backup1.txt
Warning: Make sure to remove these files? [y/n][n]:y
Info: Succeeded in removing the file /3.txt.
Info: Succeeded in removing the file /test/backup1.txt.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 209

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.55 rename (SFTP client view)

Function
The rename command renames a file or directory stored on the SFTP server.

Format
rename old-name new-name

Parameters
Parameter Description Value
old-name Specifies the name of a file The value is a string of 1 to 64 case-
or directory. insensitive characters without spaces.

new-name Specifies the new name of The value is a string of 1 to 64 case-

the file or directory. insensitive characters without spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
You can run the rename command to rename a file or directory.

Example
# Rename the directory yourtest on the SFTP server.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> rename test/yourtest test/test
Warning: Rename /test/yourtest to /test/test? [y/n][n]:y
Info: Succeeded in renaming file.
sftp-client> cd test
Current directory is:
/test
sftp-client> dir
drwxrwxrwx 1 noone nogroup 0 Mar 29 22:44 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 22:39 ..
drwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 test
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 210

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.56 rename (user view)

Function
The rename command renames a file or folder.

Format
rename old-name new-name

Parameters
Parameter Description Settings

old-name Specifies the name of a The value is a string of 1

file or folder. to 64 case-sensitive
characters without
spaces in the [ drive ]
[ path ] filename
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 211

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Settings

new-name Specifies the new name The value is a string of 1

of the file or directory. to 64 case-sensitive
characters without
spaces in the [ drive ]
[ path ] filename
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', " cannot be
used in the directory
name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
The following describes the drive name:
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
Precautions
● You must rename a file or directory in its source directory.
● If the renamed file or directory has the same name as an existing file or
directory, an error message is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 212

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● If you specify old-name or new-name without specifying the file path, the file
must be saved in your current working directory.

Example
# Rename the directory mytest to yourtest in the directory flash:/test/.
<HUAWEI> pwd
flash:/test
<HUAWEI> rename mytest yourtest
Rename flash:/test/mytest to flash:/test/yourtest ?(y/n)[n]:y
Info: Rename file flash:/test/mytest to flash:/test/yourtest ......Done

# Rename the file sample.txt to sample.bak.

<HUAWEI> rename sample.txt sample.bak
Rename flash:/sample.txt to flash:/sample.bak ?(y/n)[n] :y
Info: Rename file flash:/sample.txt to flash:/sample.bak .......Done

3.5.57 reset recycle-bin

Function
The reset recycle-bin command permanently deletes files from the recycle bin.

Format
reset recycle-bin [ filename | devicename ]

Parameters
Parameter Description Value

filename Specifies the name The value is a string of 1 to 64 case-sensitive

of a file to be characters without spaces in the [ drive ]
deleted. [ path ] file name format.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', " cannot be used in the directory
name.
The wildcard (*) character is supported.

devicename Specifies the -

storage device
name.

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 213

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If you run the delete command without specifying the /unreserved parameter,
the file is moved to the recycle bin and still occupies the memory. To free up the
space, you can run the reset recycle-bin command to permanently delete the file
from the recycle bin.
The following describes the drive name.
● drive indicates the storage device and is named as flash:. On the
AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
Like devicename, drive specifies the storage device name.
Precautions
● You can run the dir /all command to display all files that are moved to the
recycle bin from the current directory, and file names are displayed in square
brackets ([ ]).
● If you delete a specified storage device, all files in the root directory of the
storage device are deleted.
● If you run the reset recycle-bin command directly, all files that are moved to
the recycle bin from the current directory are permanently deleted.

Example
# Delete the file test.txt that is moved to the recycle bin from the directory test in
the root directory of flash:.
<HUAWEI> reset recycle-bin flash:/test/test.txt
Squeeze flash:/test/test.txt?(y/n)[n]:y
Clear file from flash will take a long time if needed...Done.
%Cleared file flash:/test/test.txt.

# Delete files that are moved to the recycle bin from the current directory.
<HUAWEI> pwd
flash:/test
<HUAWEI> reset recycle-bin
Squeeze flash:/test/backup.zip?(y/n)[n]:y
Clear file from flash will take a long time if needed...Done.
%Cleared file flash:/test/backup.zip.
Squeeze flash:/test/backup1.zip?(y/n)[n]:y
Clear file from flash will take a long time if needed...Done.
%Cleared file flash:/test/backup1.zip.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 214

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.58 rmdir (FTP client view)

Function
The rmdir command deletes a specified directory from the remote FTP server.

Format
rmdir remote-directory

Parameters
Parameter Description Value
remote- Specifies a directory or The value is a string of 1 to 64
directory path on the FTP server. case-insensitive characters
without spaces.

Views
FTP client view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the rmdir command to delete a specified directory from the remote
FTP server.
Precautions
● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● If no path is specified when you delete a subdirectory, the subdirectory is
deleted from the current directory.
● The directory is deleted from the FTP server rather than the FTP client.

Example
# Delete the directory d:/temp1 from the remote FTP server.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] rmdir d:/temp1
250 'D:\temp1': directory removed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 215

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.59 rmdir (SFTP client view)

Function
The rmdir command deletes a specified directory from the remote SFTP server.

Format
rmdir remote-directory &<1-10>

Parameters

Parameter Description Value

remote- Specifies the name of a file The value is a string of 1 to 64
directory on the SFTP server. case-insensitive characters
without spaces.

Views
SFTP client view

Default Level
3: Management level

Usage Guidelines
● You can configure a maximum of 10 file names in the command and separate
them using spaces and delete them at one time.
● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● If the directory to be deleted is not in the current directory, you must specify
the file path.

Example
# Delete the directory 1 from the current directory, and the directory 2 from the
test directory.
<HUAWEI> system-view
[HUAWEI] sftp 10.1.1.1
Please input the username:admin
Trying 10.1.1.1 ...
Press CTRL+K to abort
Enter password:
sftp-client> rmdir 1 test/2
Warning: Make sure to remove these directories? [Y/N]:y
Info: Succeeded in removing the directory /test/1.
Info: Succeeded in removing the directory /test/test/2.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 216

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.5.60 rmdir (user view)

Function
The rmdir command deletes a specified directory from the storage device.

Format
rmdir directory

Parameters
Parameter Description Value
directory Specifies a The value is a string of case-sensitive characters
directory or in the [ drive ] [ path ] directory format. The
directory and its absolute path length ranges from 1 to 64, while
path. the directory name length ranges from 1 to 15.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
Characters such as ~, *, /, \, :, ', " cannot be used
in the directory name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

The following describes the drive name.

The path can be an absolute path or relative path.

● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.

Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 217

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● A deleted directory and its files cannot be restored from the recycle bin.

Example
# Delete the directory test from the current directory.
<HUAWEI> rmdir test
Remove directory flash:/test?(y/n)[n]:y
%Removing directory flash:/test....Done!

3.5.61 set default ftp-directory

Function
The set default ftp-directory command configures the default FTP working
directory.
The undo set default ftp-directory command disables the default FTP working
directory.
By default, no default FTP working directory is configured.

Format
set default ftp-directory directory
undo set default ftp-directory

Parameters
Parameter Description Value
directory Specify the default FTP The value is a string of 1 to 64 case-
working directory. sensitive characters without spaces.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the set default ftp-directory command to configure a default FTP
working directory for all FTP users at one time.
Precautions
● You can run the local-user ftp-directory command to configure an
authorized working directory for a local user.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 218

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● If you have configured the FTP working directory by running the local-user
ftp-directory command, you must use this FTP working directory.
● If no FTP working directory is specified on the device, FTP users cannot log in
to the device.

Example
# Set the default FTP working directory to flash:/.
<HUAWEI> system-view
[HUAWEI] set default ftp-directory flash:/

3.5.62 sftp

Function
The sftp command connects the device to the SSH server so that you can manage
files that are stored on the SFTP server.

Format
sftp [ -a source-address | -i interface-type interface-number ] host-ip [ port ]
[ [ prefer_kex prefer_key-exchange ] | [ prefer_ctos_cipher prefer_ctos_cipher ] |
[ prefer_stoc_cipher prefer_stoc_cipher ] | [ prefer_ctos_hmac prefer_ctos_hmac ]
| [ prefer_stoc_hmac prefer_stoc_hmac ] ] * [ -ki aliveinterval [ -kc
alivecountmax ] ]

Parameters

Parameter Description Value

-a source-address Specifies the source IP The value is in dotted

address for connecting to the decimal notation.
SFTP client. You are advised
to use the loopback interface
IP address.

-i interface-type Specifies the source interface -

interface-number type and ID. You are advised
to use the loopback
interface.
The IP address configured for
this interface is the source IP
address for sending packets.
If no IP address is configured
for the source interface, the
SFTP connection cannot be
set up.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 219

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

host-ip Specifies the IP address or The value is a string of 1

host name of the remote to 255 case-insensitive
IPv4 SFTP server. characters without
spaces.

host-ipv6 Specifies the IPv6 address or The value is a string of 1

host name of the remote to 255 case-insensitive
IPv6 SFTP server. characters without
spaces.

-oi interface-type Specifies an outbound -

interface-number interface on the local device.
If the remote host uses an
IPv6 link-local address, you
must specify the outbound
interface on the local device.

port Specifies the port number of The value is an integer

the SSH server. that ranges from ranges
from 1 to 65535. The
default port number is
22.

prefer_kex prefer_key- Specifies the preferred key Preferred key exchange

exchange exchange algorithm. algorithms supported
depend on the ssh
client key-exchange
command settings.

prefer_ctos_cipher Specifies the preferred Preferred encryption

prefer_ctos_cipher encryption algorithm from algorithms supported
the client to the server. depend on the ssh
client secure-
algorithms cipher
command settings.

prefer_stoc_cipher Specifies the preferred Preferred encryption

prefer_stoc_cipher encryption algorithm from algorithms supported
the server to the client. depend on the ssh
client secure-
algorithms cipher
command settings.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 220

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

prefer_ctos_hmac Specifies the preferred Preferred HMAC

prefer_ctos_hmac HMAC algorithm from the algorithms supported
client to the server. depend on the ssh
client secure-
algorithms hmac
command settings.

prefer_stoc_hmac Specifies the preferred Preferred HMAC

prefer_stoc_hmac HMAC algorithm from the algorithms supported
server to the client. depend on the ssh
client secure-
algorithms hmac
command settings.

-ki aliveinterval Specifies the interval for The value is an integer

sending keepalive packets that ranges from 1 to
when no packet is received 3600, in seconds.
in reply.

-kc alivecountmax Specifies the times for The value is an integer

sending keepalive packets that ranges from 3 to
when no packet is received 10. The default value is
in reply. 5.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

SFTP is short for SSH FTP that is a secure FTP protocol. SFTP is on the basis of
SSH. It ensures that users can log in to a remote device securely for file
management and transmission, and enhances the security in data transmission. In
addition, you can log in to a remote SSH server from the device that functions as
an SFTP client.

When the connection between the SFTP server and client fails, the SFTP client
must detect the fault in time and disconnect from the SFTP server. To ensure this,
before being connected to the server in SFTP mode, the client must be configured
with the interval and times for sending the keepalive packet when no packet is
received in reply. If the client receives no packet in reply within the specified
interval, the client sends the keepalive packet to the server again. If the maximum
number of times that the client sends keepalive packets exceeds the specified

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 221

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

value, the client releases the connection. By default, when no packet is received,
the function for sending keepalive packets is not enabled.

Precautions

● Enable the SFTP service on the SSH server by sftp server enable command,
before connecting the SSH server by using the SFTP command.
● You can set the source IP address to the source or destination IP address in
the ACL rule when the -a or -i parameter is specified. This shields the IP
address differences and interface status impact, and incoming and filters
outgoing packets, and implements security authentication.
● If the current listening port number is not 22, you must specify a listening
port number for logging in to the SFTP client.
● If you cannot run the sftp command successfully when you configured the
ACL on the SFTP client, or when the TCP connection fails, an error message is
displayed indicating that the SFTP client cannot be connected to the server.
● If multiple APs use the same IP address, you cannot log in to an AP using its
IP address using the stelnet command. In this case, you can run the sftp ap
command to log in to an AP using the AP ID or name.

Example
# Set keepalive parameters when the client is connected to the server in SFTP
mode.
<HUAWEI> system-view
[HUAWEI] sftp 10.164.39.223 -ki 10 -kc 4
Please input the username: client001
Trying 10.164.39.223 ...
Press CTRL+K to abort
Enter password:
sftp-client>

3.5.63 sftp ap (Central AP)

Function
The sftp ap command enables users to log in to a fit AP through SFTP.

Format
sftp ap { ap-name ap-name | ap-id ap-id }

Parameters
Parameter Description Value

ap-name ap- Specifies the name of an AP. The AP name must

name exist.

ap-id ap-id Specifies the ID of an AP. The AP ID must

exist.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 222

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the sftp ap command to log in to a fit AP through SFTP on the AP.
You only need to specify the fit AP's name or ID but does not need to enter the fit
AP's IP address.
Pre-configuration Tasks
First-time authentication has been enabled on the SSH client using the ssh client
first-time enable command.

Example
# Use the name to log in to the fit AP through SFTP.
<HUAWEI> system-view
[HUAWEI] sftp ap ap-name area_1
The server is not authenticated. Continue to access it? (y/n)[n]:y
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 192.168.109.253. Please wait...

sftp-client>

3.5.64 sftp client-source

Function
The sftp client-source command specifies the source IP address for the SFTP
client to send packets.
The undo sftp client-source command restores the default source IP address for
the SFTP client to send packets.
The default source IP address for the SFTP client to send packets is 0.0.0.0.

Format
sftp client-source { -a source-ip-address | -i interface-type interface-number }
undo sftp client-source

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 223

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

If no source IP address is specified, the client uses the source IP address that the
router specifies to send packets. The source IP address must be configured for an
interface with stable performance. The loopback interface is recommended. Using
the loopback interface as the source interface simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, and incoming and filters outgoing packets, and implements security
authentication.

Precautions

● You can query the source IP address or primary IP address of the source
interface for the SFTP connection on the SFTP server.
● The sftp command also configures the source IP address whose priority is
higher than that of the source IP address specified in the sftp client-source
command. If you specify source addresses in the sftp client-source and sftp
commands, the source IP address specified in the sftp command is used for
data communication. The source address specified in the sftp client-source
command applies to all SFTP connections. The source address specified in the
sftp command applies only to the current SFTP connection.

Example
# Set the source IP address of the SFTP client to 1.1.1.1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 224

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> system-view
[HUAWEI] sftp client-source -a 1.1.1.1
Info: Succeeded in setting the source address of the SFTP client to 1.1.1.1

3.5.65 sftp server enable

Function
The sftp server enable command enables the SFTP service on the SSH server.
The undo sftp server enable command disables the SFTP service on the SSH
server.
By default, the SFTP service is disabled.

Format
sftp server enable
undo sftp server enable

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
To connect the client to the SSH server to transfer files in SFTP mode, you must
first enable the SFTP server on the SSH server.

Example
# Enable the SFTP service.
<HUAWEI> system-view
[HUAWEI] sftp server enable
Info: Succeeded in starting the SFTP server.

# Disable the SFTP service.

<HUAWEI> system-view
[HUAWEI] undo sftp server enable

3.5.66 tftp
Function
The tftp command uploads a file to the TFTP server or downloads a file to the
local device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 225

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
# Upload a file to the TFTP server or download a file to the local device based on
the IPv4 address
tftp [ -a source-ip-address | -i interface-type interface-number ] tftp-server { get |
put } source-filename [ destination-filename ]

Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address for The value is in dotted
address connecting to the TFTP client. You decimal notation.
are advised to use the loopback
interface IP address.
-i interface-type Specifies the source interface used -
interface- by the TFTP client to set up
number connections. It consists of the
interface type and number. It is
recommended that you specify a
loopback interface.
The IP address configured for this
interface is the source IP address for
sending packets. If no IP address is
configured for the source interface,
the TFTP connection cannot be set
up.

tftp-server Specifies the IPv4 address or host The value is a string of

name for the TFTP server. 1 to 255 case-insensitive
characters without
spaces.

get Download a file. -

put Upload a file. -
source-filename Specifies the source file name. The value is a string of
1 to 64 case-sensitive
characters without
spaces.
destination- Specifies the destination file name. The value is a string of
filename 1 to 64 case-sensitive
characters without
spaces. By default,
source and destination
file names are the same.

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 226

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When upgrading the system, you can run the tftp command to upload an
important file to the TFTP server or download a system software to the local
device.

Precautions

● When you run the tftp command to upload a file to the TFTP server in TFTP
mode, files are transferred in binary mode by default. The tftp does not
support the ASCII mode for file transfer.
● After specifying a source IP address, you can use this IP address to
communicate with the server and implement packet filtering to ensure data
security.

Example
# Download file vrpcfg.txt from the root directory of the TFTP server to the local
device. The IP address of the TFTP server is 10.1.1.1. Save the downloaded file to
the local device as file vrpcfg.bak.
<HUAWEI> tftp 10.1.1.1 get vrpcfg.txt flash:/vrpcfg.bak

# Upload file vrpcfg.txt from the root directory of the storage device to the
default directory of the TFTP server. The IP address of the TFTP server is 10.1.1.1.
Save file vrpcfg.txt on the TFTP server as file vrpcfg.bak.
<HUAWEI> tftp 10.1.1.1 put flash:/vrpcfg.txt vrpcfg.bak

3.5.67 tftp client-source

Function
The tftp client-source command specifies the source IP address for the TFTP
client to send packets.

The undo tftp client-source command restores the default source IP address for
the TFTP client to send packets.

The default source IP address for the TFTP client to send packets is 0.0.0.0.

Format
tftp client-source { -a source-ip-address | -i interface-type interface-number }

undo tftp client-source

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 227

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
-a source-ip- The value is
Specifies the source IP address of the TFTP
address in dotted
client. You are advised to use the loopback
decimal
interface IP address.
notation.
-i interface-type Source interface type and ID. You are advised -
interface-number to use the loopback interface.
The IP address configured for this interface is
the source IP address for sending packets. If
no IP address is configured for the source
interface, the TFTP connection cannot be set
up.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Precautions

● The tftp command also configures the source IP address whose priority is
higher than that of the source IP address specified in the tftp client-source
command. If you specify source addresses in the tftp client-source and tftp
commands, the source IP address specified in the tftp command is used for
data communication. The source address specified in the tftp client-source
command applies to all TFTP connections. The source address specified in the
tftp command applies only to the current TFTP connection.
● You can query the source IP address or source interface IP address specified in
the TFTP connection on the TFTP server.

Example
# Set the source IP address of the TFTP client to 1.1.1.1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 228

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> system-view
[HUAWEI] tftp client-source -a 1.1.1.1
Info: Succeeded in setting the source address of the TFTP client to 1.1.1.1.

3.5.68 tftp-server acl

Function
The tftp-server acl command specifies the ACL number for the local device so
that the device can access TFTP servers with the same ACL number.

The undo tftp-server acl command deletes the ACL number from the local device.

By default, no ACL number is specified on the local client.

Format
tftp-server acl acl-number

undo tftp-server acl

Parameters

Parameter Description Value

acl-number Specifies the number of the The value is an integer that ranges
basic ACL. from 2000 to 2999.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To ensure the security of the local device, you need to run the tftp-server acl
command to specify an ACL to specify TFTP servers that the local device can
access.

Precautions

● The tftp-server acl command takes effect only after you run the rule
command to configure the ACL rule. If no ACL rule is configured, the local
device can access a specified TFTP server in TFTP mode.
● The TFTP supports only the basic ACL whose number ranges from 2000 to
2999.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 229

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Allow the local device to the access the TFTP server whose ACL number is 2000.
<HUAWEI> system-view
[HUAWEI] acl 2000
[HUAWEI-acl-basic-2000] rule permit source 10.10.10.1 0
[HUAWEI-acl-basic-2000] quit
[HUAWEI] tftp-server acl 2000

3.5.69 umount
Function
The umount command unloads a storage device.

NOTE

This command is supported only by devices that support extended storage devices such as
USB.

Format
umount driver

Parameters
Parameter Description Value

driver Specifies the driver that The enumerated values

requires unloading. are:
● usb:
● sdcard:
The value sdcard: is
supported only by the
AD9430DN-12.

Views
User view

Default Level
3: Management level

Usage Guidelines
Run this command to unload the storage device before you remove the storage
device from the device. Otherwise, the storage device may be damaged.

Example
# Unload a USB flash drive.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 230

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> umount usb:

Info: Umount USB device success!

3.5.70 undelete

Function
The undelete command restores a file that has been has been temporally deleted
and moved to the recycle bin.

Format
undelete { filename | devicename }

Parameters
Parameter Description Value
filename Specifies the name The value is a string of 1 to 64 case-sensitive
of a file to be characters without spaces in the [ drive ]
restored. [ path ] file name format.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', " cannot be used in the directory
name.

devicename Specifies the -

storage device
name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can run the undelete command to restore a file that has been temporally
deleted and moved to the recycle bin. However, files that are permanently deleted
by running the delete or reset recycle-bin command with the /unreserved
parameter cannot be restored.

The following describes the drive name.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 231

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● drive indicates the storage device and is named as flash:. On the

AD9430DN-12, the storage device can also be flash1: as the primary space to
store feature files required for the attack defense function. Startup files and
configuration files can be stored only in flash:, while other files can be flexibly
stored in flash: or flash1.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.
Like devicename, drive specifies the storage device name.
Precautions
● To display information about a temporally deleted file, run the dir /all
command. The file name is displayed in square brackets ([ ]).
● If the name of a file is the same as an existing directory, the file cannot be
restored. If the destination file has the same name as an existing file, the
system prompts you whether to overwrite the existing file. The system prompt
is displayed only when file prompt is set to alert.

Example
# Restore file sample.bak from the recycle bin.
<HUAWEI> undelete sample.bak
Undelete flash:/sample.bak ?(y/n)[n]:y
Undeleted file flash:/sample.bak.

# Restore a file that has been moved from the root directory to the recycle bin.
<HUAWEI> undelete flash:
Undelete flash:/test.txt?(y/n)[n]:y
Undeleted file flash:/test.txt.
Undelete flash:/rr.bak?(y/n)[n]:y
Undeleted file flash:/rr.bak.

3.5.71 unzip
Function
The unzip command decompresses a file.

Format
unzip source-filename destination-filename

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 232

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

source- Specifies the name The value is a string of 1 to 64 case-

filename of a source file to sensitive characters without spaces in the
be decompressed. [ drive ] [ path ] file name format.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory.
Characters ~, *, /, \, :, ', " cannot be used in
the directory name.

destination- Specifies the name The value is a string of 1 to 64 case-

filename of a destination file sensitive characters without spaces in the
that is [ drive ] [ path ] file name format.
decompressed.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory.
Characters ~, *, /, \, :, ', " cannot be used in
the directory name.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can decompress files, especially log files that are stored on the storage device
and run the more command to query the file.

The following describes the drive name.

● drive indicates the storage device and is named as flash:. On the

The path can be an absolute path or relative path.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 233

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● flash:/my/test/ is an absolute path.

● selftest/ is related to the current working directory and indicates the selftest
directory in the current working directory.

Precautions

● If the destination file path is specified while the file name is not specified, the
designation file name is the same as the source file name.
● The source file persists after being decompressed.
● The compressed file must be a .zip file. If a file to be decompressed is not a
zip file, the system displays an error message during decompression.
● The source file must be a single file. If you attempt to decompress a directory
or multiple files, the decompression cannot succeed.

Example
# Decompress log file syslogfile-2012-02-27-17-47-50.zip that are stored in the
syslogfile directory and save it to the root directory as file log.txt.
<HUAWEI> pwd
flash:/syslogfile
<HUAWEI> unzip syslogfile-2012-02-27-17-47-50.zip flash:/log.txt
Extract flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip to flash:/log.txt?(y/n)[n]:y
100% complete
Decompressed file flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip flash
:/log.txt.

3.5.72 user

Function
The user command changes the current FTP user when the local device is
connected to the FTP server.

Format
user user-name [ password ]

Parameters
Parameter Description Value
user-name Specifies the login The value is a string of 1 to 64 case-
password. insensitive characters without space.
password Specifies the login The value is a string of 1 to 16 case-sensitive
password. characters without space, single quotation
mark, or question mark.

Views
FTP client view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 234

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can run the user command to change the current user on the FTP server.

Precautions

After you run the user command to change the current user, a new FTP
connection is set up, which is the same as that you specify in the ftp command.

Example
# Log in to the FTP server using the user name tom.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] user tom
331 Password required for tom.
Enter password:
230 User logged in.

3.5.73 verbose

Function
The verbose command enables the verbose function on the FTP client.

The undo verbose command disables the verbose function.

By default, the verbose function is enabled.

Format
verbose

undo verbose

Parameters
None

Views
FTP client view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 235

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
After the verbose function is enabled, all FTP response messages are displayed on
the FTP client.

Example
# Enable the verbose function.
<HUAWEI> ftp 10.1.1.1
Trying 10.1.1.1 ...
Press CTRL+K to abort
Connected to 10.1.1.1.
220 FTP service ready.
User(10.1.1.1:(none)):admin
331 Password required for admin.
Enter password:
230 User logged in.
[HUAWEI-ftp] verbose
Info: Succeeded in switching verbose on.
[HUAWEI-ftp] get h1.txt
200 Port command okay.
150 Opening ASCII mode data connection for h1.txt.

226 Transfer complete.

FTP: 69 byte(s) received in 0.160 second(s) 431.25byte(s)/sec.

# Disable the verbose function.

[HUAWEI-ftp] undo verbose
Info: Succeeded in switching verbose off.
[HUAWEI-ftp] get h1.txt

FTP: 69 byte(s) received in 0.150 second(s) 460.00byte(s)/sec.

3.5.74 zip
Function
The zip command compresses a file.

Format
zip source-filename destination-filename

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 236

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value
source- Specifies the The value is a string of 1 to 64 case-sensitive
filename name of a source characters without spaces in the [ drive ]
file to be [ path ] file name format.
compressed.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', " cannot be used in the directory
name.

destination- Specifies the The value is a string of 1 to 64 case-sensitive

filename name of a characters without spaces in the [ drive ]
destination file [ path ] file name format.
that is
compressed. In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', " cannot be used in the directory
name.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 237

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Precautions
● If the destination file path is specified while the file name is not specified, the
designation file name is the same as the source file name.
● The source file persists after being compressed.
● Directories cannot be compressed.

Example
# Compress file log.txt that is stored in the root directory and save it to the test
directory as file log.zip.
<HUAWEI> dir
Directory of flash:/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 155 Dec 02 2011 01:28:48 log.txt
1 -rw- 9,870 Oct 01 2011 00:22:46 patch.pat
2 drw- - Mar 22 2012 00:00:48 test
3 -rw- 836 Dec 22 2011 16:55:46 rr.dat
...

1,927,220 KB total (1,130,464 KB free)

<HUAWEI> zip log.txt flash:/test/log.zip
<HUAWEI> cd test
Zip flash:/log.txt flash:/test/log.zip? (y/n)[n]:y
100% complete
Compressed file flash:/log.txt flash:/test/log.zip.
<HUAWEI> dir
Directory of flash:/test/

Idx Attr Size(Byte) Date Time(LMT) FileName

0 -rw- 836 Mar 20 2012 19:49:14 test
1 -rw- 239 Mar 22 2012 20:57:38 test.txt
2 -rw- 1,056 Dec 02 2011 01:28:48 log.txt
3 -rw- 240 Mar 22 2012 21:23:46 log.zip

1,927,220 KB total (1,130,463 KB free)

3.6 Configuring System Startup Commands

3.6.1 autosave interval

Function
The autosave interval command sets the interval for automatically saving system
configuration data.

Format
autosave interval { value | time | configuration time }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 238

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

value Configures the automatic save The value is an

function. The automatic save function enumerated value
is classified into two types: saving that can be on or off.
configuration data automatically and The default value is
saving modified data automatically. off.
When the value is on, the two save
functions are enabled. When the value
is off, the two save functions are
disabled and the data needs to be
saved manually.

time Indicates the interval for automatically The value is an integer

saving the configuration data. If an that ranges from 10 to
interval is configured, the 10080.
configuration data is saved regardless The unit is minute.
of whether it is modified.
The default value is
1440 minutes.

configuration Indicates the interval for automatically The value is an integer

time saving the modified data. When the that ranges from 2 to
configuration data is modified, it is 1440.
saved at the preset interval. The unit is minute.
The default value is 30
minutes.

Views
User view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Run this command to set configuration data at preset intervals. When the interval
is set, the system automatically saves the configuration data without requiring the
command delivered by the network management system. The modified data can
be saved in the storage device in real time and cannot be lost after system restart.

Precautions

● When the automatic save function is enabled, you can also run the save
command to save the system configuration data manually. When the
automatic save function is disabled, the system does not save data

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 239

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

automatically and you need to run the save command to save the configured
data.
● The automatic save function is disabled by default.
● After you run the autosave interval command, the frequent data save
operation affects system performance. Do not set the automatic save interval
to less than 1 hour. The automatic save interval of 24 hours or greater is
recommended.
● The automatic save function specified by the autosave interval command
cannot be enabled together with that specified by the autosave time
command.

Example
# Enable the automatic save function.
<HUAWEI> autosave interval on
System autosave interval switch: on
Autosave interval: 1440 minutes
Autosave type: configuration file

System autosave modified configuration switch: on

Autosave interval: 30 minutes
Autosave type: configuration file

# Set the automatic save interval to 120 minutes.

<HUAWEI> autosave interval 120
System autosave interval switch: on
Autosave interval: 120 minutes
Autosave type: configuration file

Table 3-35 Description of the autosave interval command output

Item Description

System autosave interval switch Whether the device is enabled to

automatically save system
configuration data at the specified
interval:
● on: The device is enabled to
automatically save system
configuration data at the specified
interval.
● off: The device is disabled from
automatically saving system
configuration data at the specified
interval.

Autosave interval Specifies the interval for automatically

saving configuration data. If an
interval is configured, the
configuration data is saved at intervals
regardless of whether the data is
changed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 240

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

Autosave type Indicates that the type of file saved

automatically is configuration file.

System autosave modified Indicates that the change to the

configuration switch configuration data is automatically
saved. When the value is on, the
function is enabled. When the value is
off, the function is disabled.

3.6.2 autosave time

Function
The autosave time command sets the automatic save time.

Format
autosave time { value | time-value }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 241

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

value Configures the device to save configuration Enumerated

data at a preset time. value. The
options are as
follows:
● on: The
device is
enabled to
automatica
lly save
system
configurati
on data at
a preset
time.
● off: The
device is
disabled
from
automatica
lly saving
system
configurati
on data at
a preset
time.
The default
value is off.

time-value Indicates the automatic save time after the The value
device is enabled to automatically save system ranges from
configuration data. After this parameter is 00:00:00 to
configured, the system automatically saves the 23:59:59.
configuration data at intervals of the The default
automatic save time. value is
00:00:00.

Views
User view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 242

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The system can save configuration data at preset intervals or at the preset time.
Run this command to set the automatic save time. When the time is set, the
system automatically saves the configuration data without requiring the
command delivered by the network management system. The modified data can
be saved in the storage device in real time and cannot be lost after system restart.
Precautions
● When the device is enabled to automatically save system configuration data,
the modified configuration is saved at the preset time. When the device is
disabled from automatically saving system configuration data, the system
does not save data automatically and you need to run the save command to
save the configured data.
● The automatic save function specified by the autosave time command
cannot be used with that specified by the autosave interval command.
● If data is frequently read from or written into the storage device, the lifespan
of the storage medium is reduced. You are advised to disable the automatic
save function immediately after the modified data is saved.

Example
# Enable the device to automatically save system configuration data at intervals
of the automatic save time.
<HUAWEI> autosave time on
System autosave time switch: on
Autosave time: 00:00:00
Autosave type: configuration file

# Set the automatic save time to 12:20:30.

<HUAWEI> autosave time 12:20:30
System autosave time switch: on
Autosave time: 12:20:30
Autosave type: configuration file

Table 3-36 Description of the autosave time command output

Item Description

System autosave time switch Whether the device is enabled to

automatically save system
configuration data at the specified
time:
● on: The device is enabled to
automatically save system
configuration data at the specified
time.
● off: The device is disabled from
automatically saving system
configuration data at the specified
time.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 243

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

Autosave time Automatic save time. The device saves

system configuration data at intervals
of the automatic save time no matter
whether the configuration data
changes.

Autosave type Type of the file saved automatically.

3.6.3 compare configuration

Function
The compare configuration compares whether the current configurations are
identical with the next startup configuration file.

Format
compare configuration [ configuration-file [ current-line-number save-line-
number ] ]

Parameters
Parameter Description Value
configuration-file Specifies the name of the The value is a string of 5 to
configuration file to be 64 case-sensitive characters
compared with the current without spaces.
configurations.
current-line- Specifies the line number for The value is an integer that
number comparison in the current ranges from 0 to 65535.
configuration.
save-line-number Specifies the line number for The value is an integer that
comparison in the saved ranges from 0 to 65535.
configuration.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 244

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

If current-line-number and save-line-number are not specified, the configuration

files are compared from the first lines. The two parameters can be specified to skip
the differences that are found and continue the comparison.
When the difference is found using the compare configuration command, the
different content in the current and saved configuration files is displayed. By
default, 120 characters are displayed. If the different content from the start line to
the end line contains less than 120 characters, only these characters are displayed.
Precautions
● The configuration file name extension must be .cfg or .zip.
● If configuration-file is not specified, the system compares whether the current
configurations are identical with the next startup configuration file.
● If configuration-file is specified, the system compares whether the current
configurations are identical with the specified startup configuration file.

Example
# Compare whether the current configurations are identical with the next startup
configuration file.
<HUAWEI> compare configuration
The current configuration is not the same as the next startup configuration file.
====== configuration line 14 ======
undo http server enable
#
drop illegal-mac alarm
#
vlan batch 10 to 11
#
dot1x enable
#
set transceiver-monitoring disable
====== Configuration file line 14 ======
http server enable
#
drop illegal-mac alarm
#
vlan batch 10 to 11
#
dot1x enable
#
set transceiver-monitoring disable

3.6.4 display autosave configuration

Function
The display autosave configuration command displays the automatic save
parameters of the configuration data.

Format
display autosave configuration

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 245

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
All views

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Run this command when you want to check whether the function for
automatically saving configuration data is enabled, enable or disable the
automatic save function, and modify the automatic save interval or time.

Precautions

● Run the autosave time command to set the time for automatically saving
system configuration data.
● Run the autosave interval command to set the interval for automatically
saving system configuration data.
● The frequent data save operation affects the lifespan of the system storage
device. Do not set the automatic save interval to less than 1 hour. The
automatic save interval of 24 hours or greater is recommended.

Example
# Display the automatic save parameters configured in the system.
<HUAWEI> display autosave configuration
System autosave interval switch: on
Autosave interval: 120 minutes
Autosave type: configuration file

System autosave modified configuration switch: on

Autosave interval: 30 minutes
Autosave type: configuration file

System autosave time switch: off

Autosave time: 12:20:30
Autosave type: configuration file

Table 3-37 Description of the display autosave configuration command output

Item Description

System autosave interval switch State of the automatic save function.

Autosave interval Automatic save interval.

Autosave type Type of the file that is automatically

saved.

System autosave modified State of the function for automatically

configuration switch saving modified data.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 246

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

System autosave time switch State of the function for saving

configuration data at the preset time.

Autosave time Automatic save time.

3.6.5 display current-configuration

Function
The display current-configuration command displays the currently running
configuration.

This command does not display parameters that use default settings.

Format
display current-configuration [ configuration [ configuration-type
[ configuration-instance ] ] | interface [ interface-name | interface-type
[ interface-number ] ] ] [ feature feature-name [ filter filter-expression ] | filter
filter-expression ]

display current-configuration [ all | inactive | [ simple ] [ section section ] ]

Parameters

Parameter Description Value

configuration Specifies the configuration The value is determined by

configuration-type type. the current system
configurations.

configuration-instance Specifies a configuration The value is a string of 1 to

instance. 80 case-insensitive
characters without spaces.

interface [ interface- Specifies an interface -

name | interface-type name or an interface type.
[ interface-number ] ]

feature feature-name Specifies a feature name. -

filter filter-expression Displays the configuration The value is a string of 1 to

information that matches 255 case-insensitive
a regular expression. characters without spaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 247

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

all Displays all the -

configuration information.

inactive Displays the offline -

configuration information.

simple Displays the current simple -

configuration.

section section Specifies the The value is a string of 1 to

configurations to be 79 case-insensitive
obtained based on types. characters without spaces.

Views
All views

Default Level
3: Management level

Usage Guidelines
To check whether the configured parameters take effect, run the display current-
configuration command. The parameters that do not take effect are not
displayed.

The command output is relevant to user configuration. The command does not
display the default configuration.

You can use a regular expression to filter the command output. For the regular
expression rules, see Filtering Command Outputs in Configuration Guide.

If the configuration is in the offline state. The offline configuration is marked with
* in the display current-configuration all and display current-configuration
inactive command output.

Example
# Display all configurations that include vlan.
<HUAWEI> display current-configuration | include vlan
vlan batch 10 77 88
port trunk allow-pass vlan 10

3.6.6 display reset-reason

Function
The display reset-reason command displays device reset reasons.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 248

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
display reset-reason

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
If a device resets unexpectedly, you can run this command to view the device reset
reason for further fault locating.

Example
# Display device reset reasons.
<HUAWEI> display reset-reason
The MPU frame[0] board[0]'s reset total 1, detailed information:
-- 1. 2014-09-01 00:00:06, Reset No.: 1
Reason: Reset for power off

Table 3-38 Description of the display reset-reason command output

Item Description

frame Frame ID of a card.

board Slot ID of a card.

reset total Number of times a card is reset.

detailed information Detailed information about card resets.

2014-09-01 00:00:06 Time when a card resets.

NOTE
When the reset reason is displayed as Reset
for power off or Reset for others, the value
of this parameter is the system startup time
rather than the system reset time.

Reset No. Number of a reset.

Reason Reason for a reset. For details about

common reset reasons, see Table 3-39.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 249

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-39 Common device reset reasons

Reason Description Handling Suggestion

Reset for others The device is reset for Contact technical support
other reasons. personnel.

Reset by user The device reset No action is required.

command command is run.

Reset for memory use The memory is used Check the memory usage.
out up.

Reset for power off The AP is powered off If the AP restarts repeatedly,
and then restarted, or check whether the AP power
the BT power supply supply mode matches the
mode is forcibly used. actual power supply.

Reset for kernel panic A kernel panic (KP) Contact technical support
occurs. personnel.

Reset for switch zone The AP is upgraded, No action is required.

after update version and the active and
standby areas are
switched.

Reset for update The AP is successfully No action is required.

version success upgraded.

Reset for update The AP fails to be Check why the AP fails to be

version failed upgraded. upgraded.

Reset for exception A VOS exception Contact technical support

occurs. personnel.

Reset for watchdog A watchdog exception Contact technical support

occurs. personnel.

Reset for reset-key The RESET button is No action is required.

pressed.

Reset for the radio The radio type is No action is required.

type is different from inconsistent with that
that specified by the in the configuration
configuration file file.

Reset for the radio The radio type is No action is required.

type is changed changed.

Reset for 11ac target The Wi-Fi chip Contact technical support
chip abnormal firmware is abnormal. personnel.

Reset for tx dma stop The TX DMA stops Contact technical support
and packet personnel.
transmission becomes
abnormal.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 250

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset for restoration to The factory defaults No action is required.

factory defaults(by are restored through a
command) command.

Reset for MFPI detect The MFPI module Contact technical support
MSC module abnormal detects an MSC personnel.
module exception.

Reset for MFPI detect The MFPI module Contact technical support
MSU module detects an MSU personnel.
abnormal module exception.

Reset for MFPI detect The MFPI module Contact technical support
KAP module abnormal detects a KAP module personnel.
exception.

Reset for a country The country code is No action is required.

code change changed.

Reset for an AP MAC The MAC address or No action is required.

or SN change SN of the AP is
changed.

Reset for an AP The AP is upgraded. No action is required.

upgrade

Reset for the ap-reset The AP reset No action is required.

command command is executed.

Reset for the undo ap The AP deletion No action is required.

command command is executed.

Reset for license The license expires. Purchase and activate a new
expiration license.

Reset for the AP added The AP is blacklisted. No action is required.

to the blacklist

Reset for the CAPWAP The AP status is No action is required.

link and AP status inconsistent with the
mismatch CAPWAP link status.

Reset for a DTLS The DTLS status is No action is required.

configuration change changed.

Reset for a CAPWAP The CAPWAP link No action is required.

link fault status is abnormal.

Reset for restoration to The factory defaults No action is required.

factory defaults are restored.

Reset for a dual-link An active/standby link No action is required.

backup switch change switchover occurs on
the AC.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 251

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset for the ap- The AP renaming No action is required.

rename command command is delivered.

Reset for the ap- The AP regrouping No action is required.

regroup command command is delivered.

Reset for an AP An AP status conflict No action is required.

conflict state change occurs.

Reset for an AP The management No action is required.

management VLAN VLAN of the AP is
change changed.

Reset for commands in The command for No action is required.

the provision-ap view setting AP onboarding
parameters is
delivered.

Reset for a country The country code is Check the country code
code mismatch not supported by the configuration.
AP.

Reset for a central AP The type of the central No action is required.

type change AP changes.

Reset for AP deleted by The AP is deleted by No action is required.

controller the AC.

Reset for abnormal Self-healing occurs Check the network port.

network port self- upon a network port
healing exception.

Reset for the radio A radio type mismatch No action is required.

type mismatch exists between the AC
between the AP and and AP.
AC

Reset for the DTLS The DTLS No action is required.

configuration change configuration of a
of the data link data link is changed.

Reset for AP self- The time during which Check the reason why the AP
healing (The time the AP is offline goes offline.
during which the AP is exceeds the specified
offline exceeds the timeout threshold for
specified timeout an AP reset triggered
period for an AP reset by self-healing.
triggered by self-
healing)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 252

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset for a channel set The outdoor AP loads No action is required.

switching the country code
channel set
configuration for
indoor APs.

Reset for the online The device goes No action is required.

configuration offline due to
switching incorrect
configurations and is
reset for self-healing.

Reset for slow task The system runs Check the memory usage.
switching slowly.

Reset for restoration to The factory defaults No action is required.

factory defaults(by are restored through
button) the RESET button.

Reset for a A configuration Check the cause of the

configuration delivery delivery failure occurs. configuration delivery failure.
failure

Reset for MFPI detect The MFPI module Contact technical support
CAP PBUF use out detects that the PBUF personnel.
for traffic forwarding
is used up.

Reset for The Redis-server Contact technical support

exception(redis-server process exits personnel.
exit) unexpectedly.

Reset for The Confd process Contact technical support

exception(confd exit) exits unexpectedly. personnel.

Reset for The Callhome process Contact technical support

exception(callhome exits unexpectedly. personnel.
exit)

Reset for an abnormal A process exception Contact technical support

process occurs. personnel.

Reset for a smart A smart upgrade is No action is required.

upgrade performed.

Reset for the branch The branch AP group No action is required.

group of AP change is changed.

Reset for the AC The AC license expires. Purchase and activate a new
license expires license.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 253

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset for the version The AP does not go Check why the AP fails to go
rollback because the online after an online online.
AP does not go online upgrade, and rolls
after the online back to the earlier
upgrade version.

System initialized and The system is No action is required.

reset all initialized and all
cards are reset.

VRP reset selfboard The VRP resets the No action is required.

because of command MPU using a
command.

VRP reset selfboard The MPU is reset Contact technical support

because of Unexpected because an personnel.
State unexpected VRP status
exists.

VRP reset selfboard The VRP detects that Check the memory usage.
because of no memory the memory of the
MPU is insufficient.

VRP reset selfboard The batch backup is Contact technical support

because slave didn't not complete and the personnel.
finish Batch MPU does not
respond.

Reset selfboard The VRP detects an Contact technical support

because of find infinite loop. personnel.
deadloop

Reset selfboard The VRP detects an Contact technical support

because of find exception. personnel.
exception

Reset for patch get The patch status fails Contact technical support
state fail to be obtained. personnel.

Reset for patch load The patch file fails to Contact technical support
file fail be obtained. personnel.

Reset for patch The patch file fails to Contact technical support
synchronize file fail be synchronized. personnel.

Reset for CPLD self- The CPLD self-check Contact technical support
test fail fails. personnel.

Cold reset board for The CPU of a card is Contact technical support
CPU is not active not started, so the personnel.
card is cold reset.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 254

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset slave board for The memory size of Check the memory usage.
memsize too little the standby card is
too small, so the card
is reset.

Reset for cfcard A CF card exception Contact technical support

storage exception occurs. personnel.

Reset for dangerous The card is reset due Contact technical support
temperature to high temperature. personnel.

Reset for mfpi detect The MFPI module Contact technical support
fwd abnormal detects a forwarding personnel.
exception.

Reset for MSC detect The MSC module Contact technical support
PKO module abnormal detects a PKO module personnel.
exception.

Reset for ap disturbed APs are located too Increase the distance
close, causing between APs.
interference.

Reset for disable The security engine is No action is required.

defence engine disabled.

Reset for an AC The Wideband status No action is required.

wideband status changes.
change

Reset for the forcible The AP is forcibly Contact technical support

AP disconnection in disconnected in personnel.
specific scenarios specific scenarios.

Reset for restore the The Ethernet port No action is required.

Ethernet port's mode mode is restored.
as configured

Reset for ap abnormal The Wi-Fi driver Contact technical support

self-healing abnormally receives personnel.
and transmits packets
for a long period of
time.

Reset for the proxy A radio switchover No action is required.

scanning mode occurs.
switching

Reset for a module An exception occurs in Contact technical support

exception the NP chip module. personnel.

Reset for a heartbeat A heartbeat fault Contact technical support

failure occurs on the NP chip. personnel.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 255

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Reason Description Handling Suggestion

Reset for the number The number of soft or Contact technical support
of soft or hard failures hard failures on the personnel.
exceeding the NP chip reaches the
threshold threshold.

Reset for isolation of More than half of Contact technical support

more than half of ATOM threads on the personnel.
atom threads NP chip are isolated.

Reset for a fatal An exception occurs Contact technical support

exception on the NP. personnel.

3.6.7 display saved-configuration

Function
The display saved-configuration command displays the configuration file to be
used for the next startup.

Format
display saved-configuration [ last | time ]

Parameters
Parameter Description Value
last Displays the system configurations saved last time. -
time Displays the recent time when the configurations are saved -
manually or automatically.

Views
All views

Default Level
3: Management level

Usage Guidelines
If the device has been started and is not working properly, run the display saved-
configuration command to check the device startup configuration in the file
specified by running the startup saved-configuration command.
Run the display saved-configuration last command to check the system
configurations saved last time in the configuration file loaded during the current
startup.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 256

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Run the display saved-configuration time command to check the last time when
the system configurations are saved.
The command output is relevant to user configuration.

Example
# Display the configuration file for the next startup.
<HUAWEI> display saved-configuration
#
sysname HUAWEI
#
http timeout 3
#
dns resolve
#
pki realm default
enrollment self-signed
#
interface GigabitEthernet0/0/1
port link-type trunk
undo lldp enable

#
interface NULL0
#
user-interface maximum-vty 15
user-interface con 0
authentication-mode password
......

3.6.8 display schedule reboot

Function
The display schedule reboot command displays the configuration of the
scheduled restart of the device.

Format
display schedule reboot

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
After using the schedule reboot command to configure a scheduled restart, you
can use this command to view the configuration of the scheduled restart.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 257

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Display the configuration of the scheduled restart of the device.
<HUAWEI> display schedule reboot
Info:System will reboot at 22:00:00 2013/09/17 (in 1 hours and 43 minutes).

Table 3-40 Description of the display schedule reboot command output

Item Description

System will reboot at Specific restart time.

in hours and minutes Time span between the restart time and the current
time.

3.6.9 display startup

Function
The display startup command displays the system software, configuration file and
patch file for the current and next startup.

Format
display startup

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario
Before upgrading or degrading a device, run this command to check whether the
files for next startup have been loaded. If the files have been loaded, the device
can be upgraded or degraded successfully after it is restarted. You can also run the
command to view the system software and files for current startup.

Example
# Display the names of system software for current and next startup. The
following information is displayed when the AP is a common AP.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 258

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> display startup

Current startup system software: V200R019C00SPC100(AP8130DN FAT)
Backup startup system software: V200R019C00SPC100(AP8130DN FAT)
Next startup system software: V200R019C00SPC100(AP8130DN FAT)
Startup saved-configuration file: flash:/vrpcfg.zip
Next startup saved-configuration file: flash:/vrpcfg.zip
Startup patch package: NULL
Next startup patch package: flash:/patch-v2.pat

# Display the names of system software for current and next startup. The
following information is displayed when the AP is a central AP.
<HUAWEI> display startup
Current startup system software: V200R019C00SPC200(AD9430DN-24 FAT)
Backup startup system software: V200R019C00SPC100(AD9430DN-24 FAT)
Next startup system software: V200R019C00SPC200(AD9430DN-24 FAT)
Startup saved-configuration file: flash:/vrpcfg.zip
Next startup saved-configuration file: flash:/vrpcfg.zip
Startup patch package: NULL
Next startup patch package: NULL

Table 3-41 Description of the display startup command output

Item Description

Current startup system software System software for the current startup

Backup startup system software Backup system software.

Next startup system software System software for the next startup

Startup saved-configuration file Configuration file for current startup.

Next startup saved-configuration file Configuration file for next startup.

Startup patch package Patch file for current startup.

"Null" indicates that no patch file is
specified.

Next startup patch package Patch file for next startup.

"Null" indicates that no patch file is
specified for next startup.

3.6.10 reset saved-configuration

Function
The reset saved-configuration command clears the next startup configuration
file and cancels the configuration file used for next startup.

Format
reset saved-configuration

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 259

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

● If the configuration file on the device is incompatible with the upgraded

software, run the reset saved-configuration command to clear the
configuration file and then run the startup saved-configuration command to
specify a new configuration file.
● If the device in use is applied to another scenario and the original
configuration file of the device does not meet requirements in the scenario,
run the reset saved-configuration command to clear the existing
configuration file and restart the device to restore its factory configurations.

Precautions

● Exercise caution and follow the instructions of the technical support personnel
when you run this command.
● If this command is run, the system checks the configuration file to be loaded
at the next startup and the existing configuration file to be deleted:
– If the two configuration files are consistent, running the reset saved-
configuration command clears the settings for both files. The default
configuration file will be used for the next startup.
– If the two configuration files are inconsistent, running the reset saved-
configuration command clears the settings for the configuration file for
the next startup, and the settings for the current configuration file are
not cleared.
– If the current configuration file is empty, and the configuration file for
the next startup is not empty, running the reset saved-configuration
command clears the settings for the configuration file for the next
startup.
– If the configuration file for the next startup is empty, and the current
configuration file is not empty, after the reset saved-configuration
command is run, the system prompts an error and no settings are
cleared.
● When a user is saving a configuration file, running the reset saved-
configuration command will not delete the existing configuration file.
● If you do not use the startup saved-configuration command to specify a
new configuration file containing correct configurations or do not save the
configuration file after running the reset saved-configuration command, the
device uses factory configurations for startup. If the device does not have
factory configurations, it uses default configurations for startup.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 260

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Example
# Clear the next startup configuration file in the storage device and cancel the
configuration file used for next startup.
<HUAWEI> reset saved-configuration
This will delete the configuration in the flash memory.
The device configurations will be erased to reconfigure. Continue? (y/n)[n]:y
Clear the configuration in the device successfully.

3.6.11 reboot
Function
The reboot command restarts the device.

Format
reboot [ fast ]

Parameters
Parameter Description Value

fast Fast restarts the device. In fast restart mode, the -

configuration file is not saved.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
This command functions in the same way as a power recycle operation (power off
and then restart the device). The command enables you to restart the device
remotely.
● After the reboot command is run, if the current configuration is modified, the
system displays a message asking you whether to save the configuration
before a restart.
Info: The system is comparing the configuration, please wait................
Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]: y

● After the reboot fast command is run, the system restarts quickly without
displaying any message and the configuration is lost.
● After the reboot fast command is run, the system displays the following
message:
Info: system is sync data now, please wait ...

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 261

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The message indicates that the system is synchronizing internal data.

Precautions
● If you do not respond to the displayed message within the timeout period
after running this command, the system will return to the user view and the
device will not be restarted.
● This command interrupts services on the entire device. Therefore, do not use
this command when the device is running properly.
● Before restarting the device, ensure that the configuration file has been saved.

Example
# Restart the device.
<HUAWEI> reboot

# Restart the device quickly.

<HUAWEI> reboot fast
System will reboot! Continue ? [y/n]: y

3.6.12 reset factory-configuration

Function
The reset factory-configuration command resets the device to factory defaults.

Format
reset factory-configuration

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If an incorrect configuration that leads to a malfunction is performed, to restore
the device to factory settings, run the reset factory-configuration command.
Precautions
After being reset to factory settings, the device does not delete the original
configuration file. If you have saved the configuration file in advance, run the
startup saved-configuration configuration-file command to specify the saved

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 262

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

one as the startup configuration file. Then restart the device again to restore the
original device configurations. If the configuration file is not saved before the
device is reset to factory defaults, the configuration information will be lost after
the reset is complete.
After you run the reset factory-configuration command, the configurations of
the following commands will not be reset:
● clock daylight-saving-time
● clock datetime
● clock timezone

Example
# Reset the device to factory defaults.
<HUAWEI> reset factory-configuration
Warning: All of configurations will restore to factory and restart. Continue? [y/n]:y

3.6.13 startup patch

Function
The startup patch command specifies the patch file for next startup.

Format
startup patch patch-name

Parameters
Parameter Description Value

patch-name Specifies the name The value is a string of 4 to 64 case-sensitive

of the patch file for characters without spaces. It is in the format
next startup. of [ drive-name ] [ path ] [ file-name ]. If
drive-name is not specified, the name of the
default storage device is used.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To make the patch file take effect after the device restarts, run this command to
specify the patch file for next startup.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 263

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Follow-up Procedure
Run the reboot or the schedule reboot command to restart the device.
Precautions
● A patch file uses .pat as the file name extension and must be saved in the
root directory.
● If you use this command to specify another patch for next startup, the
previous patch will be overridden.
● After the patch file is specified for next startup, run the display startup
command to view the patch file.
– If the patch file for next startup is not empty, the device load the patch
automatically after next startup.
– If the patch file for next startup is empty, the device cannot load the
patch after next startup.
● After the startup patch command is run, use either of the following methods
if you do not want the specified patch package to take effect after the system
restart:
– Run the patch delete command to delete the current patch.
– Run the reset patch-configure next-startup command to clear the
patch file to be used at the next startup.

Example
# Specify the patch file for next startup.
<HUAWEI> startup patch patch.pat

3.6.14 reset patch-configure

Function
The reset patch-configure command clears the patch settings.

Format
reset patch-configure next-startup

Parameters
Parameter Description Value
next-startup Clears the patch status and settings for the next startup. -

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 264

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
If you run the reset patch-configure next-startup command, the system clears
the settings for the next startup patch and sets the patch status to idle.

Example
# Clear the patch status and settings for the next startup.
<HUAWEI> reset patch-configure next-startup
The patch will be deleted. Continue? (y/n)[n]:y
Info: Succeeded in resetting the next-startup patch state.

3.6.15 save
Function
The save command saves the configurations to the default directory.

Format
save [ all ] [ configuration-file ]

Parameters
Parameter Description Value

all Indicates that all configurations are -

saved, including the configurations
of the boards that are not running.

configuration-file Specifies the name of a The value is a string of 5

configuration file. to 64 case-sensitive
characters without
spaces.

Views
User view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
You can run commands to modify the current configuration of the device, but the
modified configuration will be lost after the device restarts. To enable the new
configuration to take effect after a restart, save the current configuration in the
configuration file before restarting the device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 265

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

When a series of configurations are complete and take effect, you must save the
current configuration file to the storage device.
The save configuration-file command saves the current configuration to a specific
file on the storage device. Generally, running the save configuration-file command
does not affect the current startup configuration file. If the configuration file
specified by configuration-file has the same name with the current configuration
file and the default directory is used, running the save configuration-file
command is equivalent to running the save command.
Run the save all command to save all the current configurations, including the
configurations of the boards that are not running, to the default directory.
The save all configuration-file command saves the current configuration to a
specific file on the storage device. Generally, running the save all configuration-
file command does not affect the current startup configuration file. If the
configuration file specified by configuration-file has the same name with the
current configuration file and the default directory is used, running the save all
configuration-file command is equivalent to running the save all command.
If you do not specify configuration-file when saving the configuration file for the
first time, the system asks you whether to save the configuration file as
vrpcfg.zip.
Precautions
● If you do not specify configuration-file, configurations are saved to the next
startup configuration file. You can run the display startup command to check
the name of the next startup configuration file.
● If the configuration file to be saved using this command has the same name
with the existing configuration file, the existing configuration file is rewritten.
● The configuration file name extension must be .zip or .cfg.
– .cfg: The file is saved in plain text mode. After the file is specified as the
configuration file, all commands in the file are recovered one by one
during startup.
– .zip: The .cfg file is compressed to a .zip file that occupies less space. After
being specified as the configuration file, the .zip file is decompressed to
the .cfg file and all commands in the .cfg file are recovered one by one
during startup.

Example
# Save the current configuration file to the default directory.
<HUAWEI> save
The current configuration will be written to the device. Continue?(y/n):y
It will take several minutes to save configuration file, please wait........
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 266

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.6.16 schedule reboot

Function
The schedule reboot command configures the scheduled restart of a device and
set the specific time when the device restarts or the delay time before the device
restarts.
The undo schedule reboot command disables the scheduled restart function.
By default, the scheduled restart is disabled.

Format
schedule reboot { at time | delay interval }
undo schedule reboot

Parameters
Parameter Description Value
at time Specifies the The format of time is hh:mm YYYY-MM-DD. The
device restart restart time must be later than the current device
time. time by less than 720 hours.YYYY-MM-DD
indicates year, month, and date and is optional.
● hh indicates hour and the value ranges from 0
to 23.
● mm indicates minute and the value ranges
from 0 to 59.
● YYYY indicates year and the value ranges from
2000 to 2099.
● MM indicates month and the value ranges
from 1 to 12.
● DD indicates date and the value ranges from 1
to 31.
delay Specifies the The format of interval is hh:mm or mm. The
interval delay time delay time must be no more than 720 hours.
before the ● In hh:mm, hh indicates hour and the value
device restarts. ranges from 0 to 720 and mm indicates
minute and the value ranges from 0 to 59.
● mm indicates minute and the value ranges
from 0 to 43200.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 267

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Usage Guidelines
Usage Scenario
When upgrading or restarting the device, you can configure the device to restart
at time when few services are running to minimize the impact on services.
Precautions
● If the schedule reboot at command is used to set a specific date (YYYY-MM-
DD) and the date is a future date, the device restarts at the specified time,
with an error within 1 minute. If no date is set, two situations occur: If the
specified time is later than the current time, the device restarts at the
specified time of the day. If the specified time is earlier than the current time,
the device restarts at the set time next day.
● Note that the gap between the specified date and current date must be
shorter than or equal to 720 hours If the scheduled restart has been
configured, the latest configuration overrides the previous one.
● The scheduled restart function becomes invalid when you use the clock
datetime command to set the system time to over 10 minutes later than the
restart time set by the schedule reboot command. If the time difference is
equal to or less than ten minutes, the device immediately restarts and does
not save the configuration.
● This command restarts the device at the specified time, interrupting all
services on the device. Therefore, do not use this command when the device is
running properly.
● Before restarting the device, ensure that the configuration file has been saved.

Example
# Configure the device to restart at 22:00.
<HUAWEI> schedule reboot at 22:00
Info:Reboot system at 22:00:00 2012/07/25(in 10 hours and 10 minutes) confirm?[Y
/N]:y

3.6.17 startup saved-configuration

Function
The startup saved-configuration command specifies the system configuration file
for next startup.

Format
startup saved-configuration configuration-file

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 268

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Value

configuration-file Specifies the name of a The value is a string of 4 to 64

configuration file. Make case-sensitive characters without
sure that the file exists. spaces and %. The file name
extension can be .zip or .cfg.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When the original configuration file cannot be used due to the software upgrade,
run the startup saved-configuration command to specify another configuration
file for next startup. The startup configuration file must be saved in the root
directory of the storage device.

Follow-up Procedure

Run the reboot or the schedule reboot command to restart the device.

Precautions

● The configuration file specified for the next startup must exist.
● The configuration file name extension must be .zip or .cfg.
– A configuration file with the file name extension .cfg is a text file, and
you can view the file content in the text file. After the file is specified as
the configuration file for next startup, the system restores all commands
in the file one by one during a startup.
– A .cfg file is compressed to a .zip file that occupies less space. After being
specified as the configuration file, the .zip file is decompressed to the .cfg
file and the system restores all commands in the .cfg file one by one
during startup.
● Users at level 3 or higher can change the configuration file used for the next
startup.

Example
# Specify the system configuration file for the next startup.
<HUAWEI> startup saved-configuration vrpcfg.cfg
This operation will take several minutes, please wait.....
Info: Succeeded in setting the file for booting system

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 269

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.6.18 startup system-software

Function
The startup system-software command specifies the system software for next
startup.

The AP5030DN, AP5130DN, AP3030DN, AP4030DN, AP4130DN, AP4050DN,

AP4051DN, AP4151DN, AP4050DN-S, AP1050DN-S, AP9131DN, AP9132DN,
AP5030DN-S, and AP4030DN-E do not support this command.

Format
startup system-software { backup | current }

Parameters
Parameter Description Value

backup Specifies the backup system software for next startup. -

current Specifies the current system software for next startup. -

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To roll back to the backup system software, run the startup system-software
backup command to specify the backup system software for next startup. The
rollback will be complete after a device reset.

Follow-up Procedure

Run the reboot or the schedule reboot command to restart the device.

Example
# Specify the backup system software for next startup.
<HUAWEI> startup system-software backup

3.7 Upgrade Commands

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 270

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.7.1 ap-mode-switch
Function
The ap-mode-switch command switches an AP's working mode.

Format
ap-mode-switch { fit | cloud }

NOTE

Only the AP5050DN-S, AP2051DN, AP2051DN-S, AP2051DN-E, AP1050DN-S,

AD9431DN-24X, AP2050DN, AP2050DN-S, AP2050DN-E, AP4050DN-HD, AP4050DN-E,
AP7050DN-E, AP7050DE, AD9430DN-12, AD9430DN-24, AP6150DN, AP6050DN,
AP8130DN, AP8030DN, AP4050DN, AP4051DN, AP4151DN, AP4050DN-S, AP8050DN,
AP8150DN, AP8050DN-S, AP4051TN, AP6052DN, AP7052DN, AP7152DN, AP7052DE,
AP8050TN-HD, AP8082DN, AP8182DN, AP4050DE-M, AP4050DE-M-S, AP4050DE-B-S,
AP3050DE, AP7060DN, AP2051DN-L-S, AP5510-W-GP, AP6750-10T, AirEngine 5760-10
support the ap-mode-switch { fit | cloud } command.
The AP4030TN does not support the cloud mode.

Parameters
Parameter Description Value

fit Switches a Fat AP to the -

Fit mode.

cloud Switches a Fat AP to the -

cloud mode.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To switch a Fat AP to the Fit or cloud mode, run the ap-mode-switch command.

Example
# Switch a Fat AP to the Fit mode.
<HUAWEI> system-view
[HUAWEI] ap-mode-switch fit
Warning: All the configuration will be saved to the next startup configuration.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 271

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Continue ? [y/n]: y
Warning: The system will reboot and start in fit mode of V200R019C00. Continue? [y/n]: y

3.7.2 ap-mode-switch check

Function
The ap-mode-switch check command checks whether an AP allows for switching
between a Fit AP and a Fat AP.

NOTE

Only the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN, AP9131DN,

AP9132DN, AP4030DN-E, and AP3010DN-V2 support this command.

Format
ap-mode-switch check

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Before switching the working mode of an AP, run this command to check whether
the AP allows for switching between the Fit AP and Fat AP. The system software of
an AP can be changed or upgraded only after the check result shows that the AP
allows for mode switching.

NOTE

If the AP does not allow for mode switching from a Fit AP to a Fat AP, run the ap-mode-
switch prepare command to configure the file system to allow for such switching.

Example
# Check whether an AP allows for switching between a Fit AP and a Fat AP.
<HUAWEI> system-view
[HUAWEI] ap-mode-switch check
Info: Ap-mode-switch check ok.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 272

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.7.3 ap-mode-switch ftp

Function
The ap-mode-switch ftp command connects an AP to an FTP server to download
the system software package for AP mode switching.

Format
ap-mode-switch ftp filename server-ip-address user-name password [ port ]

ap-mode-switch { fit | cloud } ftp filename server-ip-address user-name

password [ port ]

Table 3-42 Mode switching-related commands supported by APs

AP Model Whether the ap-mode- Whether the ap-mode-

switch ftp Command Is switch { fitfat | cloud }
Supported ftp Command Is
Supported

AP5030DN/AP5130DN/ Yes No
AP4030DN/AP4130DN/
AP5030DN-S/
AP3030DN/AP9131DN/
AP9132DN/AP4030DN-
E/AP3010DN-V2

AP2051DN/AP2051DN- No Yes
S/AP2051DN-E/
AP5050DN-S/AP4030TN/
AP6050DN/AP6150DN/
AP2050DN/AP2050DN-
S/AP2050DN-E/
AP4050DN-E/
AP4050DN-HD/
AP7050DN-E/AP7050DE/
AP8050DN/AP8150DN/
AP8050DN-S/
AP4050DN/AP4051DN/
AP4151DN/AP4050DN-
S/AP4051DN-S/
AP8030DN/AP8130DN/
AD9430DN-24/
AD9430DN-12/
AP1050DN-S/
AD9431DN-24X/
AP4050DE-M/AP4050DE-
M-S/AP4050DE-B-S/
AP3050DE/AP7060DN/
AP2051DN-L-S/AP5510-
W-GP/AP6750-10T/
AirEngine 5760-10

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 273

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

AP Model Whether the ap-mode- Whether the ap-mode-

switch ftp Command Is switch { fitfat | cloud }
Supported ftp Command Is
Supported

Other AP models do not support the preceding commands.

Parameters
Parameter Description Value

fit Switches a Fat AP to a -

Fit AP.

cloud Switches a Fat AP to a -

cloud AP.

filename Specifies the name of The value is a string of 1

the system software to 127 characters with
package used for mode no space but the file
switching on an FTP name suffix contained.
server.

server-ip-address Specifies the IP address The value is in dotted

of an FTP server. decimal notation.

port Specifies the port The value is an integer

number of an FTP server. that ranges from 0 to
65535. The default value
is 21.

user-name Specifies the user name The value is a string of 1

used to log in to an FTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as user-name for the
device to log in to the
server.

password Specifies the password The value is a string of 1

used to log in to an FTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as password for the
device to log in to the
server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 274

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To use the FTP server to switch a Fat AP to a Fit AP or cloud AP, run this
command to switch the system software package of the AP.

Due to low security of the FTP mode, the SFTP mode (ap-mode-switch sftp) is
recommended.

Prerequisites

The system software package has been uploaded to the FTP server.

It has been confirmed that the AP allows for switching between a Fit AP and a Fat
AP by running the ap-mode-switch check command.
NOTE

Only the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN, AP9131DN,

AP9132DN, AP4030DN-E, and AP3010DN-V2 support this command.

Example
# Switch AP1 from a Fat AP to a Fit AP using the FTP server (192.168.1.1).
<HUAWEI> system-view
[HUAWEI] ap-mode-switch ftp AP1_V200R019C00.bin 192.168.1.1 admin admin
Warning: Switching to the upgrade-assistant-package will reboot the system. Continue? [Y/N]:y

# Switch AP2 from a Fat AP to a Fit AP using the FTP server (192.168.1.1).
<HUAWEI> system-view
[HUAWEI] ap-mode-switch fit ftp AP2_V200R019C00.bin 192.168.1.1 admin admin
Warning: All the configuration will be saved to the next startup configuration.
Continue ? [y/n]: y
Warning: The system will reboot and start in fit mode of V200R019C00. Continue? [y/n]: y

3.7.4 ap-mode-switch prepare

Function
The ap-mode-switch prepare command configures a Fit AP to get prepared for
switching to a Fat AP.

NOTE

Only the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN,

AP9131DN, AP9132DN, AP4030DN-E, and AP3010DN-V2 support this command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 275

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Format
ap-mode-switch prepare

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Before switching a Fit AP to a Fat AP, run the ap-mode-switch check command to
check whether the Fit AP allows for switching to a Fat AP. If not, run the ap-
mode-switch prepare command to get the Fit AP prepared for switching to a Fat
AP. Then connect the Fit AP to an FTP, TFTP, or SFTP server and download the Fat
AP system software package from the server so that the Fit AP can switch to a Fat
AP.

NOTE

After the ap-mode-switch prepare command is executed, run the ap-mode-switch check
command again to ensure that the Fit AP allows for switching to a Fat AP.

Example
# Configure a Fit AP to allow for switching to a Fat AP.
<HUAWEI> system-view
[HUAWEI] ap-mode-switch prepare
Info: Prepare is ok, Use ap-mode-switch command to switch to fat ap.

3.7.5 ap-mode-switch sftp

Function
The ap-mode-switch sftp command connects an AP to an SFTP server to
download the system software package for AP mode switching.

Format
ap-mode-switch { fit | cloud } sftp filename server-ip-address user-name
password [ port ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 276

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-43 Mode switching-related commands supported by APs

AP Model Whether the ap-mode- Whether the ap-mode-
switch sftp Command Is switch { fit | cloud }
Supported sftp Command Is
Supported

AD9430DN-24/ No Yes
AD9430DN-12/
AD9431DN-24X/
AP2051DN/AP2051DN-
S/AP2051DN-E/
AP5050DN-S/
AP4050DN/AP4051DN/
AP4151DN/AP4050DN-
S/AP4051DN-S/
AP1050DN-S/AP4030TN/
AP6050DN/AP6150DN/
AP2050DN/AP2050DN-
S/AP2050DN-E/
AP4050DN-E/
AP4050DN-HD/
AP7050DN-E/AP7050DE/
AP4051TN/AP6052DN/
AP7052DN/AP7152DN/
AP7052DE/AP8050DN/
AP8150DN/AP8050DN-
S/AP8030DN/
AP8130DN/AP8050TN-
HD/AP8082DN/
AP8182DN/AP4050DE-
M/AP4050DE-M-S/
AP4050DE-B-S/
AP3050DE/AP7060DN/
AP2051DN-L-S/AP5510-
W-GP/AP6750-10T/
AirEngine 5760-10

Parameters
Parameter Description Value

fit Switches a Fat AP to a -

Fit AP.

cloud Switches a Fat AP to a -

cloud AP.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 277

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

filename Specifies the name of The value is a string of 1

the system software to 127 characters with
package used for mode no space but the file
switching on an SFTP name suffix contained.
server.

server-ip-address Specifies the IP address The value is in dotted

of an SFTP server. decimal notation.

port Specifies the port The value is an integer

number of an SFTP that ranges from 0 to
server. 65535. The default value
is 22.

user-name Specifies the user name The value is a string of 1

used to log in to an SFTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as user-name for the
device to log in to the
server.

password Specifies the password The value is a string of 1

used to log in to an SFTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as password for the
device to log in to the
server.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To use the STP server to switch a Fat AP to a Fit AP or a cloud AP, run this
command to switch the system software package of the AP.

Prerequisites

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 278

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

The system software package has been uploaded to the SFTP server.

It has been confirmed that the AP allows for switching between a Fit AP and a Fat
AP by running the ap-mode-switch check command.
NOTE

Only the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN, AP9131DN,

AP9132DN, AP4030DN-E, and AP3010DN-V2 support this command.

Example
# Switch AP1 from a Fat AP to a Fit AP using the SFTP server (192.168.1.1).
<HUAWEI> system-view
[HUAWEI]ap-mode-switch sftp AP1_V200R019C00.bin 192.168.1.1 admin admin
Warning: Switching to the upgrade-assistant-package will reboot the system. Continue? [Y/N]:y

# Switch AP2 from a Fat AP to a Fit AP using the SFTP server (192.168.1.1).
<HUAWEI> system-view
[HUAWEI] ap-mode-switch fit sftp AP2_V200R019C00.bin 192.168.1.1 admin admin
Warning: All the configuration will be saved to the next startup configuration.
Continue ? [y/n]: y
Warning: The system will reboot and start in fit mode of V200R019C00. Continue? [y/n]: y

3.7.6 display paf

Function
The display paf command displays information about the product adapter file
(PAF) in the system.

Format
display paf { all | { resource | service } item-name }

Parameters
Parameter Description Value

all Displays all information -

about the PAF file.

resource Specifies the value set for a -

resource item in the PAF
file.

service Specifies the value set for a -

service item in the PAF file.

item-name Specifies the name of a The value is a string of 1 to

resource item or a service 64 characters.
item.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 279

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
All views

Default Level
3: Management level

Usage Guidelines
A PAF file provides only required resources and features. This command can
display all the specification information about the PAF file.

Example
# Display the value set for a resource item in the PAF file.
<HUAWEI> display paf resource PAF_LCS_NQA_SPECS_NUM_ENTRY
PAF_LCS_NQA_SPECS_NUM_ENTRY = 0, 32, 32, 0

# Display the value set for a service item in the PAF file.
<HUAWEI> display paf service PAF_LCS_BFD_BASIC_SPECS_ENABLED
PAF_LCS_BFD_BASIC_SPECS_ENABLED = 0, 1

Table 3-44 Description of the display paf resource command output

Item Description

PAF_LCS_NQA_SPECS_NUM_ENTRY Resource item name in the PAF file.

0 Whether a resource item is controlled

by a license.
● 1: yes
● 0: no

32 Default value of the resource item in

the PAF file.

32 Maximum value of the resource item

in the PAF file.

0 Minimum value of the resource item in

the PAF file.

Table 3-45 Description of the display paf service command output

Item Description

PAF_LCS_BFD_BASIC_SPECS_ENABLED Service item name in the PAF file.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 280

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Item Description

0 Whether a service item is controlled by

a license.
● 1: yes
● 0: no

1 Service status.
● 1: enabled
● 0: disabled

3.7.7 display patch-information

Function
The display patch-information command displays information about the patch
package in the system.

Format
display patch-information

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
After a patch package is loaded or deleted, you can run this command to view
information about the patch package in the system, including the version and
name.

Example
# Display information about the patch package in the system.
<HUAWEI> display patch-information
Patch Package Name :flash:/AP6050DN_V200R019C00.pat
Patch Package Version :V200R019C00
The current state is:Running
******************************************************************
* The patch information, as follows *
******************************************************************

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 281

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Type State Count Time(YYYY-MM-DD HH:MM:SS)

------------------------------------------------------------------
VRP Running 1 2020-07-04 18:51:04+00:00

Table 3-46 Description of the display patch-information command output

Item Description

Patch Package Name Name of the running patch package.

Patch Package Version Version of the running patch package.

The current state is State of the running patch package.

Type Patch type.

State State of patches of each type in the system.

● Deactive
● Active
● Running
● Startup: After the patch package for
next startup is specified, the state of
patches will become Startup. If a new
state change occurs, the Startup state
will be overwritten.
● Idle: No patch is available in the system.

Count Number of patches of each type in the

system.

Time Activation time of patches of each type in

the system.

3.7.8 patch delete all

Function
The patch delete all command deletes patches on the current system.

Format
patch delete all

Parameters
None

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 282

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
● If you find errors in patches that have been loaded to the system, run this
command to delete the patches to prevent patch errors from affecting system
operating.
● Before loading a non-incremental patch, run this command to delete the
existing patches (if any). Otherwise, the non-incremental patch cannot be
loaded.

Example
# Delete all patches.
<HUAWEI> patch delete all
The patch will be deleted. Continue? (y/n)[n]:y

3.7.9 patch load

Function
The patch load command loads the patches to the patch areas in the system.

Format
patch load filename all run

Parameters
Parameter Description Value

filename Specifies the path and The value is a string of 4

file name of a patch to 64 case-sensitive
package. The path can characters without
be an absolute path or a spaces. The file name
relative path. must have an extension
of .pat.

all Loads the patches of all -

boards.

run Runs loaded patches of -

all boards.

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 283

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When you load a patch to the current system, the system searches the patch
package for a matching patch file according to the attributes of the patch file.
● If a matching patch file is found in the patch package, the system loads the
patch.
● If no matching patch file is found in the patch package, the system does not
load any patch.

Prerequisites

The patch package has been uploaded to the root directory of the storage device.

Before loading a patch, the system must resolve the patch package, check the
validity of the patch files in the patch package, and obtain the attributes such as
the patch type and version of the patch file.

Precautions

The patch file cannot be reloaded. When you reload a patch, the system displays
an error message.

Example
# Load the patches to the patch area of the device and run the patches directly.
<HUAWEI> patch load patch.pat all run

3.7.10 pki-load houp-certificate

Function
The pki-load houp-certificate command loads a certificate to the
defaultPolicy_houp domain.

Format
pki-load houp-certificate

Parameters
None

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 284

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

This command is used to load the local certificate from the preset certificates or
system software package to the defaultPolicy_houp domain to implement the
two-way authentication function of the HOUP.

Example
# Load a certificate to the defaultPolicy_houp domain.
<HUAWEI> system-view
[HUAWEI] pki-load houp-certificate

3.7.11 upgrade version check

Function
The upgrade version check command checks whether the upgrade assistant
package is available before a device upgrade.

NOTE

Only the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN,

AP9131DN, AP9132DN, AP4030DN-E, and AP3010DN-V2 support this command.

Format
upgrade version check

Parameters
None

Views
System view

Default Level
3: Management level

Usage Guidelines
Before you upgrade a fat AP or fit AP (not by the AC), run this command to check
whether the upgrade assistant package is available. You can upgrade a fat AP or
fit AP using the available upgrade assistant package.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 285

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

NOTE
If the upgrade assistant package is not available, contact technical support personnel and
update the upgrade assistant package under their guidance.

Example
# Check whether the upgrade assistant package is available.
<HUAWEI> system-view
[HUAWEI] upgrade version check
Info: Upgrade version check ok.

3.7.12 upgrade version ftp

Function
The upgrade version ftp command connects an AP to an FTP server to download
the upgrade assistant package for AP software version upgrade.

Format
upgrade version ftp filename server-ip-address user-name password [ port ]
[ signature signature-name ]

Parameters
Parameter Description Value

filename Specifies the name of The value is a string of 1

the upgrade assistant to 127 characters with
package on an FTP no space but the file
server. name suffix contained.

server-ip-address Specifies the IP address The value is in dotted

of an FTP server. decimal notation.

port Specifies the port The value is an integer

number of an FTP server. that ranges from 0 to
65535. The default value
is 21.

user-name Specifies the user name The value is a string of 1

used to log in to an FTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as user-name for the
device to log in to the
server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 286

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

password Specifies the password The value is a string of 1

used to log in to an FTP to 128 characters with
server. no space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as password for the
device to log in to the
server.

signature signature- Checks the validity of the The value is a string of 1

name digital signature file of to 63 characters with no
the system software. space but the file name
extension .asc contained.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To use the FTP server to upgrade a Fat AP to a Fat AP of another version, run the
upgrade version check command to check whether the upgrade assistant
package is successfully loaded. If so, run the upgrade version ftp command to
upgrade the AP.

Due to low security of the FTP mode, the SFTP mode (upgrade version sftp) is
recommended.

Prerequisites

The upgrade assistant package has been uploaded to the FTP server.

It has been confirmed that the upgrade assistant package can be used by running
the upgrade version check command.
NOTE

You need to run the command to check whether the upgrade assistant package can be
used for the AP5030DN, AP5130DN, AP4030DN, AP4130DN, AP5030DN-S, AP3030DN,
AP9131DN, AP9132DN, AP4030DN-E, and AP3010DN-V2.

Example
# Upgrade the AP version using the FTP server (192.168.1.1).

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 287

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

<HUAWEI> system-view
[HUAWEI] upgrade version ftp AP1_V200R019C00.bin 192.168.1.1 admin admin

3.7.13 upgrade version sftp

Function
The upgrade version sftp command connects an AP to an SFTP server to
download the upgrade assistant package for AP software version upgrade.

NOTE

The AP2051DN, AP2051DN-S, AP2051DN-E, AP5050DN-S, AP2050DN, AP2050DN-S, AP2050DN-

E, AP4050DN-HD, AP4050DN-E, AP7050DN-E, AP7050DE, AP6050DN, AP6150DN, AP4030TN,
AD9430DN-12, AD9430DN-24, AP8030DN, AP8050DN, AP8150DN, AP8050DN-S, AP4050DN,
AP4051DN, AP4151DN, AP4050DN-S, AP4051DN-S, AP4051TN, AP6052DN, AP7052DN,
AP7152DN, AP7052DE, AP8050TN-HD, AP8082DN, AP8182DN, AP1050DN-S, AD9431DN-24X,
AP8130DN, AP4050DE-M, AP4050DE-M-S, AP4050DE-B-S, AP3050DE, AP7060DN, AP2051DN-L-
S, AP5510-W-GP, AP6750-10T, AirEngine 5760-10, and AP9130DN support this command.

Format
upgrade version sftp filename server-ip-address user-name password [ port ]
[ signature signature-name ]

Parameters
Parameter Description Value

filename Specifies the name of The value is a string of 1

the upgrade assistant to 127 characters with
package on an SFTP no space but the file
server. name suffix contained.

server-ip-address Specifies the IP address The value is in dotted

of an SFTP server. decimal notation.

port Specifies the port The value is an integer

number of an SFTP that ranges from 0 to
server. 65535. The default value
is 22.

user-name Specifies the user name The value is a string of 1

used to log in to an SFTP to 31 characters with no
server. space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as user-name for the
device to log in to the
server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 288

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

password Specifies the password The value is a string of 1

used to log in to an SFTP to 128 characters with
server. no space.
Keywords in a command
line such as ftp, tftp,
and sftp cannot be used
as password for the
device to log in to the
server.

signature signature- Checks the validity of the The value is a string of 1

name digital signature file of to 63 characters with no
the system software. space but the file name
extension .asc contained.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To use the SFTP server to upgrade a Fat AP to a Fat AP of another version, run the
upgrade version check command to check whether the upgrade assistant
package is successfully loaded. If so, run the upgrade version sftp command to
upgrade the AP.

Prerequisites

The upgrade assistant package has been uploaded to the SFTP server.

It has been confirmed that the upgrade assistant package can be used by running
the upgrade version check command.
NOTE

Example
# Upgrade the AP version using the SFTP server (192.168.1.1).
<HUAWEI> system-view
[HUAWEI] upgrade version sftp AP1_V200R019C00.bin 192.168.1.1 admin admin

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 289

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.8 HTTP Server Commands

3.8.1 display http server

Function
The display http server command displays information about the current HTTP
server.

Format
display http server

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can view the HTTP server information, including the status of common and
security HTTP services, port number, maximum number of users allowed to access
the HTTP server, and number of current online users.

Example
# Display information about the current HTTP server.
<HUAWEI> display http server
HTTP server status : Enabled (default: enable)
HTTP server port : 80 (default: 80)
HTTP timeout interval : 10 (default: 10 minutes)
Current online users :0
Maximum users allowed :1
HTTPS server status : Enabled (default: enable)
HTTPS server port : 443 (default: 443)
HTTPS SSL Policy : default fit-ap server policy
Web package : web.7z (default)
HTTP server permit interface :

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 290

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-47 Description of the display http server command output

Item Description

HTTP server status Status of the common HTTP server.

● Enabled: The HTTP service is enabled.
● Disabled: The HTTP service is disabled.
To configure this parameter, run the http
server enable command.

HTTP server port Number of the listening port on the HTTP

server. The default port number is 80.
To configure this parameter, run the http
server port command.

HTTP timeout interval Idle timeout duration of the HTTP server.

The default value is 10 minutes.
To configure this parameter, run the http
timeout command.

Current online users Number of current online users.

Maximum users allowed Maximum number of users allowed to

access the HTTP server.

HTTPS server status Status of the security HTTP server.

● Enabled: The security HTTP service is
enabled.
● Disabled: The security HTTP service is
disabled.
To configure this parameter, run the http
secure-server enable command.
By default, the security HTTP service is
enabled.

HTTPS server port Port number of the security HTTP server.

The default value is 443.
To configure this parameter, run the http
secure-server port command.

HTTPS SSL Policy security HTTP SSL policy.

You can configure the security HTTP SSL
policy by running the ssl policy command.

Web package Web page file in use.

To configure this parameter, run the http
server load command.

HTTP server permit interface Interface through which users can access
the web system.
To configure this parameter, run http
server permit interface command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 291

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

3.8.2 display http user

Function
The display http user command displays information about current online HTTP
users.

Format
display http user [ username username ]

Parameters
Parameter Description Value

username Specifies the name of a The value is a string of 1 to 64

username current online HTTP user. case-sensitive characters, with no
space or wildcard.

Views
All views

Default Level
3: Management level

Usage Guidelines
If username is not specified, this command displays brief information about all
current online HTTP users.
If username is specified, this command displays detailed information about the
specified current online HTTP user.

Example
# Display brief information about all current online HTTP users.
<HUAWEI> display http user
---------------------------------------------------------------------------
User Name IP Address Login Date
---------------------------------------------------------------------------
admin 192.168.0.1 2011-10-13 11:11:12+00:00
---------------------------------------------------------------------------
Total online users is 1

# Display detailed information about the online HTTP user admin.

<HUAWEI> display http user username admin
Client IP Address : 192.168.0.1
Login Date : 2011-10-13 11:11:12+00:00
User timeouts : 3 minutes

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 292

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Table 3-48 Description of the display http user command output

Item Description

User Name User name.

Client IP Address/IP Address IP address of the HTTP client.

Login Date Login date and time of the HTTP user.

User timeouts Timeout duration of the online HTTP user.

3.8.3 http acl

Function
The http acl command configures an ACL number for the HTTP server.
The undo http acl command deletes the ACL number for the HTTP server.
By default, no ACL number is configured for the HTTP server.

Format
http acl acl-number
undo http acl

Parameters
Parameter Description Value
acl-number Specifies the ACL number. The value is an integer that ranges from
2000 to 2999.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To ensure the security of an HTTP server, you need to configure an ACL for it to
specify clients that can log in to the current HTTP server.
Precautions
● The HTTP supports the ACL whose number ranges from 2000 to 2999.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 293

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

● The http acl command takes effect only after you run the rule command to
configure the ACL rule.
● After an ACL rule is modified, the HTTP server does not forcibly log out an
online user who matches the ACL rule until the user sends the next login
request.
● If the http acl command is configured several times, only the latest
configuration takes effect.

Example
# Set the ACL number to 2000 for the HTTP server.
<HUAWEI> system-view
[HUAWEI] acl 2000
[HUAWEI-acl-basic-2000] rule 1 permit source any
[HUAWEI-acl-basic-2000] quit
[HUAWEI] http acl 2000

3.8.4 http get

Function
The http get command detects whether the URL server is reachable.

Format
http get [ -a source-ip-address | -c count | -t timeout | -v http-version ] * url url

Parameters
Parameter Description Value

-a source-ip- Specifies the source IP address of The value is in dotted

address outgoing HTTP request packets. decimal notation.
If this parameter is not specified, the
IP address of the outbound interface is
used as the source IP address of
outgoing HTTP request packets.

-c count Specifies the transmission count of The value is an integer

HTTP request packets. ranging from 1 to 100.
The default value is 5.
If the network works unstably, increase
the transmission count to detect
network quality based on the packet
loss ratio.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 294

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameter Description Value

-t timeout Specifies the timeout interval for an The value is an integer

HTTP response packet. that ranges from 1 to
65535, in milliseconds.
The http get command sends an The default value is
HTTP request packet to an address 5000 ms.
and waits for a response. If the
response is received within the timeout
interval, the destination is reachable. If
no response is received within the
timeout interval, the sender displays a
message indicating that the request
packet times out.
A response is received within 1 to 10
seconds after an HTTP request packet
is sent. If the transmission speed is
low, properly prolong the timeout
interval.

-v http-version Specifies the HTTP version number. The HTTP version

number is 1.0 or 1.1.
The default value is 1.0.

url url Specifies the destination URL. The value is a string of

1 to 256 characters.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The http get command detects whether the URL server is reachable. You can use
HTTP request packets to detect the following items:
● Whether the HTTP service is enabled on the URL server
● Round-trip delay in communication
● Packet loss

Example
# Check whether the HTTP service is enabled on the URL server with the URL of
http://www.example.com, and set the source IP address of outgoing HTTP packets
to 10.137.147.142, the transmission count to 5, the period for waiting for a
response packet to 100 ms, and the HTTP version number to 1.1.
<HUAWEI> system-view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 295

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

[HUAWEI] http get -a 10.137.147.142 -c 5 -t 100 -v 1.1 url http://www.example.com

Http getting http://www.example.com[10.82.55.199]:

1:packets interaction time 90 ms,the link reachable

2:packets interaction time 100 ms,the link reachable
3:packets interaction time 100 ms,the link reachable
4:packets interaction time 100 ms,the link reachable
5:packets interaction time 90 ms,the link reachable
--http get result statistics--
Http Get 5 time(s),succeed 5 time(s),failed 0 time(s).
round-trip min/avg/max = 90/96/100 ms

Table 3-49 Description of the http get command output

Item Description

Http getting x.x.x URL and IP address of the URL server.

x:packets interaction Response to each HTTP packet.

time x ms,the link ● Round-trip delay in communication
reachable
● Link reachability
If no response packet is received after the timeout
period, the message "Connect times out" is displayed.

http get result HTTP test statistics:

statistics ● Http Get x time(s): number of outgoing HTTP packets
● succeed x time(s): number of HTTP request packets of
which corresponding HTTP response packets are
received
● failed x time(s): number of HTTP request packets of
which corresponding HTTP response packets fail to be
received
● round-trip min/avg/max: minimum, average, and
maximum round-trip delay

3.8.5 http server enable

Function
The http server enable command enables the HTTP server.
The undo http server enable command disables the HTTP server.
By default, the HTTP server is enabled.

Format
http server enable
undo http server enable

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 296

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

After running the http server enable command to enable the HTTP server, you
can use the browser to access the web NMS to manage devices.

If the web page to load does not exist, the HTTP service cannot be enabled.

Precautions

After you run the http server enable command, HTTP and HTTPS services are
both enabled. If you log in to the web platform using HTTP, the user name and
password are encrypted and transmitted through the HTTPS protocol. After user
authentication is completed, data is still transmitted using the HTTP protocol.

After you run the undo http server enable command, you disable only the HTTP
server function but not the HTTPS server function.

Example
# Enable the HTTP server.
<HUAWEI> system-view
[HUAWEI] http server enable

3.8.6 http server load

Function
The http server load command loads a web file.

The undo http server load command cancels loading of a specified web page file.

By default, the system loads the default web file contained in the system software
when the HTTP or HTTPS service is enabled.

Format
http server load file-name

undo http server load

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 297

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

Parameters
Parameter Description Settings

file-name Specifies the name of The value is a string of 5

the web file to load. to 64 characters without
spaces. The file name is
in the *.7z format.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
If you need to manage and maintain devices on the graphical user interface (GUI),
configure the Web network management function. When you need to update web
file when using the Web network management function, run this command to
load web file.
Prerequisites
Before loading the web file using the http server load command, ensure that the
web file has been stored to the device; otherwise, file loading will fail.

Example
# Load the web file web_1.7z.
<HUAWEI> system-view
[HUAWEI] http server load web_1.7z

3.8.7 http server permit interface

Function
The http server permit interface command configures interfaces through which
users can access the web platform.
The undo http server permit interface command restores the default interfaces
through which users can access the web platform.
By default, users can access the web platform through all physical interfaces, and
radio interfaces.

Format
http server permit interface { interface-type interface-number } &<1-5>

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 298

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

undo http server permit interface

Parameters
Parameter Description Value

interface-type interface-type specifies the interface type. -

interface-number
interface-number specifies the number of an
interface. interface-number and interface-type
specify an interface.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To prevent unauthorized users from accessing the web platform through interfaces
on the device, run the http server permit interface command to configure
interfaces through which users can access the web platform.
Precautions
● By default, no interface is configured. Users can access the web platform
through all physical interfaces, and radio interfaces. Once a physical interface,
or a radio interface is specified, users can only access the web platform
through the specified interface.

Example
# Configure the interfaces through which users can access the web platform.
<HUAWEI> system-view
[HUAWEI] http server permit interface gigabitethernet 0/0/1

# Delete the configured interface and restore the default interfaces through which
users can access the web platform.
<HUAWEI> system-view
[HUAWEI] undo http server permit interface

3.8.8 http server port

Function
The http server port command sets the listening port number of the HTTP server.
The undo http server port command restores the default listening port number
of the HTTP server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 299

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

By default, the listening port number of the HTTP server is 80.

Format
http server port port-number
undo http server port

Parameters
Parameter Description Value
port-number Specifies the listening port The value is 80, or an integer that
number of the HTTP server. ranges from 1025 to 55535. The
default value is 80.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
By default, the listening port number of the security HTTP server is 80. Attackers
may frequently access the default listening port, which wastes bandwidth,
deteriorates server performance, and prevents authorized users from accessing the
HTTP server through the listening port. You can run the http server port
command to specify another listening port number to prevent attackers from
accessing the listening port.
Precautions
If the http server port command is configured several times, only the latest
configuration takes effect.

Example
# Set the listening port number of the HTTP server to 1025.
<HUAWEI> system-view
[HUAWEI] http server port 1025

3.8.9 http timeout

Function
The http timeout command sets the idle timeout duration of the HTTP server.
The undo http timeout command restores the default idle timeout duration of
the HTTP server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 300

Fat AP and Cloud AP
Command Reference 3 Basic Configurations Commands

By default, the idle timeout duration of the HTTP server is 10 minutes.

Format
http timeout timeout

undo http timeout

Parameters

Parameter Description Value

timeout Specifies the idle timeout duration The value is an integer that
of the HTTP server for online ranges from 1 to 35791, in
users. minutes.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

A maximum of five web users are supported at present. When the fifth web user
logs in to the HTTP server, any other user cannot log in to the HTTP server even if
any of the five users does not perform operations for a long time. The idle timeout
duration is configured to release web resources in time. To occupy web channels
for a long time, you must set the idle timeout duration to the maximum value.

Precautions

● After you run the http timeout command, the idle timeout durations are the
same for all web users who log in to the HTTP server. If the idle timeout
duration expires, a user is disconnected from the HTTP server and the HTTP
server notifies the user only after the user sends the next login request.
● If the http timeout command is configured several times, only the latest
configuration takes effect.

Example
# Set the idle timeout duration of the HTTP server to 6 minutes.
<HUAWEI> system-view
[HUAWEI] http timeout 6

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 301

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

4 Cloud-based Management Configuration

Commands

About This Chapter

4.1 cloud-mng controller

4.2 cloud-mng register-center disable
4.3 display alarm active-to-cloud
4.4 display alarm active-to-cloud sync-record
4.5 display cloud-mng info
4.6 display cloud-mng execute-cli-list
4.7 display cloud-mng register-center status
4.8 display offline roll-back-config
4.9 display offline self-healing-reset configuration
4.10 management-vlan (WAN view)
4.11 offline roll-back interval
4.12 offline roll-back-certificate disable
4.13 offline save-online-config interval
4.14 offline self-healing-reset disable
4.15 offline self-healing-reset timeout
4.16 interface wan0
4.17 ip-address (WAN view)
4.18 dns-server (WAN view)
4.19 dhcp-client enable
4.20 pppoe-client (Cloud AP)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 302

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

4.21 temporary-management psk (Cloud Central AP)

4.22 temporary-management psk (Cloud AP)

4.1 cloud-mng controller

Function
The cloud-mng controller command configures an IP address or URL for the SDN
controller on a device.

The undo cloud-mng controller command deletes the IP address or URL of the
SDN controller from a device.

By default, no IP address or URL is configured for the SDN controller on a device.

Format
cloud-mng controller { url url-string | ip-address ip-address } port port-number

undo cloud-mng controller

Parameters

Parameter Description Value

url url-string Specifies the URL of the SDN The value is a string of 3 to
controller. Set this parameter 128 case-sensitive characters.
to the domain name To set this parameter to a
corresponding to southbound space or continuous spaces,
service IP address of the SDN enclose the value with double
controller. quotation masks (").

ip-address ip- Specifies the IPv4 address of The value is in dotted decimal
address the SDN controller. Set this notation.
parameter to the southbound
service IP address of the SDN
controller.

port port- Specifies the port number of The value is an integer that
number the SDN controller. ranges from 0 to 65535. In
most cases, the port number
of the SDN controller is
10020.

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 303

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

After a device is switched to the cloud mode, it needs to register with the SDN
controller for authentication. Before registration authentication, the device needs
to use the IP address of the SDN controller to communicate with it. The device can
use DHCP to obtain the IP address of the SDN controller. You can also run the
cloud-mng controller command to configure an IP address for the SDN
controller.

Precautions

● If the device obtains the IP address of the SDN controller using DHCP and this
command is also run, the IP address obtained using DHCP is preferentially
used.
● If a URL is configured, the device uses the resolved IP address to register with
the SDN controller.

Example
# On a device, configure an IP address and a port number for the SDN controller.
<HUAWEI> system-view
[HUAWEI] cloud-mng controller ip-address 10.1.1.1 port 10020

4.2 cloud-mng register-center disable

Function
The cloud-mng register-center disable command disables the device from
proactively querying the registration center.

The undo cloud-mng register-center disable command enables the device to

proactively query the registration center.

By default, the device working in cloud mode proactively sends query packets to
the registration center.

Format
cloud-mng register-center disable

undo cloud-mng register-center disable

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 304

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
In cloud mode, the device sends query packets to the registration center by default
to obtain plug-and-play information such as the IP address and port number of
the SDN controller. If the plug-and-play function through the registration center is
not needed, run the cloud-mng register-center disable command to disable the
device from proactively querying the registration center.

Example
# Disable the device from proactively querying the registration center.
<HUAWEI> system-view
[HUAWEI] cloud-mng register-center disable

4.3 display alarm active-to-cloud

Function
The display alarm active-to-cloud command displays active alarms reported to
the SDN controller.

NOTE

Only cloud APs support this command.

Format
display alarm active-to-cloud [ esn esn-value ]

Parameters
Parameter Description Value

esn esn-value Specifies the ESN of the central AP or The value is a string of 1
an RU managed by the central AP. to 31 characters.
Only cloud central APs support this
parameter.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 305

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Default Level
1: Monitoring level

Usage Guidelines
The display alarm active-to-cloud command displays active alarms reported to
the SDN controller.
For a cloud central AP:
● If the parameter esn is specified, alarms on the specified device are displayed.
● If the parameter esn is not specified, alarms on the central AP and all its
managed RUs are displayed.

Example
# Display active alarms reported to the SDN controller on the cloud central AP.
<HUAWEI> display alarm active-to-cloud
perceived-severity:
Indeterminate 2
Minor 3
Warning 4
Major 5
Critical 6
------------------------------------------------------------------------------------------------------------------------------
------
ESN:210235396810J2000001
Active alarm information:
------------------------------------------------------------------------------------------------------------------------------
------
resource : oid=1.3.6.1.4.1.2011.6.139.16.1.1.1.2 index=[58.f9.87.5f.9c.60 (hex)]_0
alarm-type-id : equipmentAlarm
alarm-type-qualifier: hwRadioSignalEnvDeteriorationTrap
alt-resource : 0xfff32006
event-time : 2019-06-24T15:31:22Z
perceived-severity : 3
alarm-text : Jun 24 2019 15:31:22.0.1+00:00 AirEngine9700S-S-55.201 WLAN/4/
RADIO_ENV_DETERIORATE:Slot=65535;OID 1.3.6.1.4.1
.2011.6.139.16.1.1.1.2 Radio signal environment deteriorates. (APMAC=[58.f9.87.5f.9c.60 (hex)],RadioID=0,
APName=58f9-875f-9c60, PER
=0%, ConflictRate=0%, APID=1, NoiseFloor=0dBm, Reason=BadChannel, BadChannel=11)
------------------------------------------------------------------------------------------------------------------------------
------

# Display active alarms reported to the SDN controller on a common cloud AP.
<HUAWEI> display alarm active-to-cloud
perceived-severity:
Indeterminate 2
Minor 3
Warning 4
Major 5
Critical 6
------------------------------------------------------------------------------------------------------------------------------
------
Active alarm information:
------------------------------------------------------------------------------------------------------------------------------
------
resource : oid=1.3.6.1.6.3.1.1.5.3 index=[58.f9.87.5f.9b.40 (hex)]_0
alarm-type-id : equipmentAlarm
alarm-type-qualifier: linkDown
alt-resource : 0xcff02001
event-time : 2019-04-12T01:31:25Z
perceived-severity : 4

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 306

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

alarm-text : Apr 12 2019 01:31:25.840.1+08:00 Huawei IFNET/1/IF_LINKDOWN:OID 1.3.6.1.6.3.1.1.5.3

Interface 3 turned into DO
WN state.(AdminStatus=1,OperStatus=2,InterfaceName=GigabitEthernet0/0/0)
------------------------------------------------------------------------------------------------------------------------------
------

Table 4-1 Description of the display alarm active-to-cloud command output

Item Description

resource ID of the instance that triggers an

alarm.
● oid: Alarm ID.
● index: Index used to match an
alarm.

alarm-type-id Alarm type.

alarm-type-qualifier Alarm summary.

alt-resource Flag indicating whether an alarm is

generated or cleared.

event-time Time when an alarm is generated.

perceived-severity Alarm severity.

● 2: Indeterminate
● 3: Minor
● 4: Warning
● 5: Major
● 6: Critical

alarm-text Alarm description.

4.4 display alarm active-to-cloud sync-record

Function
The display alarm active-to-cloud sync-record command displays the records of
active alarm synchronization between the device and SDN controller.

NOTE

Only cloud APs support this command.

Format
display alarm active-to-cloud sync-record

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 307

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The display alarm active-to-cloud sync-record command displays the records of
active alarm synchronization between the device and SDN controller.

You can run this command to check the latest three records of active alarm
synchronization on each device based on the ESN.

Example
# Display the records of active alarm synchronization between the device and SDN
controller.
<HUAWEI> display alarm active-to-cloud sync-record
Alarm sync record between device and controller:
Time Esn Result

2019-04-19 10:15:48 21500829222SGC900060 Success

2019-04-19 10:04:07 21500829222SGC900060 Success
2019-04-18 19:55:25 21500829222SGC900060 Success
2019-04-18 19:40:46 2102350KGF10G2000019 Success

Table 4-2 Description of the display alarm active-to-cloud sync-record

command output

Item Description

Time Time when the alarm is synchronized.

Esn ESN of the device where the alarm is

generated.

Result Alarm synchronization result.

4.5 display cloud-mng info

Function
The display cloud-mng info command displays the configuration of the SDN
controller.

Format
display cloud-mng info

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 308

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
you can run this command to view the IP address, port number, device online
status, and device online mode of the SDN controller.

Example
# Display the configuration of the SDN controller in the user view.
<HUAWEI> display cloud-mng info
------------------------------------------------------------

AP status : Online
Controller URL : -
Controller IP address : 10.1.1.1
Controller port : 10020
Controller address source: configuration

------------------------------------------------------------

Table 4-3 Description of the display cloud-mng info command output

Item Description

AP status Whether the current device has gone

online:
● Offline: The device fails to go
online.
● Online: The device goes online
successfully.

Controller URL URL of the SDN controller.

Controller IP address IP address of the SDN controller.

Controller port Port number of the SDN controller.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 309

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Item Description

Controller address source Mode of obtaining the SDN controller

address:
● configuration: configured through
the CLI.
● DHCP: delivered through a DHCP
option.
● register center: delivered by the
registration center.
● controller: delivered by the
controller.
● default: preset by the system.

4.6 display cloud-mng execute-cli-list

Function
The display cloud-mng execute-cli-list command displays the configuration
delivered by the SDN controller on the device.

Format
display cloud-mng execute-cli-list

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run this command to view the configuration delivered by the SDN
controller on the device.

Example
# Display the configuration delivered by the SDN controller on the device in the
user view.
<HUAWEI> display cloud-mng execute-cli-list
#

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 310

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

set cpu-usage threshold 50 restore 30

return

4.7 display cloud-mng register-center status

Function
The display cloud-mng register-center status command displays the status of
the registration center.
RUs do not support this command.

Format
display cloud-mng register-center status

Parameters
None

Views
All views

Default Level
2: Configuration level

Usage Guidelines
You can run this command to view the address, port, and status of the registration
center.

Example
# Display the status of the registration center in the user view.
<HUAWEI> display cloud-mng register-center status
------------------------------------------------------------------

Register center URL : register.naas.huawei.com

------------------------------------------------------------------

Table 4-4 Description of the display cloud-mng register-center status command

output

Item Description

Register center URL URL of the registration center.

Register center IP IP address of the registration center.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 311

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Item Description

Register center port Port number of the registration center.

Current status Current status of the query to the

registration center.
● disabled: The function of querying
the registration center is disabled.
● success: The query succeeds.
● connecting: querying.
● sleeping: sleeping.

4.8 display offline roll-back-config

Function
The display offline roll-back-config command displays the configuration for the
offline self-healing function of a cloud AP.

NOTE

Only cloud APs support this command.

Format
display offline roll-back-config

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The offline self-healing function of a cloud AP can prevent the AP from going
offline due to misconfigurations. The mechanism is as follows:
1. When a cloud AP stays online for a specified period of time (10 minutes by
default, which can be configured using the offline save-online-config
interval command), the cloud AP automatically saves the WAN configuration
and certificate.
2. When the cloud AP is offline for a certain period of time (10 minutes by
default, which can be configured using the offline roll-back interval

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 312

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

command), the AP rolls back to the saved WAN configuration and certificate
and attempts to go online again.
3. If you have applied for a CA certificate for the cloud AP, run the offline roll-
back-certificate disable command to disable certificate rollback. Upon
offline self-healing, the cloud AP continues to use the user-defined certificate
to perform two-way authentication with SDN controller.
4. To check the offline self-healing configuration, run the display offline roll-
back-config command.

Example
# Display the configuration for the offline self-healing function for a cloud AP.

Table 4-5 Description of the display offline roll-back-config command output

Item Description

Save-online-config interval Interval between the time when a

cloud AP goes online and the time
when the AP automatically saves its
configuration.
To configure this parameter, run the
offline save-online-config interval
command.

Roll-back interval Interval between the time when a

cloud AP goes offline and the time
when the AP rolls back its
configuration.
To configure this parameter, run the
offline roll-back interval command.

Roll-back-certificate switch Whether to roll back the certificate

when the AP rolls back its
configuration.
To configure this parameter, run the
offline roll-back-certificate disable
command.

4.9 display offline self-healing-reset configuration

Function
The display offline self-healing-reset configuration command displays the
configuration for the self-healing function for an offline AP.

Format
display offline self-healing-reset configuration

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 313

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The display offline self-healing-reset configuration command displays the
configuration for the self-healing function for an offline AP.

Example
# Display the configuration for the self-healing function for an offline AP.

Table 4-6 Description of the display offline self-healing-reset configuration

command output

Item Description

Switch Whether the self-healing function for

an offline AP is enabled.
To configure this parameter, run the
offline self-healing-reset disable
command.

Timeout(hours) Time threshold of self-healing for an

offline AP.
To configure this parameter, run the
offline self-healing-reset timeout
command.

4.10 management-vlan (WAN view)

Function
The management-vlan command configures a management VLAN for a cloud AP.

The undo management-vlan command restores the management VLAN of a

cloud AP to VLAN 1.

By default, the management VLAN of a cloud AP is VLAN 1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 314

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Format
management-vlan vlan-id
undo management-vlan

Parameters
Parameter Description Value

vlan-id Specifies the ID of a The value is an integer that

management VLAN. ranges from 1 to 4094.

Views
WAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After a cloud AP goes online, its management VLAN is uniformly changed by the
SDN controller. If the cloud AP fails to go online or is not managed by the SDN
controller, you can run this command to change its management VLAN. Create a
VLAN before changing the management VLAN of a cloud AP.

Example
# Configure VLAN 100 as the management VLAN of a cloud AP.
<HUAWEI> system-view
[HUAWEI] interface wan0
[HUAWEI-WAN] management-vlan 100

4.11 offline roll-back interval

Function
The offline roll-back interval command sets the interval between the time when
a cloud AP goes offline and the time when the AP rolls back its configuration.
The undo offline roll-back interval command restores the default interval for a
cloud AP to roll back its configuration after it goes offline.
By default, a cloud AP rolls back its configuration 10 minutes later after it goes
offline.

NOTE

Only cloud APs support this command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 315

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Format
offline roll-back interval interval

undo offline roll-back interval

Parameters

Parameter Description Value

interval Specifies the interval between the The value is 0 or an integer

time when a cloud AP goes offline that ranges from 10 to 2880.
and the time when the AP rolls The value 0 indicates that the
back its configuration, in minutes. offline self-healing function is
disabled.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The offline self-healing function of a cloud AP can prevent the AP from going
offline due to misconfigurations. The mechanism is as follows:

1. When a cloud AP stays online for a specified period of time (10 minutes by
default, which can be configured using the offline save-online-config
interval command), the cloud AP automatically saves the WAN configuration
and certificate.
2. When the cloud AP is offline for a certain period of time (10 minutes by
default, which can be configured using the offline roll-back interval
command), the AP rolls back to the saved WAN configuration and certificate
and attempts to go online again.
3. If you have applied for a CA certificate for the cloud AP, run the offline roll-
back-certificate disable command to disable certificate rollback. Upon
offline self-healing, the cloud AP continues to use the user-defined certificate
to perform two-way authentication with SDN controller.
4. To check the offline self-healing configuration, run the display offline roll-
back-config command.

Example
# Set the interval between the time when a cloud AP goes offline and the time
when the AP rolls back its configuration to 15 minutes.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 316

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

4.12 offline roll-back-certificate disable

Function
The offline roll-back-certificate disable command disables a cloud AP from
rolling back its certificate during offline self-healing.

The undo offline roll-back-certificate disable command enables a cloud AP to

roll back its certificate during offline self-healing.

By default, a cloud AP rolls back its certificate during offline self-healing.

NOTE

Only cloud APs support this command.

Format
offline roll-back-certificate disable

undo offline roll-back-certificate disable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The offline self-healing function of a cloud AP can prevent the AP from going
offline due to misconfigurations. The mechanism is as follows:

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 317

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

4. To check the offline self-healing configuration, run the display offline roll-
back-config command.

Example
# Disable a cloud AP from rolling back its certificate during offline self-healing.

4.13 offline save-online-config interval

Function
The offline save-online-config interval command sets the interval between the
time when a cloud AP goes online and the time when the AP automatically saves
its configuration.

The undo offline save-online-config interval command restores the default

interval between the time when a cloud AP goes online and the time when the AP
automatically saves its configuration.

By default, a cloud AP automatically saves its configuration 10 minutes later after

it goes online.

NOTE

Only cloud APs support this command.

Format
offline save-online-config interval interval

undo offline save-online-config interval

Parameters

Parameter Description Value

interval Specifies the interval between the time The value is an integer
when a cloud AP goes online and the time that ranges from 10 to
when the AP automatically saves its 600.
configuration, in minutes.

Views
System view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 318

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Usage Guidelines
The offline self-healing function of a cloud AP can prevent the AP from going
offline due to misconfigurations. The mechanism is as follows:

Example
# Set the interval between the time when a cloud AP goes online and the time
when the AP automatically saves its configuration to 15 minutes.

4.14 offline self-healing-reset disable

Function
The offline self-healing-reset disable command disables the self-healing
function for an offline AP.

The undo offline self-healing-reset disable command enables the self-healing

function for an offline AP.

By default, the self-healing function is enabled for an offline AP.

NOTE

Only cloud APs support this command.

Format
offline self-healing-reset disable

undo offline self-healing-reset disable

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 319

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Views
System view

Default Level
3: Management level

Usage Guidelines
By default, after a cloud AP is offline from SDN controller for 24 hours, the AP will
self-heal and restart for fault recovery if no STA or administrator user is connected
to it.

To adjust the time threshold, run the offline self-healing-reset timeout

command. To disable this function, run the offline self-healing-reset disable
command.

Example
# Disable the self-healing function for an offline AP.
<HUAWEI> system-view
[HUAWEI] offline self-healing-reset disable
After reset for self-healing is disabled, if the device is offline for more than
24 hours, the device will not restart for self-healing. Continue? [Y/N]: y

4.15 offline self-healing-reset timeout

Function
The offline self-healing-reset timeout command configures the time threshold
for self-healing upon disconnection of a cloud AP.

The undo offline self-healing-reset timeout command restores the default time
threshold for self-healing upon disconnection of a cloud AP.

The default time threshold for self-healing upon disconnection of a cloud AP is 24

hours.

NOTE

Only cloud APs support this command.

Format
offline self-healing-reset timeout time

undo offline self-healing-reset timeout

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 320

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Parameters
Parameter Description Value

time Specifies the time threshold for The value is an integer ranging
self-healing upon disconnection, from 6 to 168. The default value
in hours. is 24.

Views
System view

Default Level
3: Management level

Usage Guidelines
By default, after a cloud AP is offline from SDN controller for 24 hours, the AP will
self-heal and restart for fault recovery if no STA or administrator user is connected
to it.

To adjust the time threshold, run the offline self-healing-reset timeout

command. To disable this function, run the offline self-healing-reset disable
command.

Example
# Set the time threshold for self-healing upon disconnection to 10 hours.
<HUAWEI> system-view
[HUAWEI] offline self-healing-reset timeout 10
Succeeded in setting the timeout period for an AP reset triggered by self-healing to 10 hours.

4.16 interface wan0

Function
The interface wan0 command switches from the system view to the WAN view.

Format
interface wan0

Parameters
None

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 321

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
To perform deployment configurations for a cloud AP, run this command to enter
the WAN view.

Example
# Display the WAN view.
<HUAWEI> system-view
[HUAWEI] interface wan0
[HUAWEI-WAN]

4.17 ip-address (WAN view)

Function
The ip address command configures the IP address, subnet mask, and default
gateway address for a cloud AP's management VLANIF interface.
The undo ip address command deletes the IP address, subnet mask, and default
gateway address of a cloud AP's management VLANIF interface.
By default, no IP address, subnet mask, or default gateway address is configured
for a cloud AP's management VLANIF interface.

Format
ip address ip-address { mask-length | mask } [ gateway gateway ]
undo ip-address

Parameters
Parameter Description Value

ip-address Specifies a static IPv4 address of The value is in dotted

a cloud AP. decimal notation.

mask Specifies the IPv4 mask of a The value is in dotted

cloud AP. decimal notation.

mask-length Specifies the IPv4 mask length The value is an integer that
of a cloud AP. ranges from 0 to 32.

gateway gateway Specifies the egress gateway The value is in dotted

address of a cloud AP. decimal notation.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 322

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Views
WAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

You can configure an IP address for a cloud AP's management VLANIF interface to
enable the cloud AP to communicate with the SDN controller. If the dhcp-client
enable command is also executed, the new configuration takes effect.

Example
# Set IPv4 address of a cloud AP's management VLANIF interface to
192.168.1.123/24 and the gateway address to 192.168.1.254.
<HUAWEI> system-view
[HUAWEI] interface wan0
[HUAWEI-WAN] ip address 192.168.1.123 255.255.255.0 gateway 192.168.1.254

4.18 dns-server (WAN view)

Function
The dns server command configures an IP address for a DNS server.

The undo dns server command deletes the IP address of a DNS server.

By default, no IP address is configured for a DNS server.

Format
dns-server ip-address1 [ ip-address2 ]

undo dns-server ip-address1 [ ip-address2 ]

Parameters
Parameter Description Value

ip-address1 Specifies the IP address The value is in dotted

of the primary DNS decimal notation.
server.

ip-address2 Specifies the IP address The value is in dotted

of the secondary DNS decimal notation.
server.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 323

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Views
WAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A cloud AP sends a request to the primary DNS server to apply for a domain
name. If the AP does not receive any response within a specified period of time, it
sends the request again. If there is still no response from the primary DNS server
after it sends the request for a specified number of times, the cloud AP sends the
request to the secondary DNS server.

Example
# Configure IP addresses of the primary and secondary DNS servers to
192.168.1.11 and 192.168.1.147, respectively.
<HUAWEI> system-view
[HUAWEI] interface wan0
[HUAWEI-WAN] dns-server 192.168.1.11 192.168.1.147

4.19 dhcp-client enable

Function
The dhcp-client enable command enables a cloud AP to automatically obtain an
IP address in the management VLAN.
The undo dhcp-client enable command disables a cloud AP from automatically
obtaining an IP address in the management VLAN.
By default, a cloud AP automatically obtains an IP address in management VLAN
1.

Format
dhcp-client enable
undo dhcp-client enable

Parameters
None

Views
WAN view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 324

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

You can run this command to enable a cloud AP to automatically obtain an IP

address in the management VLAN. If an IP address has been configured using the
ip address command, the newly obtained IP address overrides the configured one.

Example
# Enable a cloud AP to automatically obtain an IP address in management VLAN
100.
<HUAWEI> system-view
[HUAWEI] management-vlan 100
[HUAWEI] interface wan0
[HUAWEI-WAN] dhcp-client enable

4.20 pppoe-client (Cloud AP)

Function
The pppoe-client command enables the PPPoE dialup function and configures
account information.

The undo pppoe-client command disables the PPPoE dialup function and deletes
PPPoE dialup account information.

By default, the PPPoE dialup function is disabled and no PPPoE dialup account
information is configured.

Format
pppoe-client username user-name password cipher password

undo pppoe-client

Parameters

Parameter Description Value

username user- Specifies the PPPoE The value is a string of 1 to 64 case-

name dialup user name. sensitive characters without spaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 325

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Parameter Description Value

password cipher Specifies the PPPoE The value is a sting of case-sensitive

password dialup user password characters that support spaces. It can
displayed in be either a plaintext string of 1 to 32
ciphertext. characters or a ciphertext string of 24
to 68 characters.

Views
WAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

In a scenario where a cloud AP is deployed, you can run the pppoe-client

command to enable the PPPoE dialup function, and configure the user name and
password. The cloud AP then can connect to the Internet through PPPoE dialup
and register with the Agile Controller-Campus.

Precautions

Only one PPPoE dialup account can be configured.

Example
# Enable the PPPoE dialup function, and configure the user name test and
password test@123.
<HUAWEI> system-view
[HUAWEI] interface wan0
[HUAWEI-WAN] pppoe-client username test password cipher test@123

4.21 temporary-management psk (Cloud Central AP)

Function
The temporary-management psk command configures the password for an
offline management VAP.

The undo temporary-management psk command restores the default password

of an offline management VAP.

The default username and password are available in WLAN Default Usernames
and Passwords (Enterprise Network or Carrier). If you have not obtained the
access permission of the document, see Help on the website to find out how to
obtain it.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 326

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Format
temporary-management psk psk-value
undo temporary-management psk

Parameters
Parameter Description Value

psk-value Specifies the password for an offline The value is a string

management VAP. of 48 to 108
characters in
ciphertext, or a
string of 8 to 63
ASCII characters or
64 hexadecimal
characters.

Views
AP system profile view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Using the default password of an offline management VAP poses security risks.
You can run the temporary-management psk command to change the default
password.

Example
# Configure the password for an offline management VAP as a1234567.
<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI] ap-system-profile name default
[HUAWEI-wlan-ap-system-prof-default] temporary-management psk a1234567

4.22 temporary-management psk (Cloud AP)

Function
The temporary-management psk command configures the password for an
offline management VAP.
The undo temporary-management psk command restores the default password
of an offline management VAP.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 327

Fat AP and Cloud AP 4 Cloud-based Management Configuration
Command Reference Commands

Format
temporary-management psk psk-value
undo temporary-management psk

Parameters
Parameter Description Value

psk-value Specifies the password for an offline The value is a string

management VAP. of 48 to 108
characters in
ciphertext, or a
string of 8 to 63
ASCII characters or
64 hexadecimal
characters.

Views
WLAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Using the default password of an offline management VAP poses security risks.
You can run the temporary-management psk command to change the default
password.

Example
# Configure the password for an offline management VAP as a1234567.
<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] temporary-management psk a1234567

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 328

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5 Device Management Commands

About This Chapter

5.1 Device Status Checking Commands

5.2 Hardware Configuration Commands
5.3 Energy-saving Configuration Commands
5.4 Fault Management Commands
5.5 Information Center Configuration Commands
5.6 NTP Configuration Commands
5.7 PoE Configuration Commands

5.1 Device Status Checking Commands

5.1.1 display cpu-usage

Function
The display cpu-usage command displays CPU usage statistics.

Format
display cpu-usage

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 329

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
1: Monitoring level

Usage Guidelines
CPU usage is an important index to evaluate device performance. A high CPU
usage will cause service faults. You can use the display cpu-usage command to
view CPU usage to check whether devices are working properly.

Example
# Display the CPU usage on the device.
<HUAWEI> display cpu-usage
CPU Usage Stat. Cycle: 30 (Second)
CPU Usage: 2.4% Max: 90.2%
CPU Usage Stat. Time : 2014-01-08 05:29:48
CPU Usage Max. Time : 2014-01-07 15:26:41

Table 5-1 Description of the display cpu-usage command output

Item Description

CPU Usage Stat. Cycle Interval for collecting CPU usage

statistics. The default interval is 30
seconds.

CPU Usage Stat. Time Time when the latest CPU usage
statistics are collected.

CPU Usage Current CPU usage

Max Maximum CPU usage within 30

minutes.

CPU Usage Max. Time Time when the CPU usage reaches the
maximum.

5.1.2 display cpu-usage configuration

Function
The display cpu-usage configuration command displays CPU usage
configuration.

Format
display cpu-usage configuration

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 330

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
This command displays the alarm threshold and recovery threshold.
● When CPU usage reaches the alarm threshold, the system generates a CPU
usage alarm.
● When CPU usage falls within the recovery threshold, the system generates a
clear alarm.

Example
# Display CPU usage configuration of the main control board.
<HUAWEI> display cpu-usage configuration
The CPU usage monitor is turned on.
The current monitor cycle is 10 seconds.
The current monitor warning threshold is 80%.
The current monitor restore threshold is 75%.

Table 5-2 Description of the display cpu-usage configuration command output

Item Description

The CPU usage monitor Whether the function of the CPU

usage monitor is enabled or disabled.

The current monitor cycle Cycle for monitoring the CPU.

The current monitor warning threshold Alarm threshold. To set the CPU usage
alarm threshold, use the set cpu-
usage threshold threshold-value
command.

The current monitor restore threshold Alarm recovery threshold. To set the
CPU usage alarm recovery threshold,
use the set cpu-usage threshold
threshold-value restore restore-
threshold-value command.

5.1.3 display cpu-usage history

Function
The display cpu-usage history command displays historical CPU usages on a
device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 331

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
display cpu-usage history [ 24hour | 72hour ]

Parameters
Parameter Description Value

24hour Displays the CPU usages on a device -

during the last 24 hours.

72hour Displays the CPU usages on a device -

during the last 72 hours.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
CPU usage is an important indicator to evaluate device performance. A high CPU
usage will cause service faults. You can use this command to view historical CPU
usages on a device, which help you local service faults.
This command displays CPU usages in the latest 8640 monitoring cycles. You can
run the set cpu-usage cycle command in the diagnostic view to set the CPU
usage monitoring cycle.
When the parameter [ 24hour | 72hour ] is not specified, the CPU usages during
the last 1 hour is displayed.

Example
# Display historical CPU usages.
<HUAWEI> display cpu-usage history
100%|
95%|
90%|
85%|
80%|
75%|
70%|
65%|
60%|
55%|
50%|
45%|
40%|
35%|
30%|
25%|
20%|

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 332

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

15%|
10%| * *
5%|*** ******************************* ************************************************************************************
--------------------------------------------------------------------------------------------------------------------------
0 15 30 45 60
(minutes)

5.1.4 display diagnostic-information

Function
The display diagnostic-information command displays diagnostic information on
the device, or stores diagnostic information to a specified file.

Format
Common AP:

display diagnostic-information [ ap | sta mac-address sta-mac ] [ saved-file

[ file-name ] ]

Central AP:

display diagnostic-information [ central-ap | ap { mac-address ap-mac | ip-

address ap-ip-address | ap-name ap-name } | sta mac-address sta-mac | engine
{ av | engine | file-frame | gpm | ips | sa | update | url-filter ] [ saved-file [ file-
name ] ]

Parameters

Parameter Description Value

central-ap Displays diagnostic information -

on Central AP.

ap Displays diagnostic information -

on AP.

sta Displays diagnostic information -

on STA.

saved-file Stores diagnostic information -

into a file.

file-name Specifies the name of the file The value is a string of 5

where diagnostic information is to 64 characters. The file
stored. name extension must
be .txt. The default
directory where files are
stored is flash:/.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 333

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

mac-address ap- Specifies the MAC address of an The value is in H-H-H

mac AP. format. An H is a
hexadecimal number of 4
digits.

ip-address ap-ip- Specifies the IPv4 address of an The value is in dotted

address AP. decimal notation.

ap-name ap-name Specifies an AP name. The AP name must exist.

mac-address sta- Specifies the MAC address of a The value is in H-H-H

mac STA. format. An H is a
hexadecimal number of 4
digits.

engine Displays diagnostic information -

about the Next-Generation
Engine (NGE).

av Displays diagnostic information -

about the antivirus module.

engine Displays diagnostic information -

about the security engine.

file-frame Displays diagnostic information -

about the file frame.

gpm Displays diagnostic information -

about the general pattern
matching.

ips Displays diagnostic information -

about the intrusion prevention
system (IPS) module.

sa Displays diagnostic information -

about the service awareness
(SA) module.

update Displays diagnostic information -

about the upgrade module.

url-filter Displays diagnostic information -

about the URL filtering module.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 334

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When a fault occurs in the system, you can use the display diagnostic-
information command to collect diagnostic information for fault location.

The display diagnostic-information command output includes the output for

multiple display commands. Running the display diagnostic-information
command is like running these display commands in batches.

If the saved-file parameter is not specified, diagnostic information is only

displayed on the screen. If the saved-file parameter is specified, diagnostic
information is only stored into a specified file but not displayed on the screen.

If the saved-file parameter is specified but file-name is not, the system

automatically stores diagnostic information into the diagnostic-information.txt
file.

If you do not specify the parameters ap, and sta, the command displays diagnostic
information about all devices. If you specify a parameter (ap, or sta), the
command displays diagnostic information about the specified parameter.

Precautions

● If this command displays a long output, press Ctrl+C to abort this command.
● This command displays diagnostic information, which helps locate faults but
may affect system performance. For example, CPU usage may become high.
Therefore, do not use this command when the system is running properly.
● Running the display diagnostic-information command simultaneously on
multiple terminals connected to the device is prohibited. This is because CPU
usage of the device may obviously increase and the device performance may
be degraded.
● When you run this command, the device obtains or uses some personal data
of users, such as the STA MAC address. Delete the personal data immediately
after the command is executed to ensure user data security.
● The command output does not support split-screen display.

Example
# Display diagnostic information about the device.
<HUAWEI> display diagnostic-information
===================================================
===============display version===============
===================================================
......

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 335

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.1.5 display elabel

Function
The display elabel command displays the electronic label of a device.

Format
display elabel [ slot-id ] [ brief ]

Parameters
Parameter Description Value

slot-id Displays the electronic The value is an integer

label of the specified card. and must be set
If this parameter is not according to the device
specified, all electronic configuration.
labels of the device are
displayed.

brief Indicates that the -

electronic label of a card
does not include optical
module information.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Electronic labels identify information about hardware components of a device. You
can use the display elabel command to view electronic label information.

Example
# Display brief information about the electronic label of the card in slot 0.
<HUAWEI> display elabel 0 brief
It is executing, please wait...

[Slot_0]
/$[Board Integration Version]
/$BoardIntegrationVersion=3.0

[Main_Board]
/$[ArchivesInfo Version]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 336

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

/$ArchivesInfoVersion=3.0

[Board Properties]
BoardType=AP5030DN
BarCode=210235419610CB000473
Item=02354196
Description=Assembling Components,AP5030DN,AP5030DN Mainframe(11ac,General AP In
door,3x3 Double Frequency,Built-in Antenna,No AC/DC adapter)
Manufactured=2014-03-08
VendorName=Huawei
IssueNumber=00
CLEICode=
BOM=

# Display detailed electronic label information on the device.

<HUAWEI> display elabel
It is executing, please wait...

/$[System Integration Version]

/$SystemIntegrationVersion=3.3

[Rack_1]
[SubRack_0]

[Slot_0]
/$[Board Integration Version]
/$BoardIntegrationVersion=3.0

[Main_Board]
/$[ArchivesInfo Version]
/$ArchivesInfoVersion=3.0

Table 5-3 Description of the display elabel command output

Item Description

BoardType Card model of the specified

component.

BarCode Barcode of the specified component.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 337

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Item BOM code of the specified

component.
For details, see the part number of
the component in Installation >
Appendix > Power Adaptation
Solution of the product
documentation.

Description Description of the specified

component.

Manufactured Manufacturing date of the specified

component.

VendorName Vendor name of the specified

component.

IssueNumber Issuing number of the specified

component.

CLEICode CLEI code of the specified component.

BOM Sales BOM code of the specified

component.

Model External model.

ElabelVersion Electronic label version.

5.1.6 display esn

Function
The display esn command displays the Equipment Serial Number (ESN) of a
device.

Format
display esn

Parameters
None

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 338

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
An ESN uniquely identifies a device.

Example
# Display the ESN of the device.
<HUAWEI> display esn
ESN of device: **********P0B4000046

5.1.7 display sn

Function
The display sn command displays serial number (SN) information of components
on a device.

Format
display sn [ license | all | interface [ interface-type interface-number ] |
[ interface ] abnormal ]

Parameters

Parameter Description Value

license Displays the SN for -

applying for a license.

all Displays all SN -

information.

interface [ interface- Displays the SN of the -

type interface-number ] optical module on a
specified interface:
● interface-type
specifies the interface
type.
● interface-number
specifies the interface
number.

abnormal Displays the SN of an -

abnormal module.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 339

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
1: Monitoring level

Usage Guidelines
You can run the display sn command to view the SNs of the device, optical
module, and device components, which facilitates device management.

Example
# Display the SNs of all components on a device.
<HUAWEI> display sn all
Equipment SN(ESN): **********8SJ8002998
License ESN: --
Slot Sub Type SN P/N
---------------------------------------
0 - AP2051DN **********8SJ8002998 50083572N

# Display the SN of an abnormal subcard.

<HUAWEI> display sn abnormal
Slot Sub Type SN P/N State
---------------------------------------
- 4 POWER **********8NCB000175 02130983 ERROR

# Display the SN of an abnormal interface.

<HUAWEI> display sn interface abnormal
Port Type SN P/N State Description
--------------------------------------------
GE0/0/0 RTXM139-400 ********0690 - ERROR 155Mbps-1310nm--30000m

Table 5-4 Description of the display sn command output

Item Description

Equipment SN(ESN) Equipment serial number.

License ESN License SN.

Slot Slot ID of a component.

Sub Subcard ID.

Type Type of a component.

SN SN of a component.

P/N SBOM of a card.

Port Interface.

Description Interface description.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 340

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

State Subcard status.

● ABNORMAL: The card status is
abnormal.
● ERROR: A registration error occurs.
● REMOVED: A card is removed.
Optical module status.
● ERROR: The optical module cannot
be identified.
● REMOVED: The optical module is
removed.
● UNAUTHORIZED: A non-Huawei-
certified optical module is used.

5.1.8 display fan

Function
The display fan command displays the fan status.

NOTE

This command is available only for the AD9431DN-24X and AD9430DN-24.

Format
display fan [ slot slot-id | verbose ]

Parameters
Parameter Description Value

slot slot-id Specifies the The value of slot-id

slot ID of the depends on the running
device. fan.

verbose Displays -
detailed status
information
about the fan.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 341

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
Devices can run properly when fans are working properly. If proper heat
dissipation cannot be ensured for devices, devices may overheat, damaging the
hardware. You can use the display fan command to view the fan status.

Example
# Display the fan status of the device.
<HUAWEI> display fan
Slot 0: Fan 1 is normal.

NOTE

If no fan is installed, the following information is displayed: Slot 0: Fan 0 is absent.

# Display detailed status information about the fan.

<HUAWEI> display fan verbose
Slot # FAN # Status Speed Rate Mode Airflow Direction
-------------------------------------------------------------------------
0 0 Normal 70 % AUTO Back-to-Side

Table 5-5 Description of the display fan verbose command output

Item Description

Slot Slot ID of the device.

FAN Fan ID.

Status Fan status. The value can be Normal

or Abnormal.

Speed Rate Ratio of the current fan speed to the

full speed.

Mode Working mode of a fan.

● AUTO
● MANUAL

Airflow Direction Airflow direction of the fan.

● Back-to-Side: Air flows from the
rear to the left and right sides.
● Side-to-Back: Air flows from the left
and right sides to the rear.
● Side-to-Side: Air flows from one
side to the other side.
● Front-to-Back: Air flows from the
front to the rear.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 342

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.1.9 display health

Function
The display health command displays the health status of a device.

Format
display health

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
You can run this command to check the information about a device, including the
device temperature, CPU usage, memory usage, and storage medium usage.

Example
# Check the health status of a device.
<HUAWEI> display health
--------------------------------------------------------------------------------
Slot Card Sensor No. SensorName Status Upper Lower Temperature.(C)
--------------------------------------------------------------------------------
0 - 1 AP5030DN TEMP NORMAL 102 -13 48
--------------------------------------------------------------------------
PowerNo Present Mode State Current(A) Voltage(V) Power(W)
--------------------------------------------------------------------------
Info:The device does not support power display!
System CPU Usage Information:
System cpu usage at 2005-08-21 22:40:43 460 ms
-------------------------------------------------------------------------------
SlotID CPU Usage Upper Limit
-------------------------------------------------------------------------------
0 20% 80%
System Memory Usage Information:
System memory usage at 2005-08-21 22:40:43 480 ms
-------------------------------------------------------------------------------
SlotID Total Memory(MB) Used Memory(MB) Used Percentage Upper Limit
-------------------------------------------------------------------------------
0 91 50 55% 90%
System Disk Usage Information:
System disk usage at 2005-08-21 22:40:43 580 ms
-------------------------------------------------------------------------------
SlotID Device Total Memory(MB) Used Memory(MB) Used Percentage Upper Limit
-------------------------------------------------------------------------------
0 flash: 6 0 8% 90%

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 343

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-6 Description of the display health command output

Item Description

Slot ID of the slot where the temperature

sensor resides. The value is fixed as 0,
indicating the main control board
slot.

Card Card number. The device does not

support any card.

Sensor No. Temperature sensor number.

SensorName Temperature sensor name.

Status Device temperature status.

● NORMAL: The device temperature
is normal.
● ABNORMAL: The device
temperature is beyond the allowed
range.

Upper Upper threshold of the device

temperature.

Lower Lower threshold of the device

temperature.

Temperature.(C) Current device temperature.

PowerNo, Present, Mode, State, Power module parameters.

Current(A), Voltage(V), Power(W) NOTE
The AP has no power module and must
connect to an external power supply or
use PoE power supply. These parameters
are not supported.

System CPU Usage Information CPU usage statistics.

SlotID Slot ID of the card where the CPU

resides. The value is fixed as 0,
indicating the main control board
slot.

CPU Usage CPU usage.

Upper Limit Alarm threshold of the CPU usage. To

configure this parameter, run the set
cpu-usage threshold threshold-value
command.

System Memory Usage Information Memory usage statistics.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 344

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

SlotID Slot ID of the card where the memory

resides. The value is fixed as 0,
indicating the main control board
slot.

Total Memory(MB) Total memory.

Used Memory(MB) Used memory.

Used Percentage Memory usage.

Upper Limit Alarm threshold of the memory

usage. To configure this parameter,
run the set memory-usage threshold
threshold-value command.
System Disk Usage Information Storage medium usage statistics.

SlotID Slot ID of the card where the storage

medium resides. The value is fixed as
0, indicating the main control board
slot.

Device Storage medium name.

Total Memory(MB) Total memory of the storage medium.

Used Memory(MB) Used memory of the storage medium.

Used Percentage Storage medium usage.

Upper Limit Alarm threshold of the storage

medium usage. To configure this
parameter, run the set disk-usage
threshold threshold-value command.

5.1.10 display memory-usage

Function
The display memory-usage command displays the memory usage of a device.

Format
display memory-usage

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 345

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Memory usage is an important metric to evaluate device performance. High
memory usage may cause service faults. You can run the display memory-usage
command to view the real-time memory usage to check whether the device is
running properly.
The memory usage displayed in the command output indicates the proportion of
the memory actually occupied by running processes to the total available memory
of system processes.

Example
# Check the memory usage on the current active MPU.
<HUAWEI> display memory-usage
Memory utilization statistics at 2013-02-26 11:03:59 413 ms
System Total Memory Is: 14749912 kbytes
Total Memory Used Is: 649924 kbytes
Memory Using Percentage Is: 4%

Table 5-7 Description of the display memory-usage command output

Item Description

Memory utilization statistics Memory usage statistics.

System Total Memory Total available memory of system processes.

Only part of physical memory is allocated to
the system processes.

Total Memory Used Total used memory.

Memory Using Percentage Memory usage.

5.1.11 display memory-usage threshold

Function
The display memory-usage threshold command displays the memory usage
threshold on the device.

Format
display memory-usage threshold

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 346

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
All views

Default Level

2: Configuration level

Usage Guidelines
You can view the memory usage alarm threshold to learn about the conditions for
triggering alarms.

● When memory usage reaches the alarm threshold, the system generates an
alarm.
● When memory usage falls within the alarm threshold, the system generates a
clear alarm.

Example
# Display the memory usage threshold of the device.
<HUAWEI> display memory-usage threshold
Current memory threshold of the main board is 83%.

Table 5-8 Description of the display memory-usage threshold command output

Item Description

Current memory threshold of The memory usage threshold of the main

the main board is x%. control board is x%. To set the memory usage
threshold of the main control board, use the
set memory-usage threshold threshold-
value command.

5.1.12 display power

Function
The display power command displays the power supply status of the device.

This command is available only for the AD9431DN-24X and AD9430DN-24.

Format
display power

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 347

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can use this command to check the status of all power supply units and their
voltage and current.

Example
# Display the power module status of the device.
<HUAWEI> display power
--------------------------------------------------------------------------
PowerNo Present Mode State Current(A) Voltage(V) Power(W)
--------------------------------------------------------------------------
PWRI YES AC Normal N/A 12 500

Table 5-9 Description of the display power command output

Item Description

PowerNo Number of a power supply.

Present Whether a power supply is working:

● YES: The power supply is working.
● NO: The power supply is not working.

Mode Power mode:

● DC
● AC

State Power supply status:

Current(A) Current of the power supply, in Ampere. It is displayed as

N/A.

Voltage(V) Rated voltage, in V.

Power(W) Rated power, in wattage.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 348

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.1.13 display temperature

Function
The display temperature command displays the device temperature.

Format
display temperature { all | slot slot-id }

Parameters
Parameter Description Value

all Displays the temperature of all -

cards on the device.

slot slot-id Displays the temperature of the The value is an integer and must
specified card. be set according to the device
configuration.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
A proper temperature range is the prerequisite for the device to run stably. A high
or low device temperature may damage the hardware. You can run this command
to view the current device temperature. When the device temperature exceeds the
upper threshold or falls below the lower threshold, the device generates an alarm
to alert you that the device temperature is abnormal.

NOTE

The AP1050DN-S, AP3010DN-V2, AP3030DN, AP4030DN, AP4130DN, AP4050DN, AP4050DN-S,

AP4051DN, AP4051DN-S, AP2051DN-L-S, WA375DD-CE, and AP4151DN do not support query
of the current device temperature.

Example
# Display the device's temperature information.
<HUAWEI> display temperature all
--------------------------------------------------------------------------------
Slot Card Sensor No. Sensor Name Status Upper Lower Temperature.(C)
--------------------------------------------------------------------------------
0 - 1 AP5030DN TEMP NORMAL 102 -13 38

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 349

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-10 Description of the display temperature command output

Item Description

Slot Slot ID of a card.

Card Subcard number.

Sensor No. ID of a sensor on the card.

Sensor Name Name of a sensor on the card.

Status Status of the card temperature.

● NORMAL: The card temperature is normal.
● ABNORMAL: The card temperature is out of the allowed
range.

Upper Upper alarm threshold for the temperature.

Lower Lower alarm threshold for the temperature.

Temperature.(C) Current temperature of the card, in degrees Celsius.

5.1.14 display transceiver

Function
The display transceiver command displays information about the optical module
on an interface.

NOTE

The command displays only information about optical interfaces.

Format
display transceiver [ interface interface-type interface-number ] [ verbose ]

Parameters
Parameter Description Value

interface interface-type Specifies the type and The value varies

interface-number number of an interface. depending on device
● interface-type models.
specifies the interface
type.
● interface-number
specifies the interface
number.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 350

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

verbose Displays detailed -

information about the
optical module on an
interface, including the
general, manufacture,
alarm, and diagnostic
information.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
You can run this command to view general, manufacture, and alarm information
about the optical module on an interface. If you specify verbose in the command,
diagnostic information is also displayed in the command output.

Example
# Check general information, manufacture information, and alarm information
about the optical module on a specified interface.
<HUAWEI> display transceiver interface gigabitethernet 0/0/1
GigabitEthernet0/0/1 transceiver information:
-------------------------------------------------------------
Common information:
Transceiver Type :1000_BASE_SX_SFP
Connector Type :LC
Nominal bit rate(MBits/sec) :1200
Wavelength(nm) :850
Transfer Distance(m) :0(9um),300(50um),150(62.5um)
Digital Diagnostic Monitoring :YES
Vendor Name :SumitomoElectric
Ordering Name :
-------------------------------------------------------------
Manufacture information:
Manu. Serial Number :79K056C05802
Manufacturing Date :2007-09-14
Vendor Name :SumitomoElectric
-------------------------------------------------------------

# Check general information, manufacture information, alarm information, and

diagnostic information about the optical module on a specified interface.
<HUAWEI> display transceiver interface gigabitethernet 0/0/1
verbose
GigabitEthernet0/0/1 transceiver information:
-------------------------------------------------------------
Common information:
Transceiver Type :OC3_INTER_REACH_SFP
Connector Type :LC

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 351

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Nominal bit rate(MBits/sec) :1200

Wavelength(nm) :1310
Transfer Distance(m) :15000(9um)
Digital Diagnostic Monitoring :YES
Vendor Name :HUAWEI
Vendor Part Number :34060358
Ordering Name :
-------------------------------------------------------------
Manufacture information:
Manu. Serial Number :EH1048220807
Manufacturing Date :2010-12-06
Vendor Name :HUAWEI
-------------------------------------------------------------
Alarm information:
RX loss of signal
RX power low
-------------------------------------------------------------
Diagnostic information:
Temperature(°C) :26.00
Temp High Threshold(°C) :85.00
Temp Low Threshold(°C) :-40.00
Voltage(V) :3.29
Volt High Threshold(V) :3.64
Volt Low Threshold(V) :2.95
Bias Current(mA) :4.57
Bias High Threshold(mA) :9.00
Bias Low Threshold(mA) :2.00
RX Power(dBM) :-40.00
RX Power High Threshold(dBM) :0.00
RX Power Low Threshold(dBM) :-16.99
TX Power(dBM) :-5.03
TX Power High Threshold(dBM) :-2.22
TX Power Low Threshold(dBM) :-6.99
-------------------------------------------------------------

Table 5-11 Description of the display transceiver command output

Item Description

Transceiver Type Type of an optical module.

Connector Type Interface type.

Nominal bit rate Bit rate of the optical module, in Mbit/s.

Wavelength(nm) Optical wavelength of the optical module.

Transfer Transmission distance of the optical module.

Distance(m)

Digital Whether diagnostic information about the optical module is

Diagnostic monitored.
Monitoring

Vendor Name Vendor name of the optical module.

Ordering Name Ordering name of the optical module.

Manu. Serial Vendor sequence number of the optical module.

Number

Manufacturing Manufacturing date of the optical module.

Date

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 352

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

RX loss of signal LOS alarm on the optical module.

RX power low Low receive power on the optical module.

Temperature(°C) Current temperature of the optical module.

Voltage(V) Current voltage of the optical module.

Bias Bias current of the optical module.

Current(mA)

Bias High Upper threshold for the bias current of the optical module.
Threshold(mA)

Bias Low Lower threshold for the bias current of the optical module.
Threshold(mA)

RX Power Receive power of the optical module.

RX Power High Upper receive power threshold for the optical module.
Threshold

RX Power Low Lower receive power threshold for the optical module.
Threshold

TX Power Transmit power of the optical module.

TX Power High Upper transmit power threshold for the optical module.
Threshold

TX Power Low Lower transmit power threshold for the optical module.
Threshold

5.1.15 display transceiver diagnosis interface

Function
The display transceiver diagnosis interface command displays the diagnosis
parameters of an optical module.

Format
display transceiver diagnosis interface [ interface-type interface-number ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 353

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

interface-type interface- Specifies the type and The value varies

number number of an interface. depending on device
● interface-type models.
specifies the interface
type.
● interface-number
specifies the interface
number.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
Before running this command to view the diagnosis parameters of an optical
module, make sure that the optical module is an enhanced one and has been
installed on the device.

Example
# Check the diagnosis parameters of the optical module installed on
GigabitEthernet0/0/1.
<HUAWEI> display transceiver diagnosis interface gigabitethernet 0/0/1
Port GigabitEthernet0/0/1 transceiver diagnostic information:
Parameter Current Low Alarm High Alarm
Type Value Threshold Threshold Status
------------- --------- --------- ---------- --------
TxPower(dBm) -4.64 0.00 0.00 abnormal
RxPower(dBm) -4.37 33.00 0.00 abnormal
Current(mA) 7.42 0.00 0.00 abnormal
Temp.(C) 30.00 0.00 0.00 abnormal
Voltage(V) 3.28 0.00 8.19 normal

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 354

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-12 Description of the display transceiver diagnosis interface command

output

Item Description

Parameter Type Parameter type.

● TxPower(dBm): indicates the transmit power of the
optical module, in dBm.
● RxPower(dBm): indicates the receive power of the
optical module, in dBm.
● Current(mA): indicates the current of the optical
module, in mA.
● Temp.(C): indicates the temperature of the optical
module, in degree Celsius.
● Voltage(V): indicates the voltage of the optical
module, in V.

Current Value Current value of a parameter.

Low Alarm Threshold Lower alarm threshold of a parameter.

High Alarm Threshold Upper alarm threshold of a parameter.

Status Status of the optical module, which can be normal or

abnormal.

5.1.16 display version

Function
The display version command displays the version of a device.

Format
display version [ slot slot-id ]

Parameters
Parameter Description Value

slot slot-id Displays the version of The value is an integer

the specified card. and must be set
according to the device
configuration.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 355

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
1: Monitoring level

Usage Guidelines
You can run this command to check the current software version of the device and
determine whether the device requires an upgrade.

Example
# Display the version of a device.
<HUAWEI> display version
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.130 (AP5030DN FAT V200R019C00)
Copyright (C) 2015-2017 HUAWEI TECH CO., LTD
Huawei AP5030DN Router uptime is 0 week, 1 day, 0 hour, 52 minutes

MPU 0(Master) : uptime is 0 week, 1 day, 0 hour, 52 minutes

SDRAM Memory Size : 128 M bytes
Flash Memory Size : 32 M bytes
MPU version information :
1. PCB Version : H86D2TD1D200 VER.C
2. MAB Version : 0
3. Board Type : AP5030DN
4. BootROM Version : 52

Table 5-13 Description of the display version command output

Item Description

HUAWEI Versatile Routing Platform Versatile Routing Platform (VRP).

Software

VRP (R) software, Version VRP version and device software.

Copyright (C) yyyy-yyyy HUAWEI TECH Huawei copyright.

CO., LTD

uptime System power-on time.

SDRAM Memory Size System memory size.

Flash Memory Size Flash memory size.

SD Card Memory Size SD card memory size.

NOR FLASH Memory Size NOR flash memory size.

NAND FLASH Memory Size NAND flash memory size.

USB Disk Memory Size USB flash drive memory size.

This item is displayed only when a
USB flash drive is inserted into the
device.

MPU version information MPU version.

PCB Version PCB version.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 356

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

MAB Version MAB version.

Board Type Card type.

CPLDn Version CPLDn version.

This item is supported only by the
AD9431DN-24X and AD9430DN-24.

BootROM Version BootROM version.

BlueTooth Version Bluetooth version. The first part is the

main version number, and the second
part is the sub-version number.
This item is displayed only on the
AP7052DE, AP4050DN-E, and
AP7050DE.

RPS Version Version of the RPS power supply.

This item is available only for the
AD9431DN-24X.

5.1.17 reset cpu-usage record

Function
The reset cpu-usage record command clears the maximum CPU usage.

Format
reset cpu-usage record

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 357

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Clear the maximum CPU usage.
<HUAWEI> reset cpu-usage record
Info: Succeeding in clear task CPU usage record.

5.2 Hardware Configuration Commands

5.2.1 backup elabel

Function
The backup elabel command backs up electronic labels of the device to the
storage media.
The backup elabel ftp command backs up electronic labels of the device to a
specified FTP server.
The backup elabel tftp command backs up electronic labels of the device to a
specified TFTP server.

Format
backup elabel file-name filename
backup elabel ftp ip-address ftp-server-address [ port-num ] file-name filename
username password
backup elabel tftp ip-address tftp-server-address file-name filename

Parameters
Parameter Description Value

file-name Specifies the name of the file The value is a string of 5 to 28

filename that stores electronic labels. case-sensitive characters
without spaces.
The default file path is flash:/.

ip-address ftp- Specifies the IP address of The value is in dotted decimal

server-address the FTP server that stores notation.
electronic labels.

port-num Specifies the port number. The value is an integer that

ranges from 1 to 65535.

username Specifies the user name used The value is a string of 1 to 20

to log in to the FTP server. case-sensitive characters
without spaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 358

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

password Specifies the password used The value is a string of 1 to 20

to log in to the FTP server. case-sensitive characters
without spaces.

ip-address tftp- Specifies the IP address of The value is in dotted decimal

server-address the TFTP server that stores notation.
electronic labels.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
When electronic labels are stored on a board, use the backup elabel command to
save electronic labels to a file. This file can be saved to the storage media of the
device, to the file server. You are advised to use FTP, which is more secure.

Example
# Save electronic labels of the device to the elabel.fls file in the flash memory.
<HUAWEI> backup elabel file-name flash:/elabel.fls

# Save electronic labels of the device to FTP server 10.1.1.1. Set the FTP user name
to user and password to 123. Save electronic labels in the elabel.fls file.
<HUAWEI> backup elabel ftp ip-address 10.1.1.1 file-name elabel.fls user 123

5.2.2 set cpu-usage threshold

Function
The set cpu-usage threshold command sets the alarm threshold and alarm clear
threshold of the CPU usage.
The undo set cpu-usage threshold command restores the default alarm
threshold and alarm clear threshold of the CPU usage.
By default, the alarm threshold and alarm clear threshold of the CPU usage are
95% and 75%, respectively.

Format
set cpu-usage threshold threshold-value [ restore restore-threshold-value ]
undo set cpu-usage threshold

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 359

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

threshold Specifies an alarm threshold of the The value is an integer

threshold- CPU usage. that ranges from 2 to
value 100. The default value
is 95.

restore Specifies an alarm clear threshold of The value is an integer

restore- the CPU usage. that ranges from 1 to
threshold- (threshold-value - 1).
value If this parameter is not specified, the The default value is 75.
CPU usage alarm recovery threshold is
calculated as follows:
● Alarm threshold minus 1% when
the alarm threshold of the
forwarding CPU usage is less than
60%
● Alarm threshold minus 5% when
the alarm threshold of the
forwarding CPU usage is higher
than or equal to 60%

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To ensure sufficient forwarding CPU resources for the device, run the set cpu-
usage threshold command to set the alarm threshold and alarm clear threshold
of the CPU usage. When CPU resources are insufficient, the device can report an
alarm to alert you in a timely manner. When the CPU usage exceeds the alarm
threshold, the system logs the event and generates an alarm. Based on log
information, you can know the CPU usage. When the CPU usage falls within the
alarm clear threshold, the system generates a clear alarm.
Precautions
The default alarm threshold and alarm clear threshold are recommended. If the
alarm threshold is set small, the system frequently generates alarms. If the alarm
threshold is set large, you cannot learn about the CPU usage in a timely manner.

Example
# Set the alarm threshold of the CPU usage to 85%.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 360

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

<HUAWEI> system-view
[HUAWEI] set cpu-usage threshold 85

# Set the alarm threshold and alarm clear threshold of the CPU usage to 85% and
80%, respectively.
<HUAWEI> system-view
[HUAWEI] set cpu-usage threshold 85 restore 80

5.2.3 set disk-usage threshold

Function
The set disk-usage threshold command sets the disk usage alarm threshold and
alarm clear threshold.
The undo set disk-usage threshold command restores the default disk usage
alarm threshold and alarm clear threshold.
The default disk usage alarm threshold and alarm clear threshold are 95 and 90,
respectively.

Format
set disk-usage threshold threshold [ restore restore-threshold ]
undo set disk-usage threshold

Parameters
Parameter Description Value

threshold Specifies a disk usage alarm threshold. The value is an

integer that ranges
from 6 to 100.

restore Specifies an alarm clear threshold for the The value is an

restore- disk usage. integer that ranges
threshold from 1 to the value
of threshold minus
1.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
If the alarm clear threshold is not specified, it equals the alarm threshold minus 5.
● When the disk usage of the device exceeds the current alarm threshold, the
device generates an alarm.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 361

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

● When the disk usage of the device exceeds the current alarm threshold, clear
alarm information is displayed.

Example
# Set the disk usage alarm threshold of the device to 60.
<HUAWEI> system-view
[HUAWEI] set disk-usage threshold 60

5.2.4 set memory-usage threshold

Function
The set memory-usage threshold command sets the memory usage threshold.

The undo set memory-usage threshold command restores the default memory
usage threshold.

By default:
● If the device memory is less than or equal to 128 MB, the memory usage
alarm threshold is 84%.
● If the device memory is larger than 128 MB, the memory usage alarm
threshold is 90%.

This command is not available for central APs.

Format
set memory-usage threshold threshold-value

undo set memory-usage threshold

Parameters

Parameter Description Value

threshold Specifies the The value is an integer that ranges from

threshold-value memory usage 75 to 86 if the device memory is smaller
threshold. than or greater to 128 MB and ranges
from 75 to 92 if the device memory is
larger than 128 MB.

Views
System view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 362

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Usage Scenario
You can use the set memory-usage threshold command to set the memory
usage threshold. When memory usage exceeds the threshold, the system logs the
event and generates an alarm. By viewing log information, you can learn about
memory usage.
Precautions
You are advised to use the default threshold. If the memory usage threshold is set
too low, the system frequently generates alarms. If the memory usage threshold is
set too high, you cannot learn about memory usage in a timely manner.
When the memory usage reaches threshold-value, the level 1 alarm
ENTITYTRAP_1.3.6.1.4.1.2011.5.25.219.2.15.1 hwMemUtilizationRising is
generated.
When the memory usage restores to (threshold-value - 3), the
ENTITYTRAP_1.3.6.1.4.1.2011.5.25.219.2.15.2 hwMemUtilizationResume alarm
is generated.

Example
# Set the memory usage threshold of the device to 85%.
<HUAWEI> system-view
[HUAWEI] set memory-usage threshold 85

5.3 Energy-saving Configuration Commands

NOTE

Only optical ports and combo ports working in optical mode support the ALS function. Electrical
ports and combo ports working in electrical mode do not support the ALS function. For ports
supported on a device, see Hardware Structure in the corresponding Product Description.

5.3.1 als enable

Function
The als enable command enables ALS on an interface.
The undo als enable command disables ALS on an interface.
By default, ALS is disabled on an interface.

Format
als enable
undo als enable

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 363

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
XGE interface view, port group view

Default Level
2: Configuration level

Usage Guidelines
The constraints on ALS are as follows:
● Only optical interfaces support ALS. Electrical interfaces do not support ALS.

Example
# Enable ALS on interfaces XGigabitEthernet0/0/1.
<HUAWEI> system-view
[HUAWEI] interface xgigabitethernet 0/0/1
[HUAWEI-XGigabitEthernet0/0/1] als enable

5.3.2 als restart

Function
The als restart command manually restarts the laser of an interface.

Format
als restart

Parameters
None

Views
XGE interface view, port group view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run this command to manually restart the laser of an optical module.
After the optical link recovers, the laser is started after a certain interval if the
restart mode is automatic restart. To start the laser immediately after the optical
link recovers, set the restart mode of the laser to manual restart and run the als
restart command. If this command is not executed, the laser automatically sends
a pulse after receiving a pulse from the remote end.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 364

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Prerequisites

ALS has been enabled on the interface using the als enable command and the
restart mode of the laser has been set to manual restart mode using the als
restart mode manual command.

Precautions

This command cannot be executed on an interface if the interface has been added
to an interface protection group and is in Protect state.

Example
# Restart lasers on interfaces XGigabitEthernet0/0/1 manually.
<HUAWEI> system-view
[HUAWEI] interface xgigabitethernet 0/0/1
[HUAWEI-XGigabitEthernet0/0/1] als enable
[HUAWEI-XGigabitEthernet0/0/1] als restart mode manual
[HUAWEI-XGigabitEthernet0/0/1] als restart

5.3.3 als restart mode manual

Function
The als restart mode manual command sets the mode of restarting the laser of
the optical module to manual.

The undo als restart mode manual command restores the mode of restarting the
laser of the optical module to automatic.

By default, a laser works in automatic restart mode.

Format
als restart mode manual

undo als restart mode manual

Parameters
None

Views
XGE interface view, port group view

Default Level
2: Configuration level

Usage Guidelines
The laser of an optical module works in automatic restart mode or manual restart
mode.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 365

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

● In automatic restart mode, the laser sends pulses at the interval set using the
als restart pulse-interval command to detect whether the link is recovered.
The pulse width is set through the als restart pulse-width command.
● In manual restart mode, you must manually start the laser using the als
restart command so that the laser can send a pulse. The ALS pulse width is
set using the als restart pulse-width command.

If the fiber link recovery is detected in time, you can use the manual restart mode
so that the laser can send pulses immediately. Therefore, data communication can
be recovered rapidly.

Example
# Configure lasers on interfaces XGigabitEthernet0/0/1 to work in manual restart
mode.
<HUAWEI> system-view
[HUAWEI] interface xgigabitethernet 0/0/1
[HUAWEI-XGigabitEthernet0/0/1] als restart mode manual

5.3.4 als restart pulse-interval

Function
The als restart pulse-interval command sets the ALS pulse interval for the laser
of an optical module.

The undo als restart pulse-interval command restores the default ALS pulse
interval of the laser of an optical module.

By default, the ALS pulse interval of the laser is 100s.

Format
als restart pulse-interval pulse-interval

undo als restart pulse-interval

Parameters
Parameter Description Value

pulse-interval Specifies the ALS pulse The value is an integer that ranges
interval of the laser. from 100 to 20000, in seconds.

Views
XGE interface view, port group view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 366

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
In automatic restart mode, the ALS pulse interval affects the frequency of
detecting the LOS on the interface. A long ALS pulse interval is beneficial for
energy saving, but the fiber link recovery cannot be detected in a timely manner.
In contrary, a short ALS pulse interval wastes power but the fiber link recovery can
be detected immediately.

Example
# Set the ALS pulse interval of lasers on XGigabitEthernet0/0/1 to 150s.
<HUAWEI> system-view
[HUAWEI] interface xgigabitethernet 0/0/1
[HUAWEI-XGigabitEthernet0/0/1] als restart pulse-interval 150

5.3.5 als restart pulse-width

Function
The als restart pulse-width command sets the ALS pulse width for the laser of an
optical module.
The undo als restart pulse-width command restores the default ALS pulse width
for the laser of an optical module.
By default, the ALS pulse width of the laser is 2s.

Format
als restart pulse-width pulse-width
undo als restart pulse-width

Parameters
Parameter Description Value

pulse-width Specifies the ALS pulse width The value is an integer that ranges
of the laser. from 2 to 200, in seconds.

Views
XGE interface view, port group view

Default Level
2: Configuration level

Usage Guidelines
The ALS pulse width refers to the period between rising edges of pulses. A short
ALS pulse width is beneficial for energy saving, but the fiber link recovery cannot

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 367

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

be detected immediately. In contrary, a long ALS pulse width consumes more

power but the fiber link recovery can be detected immediately.

Example
# Set the ALS pulse width on interfaces XGigabitEthernet0/0/1 to 3s.
<HUAWEI> system-view
[HUAWEI] interface xgigabitethernet 0/0/1
[HUAWEI-XGigabitEthernet0/0/1] als restart pulse-width 3

5.3.6 display als configuration

Function
The display als configuration command displays ALS configuration.

Format
display als configuration slot slot-id
display als configuration interface interface-type interface-number

Parameters
Parameter Description Value
slot slot-id Displays ALS configuration in a slot with a The value is
specified slot ID. 0.

interface interface- Displays ALS configuration on a specified -

type interface- interface.
number
● interface-type specifies the interface
type.
● interface-number specifies the interface
number.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# Display ALS configuration on interfaces XGigabitEthernet0/0/1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 368

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

<HUAWEI> display als configuration interface xgigabitethernet 0/0/1

-------------------------------------------------------------------------------
Interface ALS Laser Restart Interval(s) Width(s)
Status Status Mode
-------------------------------------------------------------------------------
XGigabitEthernet0/0/1 Disable On Auto 100 2

Table 5-14 Description of the display als configuration command output

Item Description

Interface Interface type and number.

ALS Status Whether ALS is enabled.

● Enable: ALS is enabled.
● Disable: ALS is disabled.
ALS is enabled using the als enable
command.

Laser Status Whether the laser is On.

● Off: The laser is Off.
● On: The laser is On.

Restart Mode ALS restart mode.

● Auto: automatic restart mode.
● Manual: manual restart mode.
The ALS restart mode is set to manual
using the als restart mode manual
command.

Interval(s) ALS pulse interval, expressed in

seconds. The ALS pulse interval is set
using the als restart pulse-interval
command.

Width(s) ALS pulse width, expressed in seconds.

The ALS pulse width is set using the
als restart pulse-width command.

5.4 Fault Management Commands

5.4.1 alarm correlation-suppress enable

Function
The alarm correlation-suppress enable command enables NMS-based alarm
correlation suppression.

The undo alarm correlation-suppress enable command disables NMS-based

alarm correlation suppression.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 369

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

By default, NMS-based alarm correlation suppression is enabled.

Format
alarm correlation-suppress enable target-host ip-address securityname
securityname
undo alarm correlation-suppress enable target-host ip-address securityname
securityname

Parameters
Parameter Description Value
target-host ip- Specifies the IPv4 The value is in dotted decimal
address address of an NMS notation.
host.
securityname Specifies the security In the case of a plain text password,
securityname name displayed on the value is a string of 1 to 32 case-
the NMS host. sensitive characters, without spaces.
In the case of a cipher text password,
the value is a string of 48 to 68 case-
sensitive characters, without spaces.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
A lot of alarms are generated and then reported on a running system. If non-root-
cause alarms are unimportant, you can enable NMS-based alarm correlation
suppression to filter out non-root-cause alarms.
Prerequisites
The alarm correlation analysis has been enabled using the correlation-analyze
enable command.

Example
# Enable the alarm correlation suppression of the NMS host whose security name
is user123 and IP address is 192.168.3.1.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] correlation-analyze enable
Info: Enable analyze correlation between alarms successfully

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 370

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

[HUAWEI-alarm] quit
[HUAWEI] alarm correlation-suppress enable target-host 192.168.3.1 securityname user123

5.4.2 alarm-name severity

Function
The alarm-name severity command sets the severity for an alarm.
The undo alarm-name severity command restores the default setting.
By default, each alarm has a default severity.

Format
alarm-name alarm-name severity severity
undo alarm-name alarm-name severity

Parameters
Parameter Description Value

alarm-name Specifies the registered The value is of

alarm name. enumerated type and
varies according to the
registered device type.
NOTE
To view registered alarm
information, run the
display alarm
information command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 371

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

severity severity Specifies the alarm The value is of

severity. enumerated type. Alarms
are classified into the
following severities:
● critical: indicates that
a fault affecting
services has occurred
and it must be
rectified immediately.
● major: indicates that
services are being
affected and related
measures need to be
taken urgently.
● minor: indicates that
a fault occurs but
does not affect
services. To avoid
more serious faults
that affect services,
related measures
must be taken.
● warning: indicates
that a potential or
impending service-
affecting fault is
detected before any
significant effect has
been felt. Take
corrective actions to
diagnose and rectify
the fault.
● indeterminate:
indicates that the
alarm severity cannot
be determined.
● cleared: indicates one
or more previous
alarm conditions have
been cleared.

Views
Alarm view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 372

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Usage Scenario
You can run the alarm-name severity command to change the alarm severity.
You can configure filtering conditions to allow the NMS to receive only alarms of
specified alarm severity.
Precautions
The default severity of each alarm is different. To view the default severity of an
alarm, run the undo alarm-name severity and display alarm information
commands in sequence.

Example
# Set the severity of the hwSysSlaveHDError alarm to warning.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] alarm-name hwSysSlaveHDError severity warning

5.4.3 alarm (system view)

Function
Using the alarm command, you can enter the alarm view.

Format
alarm

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
After running the alarm command to enter the alarm view, you can configuration
alarm management functions.

Example
# Enter the alarm view.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 373

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.4.4 clear alarm active

Function
The clear alarm active command clears active alarms.

Format
clear alarm active { all | sequence-number sequence-number }

Parameters
Parameter Description Value

all Clears all active alarms. -

sequence-number Specifies the sequence The value is an integer

sequence-number number of an active alarm. ranging from 1 to
2147483647.

Views
Alarm view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Before collecting statistics on alarms generated on the device again, run the clear
alarm active to clear active alarms.
Precautions
After the clear alarm active command is used, all active alarms on the device are
deleted and cannot be restored.

Example
# Clear all active alarms on the device.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] clear alarm active all

5.4.5 clear event all

Function
The clear event all command clears events on the device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 374

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
clear event all

Parameters
None

Views
Event view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Before collecting statistics on events generated on the device again, run the clear
event all to clear events.
Precautions

NOTICE

The clear event all command clears events on the device and cleared events
cannot be restored.

Example
# Clear events on the device.
<HUAWEI> system-view
[HUAWEI] event
[HUAWEI-event] clear event all

5.4.6 correlation-analyze enable

Function
The correlation-analyze enable command enables alarm correlation analysis.
The undo correlation-analyze enable command disables alarm correlation
analysis.
By default, alarm correlation analysis is disabled.

Format
correlation-analyze enable
undo correlation-analyze enable

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 375

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
Alarm view

Default Level
3: Management level

Usage Guidelines
A lot of alarms are generated in a running system and reported to the NMS. If
non-root-cause alarms are unimportant, you can run the correlation-analyze
enable command to enable alarm correlation analysis to distinguish between
root-cause alarms and non-root-cause alarms. After alarm correlation analysis is
enabled, the system analyzes types of alarms. For a non-root-cause alarm, the
system marks the sequence number of its root-cause alarm on the non-root-cause
alarm.

Example
# Enable alarm correlation analysis.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] correlation-analyze enable
Info: Enable analyze correlation between alarms successfully

5.4.7 display alarm active

Function
The display alarm active command displays active alarms on the device.

Format
display alarm active

Parameters
None

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 376

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
You can run the display alarm active command to view active alarms on the
device to locate faults.

Example
# Display active alarms on the device.
<HUAWEI> display alarm active
A/B/C/D/E/F/G/H/I/J/K/L
A=Sequence, B=RootKindFlag(Independent|RootCause|nonRootCause)
C=Generating time, D=Clearing time
E=ID, F=Name, G=MIDname, H=InfoAlias, I=Level, J=State
K=Description information for locating(Para info, Reason info)
L=RootCause alarm sequence(Only for nonRootCause alarm)
1/Independent/2011-08-22 15:27:38/-/0xff8c2028/hwFanInvalid/-/-/Warning/Start/OID
1.3.6.1.4.1.2011.5.25.219.2.6.5 Fan is invalid.(Index=16397, EntityPhysicalIndex
=16397, PhysicalName="FAN Card 0/1", EntityTrapFaultID=139264)

Table 5-15 Description of the display alarm active command output

Item Description

A/B/C/D/E/F/G/H Alarm display format.

/I/J/K/L

A=Sequence Sequence number.

B=RootKindFlag( Flag indicating a root-cause alarm or a non-root-cause

Independent| alarm:
RootCause| ● Independent: indicates an alarm for which alarm
nonRootCause) correlation analysis is not performed.
● RootCause: indicates a root-cause alarm.
● nonRootCause: indicates a non-root-cause alarm.

C=Generating Time when an alarm is generated.

time

D=Clearing time Time when an alarm is cleared.

E=ID Alarm ID.

F=Name Alarm name.

G=MIDname Module ID name.

H=InfoAlias Alias name.

I=Level Alarm severity level.

To configure this parameter, run the alarm-name severity
command.

J=State Alarm status:

● Start
● End

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 377

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

K=Description Alarm description including alarm parameters and causes

information for for triggering alarms.
locating(Para
info, Reason
info)

L=RootCause Sequence number of the root-cause alarm (for non-root-

alarm cause alarms only).
sequence(Only
for
nonRootCause
alarm)

5.4.8 display alarm history

Function
The display alarm history command displays historical alarms on the device.

Format
display alarm history

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display alarm history command to view the alarms that are
cleared or generated on the device.

Example
# Display historical alarms on the device.
<HUAWEI> display alarm history
A/B/C/D/E/F/G/H/I/J
A=Sequence, B=RootKindFlag(Independent|RootCause|nonRootCause)
C=Generating time, D=Clearing time
E=ID, F=Name, G=Level, H=State
I=Description information for locating(Para info, Reason info)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 378

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

J=RootCause alarm sequence(Only for nonRootCause alarm)

1/Independent/2011-08-22 15:27:38/2011-08-22 15:42:51/0xff8c2028/hwFanInvalid/

Warning/End/OID 1.3.6.1.4.1.2011.5.25.219.2.6.5 Fan is invalid.(Index=16397, Ent
ityPhysicalIndex=16397, PhysicalName="FAN Card 0/1", EntityTrapFaultID=139264)

Table 5-16 Description of the display alarm history command output

Item Description

A/B/C/D/E/F/G/H Alarm display format

/I/J

A=Sequence Sequence number

B=RootKindFlag( Flag indicating a root-cause alarm or a non-root-cause

C=Generating Time when an alarm is generated

time

D=Clearing time Time when an alarm is cleared

E=ID E=ID

F=Name Alarm ID

G=Level Alarm severity level

You can run the alarm-name severity command to set this
parameter.

H=State Alarm status:

● Start
● End

I=Description Alarm description including alarm parameters and causes

information for for triggering alarms
locating(Para
info, Reason
info)

J=RootCause Sequence number of the root-cause alarm

alarm
sequence(Only
for
nonRootCause
alarm)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 379

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.4.9 display alarm information

Function
The display alarm information command displays alarm configurations.

Format
display alarm information [ name alarm-name ]

Parameters

Parameter Description Value

name alarm- Displays the configuration of a The value is a string of 1
name specified alarm. If this parameter to 64 case-sensitive
is not set, configurations of all characters, spaces not
alarms are displayed. supported.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To view alarm configurations on the device, run the display alarm information
command.

If no alarm name is specified, information about all alarms in the system will be
displayed.

In addition, to change the severity level of an alarm, you can run the alarm-name
alarm-name severity severity command.

Example
# Display information about the LinkUp alarm.
<HUAWEI> display alarm information name linkUp
**********************************
AlarmName: linkUp
AlarmType: Resume Alarm
AlarmLevel: Critical
Suppress Period: 10s
CauseAlarmName: linkDown
Match VB Name: ifIndex
**********************************

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 380

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-17 Description of the display alarm information command output

Item Description

AlarmName Name of an alarm.

AlarmType Alarm type:

● Alarm: indicates a fault occurs.
● Resume Alarm: indicates a fault is rectified.

AlarmLevel Alarm severity.

You can run the alarm-name severity command to set this
parameter.

Suppress Period Alarm reporting delay.

CauseAlarmNam Name of the root-cause alarm.

Match VB Name Matching content of paired alarms.

5.4.10 display event

Function
The display event command displays events on the device.

Format
display event

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# Display events on the device.
<HUAWEI> display event
A/B/C/D/E/F/G/H/I/J

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 381

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

A=Sequence, B=RootKindFlag(Independent|RootCause|nonRootCause)
C=Generating time, D=Clearing time
E=ID, F=Name, G=Level, H=State
I=Description information for locating(Para info, Reason info)
J=RootCause alarm sequence(Only for nonRootCause alarm)

1/Independent/2011-08-29 16:36:55/-/0xc0dc2000/entConfigChange/Warning/Start/O
ID 1.3.6.1.2.1.47.2.0.1 Entity MIB change.
2/Independent/2011-08-29 16:37:32/-/0xc0dc2000/entConfigChange/Warning/Start/O
ID 1.3.6.1.2.1.47.2.0.1 Entity MIB change.

Table 5-18 Description of the display event command output

Item Description

A/B/C/D/E/F/G/H Event display format

/I/J

A=Sequence Sequence number of an event

B=RootKindFlag( Flag indicating a root-cause alarm or a non-root-cause

Independent| alarm (The value of this field is Independent for any event.)
RootCause|
nonRootCause)

C=Generating Time when the event is generated

time

D=Clearing time Time when the event is cleared (for non-root-cause alarms
only)

E=ID Event ID

F=Name Event name

G=Level Event level

H=State Event status:

● Start
● End

I=Description Description of an event, including parameters of the event

information for and the reason why the event was triggered.
locating(Para
info, Reason
info)

J=RootCause This parameter is valid only for alarms.

alarm
sequence(Only
for
nonRootCause
alarm)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 382

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.4.11 display event information

Function
The display event information command displays event configurations.

Format
display event information [ name event-name ]

Parameters
Parameter Description Value
name event- Displays the configuration of a The value is of
name specified event. If this parameter enumeration type and
is not set, configurations of all varies according to the
events are displayed. registered device type.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To view event configurations on the device, run the display event information
command.

Example
# Display registration information about the hwICLogfileNumberUpper event.
<HUAWEI> display event information name hwICLogfileNumberUpper
**********************************
EventName: hwICLogfileNumberUpper
EventType: Critical Event
EventLevel: NA
Suppress Period: 10s
Match VB Name: hwICLogFileNumber
**********************************

Table 5-19 Description of the display event information command output

Item Description

EventName Event name.

EventType Event type.

EventLevel Event level.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 383

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Suppress Period Event report delay period.

You can run the suppression event-name command to set
this parameter.

Match VB Name Matching content of repeated events.

5.4.12 delay-suppression enable

Function
The delay-suppression enable command enables the alarm or event reporting
delay function.
The undo delay-suppression enable command disables the alarm or event
reporting delay function.
By default, the reporting delay function is enabled.

Format
delay-suppression enable
undo delay-suppression enable

Parameters
None

Views
Alarm view or event view

Default Level
2: Configuration level

Usage Guidelines
If an alarm or an event is repeatedly generated, you can run the delay-
suppression enable command to enable the reporting delay function to prevent a
large number of repeated alarms or events from being reported to the NMS in a
specified period.

Example
# Enable the alarm reporting delay function.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] delay-suppression enable
Info: alarm delay suppression has already been enabled

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 384

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.4.13 event

Function
Using the event command, you can enter the event view.

Format
event

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
After running the event command to enter the event view, you can configure
event management functions.

Example
# Enter the event view.
<HUAWEI> system-view
[HUAWEI] event
[HUAWEI-event]

5.4.14 mask interface

Function
The mask interface command enables interface-based alarm suppression.

The undo mask interface command disables interface-based alarm suppression.

By default, interface-based alarm suppression is disabled.

Format
mask interface interface-type interface-number

undo mask interface interface-type interface-number

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 385

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters

Parameter Description Value

interface-type interface- Specifies the type and number of the interface -
number on which alarm suppression is to be enabled.

Views
Alarm view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

When a large number of LinkDown alarms are generated on the interface, you can
run the mask interface command to suppress LinkDown root-cause and non-
root-cause alarms.

Prerequisites

The correlation-analyze enable command has been executed in the alarm view
to enable alarm correlation analysis.

Example
# Enable alarm suppression on the GigabitEthernet0/0/1 interface.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] correlation-analyze enable
Info: analyze correlation between alarms has already been enabled
[HUAWEI-alarm] mask interface gigabitethernet0/0/1

5.4.15 suppression alarm-name

Function
The suppression alarm-name command sets a period after which a generated
alarm is reported. After the period is set, the alarm management module does not
send the received alarm to the NMS until the period expires. If the period is set to
0s, the alarm management module sends the alarm to the NMS without any
delay.

The undo suppression alarm-name command restores the period of delay in

reporting alarms.

The system has defined a default period of delay in reporting alarms.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 386

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
suppression alarm-name alarm-name { cause-period cause-seconds | clear-
period clear-seconds }
undo suppression alarm-name alarm-name { cause-period | clear-period }

Parameters
Parameter Description Value
alarm-name Specifies the name of an The value is a string of 1 to 64
alarm for which the delay case-insensitive characters,
period is set. spaces not supported.
cause-period Specifies the period after The value is an integer
cause-seconds which a generated alarm is ranging from 0 to 600, in
reported. seconds.
clear-period Specifies the period after The value is an integer
clear-seconds which a generated recovery ranging from 0 to 600, in
alarm is reported. seconds.

Views
Alarm view

Default Level
2: Configuration level

Usage Guidelines
In the event that a certain alarm is repeatedly generated, you can enable delayed
alarm reporting and set a period after which the alarm is reported to prevent the
alarm from being reported during this period.
Before running the suppression alarm-name command, be sure that delayed
alarm reporting has been enabled.
After the period is set for a certain alarm:
● If no recovery alarm is generated during the period, the alarm is not reported
to the NMS until the period expires.
● If a recovery alarm is generated during this period, the alarm and its recovery
alarm are both deleted from the alarm queue and will not be reported to the
NMS.
The value of cause-period cause-seconds is irrelevant to the value of clear-period
clear-seconds. Each alarm or its recovery alarm has its own default delay period.
If the delay period is too short, alarm reporting is not efficiently delayed. If the
delay period is too long, alarm reporting is postponed and the time when the fault
occurs cannot be correctly obtained. For most alarms, the default delay period is
recommended. For common alarms, such as alarms about hardware and
environment, delayed alarm reporting is not recommended.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 387

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

If the delay period is changed when an alarm is being sent, the changed delay
period takes effect on the next alarm to be sent.

Example
# Set the period of hwFileError alarm reporting delay to 5 seconds.
<HUAWEI> system-view
[HUAWEI] alarm
[HUAWEI-alarm] delay-suppression enable
[HUAWEI-alarm] suppression alarm-name hwFileError cause-period 5

5.4.16 suppression event-name

Function
The suppression event-name command configures the period of delay in
reporting events.
The undo suppression event-name command restores the period of delay in
reporting events.
The system has defined a default period of delay in reporting events.

Format
suppression event-name event-name period seconds
undo suppression event-name event-name period

Parameters
Parameter Description Value

event-name Specifies the name of The value is of

the event for which the enumeration type and
period of delay in varies according to the
reporting events is to be registered device type.
configured. NOTE
To view registered alarm
information, run the
display event information
command.

period seconds Specifies the period of The value is an integer

delay in reporting events. ranging from 0 to 600, in
seconds. When the value
is 0, the event is reported
to the NMS without
delay.

Views
Event view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 388

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

When an event is reported repeatedly, users can use the event reporting delay
function to prevent the event from being reported to the NMS. The suppression
event-name command configures the period of delay in reporting events.

After the event reporting delay function is enabled and the period of delay is
configured, the system discards the event that is generated several times during
the delay. When the delay expires, the system reports only the first event.

Prerequisites

The event reporting delay function has been enabled using the delay-suppression
enable command.

Precautions

● Each event can be configured with a period of reporting different delay. Run
the undo suppression event-name and display event information
commands in sequence to view the default period of reporting delay.
● During event reporting, if you change the period of delay in reporting events,
the new delay takes effect on the next alarm.

Example
# Set the period of delay in reporting the event named hwICLogfileNumberUpper
to 5 seconds.
<HUAWEI> system-view
[HUAWEI] event
[HUAWEI-event] delay-suppression enable
[HUAWEI-event] suppression event-name hwICLogfileNumberUpper period 5

5.5 Information Center Configuration Commands

5.5.1 display binlog-buffer

Function
The display binlog-buffer command displays logs recorded in the binlog buffer.

Format
display binlog-buffer [ level { emergency | error | info | warning } | module
module ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 389

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value
level Specifies the level of logs to be
-
displayed.
emergency Displays logs of the emergency level. -

error Displays logs of the error level. -

info Displays logs of the info level. -

warning Displays logs of the warning level. -

module module Specifies the module of logs to be Select a module based

displayed. on the actual
situation.

Views
All views

Default Level
3: Management level

Usage Guidelines
If [ level { emergency | error | info | warning } | module module ] are not
specified, all logs in the binlog buffer are displayed.

Example
# Display logs of the info level in the binlog buffer.
<HUAWEI> display binlog-buffer level info
2018:01:01 11:09:04/informational/0/BSP BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 0 char : A
2018:01:01 11:09:04/informational/3/WIFI BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 3425 233 233
char : C
2018:01:01 11:09:04/informational/0/BSP BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 1 char : A
2018:01:01 11:09:04/informational/3/WIFI BINLOG_CfgProc_Demo: test1 for DBG_PRINT int: 3424 233 234
char : C

Table 5-20 Description of the display binlog-buffer command output

Item Description

2018:01:01 11:09:04/ Log generation time/Log level/Service

informational/0/BSP flow ID/Module name/Function name:
BINLOG_CfgProc_Demo: test1 for log description.
DBG_PRINT int: 0 char : A

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 390

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.5.2 display binlog-buffer summary

Function
The display binlog-buffer summary command displays the usage of the binlog
memory buffer.

Format
display binlog-buffer summary

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
None.

Example
# Display the usage of the binlog memory buffer.
<HUAWEI> display binlog-buffer summary
-----------------------------------------------------------------------
Buffer Id Buffer Size(KB) Used Size(KB) Free Size(KB) Log Count
1 204 0 204 0
2 204 0 204 0
3 204 0 204 0
4 204 0 204 0
5 204 0 204 0
----------------------------------------------------------------------

Table 5-21 Description of the display binlog-buffer summary command output

Item Description

Buffer Id Buffer ID.

Buffer Size(KB) Buffer size, in KB.

Used Size(KB) Used buffer size, in KB.

Free Size(KB) Remaining buffer size, in KB.

Log Count Number of logs recorded in the buffer.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 391

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.5.3 display channel

Function
The display channel command displays the channel configuration.

Format
display channel [ channel-number | channel-name ]

Parameters

Parameter Description Value

channel- Specifies the The value is an integer that ranges from 0 to

number number of a 9. That is, the system has 10 channels.
channel. Channels 0 to 5 have default names and the
six channels map to six different output
directions.
Table 5-22 shows the relationship between
channels and output directions.

channel-name Specifies the name The value is a string of 1 to 30 case-sensitive

of a channel. characters. The value consists of letters or
numbers and must start with a letter.

Table 5-22 Relationship between channel and output directions

Chan Default Output Description

nel Channel Direction
Numb Name
er

0 console console Console that can receive logs, traps, and

debugging messages.

1 monitor monitor VTY terminal that can receive logs, traps,

and debugging messages, which facilitates
remote maintenance.

2 loghost loghost Log host that can receive logs, traps, and
debugging messages. By default,
information is saved on the log host in file
format for easy reference.

3 trapbuffer trapbuffer Trap buffer that can receive traps.

4 logbuffer logbuffer Log buffer that can receive logs.

5 snmpagent snmpagent SNMP agent that can receive traps.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 392

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Chan Default Output Description

nel Channel Direction
Numb Name
er

6 channel6 Unspecified Reserved. You can specify to which

destination this channel can output
information.

7 channel7 Unspecified Reserved. You can specify to which

destination this channel can output
information.

8 channel8 Unspecified Reserved. You can specify to which

destination this channel can output
information.

9 channel9 logfile Log file that can receive logs, traps, and
debugging messages. Information is saved
to the USB flash drive or SD card in file
format.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The display channel command displays the channel configuration.
When using this command, note the following points:
● When channel-number or channel-name is specified, the display channel
command displays the specified channel that information passes through and
information severity.
● When channel-number or channel-name is not specified, the display channel
command displays all the channels that information passes through and
information severity.

Example
# Display the configuration of channel 0.
<HUAWEI> display channel 0
channel number: 0, channel name: console
MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y warning Y debugging Y debugging

# Display the configuration of all channels.

<HUAWEI> display channel
channel number: 0, channel name: console

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 393

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL

ffff0000 default Y warning Y debugging Y debugging

channel number: 1, channel name: monitor

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y warning Y debugging Y debugging

channel number: 2, channel name: loghost

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y informational Y debugging N debugging

channel number: 3, channel name: trapbuffer

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default N informational Y debugging N debugging

channel number: 4, channel name: logbuffer

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y warning N debugging N debugging

channel number: 5, channel name: snmpagent

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default N debugging Y debugging N debugging

channel number: 6, channel name: channel6

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y debugging Y debugging N debugging

channel number: 7, channel name: channel7

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y debugging Y debugging N debugging

channel number: 8, channel name: channel8

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y debugging Y debugging N debugging

channel number: 9, channel name: channel9

MODU_ID NAME ENABLE LOG_LEVEL ENABLE TRAP_LEVEL ENABLE DEBUG_LEVEL
ffff0000 default Y debugging Y debugging N debugging

Table 5-23 Description of the display channel command output

Item Description

channel number Channel number, which ranges from 0 to 9.

channel name Channel name. Table 5-22 lists default channel names.
To set the channel name, run the info-center channel
name command.

MODU_ID Module ID. The default value is ffff0000.

NAME Module name. The default value is default.

To set the module name, run the info-center source
channel command.

ENABLE Whether logs/traps/debugging messages are allowed to

pass through a channel:
● Y
● N
To specify the channel, run the info-center source channel
command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 394

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

LOG_LEVEL/ Lowest severity of output logs/traps/debugging messages.

TRAP_LEVEL/ The following severities are listed in descending order of
DEBUG_LEVEL priority:
● emergencies
● alert
● critical
● error
● warning
● notification
● informational
● debugging
To set the lowest severity of output logs, run the info-
center source channel command.

5.5.4 display debugging

Function
The display debugging command displays debugging messages allowed to be
sent by the device.

Format
display debugging [ interface interface-type interface-number ] [ module-
name ]

Parameters

Parameter Description Value

interface Specifies the interface type and -
interface-type number.
interface-number
module-name Displays debugging messages sent by
Enumerated type.
a specified module such as the DHCP
The value depends
module. If this parameter is not
on the registered
specified, all debugging messages
module.
allowed to be sent are displayed.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 395

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
Debugging affects device performance. The display debugging command displays
debugging messages allowed to be sent by the AP.
Prerequisites
By default, sending debugging messages is prohibited. The debugging of a
specified module has been enabled.

Example
# Display debugging messages allowed to be sent by the AP.
<HUAWEI> debugging acl4 all
<HUAWEI> display debugging
ACL4 event debugging switch is on
ACL4 packet debugging switch is on

# Display debugging messages allowed by the ARP module.

<HUAWEI> display debugging arp
slot[0]:ARP packet debugging is on

5.5.5 display info-center

Function
The display info-center command displays the output configuration of the
information center.

Format
display info-center

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 396

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Display output configuration of the information center.
<HUAWEI> display info-center
Information Center: enabled
Log host:
10.1.1.1, channel number: 2, channel name: loghost
language: english, host facility: local7
Console:
channel number: 0, channel name: console
Monitor:
channel number: 1, channel name: monitor
SNMP Agent:
channel number: 5, channel name: snmpagent
Log buffer:
enabled
max buffer size: 1024, current buffer size: 512
current messages: 6, channel number: 4, channel name: logbuffer
dropped messages: 0, overwritten messages: 0
Trap buffer:
enabled
max buffer size: 1024, current buffer size: 256
current messages: 0, channel number: 3, channel name: trapbuffer
dropped messages: 0, overwritten messages: 0
Logfile:
channel number: 9, channel name: channel9, language: English
Information timestamp setting:
log - date, trap - date, debug - date

Sent messages = 25, Received messages = 25

Table 5-24 Description of the display info-center command output

Item Description

Information Center Information center status:

● enabled
● disabled
To enable the information center, run the info-center
enable command.

Log host Log host configuration.

10.1.1.1 Log host IP address.

To set the log host IP address, run the info-center
loghost command.

channel number Number of a channel used to output information.

To set the number of a channel used to output
information, run the info-center channel command.

channel name Name of a channel used to output information.

To set the name of a channel used to output information,
run the info-center channel name command.

language Language mode in which information is output to a log

host.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 397

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

host facility Logging tool.

To configure the logging tool, run the info-center
loghost command.

Console Console configuration.

Monitor Remote terminal configuration.

SNMP Agent SNMP agent configuration.

Log buffer Log buffer configuration.

enabled Whether the AP is enabled to send logs/traps to the log/

trap buffer.
● enabled
● disabled
To enable the AP to send logs/traps to the log/trap buffer,
run the info-center logbuffer or info-center trapbuffer
command.

max buffer size Maximum number of logs/traps in the log/trap buffer.

current buffer size Maximum number of logs/traps in the current log/trap

buffer.
To set the maximum number of logs/traps in the current
log/trap buffer, run the info-center logbuffer size or
info-center trapbuffer size command.

current messages Number of messages recorded in the log/trap buffer.

dropped messages Number of messages discarded by the log/trap buffer.

overwritten Number of overwritten messages in the log/trap buffer.

messages

Trap buffer Trap buffer configuration.

logfile Log file configuration.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 398

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Information Timestamp format of logs, traps, and debugging

timestamp setting messages:
● boot: indicates that the timestamp is expressed in the
format of relative time, a period of time since system
start.
● date: indicates the current system date and time. It is
expressed in mm dd yyyy hh:mm:ss format.
● short-date: indicates the short date. This timestamp
differs from date is that the year is not displayed.
● format-date: indicates that the timestamp is expressed
in YYYY-MM-DD hh:mm:ss format.
● none: indicates that the output information does not
contain the timestamp.
To configure the timestamp format, run the info-center
timestamp command.

Sent messages Number of sent messages output by information center

modules.

Received messages Number of messages sent to information center modules.

5.5.6 display info-center filter-id

Function
The display info-center filter-id command displays information filtered by the
information center.

Format
display info-center filter-id [ id | bymodule-alias modname alias ]

Parameters
Parameter Description Value
id Displays filtered information The value is an integer that
with the specified ID. ranges from 0 to
4294967295.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 399

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

bymodule-alias Displays filtered information Enumerated type. Set the
modname alias with the specified module name value according to the
and mnemonic symbol. device configuration.
● modname: specifies the
module name.
● alias specifies the mnemonic
symbol.

Views
All views

Default Level

2: Configuration level

Usage Guidelines
ID identifies each function module for log registration. An ID filter list is the
aggregation of the shielded IDs.
If id or bymodule-alias is not specified, all information is filtered.
To prevent output of specified information, run the info-center filter-id command
to add the ID to the filtering list, and then run the display info-center filter-id
command to check whether information with this ID is filtered.

Example
# Display filtered information with ID 3246215177.
<HUAWEI> display info-center filter-id 3246215177
ID : 3246215177
Module : 6OVER4
Alias : DEL_UPTUNN_FAIL
Content : Failed to delete the UPTUNNEL entry when processing ([STRING])
. (Interface=[STRING])
Filtered Number : 0

# Display all the IDs in the filter list.

<HUAWEI> display info-center filter-id
ID : 3221442627
Module : HA
Alias : DISCARDINBATCH
Content : The message was discarded because module batch doesn't begin.
(SourceModuleId=[ULONG], SourceModuleSubId=[ULONG], DestinationModuleId=[ULONG],
DestinationModuleSubId=[ULONG])
Filtered Number : 0

ID : 3246215177
Module : 6OVER4
Alias : DEL_UPTUNN_FAIL
Content : Failed to delete the UPTUNNEL entry when processing ([STRING])
. (Interface=[STRING])
Filtered Number : 0

ID : 3491254537

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 400

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Module : BGP
Alias : ADD_DELETED_ROUTE
Content : Add the route [STRING] that have other flags besides deleted f
lag [USHORT]
Filtered Number : 0

Table 5-25 Description of the display info-center filter-id command output

Item Description

ID Identifier to which each log corresponds.

To configure the AP to filter a log or trap with a
specified ID, run the info-center filter-id id
command.

Module Module name.

To configure the AP to filter a log or trap with a
specified module name or alias name, run the
info-center filter-id bymodule-alias modname
alias command.
Alias Alias name.
To configure the AP to filter a log or trap with a
specified module name or alias name, run the
info-center filter-id bymodule-alias modname
alias command.
Content Log message to which each log ID corresponds.

Filtered Number Number of times that the log to which the log
ID corresponds is filtered.

5.5.7 display info-center logfile path

Function
The display info-center logfile path command displays the path where log files
are saved.

Format
display info-center logfile path

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 401

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
1: Monitoring level

Usage Guidelines
The display info-center logfile path command displays the path where log files
are saved. This command is used in the following scenarios:
● The information is output to the log file.
● The save logfile command is executed to save log files to the specified path.

Example
# Display the path where log files are saved.
<HUAWEI> display info-center logfile path
Info: Logfile save path is flash:/logfile

5.5.8 display info-center rate-limit record

Function
The display info-center rate-limit record command displays the suppression of
the log processing rate in the information center.

Format
display info-center rate-limit record

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display info-center rate-limit record command to view the real-
time suppression of the log processing rate in the information center.

Example
# Display the suppression of the log processing rate in the information center.
<HUAWEI> display info-center rate-limit record
Record No.1
InfoID : 417d5000
Module : 6OVER4
Alias : DESTFAIL

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 402

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Rate limit threshold : 50

Total receive number : 1872
Total drop number : 922
Total send number : 950
Begin timestamp : 2009-12-21 11:41:28

Table 5-26 Description of the display info-center rate-limit record command

output

Item Description

InfoID Indicates the ID of a log.

Module Indicates the name of a module.

Alias Indicates the mnemonic of a log.

Rate limit threshold Indicates the maximum number of logs set for
the information center to process every second.

Total receive number Indicates the total number of logs that are
generated during the latest suppression period.

Total drop number Indicates the total number of logs that are
discarded during the latest suppression period.

Total send number Indicates the total number of logs that the
information center process during the latest
suppression period.

Begin timestamp Indicates the timestamp signifying when the

suppression function is enabled for the last
time.

5.5.9 display info-center rate-limit threshold

Function
The display info-center rate-limit threshold command displays the threshold of
the log processing rate (maximum number of logs that the information center can
process every second).

Format
display info-center rate-limit threshold

Parameters
None

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 403

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
1: Monitoring level

Usage Guidelines
You can run the display info-center rate-limit threshold command to view the
threshold of the log processing rate.

The threshold information includes the default threshold contained in the released
version, the default threshold for the specified log ID, and the threshold set
through the command lines after the system startup.

Example
# Display the threshold of the log processing rate set for the information center.
<HUAWEI> display info-center rate-limit threshold
Rate limit threshold(per second):
Module Alias Default Config
default 50 50

Table 5-27 Description of the display info-center rate-limit threshold command

output

Item Description

Module Indicates the name of a module.

Alias Indicates the mnemonic of a log.

Default Indicates the default threshold of the log

processing rate.

Config Indicates the threshold of the log processing

rate set for the information center.

5.5.10 display info-center statistics

Function
The display info-center statistics command displays statistics on the information
center.

Format
display info-center statistics

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 404

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display info-center statistics command to view statistics on the
information center, including logs, traps, and debugging messages of each
module.

Example
# Display statistics on the information center.
<HUAWEI> display info-center statistics
Information statistics data:
ModuleID ModuleName LogNumber DiagLogNumber TrapNumber DebugNumber
c17d0000 6OVER4 0 0 0 0
c1500000 AAA 0 0 0 0
c06c0000 ACL 0 0 0 0
c0ef0000 ACL6 0 0 0 0
ff1e0000 ACLE 0 0 0 0
c0e70000 ADDR 0 0 0 0
ff120000 ADP_MSTP 0 0 0 0
ff2b0000 ADPIPV4 0 0 0 0
c1a80000 ANTIATTACK 0 0 0 0
c16e0000 ARP 0 0 0 0
c19d0000 ARPLINK 0 0 0 0

Table 5-28 Description of the display info-center statistics command output

Item Description

ModuleID Registered module ID.

ModuleName Name of the module that generates logs.

LogNumber Number of generated logs.

DiagLogNumbe Number of diagnostic logs.

TrapNumber Number of generated traps.

DebugNumber Number of generated debugging messages.

5.5.11 display log

Function
Using the display log command, you can query all the logs or a specified log.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 405

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
display log [ cli | snmp ] index index1 [ index2 ]
display log [ cli | snmp ] { all | name username } [ start-date [ start-time ] [ –
end-date [ end-time ] ] ]

Parameters
Parameter Description Value

cli Queries specified logs. -

snmp Queries network management logs. -

index index1 Indicates the index of the log to be Numeral type.

[ index2 ] queried. index1 is the start index of Range: 1-64.
the logs and index2 is the end index
of the logs. That is, the logs with the
index starting from index1 and
ending with index2 are displayed.

name username Queries logs by user name. It is a string of

1-15 characters.

all Queries logs of all users. -

[ start-date Sets the date and time when you start-date: The real
[ start-time ] [ – query logs by user name or query start date. Date
end-date [ end- logs of all users. format: yyyy-mm-
time ] ] ] dd.
start-time: The real
start time. Time
format: hh:mm:ss.
end-date: The real
end date. Date
format: yyyy-mm-
dd.
end-time: The real
end time. Time
format: hh:mm:ss.

Views
User view

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 406

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
● When querying logs by name or by all, you can also query these logs by
period.
● This command can be used to query logs of the user with the level the same
as yours or lower than yours.
● Use parameters to display operation information about different users in
different periods, for example, enter all to display the logs of all users.
● When a configuration is incorrect, a fault will occur. To locate the fault, run
this command to query logs to learn about basic information, such as the
name of the user who operates the system, the IP address of the user, the
specific time when the user performs an operation, and the detailed
operations.

Example
# Query logs with indexes from 1 to 10.
<HUAWEI> display log index 1 10
---------------------------------------------------------------------------
No. UserName Domain IP-Address
4 huawei123 -- 192.168.254.225
Time: 2014-05-20 04:55:34+00:00
Cmd: system-view
---------------------------------------------------------------------------
No. UserName Domain IP-Address
3 huawei123 -- 192.168.254.225
Time: 2014-05-20 04:55:32+00:00
Cmd: log on
---------------------------------------------------------------------------
No. UserName Domain IP-Address
2 huawei123 -- 192.168.254.216
Time: 2014-05-20 04:55:19+00:00
Cmd: log on
---------------------------------------------------------------------------
No. UserName Domain IP-Address
1 huawei123 -- 192.168.254.224
Time: 2014-05-20 04:54:28+00:00
Cmd: log on
---------------------------------------------------------------------------

# Query logs of all users within the period starting at 15:10:10 on 2013-07-31 and
ending at 20:20:10 on 2013-07-31.
<HUAWEI> display log all 2013-07-31 15:10:10 - 2013-07-31 20:20:10
---------------------------------------------------------------------------
No. UserName Domain IP-Address
4 admin -- 192.168.40.1
Time: 2013-07-31 17:10:06+08:00
Cmd: log off
---------------------------------------------------------------------------
No. UserName Domain IP-Address
3 admin -- 192.168.40.1
Time: 2013-07-31 16:40:13+08:00
Cmd: diagnose
---------------------------------------------------------------------------
No. UserName Domain IP-Address
2 admin -- 192.168.40.1
Time: 2013-07-31 16:40:12+08:00
Cmd: system-view
---------------------------------------------------------------------------
No. UserName Domain IP-Address
1 admin -- 192.168.40.1
Time: 2013-07-31 16:40:10+08:00

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 407

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Cmd: log on
---------------------------------------------------------------------------

Table 5-29 Description of the display log command output

Item Description

No. Serial number of each log. The serial

number is generated automatically by
the system.

UserName User name of the log

Time Detailed operation time of the user

IP-Address IP address of the user

Cmd Detailed operations of the user

Domain Domain name of the log

5.5.12 display log failure

Function
Using the display log failure command, you can query logs about configuration
failure.

Format
display log failure

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
● When a configuration fails, or you maintain the system, run this command to
query logs about configuration failure. After this command is executed
successfully, the system displays all the logs about configuration failure on the
command line interface (CLI).
● You can query configuration failure logs of the user with the level the same as
yours or lower than yours.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 408

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Query a log about configuration failure in the system.
<HUAWEI> display log failure
---------------------------------------------------------------------------
No. UserName Domain IP-Address
56 -- 10.138.78.128
Time: 2007-08-25 16:42:10+00:00
Failure Cmd: info-center filter-id 3246215177
---------------------------------------------------------------------------
No. UserName Domain IP-Address
53 -- 10.138.78.128
Time: 2007-08-25 16:41:04+00:00
Failure Cmd: info-center filter-id 1098731530
---------------------------------------------------------------------------
No. UserName Domain IP-Address
52 -- 10.138.78.128
Time: 2007-08-25 16:40:51+00:00
Failure Cmd: undo info-center filter-id 1098731530
---------------------------------------------------------------------------

Table 5-30 Description of the display log failure command output

Item Description

No. Index of the log that records a

configuration failure

UserName User name

Domain Name of the domain where the user is

located

IP-Address IP address of the user

Time Time of the configuration failure

recorded by the log

Failure Cmd Operation that causes the configuration

failure recorded by the log

5.5.13 display logbuffer

Function
The display logbuffer command displays information recorded in the log buffer.

Format
display logbuffer [ size value | module module-name | level severity | security ] *

display logbuffer summary [ level severity ]

display logbuffer log-offset offset-value size value

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 409

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

size value Displays the specified The value is an integer

number of logs recently that ranges from 1 to
generated in the log 1024.
buffer.

module module-name Displays logs of a Enumerated type. The

specified module in the value depends on the
log buffer. registered module.

level severity Displays logs of specified Enumerated type. The

severity in the log buffer. value ranges from 0 to 7.
● 0: emergencies
● 1: alert
● 2: critical
● 3: error
● 4: warning
● 5: notification
● 6: informational
● 7: debugging

summary Displays the summary of -

logs in the log buffer.

log-offset offset-value Specifies logs of the The value is an integer

specified offset in the log that ranges from 0 to
buffer. 1024.

security Displays the security -

logs.

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario

● You can use the display logbuffer log-offset offset-value size size-value
command to view specified logs in the log buffer. For example, the log buffer
has 100 logs. To view the 20th to 50th logs in the log buffer, run the display
logbuffer log-offset 20 size 30 command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 410

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

● Run the display logbuffer [ size value | module module-name | level

severity ] * command to view logs of specified number, module, or severity in
the log buffer. If size, module, or level is not specified, this command
displays all logs in the log buffer.
● You can run the display logbuffer summary command to view logs of
different severities in the log buffer.
Precautions
● When the number of logs in the log buffer is smaller than value, logs of the
actual number are displayed.
● When the number of logs in the log buffer is smaller than offset-value, the
system displays an error message.
● When the number of logs in the log buffer is larger than offset-value, the
system displays logs starting from offset-value plus one. The log quantity is
specified by size-value. If the log quantity is less than size-value, the system
displays all the logs starting from offset-value plus one.

Example
# Display all the logs in the log buffer.
<HUAWEI> display logbuffer
Logging buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 512
Channel number: 4, Channel name: logbuffer
Dropped messages: 0
Overwritten messages: 167
Current messages: 512

May 10 2012 13:42:59+00:00 huawei %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Some packets a

re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=912)
May 10 2012 13:32:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[1]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 13:22:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[2]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 13:12:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[3]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=912)
May 10 2012 13:02:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[4]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 12:52:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[5]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 12:42:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[6]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=912)
May 10 2012 12:32:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[7]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 12:22:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[8]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 12:12:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[9]:Some packets a
re dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=912)
May 10 2012 12:02:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[10]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 411

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Count=684)
May 10 2012 11:52:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[11]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 11:42:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[12]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=912)
May 10 2012 11:32:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[13]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 11:22:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[14]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 11:12:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[15]:Some packet
s are dropped by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[16]:Interface Ethern
et5/0/2 has turned into UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[17]:Interface Ethern
et5/0/1 has turned into UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFNET/4/LINK_STATE(l)[18]:The line proto
col IP on the interface Vlanif20 has entered the UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFNET/4/IF_STATE(l)[19]:Interface Vlanif
20 has turned into UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[20]:Interface Ether
net5/0/0 has turned into UP state.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[21]:Interface Gigab
itEthernet5/0/0 has been available.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[22]:Interface Ether
net5/0/7 has been available.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[23]:Interface Ether
net5/0/6 has been available.

Table 5-31 Description of the display logbuffer command output

Item Description

Logging buffer configuration and Whether the AP is enabled to output

contents logs to the log buffer:
● enabled
● disabled
To configure the AP to output logs to
the log buffer, run the info-center
logbuffer command.

Allowed max buffer size Maximum size of the log buffer.

Actual buffer size Actual size of the log buffer.

To set the log buffer size, run the
info-center logbuffer size command.

Channel number Number of the channel used to send

logs to the log buffer.
To configure the number of a channel
used to send logs to the log buffer,
run the info-center channel
command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 412

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Channel name Name of the channel used to send

logs to the log buffer.
To configure the name of a channel
used to send logs to the log buffer,
run the info-center channel name
command.

Dropped messages Number of dropped messages.

Overwritten messages Number of overwritten messages.

Current messages Number of current messages.

# Display the summary of information in the log buffer.

<HUAWEI> display logbuffer summary
EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG
0 0 0 14 498 0 0 0

Table 5-32 Description of the display logbuffer summary command output

Item Description

EMERG Number of logs of emergency.

ALERT Number of logs of alert.

CRIT Number of logs of critical.

ERROR Number of logs of error.

WARN Number of logs of warning.

NOTIF Number of logs of notification.

INFO Number of logs of informational.

DEBUG Number of logs of debugging.

# Display 10 logs starting from log 16.

<HUAWEI> display logbuffer log-offset 15 size 10
Logging buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 512
Channel number: 4, Channel name: logbuffer
Dropped messages: 0
Overwritten messages: 168
Current messages: 512

May 10 2012 11:12:59+00:00 HUAWEI %%01DEFD/4/CPCAR_DROP_MPU(l)[0]:Some packets are dropped

by cpcar on the MPU. (Packet-type=arp-request, Drop-
Count=684)
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[1]:Interface Ethernet5/0/2 has turned into
UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[2]:Interface Ethernet5/0/1 has turned into

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 413

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFNET/4/LINK_STATE(l)[3]:The line protocol IP on the interface
Vlanif20 has entered the UP state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFNET/4/IF_STATE(l)[4]:Interface Vlanif20 has turned into UP
state.
May 10 2012 11:08:37+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[5]:Interface Ethernet5/0/0 has turned into
UP state.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[6]:Interface GigabitEthernet5/0/0 has
been available.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[7]:Interface Ethernet5/0/7 has been
available.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[8]:Interface Ethernet5/0/6 has been
available.
May 10 2012 11:08:34+00:00 HUAWEI %%01IFNET/4/IF_ENABLE(l)[9]:Interface Ethernet5/0/5 has been
available.

5.5.14 display logfile

Function
The display logfile command displays information about a log file.

Format
display logfile file-name [ offset | hex ] *

Parameters
Parameter Description Value
file-name Specifies the log file name, which can The value is a string of 1 to
contain the drive and path. 64 case-insensitive
characters without spaces.
offset Displays the log file with the specified The value is an integer that
offset or byte. ranges from 0 to
2147483647.

hex Displays the log file in hexadecimal -

notation. If the parameter is not
specified, the log file is displayed in
text format.

Views
All views

Default Level
3: Management level

Usage Guidelines
Usage Scenario
When encountering problems, you can query log information to know about what
happened during device operation. This is helpful for fault location.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 414

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

If the version saved in a log file and the version generated by the system are
different, the log file is displayed in hexadecimal notation.
The file name is generated automatically by the system. The file name extension
of the log file is *.log or *.dblg. Generally, a log file name consists of a device
name and log. For example, if the device name is HW, the log file name is HW-
log.log or HW-log.dblg.
If the size of the current log file reaches the upper limit, the system automatically
saves the current log file as a compressed file with the extension *.log.zip or
*.dblg.zip, and names the compressed log file with the device name and current
system time. When the log file exceeds the specified size, excessive information is
stored in a new log file. For example, if the last log is recorded at 06:39:58 on May
2, 2018, the log file name is HW-2018-05 -02.06-39-58.log.zip or HW-2018-05
-02.06-39-58.dblg.zip, except in the following cases:
1. The AP restarts.
2. The system time changes.
The device name can be configured using the sysname host-name command.
Precautions
If the device name contains more than 100 characters, the log file name consists
of only the first 100 characters and the time when the last log is recorded.
If the device name contains special characters (including spaces), replace the
device name with capital letter X in the log file name. - and _ are not regarded as
special characters.

Example
# Display log information saved in the log file in a specified path.
<HUAWEI> display logfile flash:/logfile/HUAWEI-log.log

################################################################
# This logfile is generated at slot 0
################################################################

Apr 23 2018 11:06:51+00:00 HUAWEI IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int

erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern
et0/0/1)
Apr 23 2018 11:06:51+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[3487]:Interface Ethern
et0/0/1 has turned into DOWN state.
Apr 23 2018 11:06:53+00:00 HUAWEI IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter
face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/
0/1)
Apr 23 2018 11:06:53+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[3488]:Interface Ethern
et0/0/1 has turned into UP state.
Apr 23 2018 11:06:53+00:00 HUAWEI IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int
erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern
et0/0/1)
Apr 23 2018 11:06:53+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[3489]:Interface Ethern
et0/0/1 has turned into DOWN state.
Apr 23 2018 11:06:55+00:00 HUAWEI IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter
face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/
0/1)
Apr 23 2018 11:06:55+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[3490]:Interface Ethern
et0/0/1 has turned into UP state.
Apr 23 2018 11:06:56+00:00 HUAWEI IFNET/1/IF_PVCDOWN:OID 1.3.6.1.6.3.1.1.5.3 Int
erface 6 turned into DOWN state.(AdminStatus 1,OperStatus 2,InterfaceName Ethern
et0/0/1)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 415

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Apr 23 2018 11:06:56+00:00 HUAWEI %%01IFPDT/4/IF_STATE(l)[3491]:Interface Ethern

et0/0/1 has turned into DOWN state.
Apr 23 2018 11:06:58+00:00 HUAWEI IFNET/6/IF_PVCUP:OID 1.3.6.1.6.3.1.1.5.4 Inter
face 6 turned into UP state.(AdminStatus 1,OperStatus 1,InterfaceName Ethernet0/
0/1)

# Display log information saved in the log file in hexadecimal notation.

<HUAWEI> display logfile flash:/logfile/HUAWEI-log.log hex
0d 0a 0d 0a 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 0d 0a 23 20 20 20 20 20 54 68 69 73
20 6c 6f 67 66 69 6c 65 20 69 73 20 67 65 6e 65 72 61 74 65
64 20 61 74 20 73 6c 6f 74 20 30 0d 0a 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23
23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 0d 0a 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

5.5.15 display trapbuffer

Function
The display trapbuffer command displays information recorded in the trap buffer.

Format
display trapbuffer [ size value ]

Parameters
Parameter Description Value
size value Displays the specified number of traps The value is an integer
recently generated in the trap buffer. If this that ranges from 1 to
parameter is not specified, all traps are 1024.
displayed.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
If the number of traps in the trap buffer is smaller than value, traps of the actual
number are displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 416

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Display all traps in the trap buffer.
<HUAWEI> display trapbuffer
Trapping buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 256
Channel number: 3, Channel name: trapbuffer
Dropped messages: 0
Overwritten messages: 0
Current messages: 29

#Sep 17 2012 17:09:47+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N

eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 17 2012 17:06:50+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=0, LldpStatsRemTables
Deletes=1, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 20:03:40+00:00 huawei ENTITYTRAP/4/CPUUSAGERESUME:OID 1.3.6.1.4.1.2
011.5.25.219.2.14.2 CPU utilization resumed from exceeding the pre-alarm thresho
ld.(Index=9, HwEntityThresholdIndex=0, HwEntityPhysicalIndex=9, PhysicalName="SR
U Board 0", EntityThresholdType=1, EntityThresholdWarning=80, EntityThresholdCur
rent=23, EntityTrapFaultID=144896)
#Sep 14 2012 18:15:27+00:00 huawei LLDP/4/ADDCHGTRAP:OID: 1.3.6.1.4.1.2011.5.25.
134.2.5 Local management address is changed. (LocManIPAddr=10.1.1.9)
#Sep 14 2012 18:13:40+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 18:13:23+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=0, LldpStatsRemTables
Deletes=1, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 17:16:05+00:00 huawei ENTITYTRAP/4/CPUUSAGERESUME:OID 1.3.6.1.4.1.2
011.5.25.219.2.14.2 CPU utilization resumed from exceeding the pre-alarm thresho
ld.(Index=9, HwEntityThresholdIndex=0, HwEntityPhysicalIndex=9, PhysicalName="SR
U Board 0", EntityThresholdType=1, EntityThresholdWarning=80, EntityThresholdCur
rent=9, EntityTrapFaultID=144896)
#Sep 14 2012 17:15:37+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 17:15:37+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 17:15:34+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 17:15:33+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)
#Sep 14 2012 17:15:33+00:00 huawei LLDP/4/NBRCHGTRAP:OID: 1.0.8802.1.1.2.0.0.1 N
eighbor information is changed. (LldpStatsRemTablesInserts=1, LldpStatsRemTables
Deletes=0, LldpStatsRemTablesDrops=0, LldpStatsRemTablesAgeouts=0)

# Display the first 10 records in the trap buffer.

<HUAWEI> display trapbuffer size 10
Trapping buffer configuration and contents: enabled
Allowed max buffer size: 1024
Actual buffer size: 256
Channel number: 3, Channel name: trapbuffer
Dropped messages: 0
Overwritten messages: 600
Current messages: 256

#May 7 2012 15:12:40+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4

.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 15:07:35+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 417

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

ds the speed-limit value 5.

#May 7 2012 15:02:19+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.217.150 exc
eeds the speed-limit value 5.
#May 7 2012 14:56:55+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 14:51:40+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 14:46:35+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 14:41:06+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.217.62 exce
eds the speed-limit value 5.
#May 7 2012 14:35:54+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 14:29:54+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.
#May 7 2012 14:24:39+00:00 HUAWEI SECE/4/ARP_SIP_SPEEDLIMIT_ALARM:OID=1.3.6.1.4
.1.2011.5.25.165.2.2.2.11 The arp packet speed with source ip 10.137.216.1 excee
ds the speed-limit value 5.

Table 5-33 Description of the display trapbuffer command output

Item Description

Trapping buffer configuration and Whether the AP is enabled to output

contents traps to the trap buffer:
● enabled
● disabled
To enable the AP to output traps to
the trap buffer, run the info-center
trapbuffer command.

Allowed max buffer size Maximum size of the trap buffer.

Actual buffer size Actual size of the trap buffer.

To set the size of the trap buffer, run
the info-center trapbuffer size
command.

Channel number Number of the channel used to send

traps to the trap buffer.
To set the channel number, run the
info-center channel command.

Channel name Name of the channel used to send

traps to the trap buffer.
To set the channel name, run the
info-center channel name
command.

Dropped messages Number of discarded messages.

Overwritten messages Number of overwritten messages.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 418

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Current messages Number of current messages.

5.5.16 info-center channel

Function
The info-center channel command configures channels for outputting
information in various directions.
The undo info-center channel command restores the default settings.
By default, the system outputs information in various directions through channels
listed in the table below.

Table 5-34 Default association between the channel number, channel name, and
output direction of information channels
Channel Number Channel Name Output Direction

0 console Console

1 monitor User terminal

2 loghost Log host

3 trapbuffer Trap buffer

4 logbuffer Log buffer

5 snmpagent SNMP agent

6 channel6 Unspecified

7 channel7 Unspecified

8 channel8 Unspecified

9 channel9 Log file

Format
info-center { console | logbuffer | logfile | monitor | snmp | trapbuffer }
channel { channel-number | channel-name }
undo info-center { console | logbuffer | logfile | monitor | snmp | trapbuffer }
channel

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 419

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value
console Specifies the channel used to output -
information to the console.
logbuffer Specifies the channel used to output -
information to the log buffer.
logfile Specifies the channel used to output -
information to the log file.
monitor Specifies the channel used to output -
information to the user terminal.
snmp Specifies the channel used to output -
information to the SNMP agent.
trapbuffer Specifies the channel used to output -
information to the trap buffer.
channel- Specifies the channel number. The value is an integer
number ranging from 0 to 9.
channel-name Specifies the name of a channel, The value is a string of
which can be the default channel 1 to 30 case-sensitive
name or a user-defined name. characters. The value
consists of letters or
numbers and must start
with a letter.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
You can run the info-center channel command in the following scenarios: The
same information is sent to different directions. For example, the log file and log
host record the same content or the trap buffer and the SNMP agent record the
same content.

NOTE
For details on how to configure a channel for outputting information to a log host, see
info-center loghost.

Example
# Configure the channel used to output information to a console.
<HUAWEI> system-view
[HUAWEI] info-center console channel console

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 420

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

# Configure the channel used to output information to the log buffer.

<HUAWEI> system-view
[HUAWEI] info-center logbuffer channel logbuffer

# Configure the channel used to output information to the log file.

<HUAWEI> system-view
[HUAWEI] info-center logfile channel 9

# Configure the channel used to output information to the user terminal.

<HUAWEI> system-view
[HUAWEI] info-center monitor channel monitor

# Configure the channel used to output information to an SNMP agent.

<HUAWEI> system-view
[HUAWEI] info-center snmp channel 5

# Configure the channel used to output information to the trap buffer.

<HUAWEI> system-view
[HUAWEI] info-center trapbuffer channel trapbuffer

5.5.17 info-center channel name

Function
The info-center channel name command names a channel with a specified
number.

The undo info-center channel command restores the default channel name.

The following table lists default channel names.

Table 5-35 Default channel names

Channel Number Default Channel Name

0 console

1 monitor

2 loghost

3 trapbuffer

4 logbuffer

5 snmpagent

6 channel6

7 channel7

8 channel8

9 channel9

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 421

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
info-center channel channel-number name channel-name
undo info-center channel channel-number

Parameters
Parameter Description Value

channel- Specifies the number The value is an integer that ranges from
number of a channel. 0 to 9. That is, the system has 10
channels.

channel-name Specifies the name of The value is a string of 1 to 30 case-

a channel. sensitive characters. The value consists
of letters or numbers and must start
with a letter.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
You can rename channels, which facilitates memorization and usage.
Precautions
Channel names must be unique. It is recommended that channel names represent
channel functions.

Example
# Name channel 0 execconsole.
<HUAWEI> system-view
[HUAWEI] info-center channel 0 name execconsole

5.5.18 info-center enable

Function
The info-center enable command enables the information center.
The undo info-center enable command disables the information center.
By default, the information center is enabled.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 422

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
info-center enable

undo info-center enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

During device running, the information center records device operation. The
system outputs system information to destinations such as the log host and the
console only after the information center is enabled. Network administrators can
store and query output information to monitor device running and locate faults.

Precautions

After the undo info-center enable command is executed, logs, traps, and
debugging messages are not recorded. The log about running the undo info-
center enable command is not recorded.

Follow-up Procedure

Configure a rule for outputting information to the terminal or remote server.

Example
# Enable the information center.
<HUAWEI> system-view
[HUAWEI] info-center enable
Info: Information center is enabled.

5.5.19 info-center filter-id

Function
The info-center filter-id command configures the AP to filter a specified log or
trap.

The undo info-center filter-id command disables the AP from filtering a specified
log or trap.

By default, no log or trap is filtered.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 423

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
info-center filter-id { id | bymodule-alias modname alias } * &<1-50>

undo info-center filter-id { all | { id | bymodule-alias modname alias } *

&<1-50> }

Parameters
Parameter Description Value
id Specifies the ID of the log or trap to The value is an integer
be filtered. that ranges from 0 to
NOTE 4294967295.
This parameter indicates the ID of a log.
If this parameter fails to be configured,
the log specified by this ID does not
exist.

bymodule- Specifies the module name and alias The value is an

alias modname name corresponding to the log or enumerated value and
alias trap to be filtered. must be set as prompted
by the device.

all Filters all logs or traps. -

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If some logs or traps are unnecessary, configure the AP not to output the logs and
traps. When the filtering function is enabled, the information center does not send
the traps with a specified ID that satisfy the filtering condition to any channel. As
a result, the trap buffer, log file, console, terminal, or SNMP agent cannot receive
the traps with the specified ID.
An ID filter list is the aggregation of the shielded IDs and is arranged in a specified
order.
Precautions
● To add multiple IDs at a time, use a space to separate IDs. The result of each
ID is displayed.
● Currently, the AP can filter traps with a maximum of 50 IDs. If there are more
than 50 log IDs, the system displays a message indicating that the filtering
table is full. To configure the filtering function, run the undo info-center

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 424

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

filter-id { all | { id | bymodule-alias modname alias } * &<1-50> } command

to delete original IDs and reconfigure the log ID.
● You cannot add the same ID or alias name repeatedly.
● When you add an unregistered or nonexistent ID or alias name, the system
displays a message indicating that the system fails to filter the trap with the
specified ID or alias name.
● You are advised to use the module name and alias to filter specified log
information. The id parameter can be obtained by running the display info-
center register-info [ module module-name ] log command, and the
modname and alias parameters can be obtained through the command
association function.

Example
# Filter the log with the ID of 1098731530.
<HUAWEI> system-view
[HUAWEI] info-center filter-id 1098731530
Info: Succeeded in appending log ID 1098731530.

# Filter information by module names and alias names.

<HUAWEI> system-view
[HUAWEI] info-center filter-id bymodule-alias CMD CLKCHGREBOOTCANCELED
Info: Succeeded in appending log ID 3225948163.

# Cancel filtering for all logs.

<HUAWEI> system-view
[HUAWEI] undo info-center filter-id all
Info: Succeeded in deleting all IDs.

5.5.20 info-center logbuffer

Function
The info-center logbuffer command enables the AP to send logs to the log
buffer.
The undo info-center logbuffer command disables the AP from sending logs to
the log buffer.
By default, the AP is enabled to send logs to the log buffer.

Format
info-center logbuffer [ channel { channel-number |channel-name } | size buffer-
size ] *
undo info-center logbuffer [ channel | size ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 425

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

channel channel- Specifies the number of The value is an integer

number the channel outputting ranging from 0 to 9,
logs to the log buffer. which indicates that the
system has ten channels
to output logs to the log
buffer.

channel channel-name Specifies the name of The name is a string of 1

the channel outputting to 30 case-insensitive
logs to the log buffer. characters, spaces not
supported.

size buffer-size Sets the size of the log The value is an integer
buffer. buffer-size that ranges from 0 to
specifies the number of 1024. The default value
messages stored in the is 512.
log buffer.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
To view logs in the log buffer, run the info-center logbuffer command to enable
the AP to send logs to the log buffer.

Example
# Enable the AP to send logs to the log buffer.
<HUAWEI> system-view
[HUAWEI] info-center logbuffer

5.5.21 info-center logbuffer size

Function
The info-center logbuffer size command sets the maximum number of logs in
the log buffer.
The undo info-center logbuffer size command restores the default maximum
number of logs in the log buffer.
By default, a log buffer can store a maximum of 512 logs.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 426

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
info-center logbuffer size logbuffer-size
undo info-center logbuffer size

Parameters
Parameter Description Value
logbuffer-size Specifies the maximum The value is an integer that ranges
number of logs in the log from 0 to 1024. If logbuffer-size is 0,
buffer. logs are not displayed.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Precautions
When you run the info-center logbuffer size command multiple times, only the
latest configuration takes effect.

Example
# Set the maximum number of logs in the log buffer to 50.
<HUAWEI> system-view
[HUAWEI] info-center logbuffer size 50

5.5.22 info-center logfile path

Function
The info-center logfile path command configures the path where log files are
saved.

Format
info-center logfile path path

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 427

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value
path Specifies the path where log files are Select the path according
saved, which is in the format of storage to device configuration.
medium name:/logfile, for example,
flash:/logfile.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
You can run the info-center logfile path command to set the path where log files
are saved. Then log files are saved into the path and the file name is log.log. To
view logs generated by the AP, run the save logfile command to save logs into a
specified file or configure the AP to export information into a specified log file.
Then run the display logfile command to view the log file.
Prerequisites
The information center has been enabled by using the info-center enable
command.

Example
# Configure the flash drive as the path where log files will be saved.
<HUAWEI> system-view
[HUAWEI] info-center logfile path flash:/logfile

5.5.23 info-center logfile size

Function
The info-center logfile size command sets the log file size.
The undo info-center logfile size command restores the default log file size.
By default, the log file size is 1 MB.

Format
info-center logfile size size
undo info-center logfile size

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 428

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters

Parameter Description Value

size Specifies the log file size. The value is an integer that is 1 or 2, in
MB. The default value is 1 MB.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

To configure the AP to export information to a log file, run the info-center logfile
size command to set the log file size.

Precautions

If you configure the device to export information to a log file, exported

information is saved in the log.log file. When the log.log file exceeds the specified
size, the system compresses the file in to a zip package. When the storage space
on the AP is smaller than 1 MB, the information center deletes the earliest log file.
When the remaining storage space of the device is smaller than the log file size,
log information is saved in the log buffer to replace the existing logs but is not
saved to the device's storage space. Beside, you will fail to run the save logfile
command.

Example
# Set the log file size to 2 MB.
<HUAWEI> system-view
[HUAWEI] info-center logfile size 2

5.5.24 info-center loghost

Function
The info-center loghost command configures the device to output information to
a log host.

The undo info-center loghost command disables the device from outputting
information to a log host.

By default, no information is output to the log host.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 429

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
info-center loghost ip-address [ channel { channel-number | channel-name } |
facility local-number | language language-name | port port | transport { udp |
tcp ssl-policy policy-name } ] *
info-center loghost domain domain-name [ channel { channel-number |
channel-name } | facility local-number | language language-name | port port |
transport { udp | tcp ssl-policy policy-name } ] *
undo info-center loghost ip-address
undo info-center loghost domain domain-name

Parameters
Parameter Description Value

ip-address Specifies the IPv4 address of the The value is in dotted

log host. decimal notation.

channel Specifies the channel used to send The value of channel-

{ channel- information to a log host. number is an integer that
number | ranges from 0 to 9.
channel-name } ● channel-number : specifies the
number of a channel. The value of channel-name
● channel-name: specifies the is a string of 1 to 30 case-
name of a channel. The name sensitive characters. The
can be the default or user- value consists of letters or
defined channel name. numbers and must start
with a letter.

facility local- Specifies a syslog server facility The value ranges from
number that is used to identify the log local0 to local7. The
information source. You can use default value is local7.
this parameter to plan a local
value for the log information of a
specified device, so that the syslog
server can handle received log
information based on the
parameter.

language Displays the language in which The value is of the

language-name logs are recorded. enumerated type. The
default language mode is
English.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 430

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

port [ port ] Specifies the number of the port The value is an integer that
that sends logs. ranges from 1 to 65535.
The default value in UDP
transport mode is 514, the
default value in TCP
transport mode is 6514.

transport Indicates the information -

transport mode.

udp Indicates the UDP transport mode. -

NOTE
The default transport mode is UDP if
no transport mode is specified.

tcp Indicates the TCP transport mode. -

NOTE
The default transport mode is UDP if
no transport mode is specified.

ssl-policy Specifies a Secure Sockets Layer The value is a string of 1 to

policy-name (SSL) policy in the TCP transport 31 characters.
mode.
This parameter is recommended
to improve log transmission
security.

domain Specifies a DNS domain name of The value is a string of 1 to

domain-name a log host. 255 case-sensitive
characters, spaces not
supported.

Views
System view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To query information generated on the AP deployed remotely, configure the AP to
export information to a log host so that you can view device information on the
log host. Run the info-center loghost command to configure the AP to export
information to a log host.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 431

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

To configure the AP to output information to different log hosts using different

channels, specify the channels used to send information to the log hosts. For
example, you can configure the AP to output information to log hosts at
192.168.0.1 and 192.168.0.2 using channels 7 and 8 respectively.
Prerequisites
The information center has been enabled using the info-center enable command
and the log host IP address has been obtained.
Precautions
The AP supports a maximum of eight log hosts to implement backup among log
hosts.

Example
# Configure a device to use channel 6 to output information to the log host at
10.1.1.1.
<HUAWEI> system-view
[HUAWEI] info-center loghost 10.1.1.1 channel channel6

# Configure a device to send information to the log host at 192.168.2.2 in TCP

mode, using the SSL policy huawei123 that has been created in the system.
<HUAWEI> system-view
[HUAWEI] info-center loghost 192.168.2.2 transport tcp ssl-policy huawei123

5.5.25 info-center loghost source

Function
The info-center loghost source command configures the source interface used by
the AP to send information to a log host.
The undo info-center loghost source command restores the default source
interface used by the AP to send information to a log host.
By default, the source interface is the interface that sends logs.

Format
info-center loghost source interface-type interface-number
undo info-center loghost source

Parameters
Parameter Description Value
interface-type interface- Specifies the type and number of an -
number interface.

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 432

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If multiple devices send log messages to the same log host, you can identify the
devices by setting different source interfaces so as to index the received log
messages.
Prerequisites
There is a reachable route between the source interface and the log host.

Example
# Specify Loopback0 IP address as the source interface address to send
information to a log host.
<HUAWEI> system-view
[HUAWEI] interface loopback 0
[HUAWEI-LoopBack0] ip address 10.1.1.1 255.255.255.0
[HUAWEI-LoopBack0] quit
[HUAWEI] info-center loghost source loopback 0

5.5.26 info-center loghost source-port

Function
The info-center loghost source-port command configures a source interface
through which the device sends information to the log host.
The undo info-center loghost source-port command deletes the configuration of
the source interface through which the device sends information to the log host.
By default, the source interface number is 38514.

Format
info-center loghost source-port source-port
undo info-center loghost source-port

Parameters
Parameter Description Value
source-port Specifies the number of the source The value is an integer
interface through which the device sends ranging from 1025 to
information to the log host. 65535.

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 433

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
3: Management level

Usage Guidelines
To harden system security, run the info-center loghost source-port source-port
command to change the number of the source interface through which the device
sends information to the log host.

Example
# Change the number of the source interface through which the device sends
information to the log host to 1026.
<HUAWEI> system-view
[HUAWEI] info-center loghost source-port 1026

5.5.27 info-center max-logfile-number

Function
The info-center max-logfile-number command sets the maximum number of log
files to be saved.

The undo info-center max-logfile-number command restores the default

maximum number of log files to be saved.

By default, the AD9430DN-12 and AD9431DN-24X allow a maximum of 10 log

files to be saved, and other devices allow a maximum of 200 log files to be saved.

Format
info-center max-logfile-number filenumbers

undo info-center max-logfile-number

Parameters
Parameter Description Value

filenumbers Specifies the maximum number of The value is an integer that

log files that can be saved. ranges from 2 to 500.

Views
System view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 434

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Usage Scenario

If a large number of log files exist on the device, they may occupy a large amount
of disk space. To view log files generated recently, run the info-center max-
logfile-number command to set the maximum number of log files that can be
saved.

Precautions

If the number of log files generated on the device exceeds the maximum value,
the system deletes the earliest ones so that the number of log files is not larger
than the maximum value.

The operation.log file is out of the scope for the system to count the maximum
number of log files, and therefore is not automatically deleted.

NOTICE

If the number of saved log files is larger than the default value, more system
resources are consumed. The default value is recommended. Excess log files can
be deleted manually or automatically. When the system deletes them, high CPU
usage may last for a short period.

Example
# Set the maximum number of log files to be saved to 100.
<HUAWEI> system-view
[HUAWEI] info-center max-logfile-number 100

5.5.28 info-center rate-limit except

Function
The info-center rate-limit except command prevents logs with a specified log ID
from being suppressed by the information center.

The undo info-center rate-limit except command deletes the preceding

configuration.

Format
info-center rate-limit except { byinfoid infoID | bymodule-alias modname
alias }

undo info-center rate-limit except { byinfoid infoID | bymodule-alias modname

alias }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 435

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value
byinfoid infoID Specifies the log ID in The value is a string of 8
hexadecimal notation. characters. The value is in
hexadecimal notation, and the valid
characters include 0-9, a-f, and A-F.

bymodule- Specifies a log through a -

alias module name and a
mnemonic.
modname Specifies the name of the The value is a string of 1 to 24
module. characters without spaces.
alias Specifies the name of the The value is a string of 1 to 64
mnemonic. characters without spaces.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
When too many logs will never generate under a specified ID, you can run the
info-center rate-limit except command to prevent logs with the specified log ID
from being suppressed by the information center. This can avoid the impact of the
suppression of the log processing rate. After the command is run, the information
center no longer monitor logs with the specified log ID.

Example
# Prevent logs specified by the module name and mnemonic from being
suppressed by the information center.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit except bymodule-alias AAA AUTHEN_ERR_EVENT

# Prevent logs specified by the log ID from being suppressed by the information
center.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit except byinfoid ff011015

# Prevent logs with a specified log ID from being suppressed by the information
center.
<HUAWEI> system-view
[HUAWEI] undo info-center rate-limit except bymodule-alias AAA AUTHEN_ERR_EVENT

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 436

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.5.29 info-center rate-limit global-threshold

Function
The info-center rate-limit global-threshold command sets the total number of
logs that the information center can process every second.

The undo info-center rate-limit global-threshold command restores the default

value.

By default, the information center processes a maximum of 400 logs in every

second.

Format
info-center rate-limit global-threshold value

undo info-center rate-limit global-threshold

Parameters

Parameter Description Value

value Specifies the maximum number of The value is an integer that

logs that the information center ranges from 100 to 1000. The
can process every second. default value is 400.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
You can run the info-center rate-limit global-threshold command to set the
maximum number of logs that the information center can process every second.
This can adjust the processing capability of the information center. If the number
of logs to be processed exceeds the processing capability of the information
center, the extra logs are discarded.

NOTE

● If the threshold is too low, some logs may be discarded.

● If the threshold is too high, the information center cannot identify the log ID under
which too many logs are generated. The number of logs to be processed depends on the
current processing capacity of the information center.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 437

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Set the number of logs that the information center can process every second to
300.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit global-threshold 300

5.5.30 info-center rate-limit monitor-period

Function
The info-center rate-limit monitor-period command sets the monitoring period
for the information center to suppress the log processing rate.

The undo info-center rate-limit monitor-period command restores the default

value.

By default, the monitoring period is 3 seconds.

Format
info-center rate-limit monitor-period value

undo info-center rate-limit monitor-period

Parameters
Parameter Description Value
value Specifies the monitoring period The value is an integer ranging
for the information center to from 1 to 60, in seconds. The
suppress the log processing rate. default value is 3.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The info-center rate-limit monitor-period command can be used to set a
monitoring period for the information center to limit the log processing rate.
● In the monitoring period specified by value, if the rate of sending a single log
every second exceeds info-center rate-limit threshold, the information
center will limit the log processing rate.
● Then, in the monitoring period which is five times value, if the number of a
single type of logs that are sent every second is smaller than info-center
rate-limit threshold, the information center will no longer limit the log
processing rate.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 438

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Set the monitoring period for the information center to suppress the log
processing rate to 5 seconds.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit monitor-period 5

5.5.31 info-center rate-limit threshold

Function
Using the info-center rate-limit threshold command, you can set the maximum
number of logs with the same log ID that the information center can process
every second.
Using the undo info-center rate-limit threshold command, you can restore the
default setting.
By default, the information center processes a maximum of 30 logs in a minute.

Format
info-center rate-limit threshold value [ byinfoid infoID | bymodule-alias
modname alias ]
undo info-center rate-limit threshold [ value ] [ byinfoid infoID | bymodule-
alias modname alias ]

Parameters
Parameter Description Value

value Specifies the maximum The value is an integer that ranges

number of logs with the from 1 to 500. The default value is
same log ID that the 30.
information center can
process every second.

byinfoid infoID Specifies the log ID. The value is a string of 8 characters.
The value is in hexadecimal
notation, and the valid characters
include 0-9, a-f, and A-F.

bymodule-alias Specifies the name of the The value is a string of 1 to 24

modname module. characters without spaces.

alias Specifies the name of the The value is a string of 1 to 64

mnemonic. characters without spaces.

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 439

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
You can run the info-center rate-limit threshold command to set the maximum
number of logs with the same log ID that the information center can process
every second. The information center monitors the number of logs that are
generated every second under the same log ID. When the number of logs that are
generated every second under the same log ID exceeds the threshold during the
monitoring period, the information center decides that too many logs are
generated and thus suppresses its log processing rate by processing only the
conforming traffic (logs within the threshold) and discarding the non-conforming
traffic (logs exceeding the threshold). When the number of logs that are
generated every second under the same log ID falls below the threshold and
remains below the threshold for five monitoring periods, the information center
removes the suppression.

NOTE

If the threshold value1 specified by the parameter byinfoid infoID or bymodule-alias

modname alias differs from the threshold value0 specified globally, value1 takes effect.

By default, the information center processes a maximum of 30 logs with the same
log ID in every second. In certain application scenarios, the information center is
required to process a maximum of more than 30 logs with the same log ID in
every second. You can set thresholds for logs with different log IDs.
NOTE

● If the threshold is too low, some logs may be discarded.

● If the threshold is too high, the information center cannot identify the log ID under
which too many logs are generated.

Example
# Set the maximum number of logs that the information center can process every
second to 60.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit threshold 60

# Set the maximum number of logs identified by the same module name and
mnemonic that the information center can process every second to 30.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit threshold 30 bymodule-alias AAA AUTHEN_ERR_EVENT

# Set the maximum number of logs with the same log ID that the information
center can process every second to 20.
<HUAWEI> system-view
[HUAWEI] info-center rate-limit threshold 20 byinfoid ff011015

# Restore the maximum number of logs that the information center can process
every second to the default value.
<HUAWEI> system-view
[HUAWEI] undo info-center rate-limit threshold

# Cancel the restriction on the maximum number of logs with a specified log ID
that the information center can process every second.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 440

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

<HUAWEI> system-view
[HUAWEI] undo info-center rate-limit threshold bymodule-alias AAA AUTHEN_ERR_EVENT

5.5.32 info-center source channel

Function
The info-center source channel command configures a rule for outputting
information to a channel.
The undo info-center source channel command restores the default rule for
outputting information to a channel.
The following lists the default rule for outputting information to a channel.

Table 5-36 Default rule for outputting information to a channel

Output Module Log Trap Debugging
Channe Enable Message
l d to
Output Status Lowest Status Lowest Status Lowest
Inform Output Output Output
ation Severit Severit Severit
y y y

0 default on warnin on debuggi on debuggi

(consol g ng ng
e)

1 default on warnin on debuggi on debuggi

(remote g ng ng
termina
l)

2 (log default on informa on debuggi off debuggi

host) tional ng ng

3 (trap default off informa on debuggi off debuggi

buffer) tional ng ng

4 (log default on warnin off debuggi off debuggi

buffer) g ng ng

5 default off debuggi on debuggi off debuggi

(SNMP ng ng ng
agent)

6 default on debuggi on debuggi off debuggi

(chann ng ng ng
el 6)

7 default on debuggi on debuggi off debuggi

(chann ng ng ng
el 7)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 441

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Output Module Log Trap Debugging

Channe Enable Message
l d to
Output Status Lowest Status Lowest Status Lowest
Inform Output Output Output
ation Severit Severit Severit
y y y

8 default on debuggi on debuggi off debuggi

(chann ng ng ng
el 8)

9 default on debuggi on debuggi off debuggi

(chann ng ng ng
el 9)
NOTE
The
output
directi
on of
channe
l 9 is
the
logfile.

Format
info-center source { module-name | default } channel { channel-number |
channel-name } [ log { state { off | on } | level severity } * | trap { state { off |
on } | level severity } * | debug { state { off | on } | level severity } * ] *

undo info-center source { module-name | default } channel { channel-number |

channel-name }

Parameters

Parameter Description Value

module-name Specifies the module Enumerated type. The value
name. depends on the registered
module.
default Indicates the default -
module.
channel-number Specifies the number of The value is an integer that
a channel. ranges from 0 to 9.
channel-name Specifies the name of a The value is a string of 1 to 30
channel. case-sensitive characters. The
value consists of letters or
numbers and must start with a
letter.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 442

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

log { state { off | Specifies the log status. -
on } } ● off: Logs are not sent.
● on: Logs are sent.
log { level Specifies the lowest Logs are classified into eight
severity } severity of output logs. severities. The following severities
are listed in descending order of
priority:
● emergencies
● alert
● critical
● error
● warning
● notification
● informational
● debugging

trap { state { off | Specifies the trap status: -

on } } ● off: Traps are not
sent.
● on: Traps are sent.
trap { level Specifies the lowest Logs are classified into eight
severity } severity of output traps. severities. The following severities
are listed in descending order of
priority:
● emergencies
● alert
● critical
● error
● warning
● notification
● informational
● debugging

debug { state Specifies the debugging -

{ off | on } } message status.
● off: Debugging
messages are not
sent.
● on: Debugging
messages are sent.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 443

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

debug { level Specifies the lowest Logs are classified into eight
severity } severity of output severities. The following severities
debugging messages. are listed in descending order of
priority:
● emergencies
● alert
● critical
● error
● warning
● notification
● informational
● debugging

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To collect and query information generated on the AP, define severities for various
types of information that is output to different channels. You can run the info-
center source channel command to configure a rule for outputting information
to a channel.
The following lists information severities.

Table 5-37 Information severities

Value Severity Description

0 emergencies A fault causes the device to fail to run normally

unless it is restarted. For example, the device is
restarted because of program exceptions or a
memory error is detected.

1 alert A fault needs to be rectified immediately. For

example, memory usage of the system reaches the
upper limit.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 444

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Value Severity Description

2 critical A fault needs to be analyzed and processed. For

example, the memory usage falls below the lower
threshold; temperature falls below the alarm
threshold; BFD detects that a device is unreachable
or detects locally generated error messages.

3 error An improper operation is performed or exceptions

occur during service processing. The fault does not
affect services but needs to be analyzed. For
example, users enter incorrect commands or
passwords; error protocol packets are received from
other devices.

4 warning Some events or operations may affect device

running or cause service processing faults, which
requires full attention. For example, a routing
process is disabled; BFD detects packet loss; error
protocol packets are detected.

5 notification A key operation is performed to keep the device

running normally. For example, the shutdown
command is run; a neighbor is discovered; protocol
status changes.

6 informationa A normal operation is performed. For example, a

l display command is run.

7 debugging A normal operation is performed, which requires no

attention.

Precautions
Each information channel has a default record with the module name default.
The default configuration for logs, traps, and debugging messages in different
channels may differ.
If a module generates a large number of logs, traps, or debugging messages in a
short time, use the following methods to suppress this information:
● Specify level severity to adjust the channel level. Information with lower
severity will be filtered.
● Specify state off to disable information sent by a specified module.

NOTICE
After the lowest severity of output information is specified, information lower than
the severity will be filtered.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 445

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Configure the device to send logs higher than or equal to warning of the CFM
module.
<HUAWEI> system-view
[HUAWEI] info-center source CFM channel snmpagent log level warning

5.5.33 info-center statistic-suppress enable

Function
The info-center statistic-suppress enable command enables suppression of
statistics about consecutive repeated logs.
The undo info-center statistic-suppress enable command disables suppression
of statistics about consecutive repeated logs.
By default, suppression of statistics about consecutive repeated logs is enabled.

Format
info-center statistic-suppress enable
undo info-center statistic-suppress enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
In the system, service modules generate logs and control the volume of generated
logs. The information center processes the received logs.
A large number of repeated logs are generated in a short time in some scenarios,
for example, when ARP and ACL are enabled. This wastes both the storage space
and CPU resources. Generally, users do not want to view the repeated logs. You
can run the info-center statistic-suppress enable command to suppress statistics
on consecutive repeated logs so that the system can still record other logs.
Precautions
Statistics about repeatedly generated logs are first output at the 30th seconds
from the time the first log is output, and then statistics about repeatedly
generated logs are output at the 120th seconds. After being output two times,
statistics about repeatedly generated logs are output every 600 seconds.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 446

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Disable suppression of statistics about consecutive repeated logs.
<HUAWEI> system-view
[HUAWEI] undo info-center statistic-suppress enable

5.5.34 info-center timestamp

Function
The info-center timestamp command sets the timestamp format of logs, traps,
and debugging messages.

The undo info-center timestamp command restores the default timestamp

format of logs, traps, and debugging messages.

By default, the timestamp format of logs, traps, and debugging messages is date.

Format
info-center timestamp debugging { { date | short-date | format-date }
[ precision-time { tenth-second | second } ] | boot | none }

info-center timestamp log { { date | short-date | format-date } [ precision-

time { tenth-second | millisecond } ] | boot | none }

info-center timestamp trap { { date | short-date | format-date } [ precision-

time { tenth-second | millisecond } ] | boot | none }

undo info-center timestamp { debugging | trap | log }

Parameters

Parameter Description Value

debugging Indicates debugging messages. -

log Indicates logs. -

trap Indicates traps. -

boot Indicates that the timestamp is expressed in the format -

of relative time, a period of time since the start of the
system. The format is xxxxxx.yyyyyy. xxxxxx is the higher
order 32 bits of the milliseconds elapsed since the start
of the system; yyyyyy is the lower order 32 bits of the
milliseconds elapsed since the start of the system.

date Specifies the current date and time. It is expressed in mm -

dd yyyy hh:mm:ss format.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 447

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

none Indicates that the output information does not contain -

the timestamp.

short-date Indicates the short date. This timestamp differs from -

date is that the year is not displayed.

format-date Indicates that the timestamp is expressed in YYYY-MM- -

DD hh:mm:ss format.

precision-time Specifies the precision. -

second Indicates that the precision is accurate to seconds. -

tenth-second Indicates that the precision is accurate to 0.1 seconds. -

millisecond Indicates that the precision is accurate to milliseconds. -

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The info-center timestamp command sets the timestamp format of logs, traps,
and debugging messages.

The following describes the timestamp in date format.

Table 5-38 Description of fields of the timestamp in date format

Field Description Value

mm Month The value can be Jan, Feb, Mar, Apr, May, Jun,
Jul, Aug, Sep, Oct, Nov, or Dec.

dd Date 1-31. If the date is smaller than 10, add a space

in front of the date, For example, " 7".

yyyy Year 4 digits

hh:mm:ss Local time hh ranges from 00 to 23, and mm or ss ranges

from 00 to 59.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 448

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

When the precision of the timestamp is accurate to 0.1 second or milliseconds, the
system adds identifies to the logs generated at the same time based on the
sequence.

Prerequisites

The information center has been enabled by using the info-center enable
command.

Example
# Set the timestamp format of traps to boot.
<HUAWEI> system-view
[HUAWEI] info-center timestamp trap boot

# Set the timestamp precision of logs, traps, and debugging messages.

<HUAWEI> system-view
[HUAWEI] info-center timestamp log date precision-time millisecond
[HUAWEI] info-center timestamp debugging date precision-time tenth-second
[HUAWEI] info-center timestamp trap date precision-time millisecond

5.5.35 info-center trapbuffer

Function
The info-center trapbuffer command enables the AP to send traps to the trap
buffer.

The undo info-center trapbuffer command disables the AP from sending traps to
the trap buffer.

By default, the AP is enabled to send traps to the trap buffer.

Format
info-center trapbuffer [ channel { channel-number | channel-name } | size
buffer-size ] *

undo info-center trapbuffer [ channel | size ]

Parameters

Parameter Description Value

channel Sets the channel number for In the range of 0 to 9. That is,
channel-number outputting information to the system has 10 channels.
the alarm buffer.
channel Sets the channel name for The name is a string of 1 to 30
channel-name outputting information to case-insensitive characters
the alarm buffer. without spaces, hyphens (-),
slashes (\), and anti-slashes (/).

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 449

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

size buffer-size Sets the size of the alarm The value is in the range of 0
buffer (the number of to 1024.
information in the buffer).

Views
System view

Default Level
2: Configuration level

Usage Guidelines
To view traps in the trap buffer, run the info-center trapbuffer command to
enable the AP to send traps to the trap buffer.

Example
# Enable the AP to send traps to the trap buffer.
<HUAWEI> system-view
[HUAWEI] info-center trapbuffer

5.5.36 info-center trapbuffer size

Function
The info-center trapbuffer size command sets the maximum number of traps in
the trap buffer.

The undo info-center trapbuffer size command restores the default maximum
number of traps in the trap buffer.

By default, a trap buffer allows a maximum of 256 traps.

Format
info-center trapbuffer size trapbuffer-size

undo info-center trapbuffer size

Parameters

Parameter Description Value

trapbuffer-size Specifies the maximum The value is an integer that ranges
number of traps in the from 0 to 1024. If trapbuffer-size is 0,
trap buffer. traps are not displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 450

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The info-center trapbuffer size command sets the maximum number of traps in
the trap buffer.

Prerequisites

The AP has been enabled to output traps to the trap buffer by using the info-
center trapbuffer command.

Precautions

When you run the info-center trapbuffer size command multiple times, only the
latest configuration takes effect.

If a small value of trapbuffer-size is used, some traps may be not displayed. If a

large value of trapbuffer-size is used, repeated traps may be displayed. The default
value of trapbuffer-size is recommended.

Example
# Set the maximum number of traps in the trap buffer to 30.
<HUAWEI> system-view
[HUAWEI] info-center trapbuffer size 30

5.5.37 reset info-center statistics

Function
The reset info-center statistics command clears statistics on each module.

Format
reset info-center statistics

Parameters
None

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 451

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To collect statistics on each module again, run the reset info-center statistics
command to clear all historical statistics.
Precautions
The cleared statistics cannot be restored. Exercise caution when you run the reset
info-center statistics command.

Example
# Clear statistics on each module.
<HUAWEI> reset info-center statistics

5.5.38 reset logbuffer

Function
The reset logbuffer command clears logs in the log buffer.

Format
reset logbuffer

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To record logs in the log buffer again, run the reset logbuffer command to clear
all the information in the log buffer.
Precautions
Statistics cannot be restored after being cleared. Exercise caution when you run
the reset logbuffer command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 452

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Clear information in the log buffer.
<HUAWEI> reset logbuffer
Warning: This command will reset the log buffer. Logs in the buffer will be lost
. Continue? (y/n)[n]:y

5.5.39 reset trapbuffer

Function
The reset trapbuffer command clears Trap information in the trap buffer.

Format
reset trapbuffer

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

To record traps in the trap buffer again, run the reset trapbuffer command to
clear all the information in the trap buffer.

Precautions

Statistics cannot be restored after being cleared. Exercise caution when you run
the reset trapbuffer command.

Example
# Clear information in the trap buffer.
<HUAWEI> reset trapbuffer

5.5.40 save logfile

Function
The save logfile command saves logs in the log file buffer to a log file.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 453

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
save logfile

Parameters
None

Views
User view

Default Level
0: Visit level

Usage Guidelines
Usage Scenario
To reduce the number of times information is written into the storage device,
information generated on the AP is saved into the log buffer before the
information is saved into the log file. When the log file buffer is full, the system
saves the logs in the log file buffer to the log file. You can also run the save
logfile command to save the logs in the log file buffer to the log file. After the log
file is generated, the system clears logs in the log file buffer to save new logs.
Prerequisites
The path to save log files has been set by using the info-center logfile path
command.
Precautions
When you run this command, the device obtains or uses some personal data of
users, such as the STA MAC address. Delete the personal data immediately after
the command is executed to ensure user data security.
When this command is executed on a device supporting binlogs, binlogs and data
dictionary information are also saved.

Example
# Save logs in the log file buffer to the log file.
<HUAWEI> save logfile

5.5.41 terminal debugging

Function
The terminal debugging command enables debugging message display on the
user terminal.
The undo terminal debugging command disables debugging message display on
the user terminal.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 454

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

By default, debugging message display is disabled on the user terminal.

Format
terminal debugging

undo terminal debugging

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

You can run the terminal debugging command to enable debugging message
display on the user terminal to view system debugging message and locate faults.

Prerequisites

The terminal monitor command has been executed to enable display of logs,
traps, and debugging message output on the user terminal.

Example
# Enable debugging message display on the user terminal.
<HUAWEI> terminal debugging
Info: Current terminal debugging is on.

5.5.42 terminal logging

Function
The terminal logging command enables log display on the user terminal.

The undo terminal logging command disables log display on the user terminal.

By default, log display is enabled on the user terminal.

Format
terminal logging

undo terminal logging

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 455

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To view logs on a terminal, run the terminal logging command to enable log
display on the user terminal.
Prerequisites
The terminal monitor command has been executed to enable display of logs,
traps, and debugging message output on the user terminal.

Example
# Disable log display on the user terminal.
<HUAWEI> undo terminal logging
Info: Current terminal logging is off.

5.5.43 terminal monitor

Function
The terminal monitor command enables display of logs, traps, and debugging
message output by the information center on the user terminal.
The undo terminal monitor command disables display of logs, traps, and
debugging message output by the information center on the user terminal.
By default, terminal display is disabled.

Format
terminal monitor
undo terminal monitor

Parameters
None

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 456

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
3: Management level

Usage Guidelines
Prerequisites
The information center has been enabled by using the info-center enable
command.
Follow-up Procedure
Run the terminal debugging/undo terminal debugging, terminal logging/undo
terminal logging, terminal trapping/undo terminal trapping/ command to
enable or disable terminal debugging message, log, or trap display.
Precautions
Logs, traps, and debugging message are sent to the current terminal only when
the terminal monitor command is used.
Running the undo terminal monitor command is equivalent to running the undo
terminal debugging, undo terminal logging, undo terminal trapping
command.

Example
# Disable display of logs, traps, and debugging message output by the
information center on the user terminal.
<HUAWEI> undo terminal monitor
Info: Current terminal monitor is off.

5.5.44 terminal trapping

Function
The terminal trapping command enables trap display on the user terminal.
The undo terminal trapping command disables trap display on the user terminal.
By default, trap display is enabled on the user terminal.

Format
terminal trapping
undo terminal trapping

Parameters
None

Views
User view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 457

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario
To view traps on a terminal, run the terminal trapping command to enable trap
display on the user terminal.
Prerequisites
The terminal monitor command has been executed to enable display of logs,
traps, and debugging message output on the user terminal.

Example
# Disable trap display on the user terminal.
<HUAWEI> undo terminal trapping
Info: Current terminal trapping is off.

5.6 NTP Configuration Commands

5.6.1 display ntp-service sessions

Function
The display ntp-service sessions command displays all session information
maintained by NTP on the local end.

Format
display ntp-service sessions [ verbose ]

Parameters
Parameter Description Value

verbose Displays detailed information about an NTP session. -

If verbose is not specified, only summary information about
the NTP session is displayed.

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 458

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Run the display ntp-service sessions command. If the verbose option is not
specified, only summary information about a session is displayed.

Example
# Display NTP session information of the local device.
<HUAWEI> display ntp-service sessions
clock source: 10.1.1.1
clock stratum: 1
clock status: configured, insane, valid, unsynced
reference clock ID: LOCAL(0)
reach: 0
current poll: 64
now: 9
offset: 0.0000 ms
delay: 0.00 ms
disper: 0.00 ms

Table 5-39 Description of the display ntp-service sessions command output

Item Description

clock source Address of the clock source.

clock stratum Stratum of the clock source.

The clock stratum determines the
precision of the clock, and its value
ranges from 1 to 16. The higher the
stratum value, the lower the clock
precision. The value 1 indicates the
highest precision, and the value 16
indicates the lowest precision. The
clock with stratum 16 is in the
unsynchronized status, and cannot be
used as a reference clock.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 459

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

clock status Status of a clock, where

● configured: indicates that the
session is set up by a configuration
command.
● master: indicates that the clock
source corresponding to the session
is the primary clock source of the
current system.
● selected: indicates that the clock
source corresponding to the session
passes the clock selecting
algorithm.
● candidate: indicates that the clock
source corresponding to the session
is a candidate clock source.
● sane: indicates that the clock source
corresponding to the session passes
the saneness test.
● insane: indicates that the clock
source corresponding to the session
does not pass the saneness test.
● valid: indicates that the clock source
corresponding to the session is
valid. The clock source
corresponding to the session passes
the test, is in a synchronized status
and is of an effective stratum. The
root delay and the root dispersion
are within the normal range.
● invalid: indicates that the clock
source corresponding to the session
is invalid.
● unsynced: indicates that the clock
source corresponding to the session
is not yet synchronized or the
stratum is invalid.

reference clock ID When the local system has been

synchronized to a remote NTP server
or a clock source, the address of the
remote server or the identifier of the
clock source is displayed.

reach Reachability count of the clock source.

The value 0 indicates that the clock
source is unreachable.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 460

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

current poll Poll interval of NTP packets. The

interval for sending two successive
NTP packets, in seconds.
To set the poll interval, run the ntp-
service discard min-interval
command.

now Interval between the last

synchronization and the current time.

offset Offset to the superior clock source.

delay Delay to the superior clock source.

disper Dispersion to the superior clock source.

# Display detailed information about NTP sessions on the local device.

<HUAWEI> display ntp-service sessions verbose
clock source: 10.1.1.1
clock stratum: 7
clock status: configured, master, sane, valid
reference clock ID: LOCAL(0)
local mode: client, local poll: 6
peer mode: server, peer poll: 6
offset: 0.0000 ms,delay: 0.00 ms, disper: 0.02 ms
root delay: 0.00 ms, root disper: 10.00 ms
reach: 1, sync dist: 0.010, sync state: 2
precision: 2^17, version: 3, peer interface: InLoopBack0
reftime: 04:47:44.921 UTC Jan 1 2008(CB244470.EBD74D59)
orgtime: 04:47:44.921 UTC Jan 1 2008(CB244470.EBD74D59)
rcvtime: 04:47:44.921 UTC Jan 1 2008(CB244470.EBDC69F8)
xmttime: 04:47:44.921 UTC Jan 1 2008(CB244470.EBD4280A)
filter delay : 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filter offset: 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filter disper: 0.00 0.00 16.00 16.00 16.00 16.00 16.00 16.00
reference clock status: normal

Table 5-40 Description of the display ntp-service sessions verbose command

output
Item Description

clock source Address of the clock source.

clock stratum NTP stratum on which the local system is located.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 461

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

clock status Status of a clock, where

● configured: indicates that the session is set up by a
configuration command.
● master: indicates that the clock source corresponding
to the session is the primary clock source of the
current system.
● selected: indicates that the clock source corresponding
to the session passes the clock selecting algorithm.
● candidate: indicates that the clock source
corresponding to the session is a candidate clock
source.
● sane: indicates that the clock source corresponding to
the session passes the saneness test.
● insane: indicates that the clock source corresponding
to the session does not pass the saneness test.
● valid: indicates that the clock source corresponding to
the session is valid. The clock source corresponding to
the session passes the test, is in a synchronized status
and is of an effective stratum. The root delay and the
root dispersion are within the normal range.
● invalid: indicates that the clock source corresponding
to the session is invalid.
● unsynced: indicates that the clock source
corresponding to the session is not yet synchronized or
the stratum is invalid.

reference clock ID When the local system has been synchronized to a

remote NTP server or a clock source, the address of the
remote server or the identifier of the clock source is
displayed. When the server is located on a certain VPN,
the name of the VPN instance is displayed.

local mode Local system mode.

peer mode Peer system mode.

local poll Local polling mode.

peer poll Peer polling mode.

offset Offset to the superior clock source.

delay Delay to the superior clock source.

disper Dispersion to the superior clock source.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 462

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

root delay Total system delay between the local end and the master
reference clock. The default value is 0.
If the value of root delay or root disper is large, clock
synchronization may fail. A larger value indicates that the
packet takes a longer time to reach the local device from
the master reference clock. Therefore, the local device
cannot determine whether the time in the packet is
correct.

root disper System dispersion of the local end to the master

reference clock. The default value is 0.
If the value of root delay or root disper is large, clock
synchronization may fail. A larger value indicates that the
packet takes a longer time to reach the local device from
the master reference clock. Therefore, the local device
cannot determine whether the time in the packet is
correct.

reach Reachability mark, indicating the reachability to the clock

source.

sync dist Synchronization distance to the superior clock source.

This parameter evaluates and describes the clock source,
and NTP chooses the clock source with the shortest
synchronization distance.

sync state Synchronization state:

● 0: The clock has never been synchronized.
● 1: Frequency information is obtained from
configuration information.
● 2: The clock is set.
● 3: The clock is set, but the frequency is not yet
determined.
● 4: The clock is synchronized.
● 5: An error is found.

precision Precision of a peer clock.

version NTP version.

peer interface Peer interface.

reftime Reference timestamp.

orgtime Time when an NTP packet is sent for the last time.

rcvtime Time when an NTP packet is received for the last time.

xmttime Time when an NTP packet is forwarded for the last time.

filter delay Filter delays of the 8 packets received for the last time.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 463

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

filter offset Filter offsets of the 8 packets received for the last time.

filter disper Filter dispersions of the 8 packets received for the last
time.

reference clock The status of the reference clock, including:

status ● normal: indicates that the peer clock is reachable.
● abnormal: indicates that the peer clock is unreachable.

5.6.2 display ntp-service status

Function
The display ntp-service status command displays the status of NTP.

Format
display ntp-service status

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Based on the displayed status of the NTP service, you can know the
synchronization status and stratum of the local system clock.

Example
# Display the status of the NTP service.
<HUAWEI> display ntp-service status
clock status: synchronized
clock stratum: 2
reference clock ID: LOCAL(0)
nominal frequency: 60.0002 Hz
actual frequency: 60.0002 Hz
clock precision: 2^18
clock offset: 0.0000 ms
root delay: 0.00 ms
root dispersion: 0.00 ms
peer dispersion: 10.00 ms
reference time: 15:51:36.259 UTC Apr 25 2012(C6179088.426490A3)

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 464

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-41 Description of the display ntp-service status command output

Item Description

clock status Status of the clock:

● synchronized: indicates that the local system clock is
synchronized with an NTP server or a reference clock.
● unsynchronized: indicates that the local system clock is
not synchronized with any NTP server.

clock stratum Stratum of the local system clock.

reference clock Reference clock:

ID ● If the local system clock has been synchronized with a
remote NTP server or a reference clock, this field displays
the IP address of the remote NTP server or the identifier
of the reference clock.
● If the local system clock functions as a reference clock,
this field displays "Local".
● If clock status is unsynchronized, this field displays
"None".

nominal Nominal frequency of the local system clock.

frequency

actual frequency Actual frequency of the local system clock.

clock precision Precision of the local system clock.

clock offset Offset between the local system clock and the NTP server.

root delay Total delay between the local system clock and the master
reference clock.

root dispersion Total dispersion between the local system clock and the
master reference clock.

peer dispersion Dispersion between the local system clock and the remote
NTP peer.

reference time Reference timestamp.

5.6.3 display ntp-service trace

Function
The display ntp-service trace command displays the trace path of reference clock
source from the local device.

Format
display ntp-service trace

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 465

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
When you run the display ntp-service trace command, summary information of
NTP servers for synchronizing time on the link from the local device to the
reference clock source can be displayed.

Example
# Display the summary of each passing NTP server when you trace the reference
clock source from the local device.
<HUAWEI> display ntp-service trace
server 127.0.0.1,stratum 5, offset 0.024099, synch distance 0.06337
server 192.168.1.2,stratum 4, offset 0.028786, synch distance 0.04575
server 172.16.1.2,stratum 3, offset 0.035199, synch distance 0.03075
server 10.1.7.1,stratum 2, offset 0.039855, synch distance 0.01096
refid 127.127.1.0

Table 5-42 Description of the display ntp-service trace command output

Item Description

server IP address of the NTP server.

stratum Stratum of the clock on the NTP server.

offset Offset to the superior reference clock.

synch distance Synchronization distance to the superior reference clock.

This parameter evaluates and describes the reference
clock and NTP chooses the reference clock with the
shortest synchronization distance.

refid Reference clock source.

5.6.4 ntp-service access

Function
The ntp-service access command sets the access control authority of the local
NTP.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 466

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

The undo ntp-service access command cancels the configured access control
authority.
By default, no access control authority is set.

Format
ntp-service access { peer | query | server | synchronization } acl-number
undo ntp-service access { peer | query | server | synchronization }

Parameters
Parameter Description Value
peer Indicates maximum access. Both time request -
and control query can be performed on the local
NTP service, and the local clock can be
synchronized to the remote server.
query Indicates minimum access. Only control query -
can be performed on the local NTP service.
server Indicates that server access and query are -
permitted. Both time request and control query
can be performed on the local NTP service, but
the local clock cannot be synchronized to the
remote server.
synchronization Indicates that only server access is permitted. -
Only time request can be performed on the
local NTP service.
acl-number Indicates the basic access control list (ACL) The value is
number for IPv4 addresses. an integer
that ranges
from 2000 to
2999.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Compared with NTP authentication, ntp-service access is simpler to ensure the
network security. When an access request reaches the local end, the access request
is successively matched with the access authority from the maximum one to the
minimum one. The first successfully matched access authority takes effect. The
matching order is: peer, server, synchronization, and query.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 467

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Based on the access limitation to be implemented, configure this command

accordingly.

Table 5-43 Configuration of the NTP access control authority

NTP Operating Mode Usage Scenario Device
Configured

Unicast NTP server/ The client is restricted from being Client

client mode synchronized to a server, so that the
client will not be synchronized to
an unreliable unicast NTP server on
the network.

Unicast NTP server/ The server is restricted from Server

client mode processing the synchronization time
request of the client, so that the
synchronization range of the server
is controlled.

NTP symmetric peer The two ends are restricted from Symmetric
mode being synchronized with each other active peer
to prevent an unreliable symmetric
passive peer on the network from
synchronizing the client.

NTP symmetric peer The symmetric passive peer is Symmetric

mode restricted from processing the time passive peer
request, so that the synchronization
range of the symmetric passive
peer is controlled.

NTP broadcast mode The client is restricted from being NTP broadcast
synchronized to a server, so that the client
client will not be synchronized to
an unreliable broadcast NTP server
on the network.

The ntp-service access command ensures the security to the minimal extent. A
safer method is to perform identity authentication. See the ntp-service
authentication enable command for relevant configuration.
Precautions
Check the configuration of the ACL rule before configuring the NTP access control
authority in the ACL. When the ACL rule is permit, the peer device with the source
IP address specified in this rule can access the NTP service on the local device. The
access right of the peer device is configured using the ntp-service access
command. When the ACL rule is deny, the peer device with the source IP address
specified in this rule cannot access the NTP service on the local device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 468

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Enable the peer in IPv4 ACL 2000 to perform time request, query control and
time synchronization on the local device.
<HUAWEI> system-view
[HUAWEI] ntp-service access peer 2000

# Enable the server in IPv4 ACL 2002 to perform time request and query control
on the local device.
<HUAWEI> system-view
[HUAWEI] ntp-service access server 2002

5.6.5 ntp-service access limited

Function
The ntp-service access limited command enables control on the rate of incoming
NTP packets.
The undo ntp-service access limited command disables control on the rate of
incoming NTP packets.
By default, control on the rate of incoming NTP packets is disabled.

Format
ntp-service access limited acl-number
undo ntp-service access limited

Parameters
Parameter Description Value
acl-number Indicates the basic access control The value is an integer that
list (ACL) number for IPv4 ranges from 2000 to 2999.
addresses.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After the KOD function is enabled on the server, you can run the ntp-service
access limited command to enable control on the rate of incoming NTP packets.
When the rate of incoming NTP packets reaches the upper threshold, the server
sends the kiss code.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 469

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Precautions
Before enabling control on the rate of incoming NTP packets, check the ACL rule
configuration. When the ACL rule is deny, the server sends the kiss code DENY.
When the ACL is permit and the rate of incoming NTP packets reaches the upper
threshold, the server sends the kiss code RATE.

Example
# Enable control on the rate of incoming NTP packets.
<HUAWEI> system-view
[HUAWEI] ntp-service access limited 2005

5.6.6 ntp-service authentication enable

Function
The ntp-service authentication enable command enables identity authentication
for NTP.
The undo ntp-service authentication enable command disables the identity
authentication.
By default, identity authentication is disabled.

Format
ntp-service authentication enable
undo ntp-service authentication enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
On networks requiring high security, authentication must be enabled for NTP. The
NTP client authenticates NTP servers using a password and synchronizes time with
only the authenticated server. This improves network security.

Example
# Enable identity authentication for NTP.
<HUAWEI> system-view
[HUAWEI] ntp-service authentication enable

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 470

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

5.6.7 ntp-service authentication-keyid

Function
The ntp-service authentication-keyid command sets NTP authentication key.
The undo ntp-service authentication-keyid command removes NTP
authentication key.
By default, no authentication key is set.

Format
ntp-service authentication-keyid key-id authentication-mode { md5 | hmac-
sha256 } [ cipher ] password
undo ntp-service authentication-keyid key-id

Parameters
Parameter Description Value

key-id Indicates the key number. Key ID is an integer and ranges

from 1 to 4294967295.

authentication- Indicates MD5 -

mode md5 authentication mode.

authentication- Indicates HMAC-SHA256 -

mode hmac- authentication mode.
sha256

cipher Indicates that the -

configured password is
displayed in cipher text.
If this parameter is not
specified, the configured
password is displayed in
cipher text.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 471

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

password Specifies the When quotation marks are used

authentication password around the string, spaces are
in plain text or in cipher allowed in the string.
text.
The keyword is a string of case
sensitive characters, spaces
supported.
● 1 to 255 characters in plain
text.
● 48 to 348 characters in
cipher text.
To improve password security,
the password must be a
combination of at least two of
the following: digits, letters, and
special characters, and the
password length must be equal
to or larger than 8.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a network that requires high security, the NTP authentication must be enabled.
You can configure password authentication between client and server, which
guarantee the client only to synchronize with server successfully authenticated,
and improve network security. If the NTP authentication function is enabled, a
reliable key should be configured at the same time. Keys configured on the client
and the server must be identical.

NOTE

In NTP symmetric peer mode, the symmetric active peer functions as a client and the
symmetric passive peer functions as a server.

Follow-up Procedure
You can configure multiple keys for each device. After the NTP authentication key
is configured, you need to set the key to reliable using the ntp-service reliable
authentication-keyid command. If you do not set the key to reliable, the NTP key
does not take effect.
Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 472

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

MD5 authentication has potential risks. To ensure security, you are advised to use
the HMAC-SHA256 algorithm, which is more secure, for NTP authentication.
You can configure a maximum of 1024 keys for each device.
If the NTP authentication key is a reliable key, it automatically becomes unreliable
when you delete the key. You do not need to run the undo ntp-service reliable
authentication-keyid command.

Example
# Set the HMAC-SHA256 identity authentication key. The key ID number is 10,
and the key is Betterkey.
<HUAWEI> system-view
[HUAWEI] ntp-service authentication-keyid 10 authentication-mode hmac-sha256 BetterKey

# Set authentication text to BetterKey123 in HMAC-SHA256 authentication with

cipher option.
<HUAWEI> system-view
[HUAWEI] ntp-service authentication-keyid 10 authentication-mode hmac-sha256 cipher BetterKey123

5.6.8 ntp-service broadcast-client

Function
The ntp-service broadcast-client command configures the device to work in NTP
broadcast client mode.
The undo ntp-service broadcast-client command removes the device from the
NTP broadcast client mode.
By default, the device is not configured in the NTP broadcast client mode.

Format
ntp-service broadcast-client
undo ntp-service broadcast-client

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
On a synchronization subnet, when the IP address of a server or a symmetric peer
is not determined, or when the clocks on a large number of devices need to be

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 473

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

synchronized on the network, you can implement clock synchronization by

configuring the broadcast mode.

On a specified interface on the broadcast client, run the ntp-service broadcast-

client command to configure an interface on the local device to receive NTP
broadcast packets. When the local device automatically runs in the broadcast
client mode, the device can receive the synchronization packets sent by a
broadcast server. For the configuration of the broadcast server, see the ntp-service
broadcast-server command.

When the configuration is complete, you can run the display ntp-service sessions
command to obtain information about sessions between the broadcast server and
the local device.

Example
# Enable VLANIF100 to receive NTP broadcast messages.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.1.1.1 24
[HUAWEI-Vlanif100] ntp-service broadcast-client

5.6.9 ntp-service broadcast-server

Function
The ntp-service broadcast-server command configures the local device to work
in NTP broadcast server mode.

The undo ntp-service broadcast-server command removes the device from the
NTP broadcast server mode.

By default, the broadcast server mode is not configured.

Format
ntp-service broadcast-server [ version number | authentication-keyid key-id ] *

undo ntp-service broadcast-server

Parameters

Parameter Description Value

version number Indicates the NTP version The value is an integer
number. that ranges from 1 to 4.
The default value is 3.
If this parameter is not specified,
the version number is a default
value.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 474

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

authentication- Indicates the authentication key Key ID is an integer and
keyid key-id number used to transmit a ranges from 1 to
message to broadcast clients. 4294967295.
If this parameter is not specified,
authentication is not performed.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
On a synchronization subnet, when the IP address of a server or a symmetric peer
is not determined, or when the clocks on a large number of devices need to be
synchronized on the network, you can implement clock synchronization by
configuring the broadcast mode.

On a specified interface on the broadcast server, run the ntp-service broadcast-

server command to configure an interface on the local device to send NTP
broadcast packets. When the local device automatically runs in the broadcast
server mode, the device can send synchronization packets to a broadcast client.
For the configuration of the broadcast client, see the ntp-service broadcast-client
command.

When the configuration is complete, you can run the display ntp-service sessions
command to obtain information about sessions between the broadcast server and
the client.

Example
# Enable VLANIF100 to send NTP broadcast packets, with the NTP version as 2
and the key number as 4.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.1.1.1 24
[HUAWEI-Vlanif100] ntp-service broadcast-server version 2 authentication-keyid 4

5.6.10 ntp-service discard

Function
The ntp-service discard command sets the minimum inter-packet interval and the
average inter-packet interval of NTP.

The undo ntp-service discard command restores the minimum inter-packet

interval and the average inter-packet interval of NTP to the default values.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 475

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

By default, the minimum inter-packet interval is set to the first power of 2 in

seconds, namely, 2 seconds, and the average inter-packet interval is set to the fifth
power of 2 in seconds, namely, 32 seconds.

Format
ntp-service discard { min-interval min-interval-val | avg-interval avg-interval-
val } *
undo ntp-service discard

Parameters
Parameter Description Value
min-interval Specifies the minimum inter-packet The value of min-
min-interval-val interval of NTP. interval-val is an
integer that ranges
The actual value of the minimum inter- from 1 to 8.
packet interval of NTP is the value
obtained by raising 2 to the power of
min-interval-val, expressed in seconds.

avg-interval Specifies the average inter-packet The value of avg-

avg-interval-val interval of NTP. interval-val is an
integer that ranges
The actual value of the average inter- from 1 to 8.
packet interval of NTP is the value
obtained by raising 2 to the power of
avg-interval-val, expressed in seconds.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The minimum inter-packet interval and the average inter-packet interval of NTP
are set using the ntp-service discard command. To generate kiss code RATE, we
need to set the minimum inter-packet interval and the average inter-packet
interval of NTP.

Example
# Set both the minimum inter-packet interval and the average inter-packet
interval of NTP to the fourth power of 2, expressed in seconds, namely, 16
seconds.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 476

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

<HUAWEI> system-view
[HUAWEI] ntp-service discard min-interval 4 avg-interval 4

5.6.11 ntp-service enable

Function
The ntp-service enable command enables the NTP service on the local device.
The undo ntp-service enable command disables the NTP service on the local
device.
By default, the NTP service on the local device is enabled. In the factory
configuration file, the NTP service is disabled.

Format
ntp-service enable
undo ntp-service enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The NTP function can be used on a device only after the NTP service on the device
is enabled.

Example
# Enable the NTP service on the local device.
<HUAWEI> system-view
[HUAWEI] ntp-service enable

5.6.12 ntp-service in-interface disable

Function
The ntp-service in-interface disable command disables an interface from
receiving NTP packets.
The undo ntp-service in-interface disable command enables an interface to
receive NTP packets.
By default, an interface is enabled to receive NTP packets.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 477

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
ntp-service in-interface disable

undo ntp-service in-interface disable

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
The ntp-service in-interface disable command provides a method for access
control.

You can disable the interface connected to external devices from receiving NTP
packets in the following scenarios:
● An unreliable clock server exists on the interface. By default, all the interfaces
can receive NTP packets after NTP is enabled on the device. However, an
unreliable clock source makes NTP clock data inaccurate.
● The NTP clock data is modified when the interface is attacked maliciously.

Example
# Disable VLANIF100 from receiving NTP packets.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ntp-service in-interface disable

5.6.13 ntp-service kod-enable

Function
The ntp-service kod-enable command enables the KOD function.

The undo ntp-service kod-enable command disables the KOD functions.

By default, the KOD function is disabled.

Format
ntp-service kod-enable

undo ntp-service kod-enable

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 478

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The Kiss-o'-Death (KOD) function is a brand new access control technology put
forward by NTPv4, and the KOD function is mainly used for a server to provide
information, such as a status report and access control, for a client. After the KOD
function is enabled on the server, the server sends the kiss code DENY or RATE to
the client according to the operating status of the system.

When the kiss code is generated in a specific situation, run the command ntp-
service kod-enable.

Follow-up Procedure

After the KOD function is enabled on the server, you can run the ntp-service
access limited command to enable control on the rate of incoming NTP packets.
When the rate of incoming NTP packets reaches the upper threshold, the server
sends the kiss code.

Example
# Enable the KOD function.
<HUAWEI> system-view
[HUAWEI] ntp-service kod-enable

5.6.14 ntp-service max-dynamic-sessions

Function
The ntp-service max-dynamic-sessions command sets the maximum dynamic
NTP sessions that can be set up.

The undo ntp-service max-dynamic-sessions command restores the maximum

dynamic NTP sessions to the default value.

By default, up to 100 NTP dynamic sessions are allowed to be set up.

Format
ntp-service max-dynamic-sessions number

undo ntp-service max-dynamic-sessions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 479

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

number Indicates the number of The number of dynamic NTP sessions

dynamic sessions allowed to is an integer that ranges from 0 to
be set up. 100. The default value is 100.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A maximum of 128 sessions can be established on the same device running the
NTP service in the same period, including static and dynamic sessions. In both
unicast server/client mode and symmetric peer mode, command lines are used to
establish static sessions. The dynamic sessions are established in broadcast mode.
Excessive dynamic sessions directly affect the establishment of static sessions. A
user can limit the number of local dynamic sessions solve this problem.
Precautions
When the number of local dynamic sessions on the device is limited,
● NTP dynamic sessions established are not affected. That is, when the number
of the dynamic sessions exceeds the limit, the dynamic sessions established
are not deleted, but a new dynamic session cannot be established.
● The limit on the number of local dynamic sessions allowed should be
configured on the client because the server does not record the number of the
established NTP sessions.

Example
# Set the maximum NTP dynamic sessions allowed to be set up to 50.
<HUAWEI> system-view
[HUAWEI] ntp-service max-dynamic-sessions 50

5.6.15 ntp-service reliable authentication-keyid

Function
The ntp-service reliable authentication-keyid command specifies the
authentication key to be reliable.
The undo ntp-service reliable authentication-keyid command cancels the
current setting.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 480

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

By default, no authentication key is specified to be reliable.

Format
ntp-service reliable authentication-keyid key-id
undo ntp-service reliable authentication-keyid key-id

Parameters
Parameter Description Value

key-id Indicates the key number. Key ID is an integer and ranges from 1 to
4294967295.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
If the identity authentication is enabled, this command is used to specify that one
or more keys are reliable. That is, the client can only be synchronized with the
server that provides the reliable key. The client cannot be synchronized with the
server that provides unreliable keys.

Example
# Enable the identity authentication in NTP and adopt the HMAC-SHA256
encryption mode with key number as 37 and the key as BetterKey. Specify the key
to be reliable.
<HUAWEI> system-view
[HUAWEI] ntp-service authentication enable
[HUAWEI] ntp-service authentication-keyid 37 authentication-mode hmac-sha256 BetterKey
[HUAWEI] ntp-service reliable authentication-keyid 37

5.6.16 ntp-service server disable

Function
The ntp-service server disable command disables NTP server functionality.
The undo ntp-service server disable command enables NTP server functionality.
By default, NTP server functionality is enabled.

Format
ntp-service server disable

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 481

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

undo ntp-service server disable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
For the security purpose, NTP server functionality can be disabled when the device
does not need to act as a server.

Example
# Disable NTP server functionality.
<HUAWEI> system-view
[HUAWEI] ntp-service server disable

5.6.17 ntp-service source-interface

Function
The ntp-service source-interface command specifies the local source interface
that sending and receiving NTP packets.

The undo ntp-service source-interface command cancels the current setting.

By default, the local source interface is not specified for sending and receiving NTP
packets. The local source interface is automatically determined based on the
route.

Format
ntp-service source-interface interface-type interface-number

undo ntp-service source-interface

Parameters
Parameter Description Value

interface-type interface- Indicates the local interface that sends the -

number NTP packets.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 482

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Configure the local source interface for sending/receiving NTP packets, so that the
IP address of another interface on the device cannot be used as the destination
address of a reply packet, which is convenient for a user to subsequently deploy a
flow control policy. If the interface is not specified, the source IP address of the
NTP packets is selected according to the route.
Precautions
In the broadcast mode, the NTP service is performed on a specific interface, that
is, the source interface. Therefore, the ntp-service source-interface command is
invalid for the broadcast mode.

Example
# Specify VLANIF100 as the source interface to send all the NTP packets.
<HUAWEI> system-view
[HUAWEI] ntp-service source-interface vlanif 100

5.6.18 ntp-service unicast-peer

Function
The ntp-service unicast-peer command configures NTP peer mode.
The undo ntp-service unicast-peer command cancels the NTP peer mode.
By default, the NTP peer mode is not configured.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 483

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

ip-address Indicates the IPv4 address of The parameter ip-

the remote peer. address is a host address
and cannot be the
broadcast address, the
multicast address or the
IP address of a reference
clock.

version number Indicates the NTP version Version number is an

number. If this parameter is integer data type and
not specified, the default ranges from 1 to 4. By
version number is used. default, it is 3.

authentication- Indicates the authentication Key ID is an integer and

keyid key-id key number used when ranges from 1 to
transmitting messages to the 4294967295.
remote peer.If this parameter is
not specified, authentication is
not performed.

maxpoll max- Indicates the maximum NTP The value is an integer

number poll interval. that ranges from 10 to
17.

minpoll min-number Indicates the minimum NTP The value is an integer

poll interval. that ranges from 3 to 6.

source-interface Indicates the source interface -

interface-type from which the symmetric
interface-number active end sends NTP packets
to the symmetric passive end.
The source IP address of the
NTP packets is the IP address
of this interface.

preference Indicates the remote peer as -

the preferred one. By default,
the remote peer is not
preferred.

Views
System view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 484

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Usage Scenario

When the clock of a device on the network needs to be synchronized in symmetric

peer mode, you can run the ntp-service unicast-peer command to configure a
remote node as the symmetric peer of the device. The local device runs in
symmetric active peer mode. In this mode, the device and the remote peer can be
synchronized with each other.

Example
# Configure the peer 10.10.1.1 to provide the synchronizing time for the local
device. The local device can also provide synchronizing time for the peer. The
version number is 3. The IP address of the NTP packets is the address of
VLANIF100.
<HUAWEI> system-view
[HUAWEI] ntp-service unicast-peer 10.10.1.1 version 3 source-interface vlanif 100

5.6.19 ntp-service unicast-server

Function
The ntp-service unicast-server command configures the NTP unicast server/client
mode.

The undo ntp-service unicast-server command cancels the NTP unicast server/
client mode.

By default, the NTP server mode is not configured.

undo ntp-service unicast-server ip-address

Parameters

Parameter Description Value

ip-address Indicates the IPv4 address of The parameter ip-address

the remote server. is a host address and
cannot be the broadcast
address, the multicast
address or the IP address
of a reference clock.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 485

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

version number Indicates the NTP version Version number is an

number. If this parameter is not integer and ranges from
specified, the default version 1 to 4. By default, the
number is used. version number is 3.

authentication- Indicates the authentication key Key ID is an integer and

keyid key-id number used when messages ranges from 1 to
are transmitted to the remote 4294967295.
server. If this parameter is not
specified, authentication is not
performed.

maxpoll max- Specifies the NTP maximum It is an integer ranging

number poll interval. The NTP poll from 10 to 17, in
interval of the system floats seconds. The default
between the minimum value value is 10 seconds in
and maximum value. NTPv1, NTPv2, NTPv3,
and NTPv4.

minpoll min- Specifies NTP minimum poll It is an integer ranging

number interval. The NTP poll interval from 3 to 6, in seconds.
of the system floats between The default value is 6
the minimum value and seconds.
maximum value.

source-interface Indicates the source interface -

interface-type from which the unicast client
interface-number sends NTP packets to the
unicast server. The source IP
address of the NTP packets is
the IP address of this interface.

preference Indicates the remote server as -

the preferred one. By default,
the remote server is not
preferred.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 486

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

When the clock of a device on the network needs to be synchronized in unicast

server/client mode, the command can be run, and the remote server specified by
ip-address is used as the local clock server. The local device runs in client mode. In
this mode, the local client can be synchronized to the remote server, but the
remote server cannot be synchronized to the local client.

Example
# Configure the server 10.10.1.1 to provide the synchronizing time for the local
device. The NTP version number is 3.
<HUAWEI> system-view
[HUAWEI] ntp-service unicast-server 10.10.1.1 version 3

5.7 PoE Configuration Commands

NOTE

PoE OUT is supported only by the following models: AP8082DN, AP8182DN, AP4050DN-E,
AP4050DN-HD, AP7050DN-E, AP2050DN-E, AP2051DN-E, AD9431DN-24X, AD9430DN-24,
AD9430DN-12.
The display current power-workmode command is available for all APs supporting PoE IN and
PoE OUT, except the AD9430DN-24 and AD9431DN-24X.

5.7.1 display current power-workmode

Function
The display current power-workmode command displays the current power
mode of APs.

This command is available for all APs except the AD9430DN-24 and
AD9431DN-24X.

Format
display current power-workmode

Parameters
None

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 487

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
In DC or PoE power supply mode, APs may fail to work in its full power mode
because the power provided may not meet requirements of this mode. You can
run this command to check the current power mode of the AP.

Example
# Display the current power mode of the AP.
<HUAWEI> display current power-workmode
Current power workmode is AT (FULL), decided by AP capability

Table 5-44 Description of the display current power-workmode command

output

Item Description

Current power Current power mode of the AP, which is determined

workmode by the maximum capability of the AP.
● The power mode of an AP can be AF, AT, or BT,
which represents 802.3af, 802.3at, or 802.3bt,
respectively.
● The working mode of an AP can be Full, Limited,
or Disabled. In Full mode, functions of the AP are
unrestricted. In Limited mode, functions of the AP
are partially restricted. In Disabled mode, the AP
restarts due to insufficient power supply, and you
are not advised to use the AP in this mode.
The current power mode of an AP depends on the
following:
● LLDP: LLDP negotiation result
● Hardware detect: hardware detection result
● AP capability: its own highest capability

5.7.2 display poe device

Function
The display poe device command displays information about the device
supporting Power over Ethernet (PoE).

Format
display poe device

Parameters
None

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 488

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
2: Configuration level

Usage Guidelines
Before using the PoE function, run the display poe device command to check
whether the device supports the PoE function. If the command output is displayed,
the device supports the PoE function.

Example
# Display information about the device supporting PoE.
<HUAWEI> display poe device
slot 0 : POE

Table 5-45 Description of the display poe device command output

Item Description

Slot 0 The device supports PoE.

5.7.3 display poe information

Function
The display poe information command displays PoE running information about
the device.

Format
display poe information [ slot slot-id ]

Parameters
Parameter Description Value

slot slot-id Displays the PoE state The value is an integer

information about a and the value range
device in a specified slot. depends on the device
If this parameter is not configuration.
specified, the PoE
information about all
device is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 489

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Views
All views

Default Level
2: Configuration level

Usage Guidelines
This command displays information including the maximum output power set by
the user, current power consumption, peak power consumption, and power
management mode.

Example
# Display the PoE running information about the device.
<HUAWEI> display poe information
PSE Information of slot 0:
User Set Max Power(mW) : 380000
POE Power Supply(mW) : 380000
Available Total Power(mW) : 371784
Total Power Consumption(mW): 8216
Power Peak Value(mW) : 11284
Power-Management Mode : auto
Power High Inrush : disable
Power AF Inrush : disable

Table 5-46 Description of the display poe information command output

Item Description

User Set Max Maximum output power set by the user.

Power(mW) To set the value, run the poe max-power command.

POE Power PoE power supply, which is determined by the PoE

Supply(mW) power module configured on the device.

Available Total Total available power.

Power(mW)

Total Power Total output power.

Consumption(mW)

Power Peak Peak value of the output power.

Value(mW)

Power-Management Power management mode, including auto and manual

Mode modes.
To set the mode, run the poe power-management
command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 490

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Power High Inrush State of power high inrush function, including enabled
and disabled state. By default, the power high inrush
function is in disabled state.
To set the state, run the poe high-inrush enable
command.

Power AF Inrush Whether to set the PoE standard to IEEE 802.3af.

● enable: The current PoE standard is IEEE 802.3af.
● disable: The current PoE standard is IEEE 802.3at.
By default, a central AP provides PoE power in
compliance with IEEE 802.3at.
To configure this parameter, run the poe af-inrush
enable command.

5.7.4 display poe power

Function
The display poe power command displays current power information on
interfaces.

Format
display poe power [ slot slot-id | interface interface-type interface-number ]

Parameters
Parameter Description Value

slot slot-id Displays PoE power The value is fixed as 0.

information in a
specified slot.
If this parameter is not
specified, all PoE
information about the
device is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 491

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

interface interface-type Displays PoE power -

interface-number information about a
specified interface.
● interface-type
specifies the interface
type.
● interface-number
specifies the interface
number.
If this parameter is not
specified, the output
power of all interfaces
on the device is
displayed.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
The display poe power command displays information including the current
actual power, maximum output power set for an interface, and class, reference
power, and average power of PDs on the interface.
If this parameter is not specified, the output power of all interfaces on the device
is displayed.

Example
# Display power information about interfaces on the device whose ID is 0.
<HUAWEI> display poe power slot 0
Codes: REFPW(Reference power), USMPW(User set max power),
CURPW(Current power), PKPW(Peak power), AVGPW(Average power)

PortName Class REFPW(mW) USMPW(mW) CURPW(mW) PKPW(mW) AVGPW(mW)

--------------------------------------------------------------------------------
GigabitEthernet0/0/1 - - 15400 0 0 0
GigabitEthernet0/0/2 - - 15400 0 0 0
GigabitEthernet0/0/3 - - 15400 0 0 0
GigabitEthernet0/0/4 - - 15400 0 0 0
GigabitEthernet0/0/5 - - 15400 0 0 0
GigabitEthernet0/0/6 - - 15400 0 0 0
GigabitEthernet0/0/7 - - 15400 0 0 0
GigabitEthernet0/0/8 - - 15400 0 0 0
GigabitEthernet0/0/9 - - 15400 0 0 0
GigabitEthernet0/0/10 - - 15400 0 0 0
GigabitEthernet0/0/11 2 7000 15400 3710 3816 3487
GigabitEthernet0/0/12 2 7000 15400 2968 3180 2960

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 492

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

GigabitEthernet0/0/13 - - 15400 0 0 0
GigabitEthernet0/0/14 - - 15400 0 0 0
GigabitEthernet0/0/15 - - 15400 0 0 0
GigabitEthernet0/0/16 - - 15400 0 0 0
GigabitEthernet0/0/17 - - 15400 0 0 0
GigabitEthernet0/0/18 - - 15400 0 0 0
GigabitEthernet0/0/19 - - 15400 0 0 0
GigabitEthernet0/0/20 - - 15400 0 0 0
GigabitEthernet0/0/21 - - 15400 0 0 0
GigabitEthernet0/0/22 - - 15400 0 0 0
GigabitEthernet0/0/23 - - 15400 0 0 0
GigabitEthernet0/0/24 - - 15400 0 0 0

Table 5-47 Description of the display poe power slot command output

Item Description

PortName Interface name.

Class Class of a PD on an interface.

The system classifies PDs into five classes, namely, class
0 to class 4, according to their maximum power. If no
PD is connected to interface, a hyphen (-) is displayed.
If the maximum power of a PD exceeds the output
power level of the device, class 4 is displayed.

REFPW(mW) Reference power of a PD.

The system can identify the reference power of each
PD. The value varies according to types of PDs. When
the maximum output power of a PD exceeds that of
the device, the reference power of the PD is displayed
as the maximum output power of the device.
The mapping between PD classes and the reference
power is as follows:
● 0: The reference power is 15.4 W.
● 1: The reference power is 4 W.
● 2: The reference power is 7 W.
● 3: The reference power is 15.4 W.
● 4: The reference power is 30 W.

USMPW(mW) Maximum output power set for an interface.

CURPW(mW) Current power of the PDs on an interface.

PKPW(mW) Peak power of the PDs on an interface.

The value is a statistical value, which equals the
current maximum power consumption of the PDs on
the interface.

AVGPW(mW) Average power of the PDs on an interface.

The value is a statistical value, which equals the
average power consumption from the power-on of the
interface till now.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 493

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

# Display power information about GigabitEthernet0/0/3.

<HUAWEI> display poe power interface gigabitethernet 0/0/3
Port PD power(mW) : 3710
Port PD class :2
Port PD reference power(mW) : 7000
Port user set max power(mW) : 15400
Port PD peak power(mW) : 3816
Port PD average power(mW) : 3487

Table 5-48 Description of the display poe power interface command output
Item Description

Port PD power(mW) Output power of an interface.

Port PD class Class of a PD on an interface.

Port PD reference Reference power of a PD.

power(mW) The system can identify the reference power of each
PD. The value varies according to types of PDs. When
the maximum output power of a PD exceeds that of
the device, the reference power of the PD is displayed
as the maximum output power of the device.
The mapping between PD classes and the reference
power is as follows:
● 0: The reference power is 15.4 W.
● 1: The reference power is 4 W.
● 2: The reference power is 7 W.
● 3: The reference power is 15.4 W.
● 4: The reference power is 30 W.

Port user set max Maximum output power set for an interface.
power(mW)

Port PD peak Peak power of the PDs on an interface.

power(mW) The value is a statistical value, which equals the
current maximum power consumption of the PDs on
the interface.

Port PD average Average power of the PDs on an interface.

power(mW) The value is a statistical value, which equals the
average power consumption from the power-on of the
interface till now.

5.7.5 display poe power-state

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 494

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Function
The display poe power-state command displays the PoE power supply status of a
device.

Format
display poe power-state [ slot slot-id | interface interface-type interface-
number ]

Parameters
Parameter Description Value

slot slot-id Displays the power The value is an integer,

supply status of and the value is 0.
interfaces supporting
PoE in a specified slot.

interface interface-type Displays the PoE power -

interface-number supply status of a
specified interface.
● interface-type
specifies the interface
type.
● interface-number
specifies the interface
number.
If this parameter is not
specified, the PoE power
supply status of all
interfaces on the device
is displayed.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
The display poe power-state command displays information including whether
an interface is enabled to check compatibility of non-standard PDs, power supply
status on of an interface, class of PDs on an interface, power supply priority, and
maximum output power of an interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 495

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Display the PoE power supply status of GigabitEthernet 0/0/3.
<HUAWEI> display poe power-state interface gigabitethernet 0/0/3
Port legacy detect : disable
Port power enabled : enable
Port power ON/OFF : on
Port power status : Powered
Port PD class :3
Port reference power(mW) : 15400
Port power priority : Low
Port max power(mW) : 15400
Port current power(mW) : 2794
Port peak power(mW) : 2794
Port average power(mW) : 2741
Port current(mA) : 52.73
Port voltage(V) : 53.00

Table 5-49 Description of the display poe power-state interface command output
Item Description

Port legacy detect Whether an interface is enabled to check compatibility

of non-standard PDs.
To enable an interface to check compatibility of non-
standard PDs, run the poe legacy enable command.

Port power enabled Whether PoE is enabled on an interface.

To enable PoE on an interface, run the poe enable
command.

Port power ON/OFF Whether the interface is powered on.

● On: indicates that the interface is powered on.
● Off: indicates that the interface is powered off.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 496

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Port power status Power supply status of an interface. The status can be:
● Test mode: indicates the testing state.
● Detecting: indicates the detection state.
● Disabled: indicates that PoE is disabled on the
interface.
● Chip fault: indicates that the chip of the interface
fails.
● Power-deny: indicates that the reference power is
greater than the maximum output power of an
interface.
● Classification overcurrent: indicates that the current
of the PDs on the interface exceeds the threshold.
● Unknown class: indicates that the class of the PD is
unknown.
● Power overcurrent: indicates that the current of the
PD on the interface exceeds the maximum current
of the interface.
● Power-on failed: indicates that the interface fails to
be powered on.
● Power-ready: indicates that the interface is ready to
be powered on.
● Powering: indicates that the PSE starts to power on
the interface.
● Powered: indicates that the interface is powered on.
● Over loaded: indicates that the power is overloaded.
● Time-range power-off: indicates that the interface is
in the power-off time range.
● Legacy disable: indicates that compatibility
detection for PDs is disabled. That is, the device
cannot identify or provide power for the non-
standard PD.

Port PD class Class of a PD connected to an interface.

The system classifies PDs into five classes, namely, class
0 to class 4, according to their maximum power.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 497

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

Port reference Reference power of an interface.

power(mW) The system can identify the maximum power of a PD,
classify the PD into a certain level, and define the
reference power of each level. The mappings between
PD types and reference power values are:
● 0: reference power 15.4 W
● 1: reference power 4 W
● 2: reference power 7 W
● 3: reference power 15.4 W
● 4: reference power 30 W

Port power priority Power supply priority of an interface. The priority is as

follows:
● Critical: indicates the highest priority.
● High: indicates the second highest priority.
● Low: indicates the lowest priority.
To set the priority, run the poe priority command.

Port max power(mW) Maximum output power of an interface.

NOTE
A maximum output power of 15400 mW indicates that the
device complies with 802.3af. A maximum output power of
30000 mW indicates that the device complies with 802.3at.

Port current Current output power of an interface.

power(mW)

Port peak power(mW) Peak output power of an interface.

Port average Average output power of an interface.

power(mW)

Port current(mA) Output current of an interface.

Port voltage(V) Output voltage of an interface.

# Display the PoE power supply status of the device.

<HUAWEI> display poe power-state slot 0
PORTNAME POWERON/OFF ENABLED PRIORITY STATUS
--------------------------------------------------------------------------------
GigabitEthernet0/0/1 off enable Low Detecting
GigabitEthernet0/0/2 off enable Low Detecting
GigabitEthernet0/0/3 on enable Low Powered
GigabitEthernet0/0/4 off enable Low Detecting
GigabitEthernet0/0/5 off enable Low Detecting
GigabitEthernet0/0/6 off enable Low Detecting
GigabitEthernet0/0/7 off enable Low Detecting
GigabitEthernet0/0/8 off enable Low Detecting

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 498

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Table 5-50 Description of the display poe power-state slot command output
Item Description

PORTNAME Name of an interface.

POWERON/OFF Whether the interface is powered on.

● On: indicates that the interface is powered on.
● Off: indicates that the interface is powered off.

ENABLED Whether PoE is enabled on an interface.

To enable PoE on an interface, run the poe enable
command.

PRIORITY Power supply priority of an interface. The priority is as

follows:
● Critical: indicates the highest priority.
● High: indicates the second highest priority.
● Low: indicates the lowest priority.
To set the priority, run the poe priority command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 499

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

STATUS Power supply status of an interface. The status is

classified into following types:
● Test mode: indicates the testing state.
● Detecting: indicates the detection state.
● Disabled: indicates that PoE is disabled on the
interface.
● Chip fault: indicates that the chip of the interface
fails.
● Power-deny: indicates that the reference power is
greater than the maximum output power of an
interface.
● Classification overcurrent: indicates that the current
of the PDs on the interface exceeds the threshold.
● Unknown class: indicates that the class of the PD is
unknown.
● Power overcurrent: indicates that the current of the
PD on the interface exceeds the maximum current
of the interface.
● Power-on failed: indicates that the interface fails to
be powered on.
● Power-ready: indicates that the interface is ready to
be powered on.
● Powering: indicates that the PSE starts to power on
the interface.
● Powered: indicates that the interface is powered on.
● Over loaded: indicates that the power is overloaded.
● Time-range power-off: indicates that the interface is
in the power-off time range.
● Legacy disable: indicates that compatibility
detection for PDs is disabled. That is, the device
cannot identify or provide power for the non-
standard PD.

5.7.6 display poe-power

Function
The display poe-power command displays information about the PoE power
supply.

Format
display poe-power [ slot slot-id ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 500

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

slot slot-id Specifies the slot ID of a The value is an integer,

device. and the value is 0.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
The display poe-power displays information including the available total PoE
power, percentage of the reserved power, power alarm threshold, and PoE power
module.

Example
# Display information about the PoE power supply of the devices.
<HUAWEI> display poe-power
Slot 0
Total Available POE Power(mW) : 246400
Reserved POE Power Percent : 20 %
POE Power Threshold Percent : 90 %
POE Power 1
Power Value(mW) : 123200
Type : AD9430DN-12
Supported Mode : Redundancy, Balance
POE Power 2
Power Value(mW) :-
Type :-
Supported Mode :-

Table 5-51 Description of the display poe-power command output

Item Description

Total Available POE Total power that can be provided for PDs.
Power(mW)

Reserved POE Power Percentage of the reserved power to the total power.
Percent To set the percentage, run the poe power-reserved
command.

POE Power Threshold Alarm threshold of the power consumption percentage.

Percent To set the threshold, run the poe power-threshold
command.

POE Power 1 PoE power supply 1.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 501

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Item Description

POE Power 2 PoE power supply 2.

Power Value(mW) Power of a PoE power supply.

Type Type of a PoE power supply.

Supported Mode Supported PoE power supply mode. The value can be:
● Redundancy: redundancy backup mode
● Balance: current balance mode

5.7.7 poe af-inrush enable

Function
The poe af-inrush enable command configures the IEEE802.3at-compliant device
to provide power in conformance to IEEE802.3af.
The undo poe af-inrush enable command configures the device to provide power
in conformance to IEEE802.3at.
By default, A device provides power for PDs in conformance to IEEE802.3at.

Format
poe af-inrush enable [ slot slot-id ]
undo poe af-inrush enable [ slot slot-id ]

Parameters
Parameter Description Value

slot slot-id Specifies the slot ID of The value is 0, indicating

the card. the MPU of the device.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios
The device that conforms to IEEE802.3at cannot power non-standard PDs that do
not support inrush current. To power these PDs, configure the device to provide

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 502

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

power in conformance to IEEE802.3af. When all PDs connected to the device are
standard PDs, run the undo poe af-inrush enable command to cancel the
configuration.
Precautions
● The poe af-inrush enable command takes effect only on PoE devices
conforming to IEEE802.3at.
● The poe af-inrush enable command does not take effect on an interface if
the poe force-power command has been executed on the interface.
● The poe force-power command is applied to some non-standard PDs that
cannot be powered on. After running this command, some devices that need
inrush current may not be powered on.
● After running the poe af-inrush enable command, remove the non-standard
PDs and then install them so that the PDs can be powered on.
Configuration Impact
After running the poe af-inrush enable command, remove the non-standard PDs
and then install them so that the PDs can be powered on.

Example
# Configure the device to provide power in conformance to IEEE802.3af.
<HUAWEI> system-view
[HUAWEI] poe af-inrush enable slot 0
Warning: This operation may cause PD work abnormal. Continue?[Y/N]:y

5.7.8 poe enable

Function
The poe enable command enables the PoE function on an interface.
The undo poe enable command disables the PoE function on an interface.
By default, the PoE function is enabled on an interface.

Format
poe enable
undo poe enable

Parameters
None

Views
GE interface view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 503

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Usage Guidelines
Before providing power for the PD connected to the interface, ensure the PoE
function on the interface is enabled. IF the PoE function is not enabled, run the
poe enable command to enable the PoE function on the interface.
In automatic mode, the power-on or power-off of interfaces is determined by the
PoE power and interface power priority. When the PoE power is sufficient, the
device does not power off one interface. To stop providing power for one PD, run
the undo poe enable command.

Example
# Disable the PoE function on GigabitEthernet0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo poe enable

5.7.9 poe force-power

Function
The poe force-power command enables forcible powering on a PoE interface.
The undo poe force-power command disables forcible powering on a PoE
interface.
By default, forcible powering is disabled on a PoE interface.

Format
poe force-power
undo poe force-power

Parameters
None

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios
If the power of the system is sufficient, you can run the poe force-power
command on the interface connected to PDs when the PSE cannot detect the PDs.
Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 504

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

If the interface connects to a non-PD device, configuring forcible powering on the

interface may damage the non-PD device. Exercise caution when using the poe
force-power command.

Example
# Enable forcible powering on GigabitEthernet0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] poe force-power
Warning: Is there a valid PD connected to this interface? Yes or No?[Y/N]:y

5.7.10 poe high-inrush enable

Function
The poe high-inrush enable command configures an interface to allow
generation of the high pulse current during power-on.
The undo poe high-inrush enable command configures an interface not to allow
generation of the high pulse current during power-on.
By default, interfaces do not allow generation of the high pulse current during
power-on.

Format
poe high-inrush enable [ slot slot-id ]
undo poe high-inrush enable [ slot slot-id ]

Parameters
Parameter Description Value

slot slot-id Specifies the The value is 0, indicating the

slot ID of the MPU of the device.
card.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
High inrush current is generated when a non-standard PD is powered on. In this
case, the PSE cuts off the power of the PD to protect itself. If the PSE is required to
provide power for the PD, the PSE must allow high inrush current. The high inrush
current may damage device components.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 505

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Enable the device to allow generation of the high pulse current during power-
on.
<HUAWEI> system-view
[HUAWEI] poe high-inrush enable

5.7.11 poe { power-off | power-on } interface

Function
The poe { power-off | power-on } interface command manually powers on or
powers off the PD of an interface.

Format
poe { power-off | power-on } interface interface-type interface-number

Parameters
Parameter Description Value

power-off Powers off an interface. -

power-on Powers on an interface. -

interface-type interface- Specifies the type and -

number number of the interface
that needs to be
powered on or powered
off manually.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios
In manual power management mode, run the poe { power-off | power-on }
interface command to power on or power off interfaces. To check whether the
command runs successfully, run the display poe power-state command.
Precautions
When the available power of the device is insufficient and the device cannot
provide power for a new PD, the poe power-on interface command is invalid.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 506

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Pre-configuration Tasks
Before powering on or powering off an interface, ensure that:
● The power management mode has been in manual mode through running
the poe power-management command.
● PDs have been connected to the interface.
● The PoE function of the interface has been enabled.
● The classification of the PDs connected to the interface has finished and the
PDs have been ready for being powered on.

Example
# Manually power on GigabitEthernet0/0/1 interface.
<HUAWEI> system-view
[HUAWEI] poe power-on interface gigabitethernet 0/0/1

5.7.12 poe legacy enable

Function
The poe legacy enable command enables the power sourcing equipment (PSE) to
check the compatibility of the power device (PD).
The undo poe legacy enable command disables the PSE from checking the
compatibility of the PD.
By default, the PSE does not check the capability of the PD.

Format
poe legacy enable
undo poe legacy enable

Parameters
None

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
When compatibility check is enabled, the device can detect and provide power for
the PD that does not comply with the 802.3af or 802.3at standard. If compatibility
check is not enabled, the device cannot detect and provide power for the non-
standard PD.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 507

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Example
# Enable GigabitEthernet0/0/1 to check the compatibility of the PD.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] poe legacy enable
Warning: Is there a valid PD connected to this interface? Yes or No?[Y/N]:y

5.7.13 poe max-power

Function
The poe max-power command sets the maximum output power of a device.
The undo poe max-power command restores the maximum output power of a
device to the default value.
By default, the maximum output power of the device is the total power that the
PoE power supply provides for PDs. Therefore, the configured maximum output
power must be smaller than the total power that the PoE power supply provides
for PDs.

Format
poe max-power max-power [ slot slot-id ]
undo poe max-power [ [ max-power ] slot slot-id ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 508

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

max-power Specifies the maximum The value range is as

output power of a follows:
device. ● AP4050DN-HD: 15400
mW to 13300 mW
● AP7050DN-E: 15400
mW to 45000 mW
● AD9431DN-24X and
AD9430DN-24: 15400
mW to 380000 mW
● AD9430DN-12: 15400
mW to 65000 mW
● The maximum output
power of an
AP4050DN-E is
variable, as follows:
– In 802.3at power
supply mode, the
output power is
less than 7 W
when no expansion
card or USB flash
drive is inserted.
– In 802.3at power
supply mode, the
output power is
less than 5.5 W
when one
expansion card and
no USB flash drive
is inserted.
– In 802.3at power
supply mode, PoE
out is prohibited
when two or more
expansion cards or
a USB flash drive is
inserted.
– In 802.3af power
supply mode, PoE
out is prohibited.

slot slot-id Specifies the slot ID. The value is 0.

Views
System view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 509

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios

By default, the system automatically obtains the maximum PoE power supported
by the device. You can run the poe max-power command to set the maximum
output power to ensure stable PoE power supply when the total power of the
device is insufficient.

Precautions

If the maximum output power that you set is smaller than the total power
required by PDs, PDs with lower priority are powered off or cannot be powered on
manually.

Example
# Set the maximum output power of the device to 45000 mW.
<HUAWEI> system-view
[HUAWEI] poe max-power 45000 slot 0

5.7.14 poe power-management

Function
The poe power-management command sets the power management mode of
the device.

The undo poe power-management command restores the default power

management mode of the device.

By default, the device uses the automatic power management mode.

Format
poe power-management { auto | manual } [ slot slot-id ]

undo poe power-management { auto | manual } [ slot slot-id ]

Parameters
Parameter Description Value

auto Specifies the power -

management mode to
automatic mode.

manual Specifies the power -

management mode to
manual mode.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 510

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameter Description Value

slot slot-id Specifies the slot ID of a The value is 0, indicating

board. the MPU of the device.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios

In automatic power management mode, the device first provides power for the
interfaces with higher priority and powers off the interfaces of lower priority when
the power is insufficient. When the power is sufficient, all interfaces connected to
PDs are powered on. To stop providing power for some interfaces, run the undo
poe enable command to disable the PoE function on the interfaces. If the PoE
function is enabled and disabled frequently, faults may occur on the interfaces. To
prevent the faults, you can set the power management mode to manual mode. In
manual mode, the power-on and power-off of an interface are controlled
manually and not affected by the interface power priority.

Precautions

● If all the interfaces are of the same priority, the power supply priority of the
interface with a smaller interface number is higher in automatic mode.
● You can view the power management mode by running the display poe
information command.

Example
# Set the power management mode of a device to automatic mode.
<HUAWEI> system-view
[HUAWEI] poe power-management auto

5.7.15 poe power-off time-range

Function
The poe power-off time-range command makes a configured PoE power-off
time range effective on an interface.

The undo poe power-off time-range command cancels the configuration.

By default, a device is not configured with PoE power-off time range.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 511

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Format
poe power-off time-range time-range-name
undo poe power-off time-range

Parameters
Parameter Description Value

time-range-name Specifies a name for a The value is a string of 1

PoE power-off time to 32 case-sensitive
range. characters and must
begin with a letter. In
addition, the word all
cannot be specified as a
time range name.

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The poe power-off time-range command makes a PoE power-off time range set
in the system view effective on an interface. If the current time is within the
specified time range, the PD connected to the interface cannot be powered on.
The undo poe power-off time-range command cancels the configuration. The
time range does not take effect on the PD connected to the interface; however,
the configuration of the time range is still saved.

NOTE

The poe power-off time-range command is only applied to automatic power management
mode.

Pre-configuration Tasks
Before running the poe power-off time-range command, you must ensure a PoE
power-off time range has been configured through running the time-range
command in the system view.

Example
# Configure a PoE power-off time range from 10:00 to 11:00 for PDs connected to
GigabitEthernet0/0/1.
<HUAWEI> system-view
[HUAWEI] time-range PoE 10:00 to 11:00 daily

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 512

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

[HUAWEI] interface gigabitethernet 0/0/1

[HUAWEI-GigabitEthernet0/0/1] poe power-off time-range PoE

5.7.16 poe power-reserved

Function
The poe power-reserved command sets the percentage of the reserved PoE
power against the total PoE power.
The undo poe power-reserved command restores the default percentage of the
reserved PoE power against the total PoE power.
By default, 20% of the total power is reserved.

Format
poe power-reserved power-reserved [ slot slot-id ]
undo poe power-reserved [ power-reserved slot slot-id | slot slot-id ]

Parameters
Parameter Description Value

power-reserved Specifies the percentage The value is an integer

of the reserved PoE that ranges from 0 to
power against the total 100, in percentage.
PoE power. The default value is 20.

slot slot-id Specifies the slot ID of The value is 0, indicating

the card. the MPU of the device.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios
The device can dynamically allocate power to each interface according to the
power consumption of each interface. The power consumption of a PD keeps
changing when the PD is running. The system periodically calculates the total
power consumption of all the PDs. If the total power consumption exceeds the
upper threshold of the device, the system cuts off the power of the PDs on the
interfaces of low priority to ensure that other PDs can run normally.
Sometimes, however, the power consumption increases sharply and the available
power of the system cannot support the burst increase of power. At this time, the

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 513

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

system has not calculated and found that the total power consumption exceeded
the upper threshold; therefore, the system does not cut off power low-priority
interfaces in time. As a result, the PoE power supply is shut down for overload
protection, and all PDs are powered off.
This problem can be solved by running the poe power-reserved command to set
proper reserved power. When there is a burst increase in power consumption, the
reserved power can support the system running. Then the system has time to
power off interfaces of low priority to ensure stable running of other PDs.
Precautions
● The reserved power should not be set greater than 20%. If the reserved PoE
power is greater than 20% of the total PoE power, the power capacity of the
device is affected.
● To set the maximum output power of a device, run the poe max-power
command. In this case, the device calculates the reserved power based on the
set maximum output power. If the maximum output power is not set, the
available PoE power is the power provided by the PoE power module.

Example
# Set the percentage of reserved PoE power to the total PoE power to 30%.
<HUAWEI> system-view
[HUAWEI] poe power-reserved 30
Warning: This operation may power off some PDs of slot 0.Continue?[Y/N]:y

5.7.17 poe power-threshold

Function
The poe power-threshold command sets the alarm threshold of the PoE power
consumption percentage.
The undo poe power-threshold command restores the default alarm threshold of
the PoE power consumption percentage.
The default alarm threshold of the PoE power consumption percentage is 100%
for the AD9431DN-24X and 90% for other APs.

Format
poe power-threshold threshold-value [ slot slot-id ]
undo poe power-threshold [ threshold-value slot slot-id | slot slot-id ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 514

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

Parameters
Parameter Description Value

threshold-value Specifies the alarm The value is an integer

threshold of the PoE that ranges from 0 to
power consumption 100, in percentage.
percentage. When the
power consumption
reaches this value, a PoE
power alarm is
generated.

slot slot-id Specifies the slot ID of The value is 0, indicating

the card. the MPU of the device.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
You can run this command to set the alarm threshold of the PoE power
consumption percentage. If the total PoE power is 369.6 W and the alarm
threshold is 90%, an alarm is generated when the power consumption is greater
than 332.64 W. When the power consumption falls below 332.64 W, the alarm is
cleared.

Example
# Set the alarm threshold of the PoE power consumption percentage to 80%.
<HUAWEI> system-view
[HUAWEI] poe power-threshold 80

5.7.18 poe priority

Function
The poe priority command sets the power priority of a PoE interface.
The undo poe priority command restores the default power priority of a PoE
interface.
By default, the power supply priority of an interface is low.

Format
poe priority { critical | high | low }

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 515

Fat AP and Cloud AP
Command Reference 5 Device Management Commands

undo poe priority

Parameters
Parameter Description Value

critical Indicates the highest -

priority.

high Indicates the second -

highest priority.

low Indicates the lowest -

priority.

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
When the output power of a device is insufficient, the device in automatic power
management mode provides power for the interfaces of the higher power supply
priorities first and cuts off power of the interfaces of the lower power supply
priorities. If all the interfaces are of the same priority, the power supply priority of
the interface with a smaller interface number is higher.

Example
# Set the power supply priority of GigabitEthernet0/0/1 to critical.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] poe priority critical

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 516

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6 Interface Management Commands

About This Chapter

6.1 Basic Interface Configuration Commands

6.2 Ethernet Interface Configuration Commands
6.3 Logical Interface Configuration Commands

6.1 Basic Interface Configuration Commands

6.1.1 bandwidth (interface view)

Function
The bandwidth command specifies the interface bandwidth acquired by the NMS
from the MIB.
The undo bandwidth command cancels the configured interface bandwidth
acquired by the NMS from the MIB.
By default, no interface bandwidth acquired by the NMS from the MIB is set.

Format
bandwidth bandwidth [ kbps ]
undo bandwidth

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 517

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
Parameter Description Value

bandwidth Specifies the bandwidth of an interface. The value is an integer

ranging from 1 to
1000000, in Mbit/s.

kbps Indicates that the unit of the interface -

bandwidth is kbit/s.
If this parameter is not specified, the
interface bandwidth is expressed in Mbit/s.

Views
Interface view

Default Level
2: Configuration level

Usage Guidelines
The bandwidth command mainly ensures that the network management station
(NMS) can acquire the bandwidth of an interface. The NMS can check the
interface bandwidth through the two objects ifSpeed and ifHighSpeed in IF-MIB.
● If the configured bandwidth is smaller than 4000 Mbit/s, ifSpeed and
ifHighSpeed are respectively displayed as bandwidth x 1000 x 1000 and
bandwidth.
● If the configured bandwidth is equal to or larger than 4000 Mbit/s, ifSpeed
and ifHighSpeed are respectively displayed as 4294967295 (0XFFFFFFFF) and
bandwidth.

Example
# Set the bandwidth of GE0/0/1 to 10000 Mbit/s.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] bandwidth 10000

6.1.2 description (interface view)

Function
The description command configures the description for an interface.

The undo description command restores the default description of an interface.

By default, the description of an interface is "HUAWEI, AP Series, interface-type

interface-number Interface".

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 518

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Format
description description
undo description

Parameters
Parameter Description Value

description Specifies the interface The value is a string of 1

description. to 242 characters. The
character string is case
sensitive. It can contain
blanks but cannot
contain the question
mark (?).

Views
Interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To facilitate device management and maintenance, you can configure descriptions
for interfaces. An interface description can contain the device where the interface
is located, interface type, and remote device. For example: To-[DeviceB]GE-0/0/1
indicates that an interface of this device is connected to GE0/0/1 of device B.
Precautions
The interface description is displayed from the first non-space character.

Example
# Configure the description of GE0/0/1 as To-[DeviceB]GE-0/0/1, indicating that
this device is connected to device B through GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] description To-[DeviceB]GE-0/0/1

6.1.3 display default-parameter interface

Function
The display default-parameter interface command displays the default interface
configuration, including the interface status, MTU, interval for collecting traffic

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 519

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

statistics, alarm threshold, interface description, whether the alarm function is

enabled to send an alarm to the NMS when the interface status changes.

Format
display default-parameter interface interface-type interface-number

Parameters
Parameter Description Value

interface-type interface- Displays the default configuration of a -

number specified interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Default configurations are not saved in the configuration file. To check the default
configuration of an interface, run the display default-parameter interface
command on the interface.
The displayed information varies according to interfaces.

Example
# Display the default configuration of GE0/0/1.
<HUAWEI> display default-parameter interface gigabitethernet 0/0/1
Interface state: undo shutdown
Flow-stat interval: 300s
Trap-threshold: input-rate 100, output-rate 100
Snmp trap updown: enable
Description: HUAWEI, AP Series, GigabitEthernet0/0/1 Interface

# Display the default configuration of the interface VLANIF 2.

<HUAWEI> display default-parameter interface vlanif 2
Interface state: undo shutdown
MTU: 1500
Flow-stat interval: 300s
Description: HUAWEI, AP Series, Vlanif2 Interface

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 520

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Table 6-1 Description of the display default-parameter interface command

output
Item Description

Interface state Default status of an interface:

● shutdown: The default status of a physical interface
is shutdown.
● undo shutdown: The default status of a logical
interface is undo shutdown.
To change the interface status, run the shutdown
command or the undo shutdown command in the
interface view.

MTU Default MTU value of the interface.

Flow-stat interval Interval for collecting traffic statistics on the interface.

To set the interval for collecting traffic statistics on an
interface, run the set flow-stat interval (interface
view) command in the interface view.

Trap-threshold Alarm threshold for outbound and inbound bandwidth

usage on the interface.
To set the alarm threshold for outbound and inbound
bandwidth usage on an interface, run the trap-
threshold command in the interface view.

Snmp trap updown Whether an alarm is sent to the NMS when the
interface status changes:
● disable: No alarm is sent to the NMS when the
interface status changes.
● enable: An alarm is sent to the NMS when the
interface status changes.
To configure an interface to send an alarm to the NMS
when the interface status changes, run the enable
snmp trap updown command in the interface view.

Description Interface description.

To configure the description for an interface, run the
description (interface view) command in the
interface view.

6.1.4 display interface

Function
The display interface command displays interface running status and statistics.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 521

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Format
display interface [ interface-type [ interface-number | main ] | main ]

Parameters
Parameter Description Value

interface-type Displays the running -

[ interface-number ] status of an interface.
● interface-type
specifies the interface
type.
● interface-number
specifies the interface
number.
If the interface type is
specified but no interface
number is specified,
running status of all the
interfaces of this type is
displayed.

main Displays running status -

and traffic statistics
about an interface.
● If an interface has no
sub-interfaces, status
and traffic statistics
about the interface
are displayed whether
you specify the main
parameter or not.
● If an interface has
sub-interfaces, status
and traffic statistics
about the interface
and sub-interfaces are
displayed if you do
not specify the main
parameter.

Views
All views

Default Level
1: Monitoring level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 522

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Usage Guidelines
Usage Scenario
The running status and statistics of an interface includes the physical status, basic
configuration, and packet forwarding of the interface. You can use the display
interface command to collect traffic statistics or locate faults on an interface.
Precautions
If no interface type is specified, the running status and statistics of all the
interfaces is displayed. If the interface type is specified but no interface number is
specified, running status of all the interfaces of this type is displayed.

Example
# Display the running status, basic configuration, and packet forwarding on Layer
2 Ethernet interface GigabitEthernet0/0/1.
<HUAWEI> display interface gigabitethernet 0/0/1
GigabitEthernet0/0/1 current state : UP
Line protocol current state : UP
Description:HUAWEI, AP Series, GigabitEthernet0/0/1 Interface
Switch Port, PVID : 1, TPID : 8100(Hex), The Maximum Frame Length is 9216
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is dcd2-fc21-5d40
Last physical up time : 2013-03-20 19:05:41 UTC-05:13
Last physical down time : 2013-03-20 19:03:54 UTC-05:13
Current system time: 2013-03-22 12:34:24-05:13
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: DISABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec,Record time: -
Output peak rate 0 bits/sec,Record time: -

Input: 0 packets, 0 bytes

Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0

CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Alignments: 0
Symbols: 0, Ignoreds: 0
Frames: 0

Output: 0 packets, 0 bytes

Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0

Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0

Input bandwidth utilization threshold : 100.00%

Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 523

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Table 6-2 Description of the display interface command output

Item Description

current state Current interface status:

● DOWN: indicates that the interface is disabled.
● UP: indicates that the interface is enabled.

Line protocol current Link layer protocol status of the interface:

state ● DOWN: indicates that the link layer protocol of the
interface fails or no IP address is assigned to the
interface.
● UP: indicates that the link layer protocol of the
interface is running properly.

Description Interface description. To configure the description for an

interface, run the description command.

Switch Port, PVID Default VLAN ID of the interface.

TPID Indicates the type of frames that are supported on the

interface.
By default, TPID is displayed as 0x8100, indicating an
802.1Q frame.
This field is displayed only when the interface is a Layer
2 interface.

The Maximum Frame Maximum frame length allowed by the interface. The
Length value varies according to the device model.

IP Sending Frames' Format of the frame contained in the sent IP packet,

Format which can be PKTFMT_ETHNT_2, Ethernet_802.3, or
Ethernet_SNAP.

Hardware address MAC address of the device.

Last physical up time Last time the interface went Up physically. If this field
displays "-", the physical status of the interface does not
change.

Last physical down Last time the interface went Down physically. If this
time field displays "-", the physical status of the interface
does not change.

Current system time Current system time.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 524

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Port Mode Working mode of the interface:

● COMMON COPPER: The interface works as an
electrical interface.
● COMMON FIBER: The interface works as an optical
interface.
If the interface is a combo interface:
● COMBO AUTO: The combo interface automatically
selects the working mode.
● FORCE FIBER: The combo interface is configured as
an optical interface.
● FORCE COPPER: The combo interface is configured as
an electrical interface.

Speed Current rate of the interface.

Loopback Loopback configuration of the interface. To configure

this parameter, run the loopback command.

Duplex Duplex mode of the interface.

Negotiation Auto-negotiation mode of the interface.

Mdi Network cable type of the interface.

Last 300 seconds Incoming packet rate (bits per second and packets per
input rate second) within the last 300 seconds.

Last 300 seconds Outgoing packet rate (bits per second and packets per
output rate second) within the last 300 seconds.

Input peak rate Maximum incoming packet rate.

Output peak rate Maximum outgoing packet rate.

Input Total number of received packets.

Output Total number of sent packets.

Unicast Number of unicast packets received or sent by the

interface.

Multicast Number of multicast packets received or sent by the

interface.

Broadcast Number of broadcast packets received or sent by the

interface.

Jumbo Number of jumbo frames received or sent by the

interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 525

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Discard Number of packets discarded by the interface during

physical layer detection. These packets are discarded
because the interface is congested.
Layer 2 Ethernet interfaces of the device do not support
this statistical item.

Total Error Number of error packets found during physical layer

detection.

CRC Number of CRC error packets received by the interface.

Giants Number of jumbo frames with correct Frame Check

Sequence (FCS) received by the interface.

Jabbers Number of jumbo frames with incorrect FCS received by

the interface, including alignment errors (the number of
bytes that a packet contains is not an integer).

Throttles Number of undersized frames with incorrect FCS

received by the interface. Undersized frames are the
frames that are shorter than 64 bytes and have the
correct format and valid CRC field.

Runts Number of undersized frames with correct FCS received

by the interface. Undersized frames are the frames that
are shorter than 64 bytes and have the correct format
and valid CRC field.

Alignments Number of received frames with alignment errors.

Symbols Number of received frames with coding errors.

Ignoreds Number of received MAC control frames with OpCode

not being PAUSE.

Frames Number of packets with incorrect 802.3 length.

Collisions Number of collision frames. A collision frame is a packet

that is not sent due to a detected collision.

ExcessiveCollisions Number of excessive frames that are not sent after 16

consecutive collisions occur. These frames are not sent
due to excessive collisions.

Late Collisions Number of frames that experience conflict events and

are delayed. The first 512 bits of these frames have
been sent but these frames are delay because conflicts
are detected.

Deferreds Number of deferred packets. A deferred packet refers to

a packet that is delayed due to a detected collision.

Input bandwidth Threshold for inbound bandwidth usage.

utilization threshold

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 526

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Output bandwidth Threshold for outbound bandwidth usage.

utilization threshold

Input bandwidth Inbound bandwidth usage.

utilization

Output bandwidth Outbound bandwidth usage.

utilization

6.1.5 display interface brief

Function
The display interface brief command displays brief information about the status
and configuration of interfaces.

Format
display interface brief [ main ]

Parameters
Parameter Description Value

main Displays brief -

information about an
Ethernet main interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
The display interface brief command displays brief information about interfaces,
including the physical status, link layer protocol status, inbound and outbound
bandwidth usage within a certain period, and numbers of sent and received error
packets. This information helps locate faults on interfaces.
Precautions
To clear statistics on an interface, run the reset counters interface command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 527

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Example
# Display brief information about the status and configuration of interfaces.
<HUAWEI> display interface brief
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(e): ETHOAM down
(d): Dampening Suppressed
InUti/OutUti: input utility/output utility
Interface PHY Protocol InUti OutUti inErrors outErrors
GigabitEthernet0/0/1 up up 0.01% 0.01% 0 0
LoopBack0 up up(s) 0% 0% 0 0
LoopBack1 up up(s) 0% 0% 0 0
NULL0 up up(s) 0% 0% 0 0
Vlanif1 up down -- -- 0 0
Vlanif100 down down -- -- 0 0
Vlanif2001 up up -- -- 0 0
Wlan-Bss0 up up -- -- 0 0
Wlan-Radio0/0/0 up up -- -- 0 0
Wlan-Radio0/0/1 up up -- -- 0 0

Table 6-3 Description of the display interface brief command output

Item Description

Interface Type and number of an interface.

PHY Physical status of an interface:

● up: indicates that the interface is working properly.
● down: indicates that the physical layer of the interface
fails.
● *down: Administratively Down, indicating that the
administrator has run the shutdown command on the
interface.
● (l): indicates that the loopback function is enabled on
the interface.

Protocol Link layer protocol status of the interface:

● up: indicates that the interface is working properly.
● down: indicates that the link layer protocol of the
interface fails.
● (l): indicates that the loopback function is enabled on
the interface.
● (s): indicates that the spoofing function is enabled on
the interface.
● (e): indicates that the link layer of the interface is in
EFM Down state.
● (d): indicates that the protocol module of the interface
is suppressed.
● --: indicates that the link layer protocol status is not
obtained.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 528

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

InUti Instantaneous bandwidth usage in the inbound direction

of an interface.
When the average bandwidth usage is smaller than
0.01% and greater than 0, the value 0.01% is displayed.
When the interface bandwidth becomes lower, the
bandwidth usage may be displayed as 100% because the
traffic volume is not adjusted in time. "--" indicates that
an interface does not support the display of bandwidth
usage.

OutUti Instantaneous bandwidth usage in the outbound direction

inErrors Number of error packets received by an interface. The

value becomes 0 when you run the reset counters
interface command in the user view or when the number
of received packets reaches the maximum value
0xFFFFFFFF.

outErrors Number of error packets sent by an interface. The value

becomes 0 when you run the reset counters interface
command in the user view or when the number of sent
packets reaches the maximum value 0xFFFFFFFF.

6.1.6 display interface description

Function
The display interface description command displays the description of an
interface.

Format
display interface description [ interface-type [ interface-number ] ]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 529

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
Parameter Description Value

interface-type Displays the description -

[ interface-number ] of a specified interface.
If an interface type is
specified but no interface
number is specified, the
description of all
interfaces of the
specified type is
displayed.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The display interface command can also display the description of an interface.
To quickly view the description of an interface, you are advised to use the display
interface description command.

If no interface type is specified, the description of all interfaces is displayed. If an

interface type is specified but no interface number is specified, the description of
all interfaces of the specified type is displayed.

Example
# Display the description of GE0/0/1.
<HUAWEI> display interface description gigabitethernet 0/0/1
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(e): ETHOAM down
(d): Dampening Suppressed
Interface PHY Protocol Description
GE0/0/1 down down HUAWEI, AP Series, GigabitEthernet0/0/1 Interface

Table 6-4 Description of the display interface description command output

Item Description

Interface Type and number of an interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 530

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

PHY Physical status of an interface:

Protocol Link layer protocol status of the interface:

Description Interface description.

6.1.7 display interface counters

Function
The display interface counters command displays packet statistics on physical
interfaces.

Format
display interface [ interface-type ] counters { inbound | outbound }

Parameters
Parameter Description Value

interface-type Displays statistics about -

packets sent and
received by an interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 531

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameter Description Value

inbound Displays statistics about -

packets received by an
interface.

outbound Displays statistics about -

packets sent by an
interface.

Views
All views

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The display interface counters command can be used when you need to:

● Check whether an interface is sending and receiving packets normally during

interface fault diagnosis.
● Collect traffic statistics on an interface.
● Check whether an interface can send and receive multicast packets after the
multicast function is configured.

If no interface type is specified, the statistics of packets sent and received by all
interfaces are displayed. If an interface type is specified, the statistics about
packets sent and received by all interfaces of this type are displayed.

Follow-up Procedure

If you want to collect new traffic statistics, run the reset counters interface
command to clear the current statistics.

Example
# Display statistics about packets received by an interface.
<HUAWEI> display interface gigabitethernet counters inbound
Interface Total UniCast MultiCast BroadCast Err
(pkts) (pkts) (pkts) (pkts) (pkts)
GE0/0/1 375795 37306 14122 324367 0

NOTICE
OverFlow :more than 14 decimal digits (8 digits for column "Err").
-- :not supported.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 532

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Table 6-5 Description of the display interface counters command output

Item Description

Interface Type and number of an interface.

Total Total number of packets sent and received by an

interface.

UniCast Number of unicast packets sent or received by an

interface.

MultiCast Number of multicast packets sent or received by an

interface.

BroadCast Number of broadcast packets sent or received by an

interface.

Err Number of error packets sent or received by an

interface.

OverFlow :more than The character OverFlow is displayed when the statistics
14 decimal digits (8 value for each type exceeds the maximum value that
digits for column can be displayed.
"Err"). ● For Err frames, OverFlow is displayed when the value
exceeds 8 decimal numbers.
● For other data, OverFlow is displayed when the value
exceeds 14 decimal numbers.

-- :not supported. The device does not support statistics collection for the
specific type.

6.1.8 display ip interface

Function
The display ip interface command displays the IP configuration and statistics on
interfaces. The statistics include the number of packets and bytes received and
sent by interfaces, number of multicast packets sent and received by interfaces,
and number of broadcast packets received, sent, forwarded, and discarded by
interfaces.

The display ip interface brief command displays brief information about

interface IP addresses, including the IP address, subnet mask, physical status, link-
layer protocol status, and number of interfaces in different states.

Format
display ip interface [ interface-type interface-number ]

display ip interface brief [ interface-type [ interface-number ] ]

display ip interface brief [ interface-type ] &<1-8>

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 533

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
Parameter Description Value
interface-type Specifies the type and number of an interface. If no -
interface-number interface is specified, IP configuration and statistics
about all interfaces are displayed.

brief Displays brief information, including the IP address, -

subnet mask, physical status, link-layer protocol
status, and number of interfaces in different states.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display ip interface brief command to view the following
information:
● IP configurations of all interfaces
● IP configurations of interfaces of the specified type and a specified interface
● IP configurations of interfaces that have IP addresses
This command, however, cannot display the IP configurations of Layer 2 interfaces
or Eth-Trunk member interfaces.

NOTE

● You can run the display interface description command to view the interface
description.
● You can run the display interface command to view detailed information about the
running status and statistics on the interface.

Example
# Display IP information about VLANIF15.
<HUAWEI> display ip interface vlanif 15
Vlanif15 current state : UP
Line protocol current state : UP
The Maximum Transmit Unit : 1500 bytes
input packets : 766390, bytes : 41540847, multicasts : 681817
output packets : 242239, bytes : 14679482, multicasts : 172333
Directed-broadcast packets:
received packets: 0, sent packets: 0
forwarded packets: 0, dropped packets: 0
Internet Address is 10.1.1.119/24
Broadcast address : 10.1.1.255
TTL being 1 packet number: 164035
TTL invalid packet number: 0
ICMP packet input number: 0
Echo reply: 0

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 534

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Unreachable: 0
Source quench: 0
Routing redirect: 0
Echo request: 0
Router advert: 0
Router solicit: 0
Time exceed: 0
IP header bad: 0
Timestamp request: 0
Timestamp reply: 0
Information request: 0
Information reply: 0
Netmask request: 0
Netmask reply: 0
Unknown type: 0

Table 6-6 Description of the display ip interface command output

Item Description

current state : Physical status of the interface:

● UP: indicates that the interface is physically
Up.
● DOWN: indicates that the interface is
physically Down.
● Administratively down: indicates that the
administrator has run the shutdown
command on the interface.

Line protocol current state : Link layer protocol status of the interface:
● UP: The link layer protocol of the interface
is running properly.
● DOWN: The link layer protocol of the
interface is Down or no IP address is
configured on the interface.

The Maximum Transmit Unit : MTU of the interface. The default MTU of an
Ethernet interface or a serial interface is 1500
bytes. Packets longer than the MTU are
fragmented before being transmitted. If
fragmentation is not allowed, the packets are
discarded.

input packets : 766390, bytes : Total number of packets, bytes, and multicast
41540847, multicasts : 681817 packets received by the interface.

output packets : 242239, Total number of packets, bytes, and multicast

bytes : 14679482, multicasts : packets sent by the interface.
172333

Directed-broadcast packets: Number of packets broadcast on the interface

directly.

received packets: Total number of received packets.

sent packets: Total number of sent packets.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 535

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

forwarded packets: Total number of forwarded packets.

dropped packets: Total number of discarded packets.

Internet Address is IP address assigned to the interface and mask

length.

Broadcast address : Broadcast address of the interface.

TTL being 1 packet number: Number of packets with TTL 1.

TTL invalid packet number: Number of packets with invalid TTL.

ICMP packet input number: Number of received ICMP packets.

Echo reply: Number of Echo Reply packets.

Unreachable: Number of Destination Unreachable packets.

Source quench: Number of Source Quench packets.

Routing redirect: Number of Redirect packets.

Echo request: Number of Echo Request packets.

Router advert: Number of Router Advertisement packets.

Router solicit: Number of Router Solicitation packets.

Time exceed: Number of Time Exceeded packets.

IP header bad: Number of IP header error packets.

Timestamp request: Number of Timestamp Request packets.

Timestamp reply: Number of Timestamp Reply packets.

Information request: Number of Information Request packets.

Information reply: Number of Information Reply packets.

Netmask request: Number of Address Mask Request packets.

Netmask reply: Number of Address Mask Reply packets.

Unknown type: Number of unknown packets.

6.1.9 display ip interface description

Function
The display ip interface description command displays IP-related information
(such as the IP address, subnet mask, physical layer status, link layer protocol
status, and number of interfaces in different states) and description of an
interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 536

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Format
display ip interface description [ interface-type [ interface-number ] | interface-
type &<1-8> ]

Parameters
Parameter Description Value

interface-type Indicates the interface type. If no interface type is -

specified, IP-related configurations and statistics of all
interfaces are displayed.

interface- Indicates the interface number, which is used together -

number with interface-type to identify an interface. If no
interface number is specified, IP-related configurations
and statistics of interfaces in the same type are
displayed.

interface-type Indicates that the command can display IP-related -

information about interfaces of multiple types. The
command can display IP-related information about
interfaces in a maximum of eight types.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
Instead of running the display ip interface brief and display interface
description commands, you can run the display ip interface description
command to view both IP-related information and description of an interface,
which facilitates the user operation.

Example
# View IP-related information and description of a specified interface.
<HUAWEI> display ip interface description
Codes:
Ana(Analogmodem), Asy(Async), Cell(Cellular),
Dia(Dialer), Eth(Ethernet) GE(GigabitEthernet),
H(Hssi), Ima(Ima-group), Loop(LoopBack),
MTun(MTunnel), S(Serial), Tun(Tunnel),
VE(Virtual-Ethernet), VT(Virtual-Template)

d(dampened), D(down), *D(administratively down),

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 537

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

^D(standby), l(loopback), s(spoofing),

U(up), E(E-Trunk down)
------------------------------------------------------------------------------
Number of interfaces whose physical status is Up: 3
Number of interfaces whose physical status is Down: 1
Number of interfaces whose protocol status is Up: 2
Number of interfaces whose protocol status is Down: 2

Interface IP Address/Mask Phy Prot Description

NULL0 unassigned U U(s)
Vlanif1 unassigned U D
Vlanif102 unassigned D D
Vlanif400 192.168.40.1/24 U U

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 538

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Table 6-7 Description of the display ip interface description command output

Item Description

Codes: The following information provides the full

spelling and explanation of the abbreviated
interface names, physical status, and link
layer protocols.
● Full spelling of the abbreviated interface
names is as follows:
– Ana: Analogmodem interfaces
– Asy: Async interfaces
– Cell: Cellular interfaces
– Dia: Dialer interfaces
– Eth: Ethernet interfaces
– GE: GigabitEthernet interfaces
– H: HSSI interfaces
– Ima: IMA-Group interfaces
– Loop: Loopback interfaces
– MTun: MTunnel interfaces
– S: Serial interfaces
– Tun: Tunnel interfaces
– VE: Virtual-Ethernet interfaces
– VT: Virtual-Template interfaces
● Explanation of the abbreviated physical
status of the interface is as follows:
– U: indicates that the physical status of
the interface is Up. U(l) indicates that
the interface is enabled with the
loopback function.
– D: indicates that the physical status of
the interface is Down.
– *D: indicates that the network
administrator has run the shutdown
command on the interface.
– ^D: indicates that the FIB module is in
the standby state.
– s: indicates that the interface is in
spoofing status.
– E: indicates the physical status of the
Eth-Trunk.
● Explanation of the abbreviated link layer
protocol status is as follows:
– U: indicates that the status of the link
layer protocol on the interface is Up.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 539

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Number of interfaces whose Indicates the number of interfaces whose

physical status is Up: physical status is Up.

Number of interfaces whose Indicates the number of interfaces whose

physical status is Down: physical status is Down.

Number of interfaces whose Indicates the number of interfaces whose link

protocol status is Up: layer protocol is Up.

Number of interfaces whose Indicates the number of interfaces whose link

protocol status is Down: layer protocol is Down.

Interface Indicates the name and number of an

interface.

IP Address/Mask Indicates the IP address and subnet mask of

an interface.

Phy Indicates the physical status of an interface.

Prot Indicates the link layer protocol status of an

interface.

Description Indicates the description of an interface,

expressed in characters. A maximum of 20
characters can be displayed. When the length
of the description is greater than 20
characters, only the first 17 characters are
displayed and the last 3 characters are
replaced by ellipsis (...). If the description of
an interface is the default setting, no
information is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 540

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.1.10 display this interface

Function
The display this interface command displays interface information in the current
interface view.

Format
display this interface

Parameters
None

Views
Interface view

Default Level
1: Monitoring level

Usage Guidelines
In the interface view, you can run the display this interface command to rapidly
view the status of the interface and packet statistics on the interface.
Although the default level of the display this interface command is monitoring
level, this command must be run in the interface view. Therefore, to run this
command, you need to be of the configuration level or higher.

Example
# Display information about GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] display this interface
GigabitEthernet0/0/1 current state : UP
Line protocol current state : DOWN
Description:HUAWEI, AP Series, GigabitEthernet0/0/1 Interface
Switch Port, PVID : 1, TPID : 8100(Hex), The Maximum Frame Length is 9216
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is dcd2-fcf9-b5ca
Last physical up time : -
Last physical down time : 2011-12-12 03:36:09 UTC+08:00
Current system time: 2011-12-12 10:51:31+08:00
Port Mode: COMMON COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec,Record time: -
Output peak rate 0 bits/sec,Record time: -

Input: 0 packets, 0 bytes

Unicast: 0, Multicast: 0

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 541

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0

CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Alignments: 0
Symbols: 0, Ignoreds: 0
Frames: 0

Output: 0 packets, 0 bytes

Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0

Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0

Input bandwidth utilization threshold : 100.00%

Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%

Table 6-8 Description of the display this interface command output

Item Description

current state Current interface status:

● DOWN: indicates that the interface is disabled.
● UP: indicates that the interface is enabled.

Line protocol current Link layer protocol status of the interface:

Description Interface description.

PVID Default VLAN ID of the interface.

TPID Type of frames that are supported on the interface.

By default, this field displays 0x8100, indicating an
802.1Q frame. If the device does not support 802.1Q
frames, the interface discards the 802.1Q frames
immediately after receiving them.
This field is displayed only for a Layer 2 interface.

The Maximum Frame Maximum frame length allowed by the interface.

Length

IP Sending Frames' Format of the frame contained in the sent IP packet,

Format which can be PKTFMT_ETHNT_2, Ethernet_802.3, or
Ethernet_SNAP.

Hardware address MAC address of the device.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 542

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Last physical up time Last time the interface went Up physically. If this field
displays "-", the physical status of the interface does not
change.

Last physical down Last time the interface went Down physically. If this
time field displays "-", the physical status of the interface
does not change.

Current system time Current system time.

If the time zone is configured and the daylight saving
time is used, the time is in YYYY/MM/DD HH:MM:SS
UTC±HH:MM DST format.

Port Mode Working mode of the interface:

● COMMON COPPER: The interface works as an
electrical interface.
● COMMON FIBER: The interface works as an optical
interface.

Speed Current rate of an interface.

Loopback Loopback configuration of the interface.

Duplex Duplex mode of the interface.

Negotiation Auto-negotiation mode of the interface.

Mdi Network cable type of the interface.

Last 300 seconds Incoming packet rate (bits per second and packets per
input rate second) within the last 300 seconds.

Last 300 seconds Outgoing packet rate (bits per second and packets per
output rate second) within the last 300 seconds.

Input peak rate 0 Maximum rate of incoming packets and time when the
bits/sec,Record time maximum rate is reached.

Output peak rate 0 Maximum rate of outgoing packets and time when the
bits/sec,Record time maximum rate is reached.

Input Total number of received packets.

Output Total number of sent packets.

Unicast Number of unicast packets received or sent by the

interface.

Multicast Number of multicast packets received or sent by the

interface.

Broadcast Number of broadcast packets received or sent by the

interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 543

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Jumbo Number of jumbo frames received or sent by the

interface.

Discard Number of packets discarded by the interface during

physical layer detection.

Total Error Number of error packets found during physical layer

detection.

CRC Number of CRC error packets received by the interface.

Giants Number of jumbo frames with correct FCS received by

the interface.

Jabbers Number of jumbo frames with incorrect FCS received by

the interface, including alignment errors (the number of
bytes that a packet contains is not an integer).

Throttles Number of undersized frames with incorrect FCS

received by the interface.

Runts Number of undersized frames with correct FCS received

by the interface.

Alignments Number of received frames with alignment errors.

Symbols Number of received frames with coding errors.

Ignoreds Number of received MAC control frames with OpCode

not being PAUSE.

Frames Number of packets with incorrect 802.3 length.

Collisions Number of sent packets with 1 to 15 conflict events.

ExcessiveCollisions Number of packets with 16 conflict events and failing to

be sent.

Late Collisions Number of packets with conflict and delayed.

Deferreds Number of delayed packets without conflict.

Input bandwidth Threshold for inbound bandwidth usage.

utilization threshold

Output bandwidth Threshold for outbound bandwidth usage.

utilization threshold

Input bandwidth Inbound bandwidth usage.

utilization

Output bandwidth Outbound bandwidth usage.

utilization

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 544

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.1.11 interface
Function
The interface command displays the interface view.

Format
interface interface-type interface-number
undo interface interface-type interface-number

Parameters
Parameter Description Value

interface-type Specifies the type and number of an interface. The -

interface-number interface type and number can be closely next to
each other or separated by a space character.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After the specified interface view is displayed, you can set attributes for the
interface.
Precautions
● The interface command can display only the view of an existing physical
interface and cannot create a physical interface.
● The interface command can create a logical interface and display the view of
the logical interface.
● After an RU goes online, the central AP generates a virtual Ethernet interface.
If you cannot enter the Ethernet interface view, run the wired-port-profile
(WLAN view) command to enter the AP wired port profile view to configure
the Ethernet interface.

Example
# Display the view of GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1]

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 545

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.1.12 reset counters if-mib interface

Function
The reset counters if-mib interface command clears interface traffic statistics in
the Network Management System (NMS).

Format
reset counters if-mib interface [ interface-type [ interface-number ] ]

Parameters
Parameter Description Value
interface-type Clears traffic statistics on a specified interface in the -
[ interface- NMS.
number ]
● interface-type specifies the interface type.
● interface-number specifies the interface number.
If an interface type is specified but no interface
number is specified, traffic statistics on all interfaces
of the specified type are cleared.

Views
User view

Default Level
3: Management level

Usage Guidelines
Usage Scenario

Before collecting traffic statistics on a specific interface within a period in the

NMS, clear existing traffic statistics on this interface in the NMS.

NOTE

For details on how to view interface traffic statistics in the NMS, see the NMS
documentation.

Precautions

● If no interface type and number are specified, traffic statistics of all interfaces
in the NMS are cleared.
● After you run the reset counters if-mib interface command, traffic statistics
on all interfaces in the NMS are cleared. Therefore, confirm the action before
you run this command.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 546

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

● Running the reset counters if-mib interface command does not affect the
interface traffic statistics displayed by the display interface command. To
clear the interface traffic statistics displayed by the display interface
command, run the reset counters interface command.

Example
# Clear traffic statistics on GE0/0/1 in the NMS.
<HUAWEI> reset counters if-mib interface gigabitethernet 0/0/1

6.1.13 reset counters interface

Function
The reset counters interface command clears traffic statistics about a specified
interface.

Format
reset counters interface [ interface-type [ interface-number ] ]

Parameters
Parameter Description Value

interface-type Clears traffic statistics on -

[ interface-number ] a specified interface.
● interface-type
specifies the interface
type.
● interface-number
specifies the interface
number.
If an interface type is
specified but no interface
number is specified,
traffic statistics on all
interfaces of the
specified type are
cleared.

Views
User view

Default Level
3: Management level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 547

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Usage Guidelines
Usage Scenario
Before collecting traffic statistics on an interface within a certain period, run the
reset counters interface command to clear existing traffic statistics.
Precautions
● Statistics cannot be restored after being cleared. Therefore, exercise caution
before clearing the statistics.
● Traffic accounting is based on the packet statistics on an interface. The
clearing of the packet statistics on an interface by using the reset counters
interface command affects the traffic accounting result. Therefore, do not
randomly clear the packet statistics on an interface in a normal application
environment.
● If no interface type is specified, traffic statistics on all types of interfaces are
cleared. If an interface type is specified but no interface number is specified,
traffic statistics on all interfaces of the specified type are cleared.
● Running the reset counters interface command clears the last part of the
display interface command output. That is, statistics about received and
transmitted packets on the interface are cleared.

Example
# Clear traffic statistics on all interfaces.
<HUAWEI> reset counters interface

# Clear traffic statistics on VLANIF10.

<HUAWEI> reset counters interface vlanif 10

6.1.14 restart (interface view)

Function
The restart command restarts an interface.

Format
restart

Parameters
None

Views
GE interface view, Ethernet interface view, VLANIF interface view, MultiGE
interface view, Eth-Trunk interface view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 548

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Usage Guidelines
Usage Scenario
After modifying parameters of an interface, run the restart command to make the
modification take effect.
Precautions
● Restarting an interface during data transmission will cause data frame loss or
service interruption. Exercise caution when you use the restart command.
● Running the restart command is equivalent to running the shutdown
command and the undo shutdown command in sequence.

Example
# Restart GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] restart

6.1.15 set flow-stat interval (interface view)

Function
The set flow-stat interval command sets the interval for collecting the traffic
statistics on interfaces.
The undo set flow-stat interval command restores the default interval for
collecting traffic statistics on interfaces.
By default, the interval for collecting traffic statistics on interfaces is 300 seconds.

Format
set flow-stat interval interval-time
undo set flow-stat interval

Parameters
Parameter Description Value

interval-time Specifies the interval for The value is an integer

collecting traffic statistics that ranges from 10 to
on interfaces. 600, in seconds. In
addition, the value must
be a multiple of 10. The
default value is 300s.

Views
Interface view

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 549

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
By using the set flow-stat interval command to set the interval for collecting
traffic statistics on interfaces, you can collect and analyze traffic statistics
according to your needs. You can also take traffic control measures based on the
traffic statistics to prevent network congestion and service interruption.
● When congestion occurs, set the interval for collecting traffic statistics on an
interface to less than 300 seconds, or 30 seconds if congestion worsens. Then
observe the traffic distribution on the interface within a short period of time.
If data packets cause congestion, take proper measures to control the rate of
the packets.
● When the network bandwidth is sufficient and services are running properly,
set the interval for collecting traffic statistics on an interface to more than
300 seconds. If the value of any traffic parameter is not within the specified
range, change the interval for collecting traffic statistics to observe the traffic
volume in real time.
Precautions
● The interval configured in the system view takes effect on all the interfaces
that use the default interval.
● The interval configured in the interface view takes effect only on the current
interface.
● The interval configured in the interface view takes precedence over the
interval configured in the system view.

Example
# Set the interval for collecting traffic statistics on GE0/0/1 to 400s.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] set flow-stat interval 400

6.1.16 shutdown (interface view)

Function
The shutdown command disables an interface.
The undo shutdown command enables an interface.
By default, interfaces are enabled.

Format
shutdown
undo shutdown

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 550

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
None

Views
GE interface view, Ethernet interface view, VLANIF interface view, MultiGE
interface view, Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After modifying parameters of an interface, run the shutdown and undo
shutdown commands to make the modification take effect.
When an interface is not connected to a cable or fiber, you can use the shutdown
command to disable the interface to prevent exceptions caused by interference.
Precautions
● Disabling an interface during data transmission will cause data frame loss or
service interruption. Exercise caution when you use the shutdown command.
● Some logical interfaces, such as loopback, and null interfaces, do not support
the shutdown and undo shutdown commands.
● If you run the shutdown command in the Eth-Trunk interface view, all Eth-
Trunk member interfaces are disabled.
● Running the shutdown and undo shutdown commands is equivalent to
running the restart command.
● To ensure that the cloud AP is managed by the SDN controller, you cannot
run the shutdown command on the cloud AP to disable the following
interfaces:
– Physical interface and VLANIF interface used to communicate with the
SDN controller
– VLANIF interface corresponding to the management VLAN

Example
# Shut down GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] shutdown

6.1.17 shutdown interval

Function
The shutdown interval command sets the minimum interval for re-enabling an
interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 551

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

The undo shutdown interval command restores the default minimum interval for
re-enabling an interface.

By default, the minimum interval for re-enabling an interface is 0 seconds.

Format
shutdown interval interval-value

undo shutdown interval

Parameters
Parameter Description Value

interval-value Specifies the minimum The value is an integer

interval for re-enabling that ranges from 5 to 15,
an interface. in seconds.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

In some cases, for example, when parameters of an interface are modified but the
modification does not take effect immediately, run the shutdown and undo
shutdown commands to re-enable the interface. Then the modification can take
effect. To shorten the waiting time, run the shutdown interval command to set
the minimum interval for re-enabling an interface.

Precautions

● The minimum interval configured using this command also applies to the
restart command.

Example
# Set the minimum interval for re-enabling an interface to 5 seconds.
<HUAWEI> system-view
[HUAWEI] shutdown interval 5

6.2 Ethernet Interface Configuration Commands

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 552

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.2.1 am isolate
Function
The am isolate command isolates the current interface from a specified interface
unidirectionally.
The undo am isolate command cancels unidirectional isolation between the
current interface and a specified interface. If no interface is specified,
unidirectional isolation between the current interface and all the other interfaces
is canceled.
By default, no unidirectional isolation is configured between the current interface
and a specified interface

NOTE

Only the AD9431DN-24X support this function.

Format
am isolate { interface-type interface-number }&<1-8>
undo am isolate [ interface-type interface-number ]&<1-8>

Parameters
Parameter Description Value

interface-type interface- Specifies the type and -

number number of the interface
from which the current
interface is isolated
unidirectionally.
● interface-type
specifies the type of
the interface.
● interface-number
specifies the number
of the interface.

Views
GE interface view, XGE interface view, port group view, Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 553

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

The am isolate command isolates interfaces unidirectionally. For example, if

interface A is isolated from interface B unidirectionally, packets sent from interface
A cannot reach interface B, but packets sent from interface B can reach interface
A. Unidirectional isolation needs to be configured in the following scenarios:

● When multiple hosts connect to different interfaces of a device and a host

sends many broadcast packets to the other hosts, isolate the interface
connected to the host from other interfaces unidirectionally. Then the other
hosts do not receive packets from the host.
● Interfaces in a port isolation group are isolated from each other, but
interfaces in different port isolation groups can communicate. To isolate
interfaces in different port isolation groups, configure unidirectional isolation
between these interfaces.

By default, only Layer 2 packets of the current interface are isolated from a
specified interface, but Layer 3 packets are not isolated. To isolate both Layer 2
and Layer 3 packets on interfaces unidirectionally, run the port-isolate mode all
command.

Precautions

An interface can be unidirectionally isolated from another type of interface.

However, an interface cannot be unidirectionally isolated from itself or from the
management interface. In addition, an Eth-Trunk cannot be unidirectionally
isolated from its member interfaces.

Example
# Isolate GE0/0/1 from GE0/0/2 unidirectionally.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] am isolate gigabitethernet 0/0/2

6.2.2 auto duplex

Function
The auto duplex command configures the duplex mode on an Ethernet electrical
interface in auto-negotiation mode.

The undo auto duplex command restores the default duplex mode on an
Ethernet electrical interface in auto-negotiation mode.

By default, the duplex mode on an Ethernet electrical interface is negotiated with

the peer interface.

Format
auto duplex { half | full } *

undo auto duplex

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 554

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
Parameter Description Value

half Sets the duplex mode on -

an Ethernet electrical
interface in auto-
negotiation mode to
half-duplex.

full Sets the duplex mode on -

an Ethernet electrical
interface in auto-
negotiation mode to full-
duplex.

Views
GE interface view, MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

In auto-negotiation mode, interfaces on both ends of a link negotiate their duplex

mode. If the negotiated duplex mode is not the required one, you can run the
auto duplex command to set the required duplex mode in auto-negotiation
mode. For example, two interfaces on both ends support full-duplex mode and
half-duplex mode. If the two interfaces negotiate to work in half-duplex mode,
but they are required to work in full-duplex mode, you can run the auto duplex
full command to set the full-duplex mode for the two interfaces.

Prerequisites

The Ethernet interface works in auto-negotiation mode.

Precautions

● For details about the duplex modes that various Ethernet interfaces support,
see see Overview of Ethernet Interfaces in the Configuration Guide-
Overview of Ethernet Interfaces.
● In auto-negotiation mode, a GE electrical interface that works at a rate of
1000 Mbit/s supports the full-duplex mode. If the duplex mode is changed to
half-duplex, the GE electrical interface works at a maximum rate of 100
Mbit/s.
NOTE

The interfaces on both ends of a link must have the same duplex mode.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 555

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Example
# Configure Ethernet electrical interface GE0/0/1 in auto-negotiation mode to
work in half-duplex mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] auto duplex half

6.2.3 auto speed

Function
The auto speed command configures the auto-negotiation rate of an Ethernet
electrical interface.
The undo auto speed command restores the default auto-negotiation rate of an
Ethernet electrical interface.
By default, Ethernet electrical interfaces on both ends can negotiate to any rate
they support.

Format
auto speed { 10 | 100 | 1000 | 2500 | 5000 } *

undo auto speed

Parameters
Parameter Description Value

10 Sets the auto- -

negotiation rate of an
Ethernet electrical
interface to 10 Mbit/s.

100 Sets the auto- -

negotiation rate of an
Ethernet electrical
interface to 100 Mbit/s.

1000 Sets the auto- -

negotiation rate of an
Ethernet electrical
interface to 1000 Mbit/s.

2500 Sets the auto- -

negotiation rate of an
Ethernet electrical
interface to 2500 Mbit/s.

5000 Sets the auto- -

negotiation rate of an
Ethernet electrical
interface to 5000 Mbit/s.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 556

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

NOTE

Only MultiGE interfaces support the parameters 2500/5000.

The auto-negotiation rate configured for an Ethernet interface cannot exceed the
interface's capability. For example, the auto-negotiation rate of a GE interface cannot be set
to 2500 Mbit/s.

Views
GE interface view, MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

In auto-negotiation mode, interfaces on both ends of a link negotiate their rate. If

the negotiated rate is not the required one, run the auto speed command to set
the auto-negotiation rate range to limit the negotiated rate. For example, if two
interfaces negotiate to work at a rate of 1000 Mbit/s, but they are required to
work at a rate of 100 Mbit/s, you can run the auto speed 100 command to set
the rate of the interfaces to 100 Mbit/s.

Prerequisites

The Ethernet interface works in auto-negotiation mode.

Example
# Configure Ethernet electrical interface GE0/0/1 to work at a rate of 100 Mbit/s
in auto-negotiation mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] auto speed 100

6.2.4 cable-snr-test

Function
The cable-snr-test command checks the network cable quality and displays the
check result.

NOTE

This function is supported only by MultiGE electrical interfaces on the AP6052DN, AP7050DN-E,
AP7052DN, AP7152DN, AP7052DE, AP8082DN, and AP8182DN.

Format
cable-snr-test

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 557

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
None

Views
MultiGE interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can check the quality of the network cable on a MultiGE electrical interface to
determine whether the network cable quality meets communication requirements.
Precautions
● This command checks real-time quality of the network cable on an interface,
and the network cable quality changes with the external environment.
● A MultiGE electrical interface supports the network cable quality check only
when it works at the rate of 2.5 Gbit/s or higher.
● An interface does not support the network cable quality check when it is
Down or in loopback detection mode.

Example
# Check the network cable quality on MultiGE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface MultiGE 0/0/1
[HUAWEI-MultiGE0/0/1] cable-snr-test
Info: The current network cable is of good quality.

6.2.5 display interface ethernet brief

Function
The display interface ethernet brief command displays brief information about
all Ethernet interfaces.

Format
display interface ethernet brief [ main ]

Parameters
Parameter Description Value

main Displays brief -

information about all
Ethernet main interfaces.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 558

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
You can use the display interface ethernet brief command to view brief
information about Ethernet interfaces, including the physical status, auto-
negotiation mode, duplex mode, bandwidth, and average inbound and outbound
bandwidth usages within the last period of time. This information helps you locate
and rectify faults.
Precautions
To clear statistics on an interface, run the reset counters interface command.

Example
# Display brief information about all Ethernet interfaces.
<HUAWEI> display interface ethernet brief
PHY: Physical
*down: administratively down
(l): loopback
InUti/OutUti: input utility/output utility
Interface PHY Auto-Neg Duplex Bandwidth InUti OutUti Trunk
GigabitEthernet0/0/1 up enable full 1000M 0.01% 0.01% --

Table 6-9 Description of the display interface ethernet brief command output
Item Description

Interface Type and number of an interface. All interfaces are displayed in

alphabetical order. Information about the following interfaces can
be displayed:
● GE interface

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 559

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

PHY Physical status of an interface:

● up: indicates that the interface works properly.
● down: indicates that the physical layer of the interface fails.
● *down: refers to Administratively Down, indicating that the
administrator has run the shutdown (interface view) command
on the interface.
● ^down: refers to standby, indicating that this interface is a
backup interface.
● (l): refers to loopback, indicating that the loopback function is
enabled on the interface.

Auto- Whether auto-negotiation is enabled on an interface:

Neg ● enable: indicates that auto-negotiation is enabled on the
interface.
● disable: indicates that auto-negotiation is disabled on the
interface.
To configure the auto-negotiation mode for an interface, run the
negotiation auto command.

Duplex Duplex mode of an interface:

● full: indicates the full-duplex mode.
● half: indicates the half-duplex mode.
● In auto-negotiation mode, use the auto duplex command to
configure the duplex mode of an interface.
● In non-auto negotiation mode, use the duplex command to
configure the duplex mode of an interface.

Bandwidt Bandwidth on the interface.

InUti Average inbound bandwidth usage within the last 5 minutes.

Average inbound bandwidth usage = Average inbound rate within
the last 5 minutes/Interface bandwidth
When the average bandwidth usage is smaller than 0.01% and
larger than 0, the value 0.01% is displayed. When the interface
bandwidth becomes smaller, for example, the bandwidth is changed
using the speed command, or when an Eth-Trunk member interface
becomes Down or is removed from the Eth-Trunk, the bandwidth
usage may be displayed as 100% because the communication traffic
is not adjusted in time.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 560

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

OutUti Average outbound bandwidth usage within the last 5 minutes.

Average outbound bandwidth usage = Average outbound rate
within the last 5 minutes/Interface bandwidth
When the average bandwidth usage is smaller than 0.01% and
larger than 0, the value 0.01% is displayed. When the interface
bandwidth becomes smaller, for example, the bandwidth is changed
using the speed command, or when an Eth-Trunk member interface
becomes Down or is removed from the Eth-Trunk, the bandwidth
usage may be displayed as 100% because the communication traffic
is not adjusted in time.

Trunk Number of the Eth-Trunk to which an interface is added.

6.2.6 display port-isolate group

Function
The display port-isolate group command displays the configuration of a port
isolation group.

NOTE

Only the AD9431DN-24X support this function.

Format
display port-isolate group { group-id | all }

Parameters
Parameter Description Value

group-id Displays the The value is an integer

configuration of a that ranges from 1 to 64.
specified port isolation
group.

all Displays the -

configurations of all port
isolation groups.

Views
All views

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 561

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Default Level
1: Monitoring level

Usage Guidelines
The port isolation feature isolates interfaces in a VLAN. By adding interfaces to a
port isolation group, you can implement Layer 2 isolation between these
interfaces. To view the configuration of the port isolation group, run the display
port-isolate group command.

Example
# Display the configurations of all port isolation groups.
<HUAWEI> display port-isolate group all
The ports in isolate group 3:
GigabitEthernet0/0/1
GigabitEthernet0/0/2
The ports in isolate group 4:
GigabitEthernet0/0/3
GigabitEthernet0/0/4

6.2.7 duplex

Function
The duplex command configures the duplex mode on an Ethernet electrical
interface in non-auto-negotiation mode.

The undo duplex command restores the default duplex mode on an Ethernet
electrical interface in no-auto-negotiation mode.

By default, an Ethernet electrical interface works in full-duplex mode when auto-

negotiation is disabled on the interface.

Format
duplex { full | half }

undo duplex

Parameters
Parameter Description Value

full Configures the Ethernet -

interface to work in full-
duplex mode when auto-
negotiation is disabled
on the interface.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 562

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameter Description Value

half Configures the Ethernet -

interface to work in half-
duplex mode when auto-
negotiation is disabled
on the interface.

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The duplex mode of an interface needs to be set in the following scenarios:
● To enable an interface to send and receive packets at the same time, set the
full-duplex mode on the interface.
● To disable an interface from sending and receiving packets at the same time,
set the half-duplex mode on the interface.
Prerequisites
The interface works in non-auto negotiation mode.
Precautions
● A GE electrical interface that works at 1000 Mbit/s supports only the full-
duplex mode. A GE electrical interface and its peer interface do not need to
negotiate the duplex mode.
NOTE

The interfaces on both ends of a link must have the same duplex mode.

Example
# Configure Ethernet electrical interface GE0/0/1 to work in half-duplex mode
when non-auto negotiation is disabled on the interface.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo negotiation auto
[HUAWEI-GigabitEthernet0/0/1] duplex half

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 563

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.2.8 log-threshold

Function
The log-threshold command sets the inbound and outbound bandwidth usage
thresholds for generating a log.

The undo log-threshold command restores the default inbound and outbound
bandwidth usage thresholds for generating a log.

The default inbound and outbound bandwidth usage thresholds for generating a
log is 100.

Format
log-threshold { input-rate | output-rate } bandwidth-in-use [ resume-rate
resume-threshold ]

undo log-threshold { input-rate | output-rate }

Parameters

Parameter Description Value

input-rate Specifies the inbound -

bandwidth.

output-rate Specifies the outbound -

bandwidth.

bandwidth-in-use Specifies the bandwidth The value is an integer that

usage threshold for ranges from 1 to 100.
generating a log, prompting
for a bandwidth increase
request.

resume-rate Specifies the bandwidth The value is an integer that

resume-threshold usage threshold for ranges from 1 to the value of
generating a log, indicating bandwidth-in-use. The
that bandwidth usage has default value is the value of
been restored. bandwidth-in-use.

Views
GE interface view, MultiGE interface view, XGE interface view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 564

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Usage Guidelines
Monitoring bandwidth usage helps you learn about current device load. If the
bandwidth usage exceeds a configured threshold, a log or an alarm is generated,
indicating that bandwidth resources become insufficient and need an increase. For
example, if bandwidth usage exceeds 95% of total bandwidth, an alarm is
generated, indicating that bandwidth is exhausted. Some services may be
interrupted before the bandwidth increases. To help prevent service interruption,
setting two bandwidth usage thresholds, one for generating a log and the other
for generating an alarm helps you increase bandwidth in time.

NOTE

Outbound bandwidth usage = (Outbound interface rate/Outbound physical interface

bandwidth) x 100
Inbound bandwidth usage = (Inbound interface rate/Inbound physical interface bandwidth) x
100

If the offset between the value of bandwidth-in-use and the value of resume-
threshold is too small, log information may be frequently displayed.

Example
# Configure GE0/0/1 to generate a log when the outbound interface rate exceeds
80% of the bandwidth.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] log-threshold output-rate 80

# Configure GE0/0/1 to generate a log when the outbound interface rate exceeds
80% of the bandwidth and to generate a log indicating that bandwidth usage has
been restored, when the outbound interface rate is lower than 60% of the
bandwidth.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] log-threshold output-rate 80 resume-rate 60

6.2.9 loopback
Function
The loopback command enables loopback detection on an interface.
The undo loopback command disables loopback detection on an interface.
By default, loopback detection is not configured.

NOTE

The AD9431DN-24X do not support the parameter remote.

Format
loopback { internal | remote }
undo loopback

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 565

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameters
Parameter Description Value

internal Configures internal -

loopback detection on a
specified interface.

remote Configures remote -

loopback detection on
an interface.

Views
GE interface view, MultiGE interface view, XGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Loopback detection can be enabled to test some special functions, for example,
locating faults on the Ethernet. After loopback detection is enabled, the Ethernet
interface works in full-duplex mode. After loopback detection is disabled, the
original duplex mode of the Ethernet interface is restored.
After internal loopback detection is enabled on an interface, packets sent from the
interface are sent back to this interface.
After remote loopback detection is configured, the local interface sends a packet
received from the peer interface back to the peer interface, rather than forwarding
the packet to the destination address.
Follow-up Procedure
Use a dedicated test tool to check whether the number of packets received and
the number of packets sent on the Ethernet interface are the same. If not, the
hardware is faulty. If yes, the hardware works properly.
Precautions
Loopback detection interrupts the operation of Ethernet interfaces and links. After
loopback detection is performed, run the undo loopback command to disable
loopback detection immediately.

Example
# Configure internal loopback detection on GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] loopback internal
Info: This may interrupt the operation of Ethernet interfaces and links.Continue
? [Y/N]:y

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 566

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.2.10 negotiation auto

Function
The negotiation auto command configures an Ethernet interface to work in auto-
negotiation mode.

The undo negotiation auto command configures an Ethernet interface to work in

non-auto-negotiation mode.

By default, an Ethernet interface works in auto-negotiation mode.

Format
negotiation auto

undo negotiation auto

Parameters
None

Views
GE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Earlier Ethernet worked in 10M half-duplex mode and required mechanisms such
as Carrier Sense Multiple Access (CSMA)/Collision Detection (CD) to ensure
system stability. As Ethernet technology develops, full-duplex Ethernet and 100
Mbit/s Ethernet emerge. This greatly improves Ethernet performance. Auto-
negotiation technology allows new Ethernet to be compatible with earlier
Ethernet. In auto-negotiation mode, interfaces on both ends of a link negotiate
their operating parameters, including the duplex mode and rate. If the negotiation
succeeds, the two interfaces work at the same operating parameters.

You can configure an interface to work in auto-negotiation mode only when

interfaces on both ends support the auto-negotiation mode.
● If interfaces on both ends support auto-negotiation and are required to work
in auto-negotiation mode, run the negotiation auto command.
● If one of the two interfaces does not support auto-negotiation or is not
required to work in auto-negotiation mode, run the undo negotiation auto
command.

Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 567

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

● For details about the auto-negotiation configuration supported by Ethernet

interfaces, see Overview of Ethernet Interfaces in the Configuration Guide-
Overview of Ethernet Interfaces.
● By default, GE interfaces do not support flow control auto-negotiation.

Example
# Configure GE0/0/1 to work in non-auto negotiation mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo negotiation auto

6.2.11 port-down holdoff-timer

Function
The port-down holdoff-timer command sets the delay time for an interface to
report the Down event.
The undo port-down holdoff-timer command configures an interface to report
the Down event immediately.
By default, an interface reports the Down event immediately.

Format
port-down holdoff-timer holdoff-timer
undo port-down holdoff-timer

Parameters
Parameter Description Value

holdoff-timer Specifies the delay time The value is an integer

for an interface to report that ranges from 50 to
the Down event. 3000, in milliseconds.

Views
GE interface view, MultiGE interface view, XGE interface view

Default Level
2: Configuration level

Usage Guidelines
When an interface becomes Down, services on the interface are interrupted even
if this interface becomes Up soon. To prevent services from being interrupted, set
the delay in reporting a Down event on the interface so that the system still
considers that this interface is in Up state within the delay time.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 568

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Example
# Set the delay time for an interface to report the Down event to 100 ms.
<HUAWEI> system-view
[HUAWEI] interface gigabitEthernet 0/0/1
[HUAWEI-GigabitEthernet 0/0/1] port-down holdoff-timer 100

6.2.12 port-isolate enable

Function
The port-isolate enable command enables port isolation.
The undo port-isolate enable command disables port isolation.
By default, port isolation is disabled.

NOTE

Only the AD9431DN-24X support this function.

Format
port-isolate enable [ group group-id ]
undo port-isolate enable [ group group-id ]

Parameters
Parameter Description Value

group group-id Specifies the ID of a port The value is an integer

isolation group. that ranges from 1 to 64.

Views
GE interface view, XGE interface view, port group view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To implement Layer 2 isolation between interfaces, add different interfaces to
different VLANs. This, however, wastes VLAN resources. To save VLAN resources,
enable port isolation to isolate interfaces in a VLAN. That is, you can add
interfaces to a port isolation group to implement Layer 2 isolation between these
interfaces. Port isolation provides secure and flexible networking schemes for
customers.
Precautions

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 569

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

● After port isolation is configured, ports are isolated at Layer 2 but can
communicate at Layer 3 by default. To configure both Layer 2 isolation and
Layer 3 isolation, run the port-isolate mode all command.
● Interfaces in a port isolation group are isolated from each other, but
interfaces in different port isolation groups can communicate. If group-id is
not specified, interfaces are added to port isolation group 1 by default.

Example
# Enable port isolation on GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port-isolate enable group 1

6.2.13 port-isolate mode

Function
The port-isolate mode command sets the port isolation mode.

By default, ports are isolated at Layer 2 but can communicate at Layer 3.

NOTE

Only the AD9431DN-24X support this function.

Format
port-isolate mode { l2 | all }

Parameters
Parameter Description Value

l2 Indicates that ports are -

isolated at Layer 2 but
can communicate at
Layer 3.

all Indicates that ports are -

isolated at both Layer 2
and Layer 3.

Views
System view

Default Level
2: Configuration level

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 570

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Usage Guidelines
Usage Scenario

To disable members in a port isolation group from communicating at Layer 2 but

allow them to access public resources, such as printer and server, run the port-
isolate mode command to set the port isolation mode to l2.

To disable members in a port isolation group from communicating at both Layer 2

and Layer 3, run the port-isolate mode command to set the port isolation mode
to all.

Precautions

● To isolate ports at both Layer 2 and Layer 3, run the port-isolate mode all
command.
● To isolate ports at Layer 2 but allow them to communicate at Layer 3, run the
port-isolate mode l2 command.

Example
# Configure Layer 2 isolation and Layer 3 communication.
<HUAWEI> system-view
[HUAWEI] port-isolate mode l2

6.2.14 speed

Function
The speed command sets the rate for an Ethernet interface in non-auto
negotiation mode.

The undo speed command restores the default rate of an Ethernet interface in
non-auto negotiation mode.

By default, an Ethernet interface works at its highest rate when it works in non-
auto negotiation mode.

Format
speed { 10 | 100 | 1000 | 2500 | 5000 } *

undo speed

Parameters
Parameter Description Value

10 Indicates that the interface works -

at 10 Mbit/s.

100 Indicates that the interface works -

at 100 Mbit/s.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 571

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameter Description Value

1000 Indicates that the interface works -

at 1000 Mbit/s.

2500 Indicates that the interface works -

at 2500 Mbit/s.

5000 Indicates that the interface works -

at 5000 Mbit/s.

NOTE

Only MultiGE interfaces support the parameters 2500/5000.

The maximum rate configured for an Ethernet interface cannot exceed the interface's
capability. For example, the maximum rate of a GE interface cannot be set to 2500 Mbit/s.

Views
GE interface view, MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
In non-auto negotiation mode, if interfaces on two connected devices work at
different rates, use the speed command to change the rates of the interfaces to
be the same so that the two devices can communicate.
Precautions
● If the remote interface does not support the auto negotiation mode, run the
undo negotiation auto command on the local interface to configure the
interface to work in non-auto negotiation mode. You can then change the
rate of the local interface to be the same as the rate of the remote interface
to ensure proper communication.

Example
# Configure GE0/0/1 to work at 100 Mbit/s in non-auto negotiation mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo negotiation auto
[HUAWEI-GigabitEthernet0/0/1] speed 100

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 572

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.2.15 trap-threshold

Function
The trap-threshold command sets the inbound and outbound bandwidth usage
thresholds for generating a trap.

The undo trap-threshold command restores the default inbound and outbound
bandwidth usage thresholds for generating a trap.

The default inbound or outbound bandwidth usage threshold for generating a trap
is 100.

Format
trap-threshold { input-rate | output-rate } bandwidth-in-use [ resume-rate
resume-threshold ]
undo trap-threshold { input-rate | output-rate }

Parameters
Parameter Description Value

input-rate Indicates inbound -

bandwidth.

output-rate Indicates outbound -

bandwidth.

bandwidth-in-use Specifies the bandwidth The value is an integer that

usage threshold for ranges from 1 to 100.
generating a trap.

resume-rate Specifies the bandwidth The value is an integer that

resume-threshold usage threshold for ranges from 1 to bandwidth-
clearing a trap. in-use. The default value is
bandwidth-in-use.

Views
GE interface view, XGE interface view, MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 573

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

The bandwidth usage represents the load on a device. If the bandwidth usage
exceeds the threshold, bandwidth of the device is insufficient for services and
needs expansion. For example, if the bandwidth usage exceeds 95%, an alarm is
generated to indicate that bandwidth resources are used up. Services may be
interrupted before system expansion. You can set the upper and lower thresholds
for bandwidth usage. When the bandwidth usage exceeds the lower threshold, the
system generates a log. When the bandwidth usage exceeds the upper threshold,
the system triggers an alarm.

NOTE

Outbound bandwidth usage = (Outbound interface rate/Outbound physical interface

bandwidth) x 100
Inbound bandwidth usage = (Inbound interface rate/Inbound physical interface bandwidth) x
100
The interface rate and bandwidth are expressed in bits per second.

To set a lower threshold, run the log-threshold command.

The trap-threshold command sets the bandwidth usage threshold for generating
a trap. The trap-threshold with the following parameters provides various
functions:
● trap-threshold input-rate bandwidth-in-use resume-rate resume-threshold:
sets the inbound bandwidth usage threshold for generating a trap.
– If inbound bandwidth usage exceeds the threshold specified in
bandwidth-in-use, an hwIfMonitorInputRateRising trap is generated,
indicating that inbound bandwidth usage exceeds the configured
threshold.
– If inbound bandwidth usage falls below the threshold specified in
resume-threshold, an hwIfMonitorInputRateResume trap is generated,
indicating that inbound bandwidth usage falls between the configured
threshold for clearing a trap.
● trap-threshold output-rate bandwidth-in-use resume-rate resume-
threshold: sets the outbound bandwidth usage threshold for generating a
trap.
– If outbound bandwidth usage exceeds the threshold specified in
bandwidth-in-use, an hwIfMonitorOutputRateRising trap is generated,
indicating that outbound bandwidth usage exceeds the configured
threshold.
– If outbound bandwidth usage falls below the threshold specified in
resume-threshold, an hwIfMonitorOutputRateResume trap is generated,
indicating that outbound bandwidth usage falls between the configured
threshold for clearing a trap.
Precautions
● When the bandwidth usage exceeds the threshold for generating a trap, the
system generates a trap. When the bandwidth usage falls below the threshold
for clearing a trap, the system clears the trap.
● If the offset between the value of bandwidth-in-use and the value of resume-
threshold is too small, trap information may be frequently displayed.
● The log threshold must be lower than the trap threshold, providing efficient
protection for services. For example, when the inbound bandwidth usage

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 574

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

reaches 80%, a log is generated. If the inbound bandwidth usage continues to

increase and reaches 95%, a trap is generated. This ensures that a log is
generated for inbound bandwidth usage of 80%, and a trap is generated for
inbound bandwidth usage of 95%. Either the log or the trap prompts for a
bandwidth increase, preventing service interruption.

Example
# Configure GE0/0/1 to generate a trap when the outbound bandwidth usage
exceeds 60%.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] trap-threshold output-rate 60

# Configure GE0/0/1 to generate a trap when the outbound bandwidth usage

exceeds 80% and clear the trap when the outbound bandwidth usage falls below
60%.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] trap-threshold output-rate 80 resume-rate 60

6.2.16 virtual-cable-test
Function
The virtual-cable-test command tests the cable connected to an Ethernet
electrical interface and displays the test result.

Format
virtual-cable-test

Parameters
None

Views
GE interface view, XGE interface view, multi-GE interface view

Default Level
3: Management level

Usage Guidelines
Usage Scenario
You can run the virtual-cable-test command to check whether the cable works
properly. According to the command output, you can locate and rectify cable
faults.
● If the cable works properly, the total length of the cable is displayed.
● If the cable cannot work properly, the distance between the interface and the
failure point is displayed.

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 575

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Precautions
● Only the electrical interface or combo interface working as an electrical
interface supports the VCT function.
● Running the virtual-cable-test command may affect services on the interface
in a short period of time.
● The VCT function is supported only when the local and peer ends work at
1000 Mbit/s in auto-negotiation mode. The VCT function is supported only by
the R230D when its interfaces work at 100 Mbit/s in auto-negotiation mode.
● When the cable works properly, the VCT function is not supported by all or
some interfaces of the following APs. The cable length is 0 in the command
output of interfaces.
– AD9431DN-24X, AP4030DN and R230D: all interfaces
– AD9430DN-24: GE0 through GE5 and GE7 through GE23
– AP7050DN-E: GE0
– AP8082DN and AP8182DN: all GE interfaces
– AD9430DN-12: all interfaces except GE1, GE3, GE12, and GE13
– AP8030DN and AP4030TN: GE0
– AP5030DN: GE1
● If the cable cannot work properly, the distance between the interface and the
failure point is displayed.
● The test result is only for reference and may be inaccurate for cables of some
vendors.
● The test result is related to the signal attenuation of a cable. When the cable
length is shorter than 3 m, the signal attenuation mostly results from the
connector rather than the cable itself. Therefore, the test result is inaccurate.
● VCT detection cannot be performed on multiple interfaces of the device at the
same time.
● For wire sequence of cables, see Testing the Connection of Assembled Cables
in the Hardware Installation and Maintenance Guide.

Example
# Test the cable connected to GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] virtual-cable-test
Warning: The command will stop service for a while. Continue? [Y/N]y
Pair A length: 4 meter(s)
Pair B length: 4 meter(s)
Pair C length: 4 meter(s)
Pair D length: 4 meter(s)
Pair A state: OK
Pair B state: OK
Pair C state: OK
Pair D state: OK

Issue 08 (2021-11-15) Copyright © Huawei Technologies Co., Ltd. 576

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Table 6-10 Description of the virtual-cable-test command output

Item Description

Pair A/B/C/D Four pairs of circuits in a network cable.

Pair A length Length of a network cable.

● The length is the distance between
the interface and the failure point if a
failure occurs.
● The length is the actual length of the
cable when the cable works properly.
The test result is for reference only.

6.3 Logical Interface Configuration Commands

6.3.1 display interface loopback

Function
Using the display interface loopback command, you can view the status of a
loopback interface.

Format
display interface loopback [ loopback-number | main ]

Parameters
Parameter Description Value

loopback- Specifies the number of a loopback interface. -

number
If loopback-number is not specified, the status of all
loopback interfaces is displayed.

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Parameter Description Value

main Displays status and traffic statistics about a Loopback -

interface.
A Loopback interface has no sub-interfaces. Status and
traffic statistics about a Loopback interface are
displayed whether you specify the main parameter or
not.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
In the scenario where you need to monitor the status of an interface or locate an
interface fault, you can use the display interface loopback command to collect
the statistics on the interface including the status. Through the displayed
information, you can collect the traffic statistics and troubleshoot the interface.

Example
# Display the status of a specified loopback interface.
<HUAWEI> display interface loopback 6
LoopBack6 current state : UP
Line protocol current state : UP (spoofing)
Description:HUAWEI, AP Series, LoopBack6 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.10.1.1/32
Physical is Loopback
Current system time: 2011-12-12 10:14:21+08:00
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Realtime 0 seconds input rate 0 bits/sec, 0 packets/sec
Realtime 0 seconds output rate 0 bits/sec, 0 packets/sec
Input: 0 bytes
Output:0 bytes
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%

Table 6-11 Description of the display interface loopback command output

Item Description

LoopBack6 current Physical status of a loopback interface. The physical

state status of a loopback interface is always Up after the
loopback interface is created.

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Line protocol current Link layer protocol status of a loopback interface. The
state link layer protocol status of a loopback interface is
always Up after the loopback interface is created.

Description Indicates the description of the interface, which can be

set by using the description command.

Route Port,The Indicates the maximum transmission unit (MTU). The

Maximum Transmit default MTU is 1500 bytes. Packets longer than the
Unit is 1500 MTU are fragmented before being transmitted. If
fragmentation is not allowed, the packet is discarded.

Internet Address is Indicates the IP address of the interface.

Physical is Information about the physical layer of a loopback

interface.

Current system time Indicates the current system time.

Last 300 seconds Indicates the rates for sending and receiving the bytes
input rate and the packets by the interface in the last five minutes.
Last 300 seconds
output rate

Realtime 0 seconds Indicates the real-time rates of sending and receiving

input rate the bytes and the packets.
Realtime 0 seconds It refers to the interval between two display commands
output rate that are run on the same interface. The maximum value
is the statistical interval displayed in the previous piece
of information. This entry is displayed only when
information about a logical interface is viewed.

Input Indicates the total number of packets and the total

number of bytes received by the interface.

Output Indicates the total number of packets and the total

number of bytes sent by the interface.

Input bandwidth Indicates the percentage of the rate for receiving

utilization packets to the total bandwidth.

Output bandwidth Indicates the percentage of the rate for sending packets
utilization to the total bandwidth.

6.3.2 display interface null

Function
The display interface null command displays the status of a null interface.

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Format
display interface null [ 0 | main ]

Parameters
Parameter Description Value

0 Specifies the number of the null interface. The value can

be 0 only.

main Displays status and traffic statistics about a Null -

interface.
A Null interface has no sub-interfaces. Status and
traffic statistics about a Null interface are displayed
whether you specify the main parameter or not.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
The display interface null command displays the status of a null interface. The
interface status information includes: the physical status, link layer protocol status,
description, MTU, current system time, last time statistics about the null interface
are cleared, incoming and outgoing packet rates in bit/s and pps, total numbers of
packets and bytes received and sent by the null interface, and percentages of the
rates for receiving and sending packets to the total bandwidth.
Precautions
There is only one null interface, namely, NULL 0.

Example
# Display the status of Null 0 interface.
<HUAWEI> display interface null 0
NULL0 current state : UP
Line protocol current state : UP (spoofing)
Description:HUAWEI, AP Series, NULL0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
Physical is NULL DEV
Current system time: 2011-12-12 10:28:12+08:00
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Realtime 0 seconds input rate 0 bits/sec, 0 packets/sec

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Realtime 0 seconds output rate 0 bits/sec, 0 packets/sec

Input: 0 bytes
Output:0 bytes
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%

Table 6-12 Description of the display interface null command output

Item Description

NULL0 current state Physical status of the null interface.

The physical status of the null interface is always Up.

Line protocol current Link layer protocol status of the interface. The
state protocol status of the null interface is always Up.

Description Description of the interface, which can be set by

using the description command.

Route Port,The The MTU is 1500 bytes.

Maximum Transmit Unit
is 1500

Internet protocol Whether Internet protocol processing is enabled.

processing ● enabled: The Internet protocol processing is
enabled.
● disabled: The Internet protocol processing is
disabled.

Physical is NULL DEV The interface is null.

Current system time Current system time.

Last 300 seconds input Rates for sending and receiving the bytes and the
rate packets by the interface in the last five minutes.
Last 300 seconds output
rate

Realtime 0 seconds Real-time rates of sending and receiving the bytes

input rate and the packets.
Realtime 0 seconds It refers to the interval between two display
output rate commands that are run on the same interface. The
maximum value is the statistical interval displayed in
the previous piece of information. This entry is
displayed only when information about a logical
interface is viewed.

Input Total number of packets and the total number of

bytes received by the interface.

Output Total number of packets and the total number of

bytes sent by the interface.

Input bandwidth Percentage of the rate for receiving packets to the

utilization total bandwidth.

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Item Description

Output bandwidth Percentage of the rate for sending packets to the

utilization total bandwidth.

6.3.3 interface loopback

Function
The interface loopback command creates a loopback interface.

The undo interface loopback command deletes a loopback interface.

Format
interface loopback loopback-number

undo interface loopback loopback-number

Parameters
Parameter Description Value

loopback-number Specifies the number of a The value is an integer that

loopback interface. ranges from 0 to 1023.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
A loopback interface is always Up at the physical layer and link layer unless it is
manually shut down.

The IP address of a loopback interface is usually specified as the source address of

packets.

Example
# Create loopback interface 5.
<HUAWEI> system-view
[HUAWEI] interface loopback 5
[HUAWEI-LoopBack5]

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

6.3.4 interface null

Function
Using the interface null command, you can enter the null interface view.

Format
interface null 0

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The Null0 interface never forwards or accepts any traffic. All traffic sent to this
interface is directly discarded. Unnecessary traffic can be sent to the Null0
interface to avoid using ACLs.

Precautions

There is only one null interface, named null0. This interface is always Up and
cannot be shut down or deleted.

Example
# Enter the view of the Null0 interface.
<HUAWEI> system-view
[HUAWEI] interface null 0
[HUAWEI-NULL0]

6.3.5 management-interface

Function
The management-interface command configures a VLANIF or dialer interface as
a management interface.

The undo management-interface command cancels the management interface

configuration.

By default, an interface is not configured as a management interface.

Fat AP and Cloud AP
Command Reference 6 Interface Management Commands

Format
management-interface
undo management-interface

Parameters
None

Views
VLANIF interface view, dialer interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To manage a device through a VLANIF or dialer interface, run this command to
configure this interface as a management interface.
Precautions
If no interface on a device is configured as a management interface, the device
can be managed through all interfaces. Once an interface on the device is
configured as a management interface, you cannot manage the device through
the other interfaces.
A maximum of four interfaces can be configured as management interfaces.
If an interface is specified as the management interface using the management-
interface command, it will still be considered as the management interface after
the management-plane isolate enable command is executed.

Example
# Configure VLANIF 10 as a management interface.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] management-interface

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7 Network Interconnection Configurations

Commands

About This Chapter

7.1 MAC Address Table Configuration Commands

7.2 Ethernet Link Aggregation Commands
7.3 VLAN Configuration Commands
7.4 STP/RSTP/MSTP Configuration Commands
7.5 IPv4 Configuration Commands
7.6 ARP Configuration Commands
7.7 DHCP Configuration Commands
7.8 DNS Configuration Commands
7.9 NAT Configuration Commands
7.10 IP Performance Configuration Commands
7.11 IP Routing Basic Configuration Commands
7.12 Static Route Configuration Commands
7.13 IGMP Snooping Configuration Commands

7.1 MAC Address Table Configuration Commands

7.1.1 display bridge mac-address

Function
The display bridge mac-address command displays the bridge MAC address of a
device.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
display bridge mac-address

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
When you need to view the bridge MAC address of a device, run the display
bridge mac-address command.

Example
# Display the bridge MAC address of a device.
<HUAWEI> display bridge mac-address
System bridge MAC address: 00e0-f74b-6d00

Table 7-1 Description of the display bridge mac-address command output

Item Description

System bridge Indicates the bridge MAC address of a device.

MAC address

7.1.2 display mac-address

Function
The display mac-address command displays the MAC address table of the
wireless access point. A MAC address entry contains the destination MAC address,
VLAN ID, outbound interface, and entry type.

Format
display mac-address mac-address [ vlan vlan-id ] [ verbose ]

display mac-address [ vlan vlan-id | interface-type interface-number ] *

[ verbose ]
display mac-address { authen | guest | security } [ vlan vlan-id | interface-type
interface-number ] * [ verbose ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

mac-address Specifies the destination The value is in H-H-H

MAC address in an entry. format. H is a
hexadecimal number of
4 digits. The MAC
address cannot be
FFFF-FFFF-FFFF,
0000-0000-0000, or a
multicast MAC address.

vlan vlan-id Displays MAC address The value is an integer

entries in a specified that ranges from 1 to
VLAN. 4094.

interface-type interface- Displays the MAC address -

number entries with a specified
outbound interface.
● interface-type specifies
the type of the
outbound interface.
● interface-number
specifies the number of
the outbound interface.

verbose Displays detailed -

information about MAC
address entries.

authen Displays the MAC address -

entries of the authen type.

guest Displays the MAC address -

entries of the guest type.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
The MAC address table of the wireless access point stores MAC addresses of other
devices. When forwarding an Ethernet frame, the wireless access point searches
the MAC address table for the outbound interface according to the destination
MAC address and VLAN ID in the Ethernet frame.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The display mac-address command displays all MAC address entries, such as
dynamic MAC address entries, static MAC address entries, and blackhole MAC
address entries. A MAC address entry contains the destination MAC address, VLAN
ID, outbound interface, and entry type.
Follow-up Procedure
If any MAC address entry in the command output is incorrect, run the undo mac-
address command to delete the entry or run the mac-address command to add a
correct one.
Precautions
If you run the display mac-address command without parameters, all MAC
address entries are displayed.
When the wireless access point has a large number of MAC address entries, it is
recommended that you specify parameters in the command to filter the output
information. Otherwise, the following problems may occur due to excessive output
information:
● The displayed information is repeatedly refreshed, so you cannot find the
required information.
● The system traverses and retrieves information for a long time, and does not
respond to any request.

Example
# Display all MAC address entries.
<HUAWEI> display mac-address
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
4c1f-cc25-611b 100/- GE0/0/1 security

-------------------------------------------------------------------------------
Total items displayed = 1

Table 7-2 Description of the display mac-address command output

Item Description

MAC Address Destination MAC address in a MAC address entry.

VLAN/VSI ID of the VLAN or name of the VSI that a MAC address

belongs to.

Learned-From Interface on which the MAC address is learned.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Type Type of a MAC address entry.

● static: indicates a static MAC address entry, which is
manually configured and will not be aged out.
● blackhole: indicates a blackhole MAC address entry,
which is manually configured and will not be aged out.
● dynamic: indicates a MAC address entry learned by the
wireless access point, which will be aged out when the
aging time expires.
● security: indicates a MAC address entry that an interface
learns after port security is enabled.
● sticky: indicates a MAC address entry that an interface
learns after the sticky MAC function is enabled.
● mux: indicates a MAC address entry learned by a MUX
VLAN enabled interface.
● snooping: indicates a static MAC address entry
generated based on the dynamic DHCP snooping
binding table.

7.1.3 display mac-address aging-time

Function
The display mac-address aging-time command displays the aging time of
dynamic MAC address entries in the MAC address table.

Format
display mac-address aging-time

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

This command displays the aging time of dynamic MAC address entries on the
wireless access point. You can check whether the aging time is suitable for
network requirements and device performance.

Follow-up Procedure

If the aging time is unsuitable for requirements or device performance, run the
mac-address aging-time command to set the aging time properly.

Precautions

If the aging time is 0, dynamic MAC addresses will not be aged out. In this case,
MAC address entries increase sharply and the MAC address table will be full
quickly.

Example
# Display the aging time of dynamic MAC address entries.
<HUAWEI> display mac-address aging-time
Aging time: 300 second(s)

Table 7-3 Description of the display mac-address aging-time command output

Item Description

Aging time Aging time of dynamic MAC

address entries, in seconds. To set
the aging time, run the mac-
address aging-time command.

7.1.4 display mac-address blackhole

Function
The display mac-address blackhole command displays blackhole MAC address
entries.

Format
display mac-address blackhole [ vlan vlan-id ] [ verbose ]

Parameters
Parameter Description Value
vlan vlan-id Displays blackhole MAC address entries in The value is an integer
a specified VLAN. vlan-id specifies the ID of that ranges from 1 to
a VLAN. 4094.
verbose Displays detailed information about -
blackhole MAC address entries.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

The MAC address table of the wireless access point stores MAC addresses of other
devices. When forwarding an Ethernet frame, the wireless access point searches
the MAC address table for the outbound interface according to the destination
MAC address and VLAN ID in the Ethernet frame.

The MAC address table contains the following MAC address entries:
● Blackhole MAC address entries that are used to discard packets with the
specified MAC addresses or destination MAC addresses. Blackhole MAC
address entries are manually configured and will not be aged out.
● Static MAC entries that are manually configured and will not be aged out.
● Dynamic MAC address entries that are learned by the wireless access point
and will be aged out when the aging time expires.

To check whether blackhole MAC address entries are configured correctly, run this
command. These entries ensure communication between authorized users.

Follow-up Procedure

If any blackhole MAC address entry in the command output is incorrect, run the
undo mac-address command to delete the entry or run the mac-address
command to add a correct one.

Precautions

If you run the display mac-address blackhole command without parameters, all
blackhole MAC address entries are displayed.

If the MAC address table does not contain any blackhole MAC address, no
information is displayed.

Example
# Display all blackhole MAC address entries.
<HUAWEI> display mac-address blackhole
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
0022-0022-0033 100/- - blackhole
0000-0000-0001 200/- - blackhole

-------------------------------------------------------------------------------
Total items displayed = 2

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-4 Description of the display mac-address blackhole command output

Item Description

MAC Address Destination MAC address in a blackhole MAC address entry.

VLAN/VSI ID of the VLAN or name of the VSI that a MAC address

belongs to.

Learned-From When the type of a MAC address entry is blackhole, "-" is

displayed.

Type Type of a MAC address entry.

7.1.5 display mac-address dynamic

Function
The display mac-address dynamic command displays dynamic MAC address
entries.
If no parameter is specified, all dynamic MAC address entries are displayed.

Format
display mac-address dynamic [ vlan vlan-id | interface-type interface-number ] *

[ verbose ]

Parameters
Parameter Description Value

vlan vlan-id Displays dynamic MAC The value is an integer

address entries in a that ranges from 1 to
specified VLAN. 4094.

interface-type interface- Displays dynamic MAC -

number address entries with a
specified outbound
interface.
● interface-type
specifies the type of
the outbound
interface.
● interface-number
specifies the number
of the outbound
interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

verbose Displays detailed -

information about
dynamic MAC address
entries.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
The MAC address table needs to be updated constantly because the network
topology always changes. You can use this command to view learned MAC
addresses in real time.
Follow-up Procedure
If the displayed dynamic MAC address entries are invalid, run the undo mac-
address command to delete dynamic MAC address entries.
Precautions
If you run the display mac-address dynamic command without parameters, all
dynamic MAC address entries are displayed.
If the MAC address table does not contain any dynamic MAC address entry, no
information is displayed.
When the wireless access point has a large number of dynamic MAC address
entries, it is recommended that you specify parameters in the command to filter
the output information. Otherwise, the following problems may occur due to
excessive output information:
● The displayed information is repeatedly refreshed, so you cannot find the
required information.
● The system traverses and retrieves information for a long time, and does not
respond to any request.

Example
# Display all dynamic MAC address entries.
<HUAWEI> display mac-address dynamic
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
0000-0000-0001 100/- GE0/0/1 dynamic

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

-------------------------------------------------------------------------------
Total items displayed = 1

Table 7-5 Description of the display mac-address dynamic command output

Item Description

MAC Address Destination MAC address in a dynamic MAC address entry.

VLAN/VSI ID of the VLAN or name of the VSI that a MAC address

belongs to.

Learned-From Interface that learns a MAC address.

Type Type of a MAC address entry.

7.1.6 display mac-address static

Function
The display mac-address static command displays static MAC address entries.

Format
display mac-address static [ vlan vlan-id | interface-type interface-number ] *

[ verbose ]

Parameters
Parameter Description Value

vlan vlan-id Displays static MAC The value is an integer

address entries in a that ranges from 1 to
specified VLAN. 4094.

interface-type interface- Displays the static MAC -

number address entries on a
specified interface.

verbose Displays detailed -

information about static
MAC address entries.

Views
All views

Default Level
1: Monitoring level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario

The MAC address table contains the following MAC address entries:
● Static MAC entries that are manually configured and will not be aged out.
● Blackhole MAC address entries that are used to discard packets with the
specified source MAC addresses or destination MAC addresses. Blackhole MAC
address entries are manually configured and will not be aged out.
● Dynamic MAC address entries that are learned by the wireless access point
and will be aged out when the aging time expires.

To improve network security, configure static MAC address entries to ensure that
packets destined for specified MAC addresses are forwarded by the specified
interfaces. This prevents attack packets with bogus MAC addresses and guarantees
communication between the wireless access point and the upstream device or
server. After configuring static MAC address entries, you can run the display mac-
address static command to verify the configuration.

Follow-up Procedure

If any static MAC address entry is incorrect, run the undo mac-address command
to delete it.

Precautions

If you run the display mac-address static command without parameters, all static
MAC address entries are displayed.

If the MAC address table does not contain any static MAC address entry, no
information is displayed.

Example
# Display all static MAC address entries.
<HUAWEI> display mac-address static
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
0000-0000-0033 100/- GE0/0/1 static
0000-0000-0001 200/- GE0/0/1 static

-------------------------------------------------------------------------------
Total items displayed = 2

Table 7-6 Description of the display mac-address static command output

Item Description

MAC Address Destination MAC address in a static MAC address entry.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

VLAN/VSI ID of the VLAN or name of the VSI that a MAC address

belongs to.

Learned-From Interface that learns a MAC address.

Type Type of a MAC address entry.

7.1.7 display mac-address summary

Function
The display mac-address summary command displays statistics on MAC address
entries.

Format
display mac-address summary

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
The MAC address table of the device stores MAC addresses of other devices. When
forwarding an Ethernet frame, the wireless access point searches the MAC address
table for the outbound interface according to the destination MAC address and
VLAN ID in the Ethernet frame.
When the wireless access point has many MAC address entries of different types,
you can use the display mac-address summary command to view the summary
of MAC address entries in the system. In the command output, Local and Remote
identify the MAC address entries learned by the local device and MAC address
entries synchronized from other devices.

Example
# Display statistics on all MAC address entries in the system.
<HUAWEI> display mac-address summary
Summary information of slot 0:
-----------------------------------

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Static : 0
Local interface : 10
Blackhole : 0
Dyn-Local : 0
Dyn-Remote : 0
Dyn-Trunk : 0
Sticky : 0
Security : 1
In-used : 1
Capacity : 4096
-----------------------------------

Table 7-7 Description of the display mac-address summary command output

Item Description

Static Number of static MAC address entries.

Local interface Local static MAC address.

Blackhole Number of blackhole MAC address entries

Dyn-Local Number of MAC address entries learned by the local

device.

Dyn-Remote Number of MAC address entries synchronized from other

device.

Dyn-Trunk Total number of MAC address entries learned by all trunk

interfaces.

Sticky Number of sticky MAC address entries.

Security Number of secure dynamic MAC address entries.

In-used Total number of existing MAC address entries.

Capacity Capacity of the MAC address table. The actual value varies
according to device models.

7.1.8 display mac-address total-number

Function
The display mac-address total-number command displays the number of MAC
address entries of a specified type.

Format
display mac-address total-number
display mac-address total-number [ vlan vlan-id | interface-type interface-
number ] *
display mac-address total-number vlan all
display mac-address total-number blackhole [ vlan vlan-id ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

display mac-address total-number dynamic [ vlan vlan-id | interface-type

interface-number ] *

display mac-address total-number static [ vlan vlan-id | interface-type

interface-number ] *

Parameters
Parameter Description Value

dynamic Displays the number of -

dynamic MAC address
entries.

blackhole Displays the number of -

blackhole MAC address
entries.

static Displays the number of -

static MAC address
entries.

vlan vlan-id Displays the number of The value is an integer

MAC address entries in a that ranges from 1 to
specified VLAN. 4094.

vlan all Displays the number of -

MAC address entries in
all VLANs.

interface-type interface- Displays the number of -

number MAC address entries
learned by a specified
interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

When the wireless access point has many MAC address entries of different types,
you can use the display mac-address total-number command to view statistics
on MAC address entries of a specified type.
Precautions
If no parameter is specified, the total number of MAC address entries in the
system is displayed.
If interface-type interface-number is not specified, the total number of MAC
addresses learned by all interfaces is displayed.
If vlan vlan-id is not specified, the total number of MAC addresses in all VLANs is
displayed.

Example
# Display the number of dynamic MAC address entries.
<HUAWEI> display mac-address total-number dynamic
Info: total number of mac-address is : 20

Table 7-8 Description of the display mac-address total-number command output

Item Description

Info: total number of mac- Total number of MAC address entries in the
address system.

7.1.9 display mac-limit

Function
The display mac-limit command displays the rules that limit the number of
learned MAC addresses.

Format
display mac-limit [ interface-type interface-number | vlan vlan-id ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

interface-type interface- Displays the MAC -

number address limiting rule on
a specified interface.
● interface-type
specifies the type of
the interface.
● interface-number
specifies the number
of the interface.

vlan vlan-id Displays the MAC The value is an integer

address limiting rules in that ranges from 1 to
a specified VLAN. 4094.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

To check whether MAC address limiting rules are configured correctly, run the
display mac-limit command. If a rule is incorrect, run the mac-limit command to
modify the rule.

Precautions

If the interface-type and interface-number are not specified, MAC address limiting
rules on all interfaces are displayed.

If vlan vlan-id is not specified, MAC address limiting rules in all VLANs are
displayed.

Example
# Display all the MAC address limiting rules.
<HUAWEI> display mac-limit
MAC limit is enabled
Total MAC limit rule count : 1

PORT VLAN/VSI SLOT Maximum Rate(ms) Action Alarm

----------------------------------------------------------------------------
GE0/0/1 - - 1 - discard disable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-9 Description of the display mac-limit command output

Item Description

Total MAC Limit Number of configured MAC address limiting rules.

rule count

PORT Name of an interface.

VLAN/VSI ID of a VLAN or a VSI name.

SLOT Slot ID of the board where a MAC address limiting rule is

configured.

Maximum Maximum number of MAC addresses that can be learned.

To set the maximum number of MAC addresses, run the
mac-limit command.

Rate(ms) Indicates the interval at which MAC addresses are

learned.

Action Action performed on packets when the number of

learned MAC addresses exceeds the maximum number.
● discard: discards packets with new source MAC
addresses.
● forward: forwards packets with new source MAC
addresses.

Alarm Whether an alarm is generated when the number of

learned MAC addresses exceeds the maximum.
● enable: indicates that an alarm is generated.
● disable: indicates that an alarm is not generated.

7.1.10 mac-address
Function
The mac-address command adds a static MAC address entry or a blackhole MAC
address entry.
The undo mac-address command deletes MAC address entries of a specified type.

Format
mac-address static mac-address interface-type interface-number vlan vlan-id
mac-address blackhole mac-address [ vlan vlan-id ]
undo mac-address blackhole [ mac-address ] [ vlan vlan-id ]
undo mac-address mac-address [ vlan vlan-id ]
undo mac-address static mac-address interface-type interface-number vlan vlan-
id

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

undo mac-address [ all | dynamic | static ] [ interface-type interface-number |

vlan vlan-id ] *

Parameters
Parameter Description Value

blackhole Indicates blackhole MAC -

address entries.

static Indicates static MAC -

address entries, that is,
MAC address entries
configured manually.

mac-address Specifies the source or The value is in H-H-H

destination MAC format. H is a hexadecimal
address in a MAC number of 4 digits. The
address entry. MAC address cannot be
FFFF-FFFF-FFFF,
0000-0000-0000, or a
multicast MAC address.

interface-type interface- Specifies the outbound -

number interface in a MAC
address entry.
● interface-type
specifies the type of
the outbound
interface.
● interface-number
specifies the number
of the outbound
interface.

vlan vlan-id Specifies the ID of the The value is an integer

VLAN that the that ranges from 1 to
outbound interface 4094.
belongs to.

all Deletes all MAC address -

entries.

dynamic Deletes dynamic MAC -

address entries, that is,
the MAC address entries
learned by an interface.

Views
System view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
MAC address entries are classified into the following types:
● Dynamic MAC address entries that are learned by an interface after MAC
address learning is enabled.
● Static MAC address entries that are manually configured. They take
precedence over dynamic MAC address entries.
● Blackhole MAC address entries that are manually configured. A data frame is
discarded if the source or destination MAC address matches a blackhole MAC
address entry.
Functions of static and blackhole MAC address entries are:
● Static MAC address entries prevent bogus packets with trusted device MAC
addresses sent from attackers and guarantee communication between the
wireless access point and the upstream device or server.
● Blackhole MAC address entries prevent untrusted devices from attacking the
wireless access point.
The undo mac-address command is used in the following scenarios:
● The upstream device or server has changed or the untrusted device has been
removed, and the corresponding static MAC address entry or blackhole MAC
address entry needs to be deleted.
● Dynamic address entries become invalid and need to be deleted to trigger
MAC address relearning.
Prerequisites
The interface has been added to a VLAN.
Precautions
You can configure multiple static MAC address entries or blackhole MAC address
entries by running the mac-address command multiple times.
If you configure a static or blackhole MAC address entry when the MAC table is
full, the wireless access point processes the MAC address entry as follows:
● If a dynamic MAC address entry with the same MAC address exists in the
MAC address table, the wireless access point replaces the dynamic MAC
address entry with the configured entry.
● If no dynamic MAC address entry with the same MAC address exists in the
MAC address table, the MAC address entries cannot be added to the MAC
address table.
When using the undo mac-address command, pay attention to the following
points:
● If interface-type interface-number is not specified, MAC address entries of a
specified type on all interfaces are deleted.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● If vlan vlan-id is not specified, MAC address entries of a specified type in all
VLANs are deleted.

Example
# Add a static MAC address entry to the MAC address table. The destination MAC
address is 0003-0003-0003. The outbound interface is gigabitethernet0/0/1, which
belongs to VLAN 4.
<HUAWEI> system-view
[HUAWEI] mac-address static 0003-0003-0003 gigabitethernet 0/0/1 vlan 4

# Configure a blackhole MAC address entry to discard the Ethernet frames whose
destination MAC address is 0004-0004-0004 and VLAN ID is VLAN 5.
<HUAWEI> system-view
[HUAWEI] mac-address blackhole 0004-0004-0004 vlan 5

# Delete all dynamic MAC address entries.

<HUAWEI> system-view
[HUAWEI] undo mac-address dynamic

7.1.11 mac-address aging-time

Function
The mac-address aging-time command sets the aging time of dynamic MAC
address entries.

The undo mac-address aging-time command restores the default aging time of
dynamic MAC address entries.

By default, the aging time of dynamic MAC address entries is 300 seconds.

Format
mac-address aging-time aging-time

undo mac-address aging-time

Parameters
Parameter Description Value

aging-time Specifies the aging time The value is 0 or an

of dynamic MAC address integer that ranges from
entries. 60 to 65535, in seconds.
The default value is 300.
The value 0 indicates
that dynamic MAC
address entries will not
be aged out.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The network topology changes frequently, and the wireless access point will learn
many MAC addresses. You can run the mac-address aging-time command to set
a proper aging time for dynamic MAC address entries so that aged MAC address
entries are deleted from the MAC address table. This reduces MAC address entries
in the MAC address table.
The system starts an aging timer for each dynamic MAC address entry. If a
dynamic MAC address entry is not updated within a certain period (twice the
aging time), the entry is deleted. If the entry is updated within this period, the
aging timer of this entry is reset. If the aging time is short, the wireless access
point is sensitive to network changes.
When setting the aging time of dynamic MAC address entries, follow these rules:
● Set a longer aging time on a stable network and a shorter aging time on an
unstable network.
● The capacity of the MAC address table on a low end device is small; therefore,
set a relatively short aging time on low end devices to save the MAC address
table space.
Precautions
If the aging time is 0, dynamic MAC addresses will not be aged out. In this case,
MAC address entries increase sharply and the MAC address table will be full
quickly.
If you run the mac-address aging-time command multiple times, only the latest
configuration takes effect.
Dynamic MAC address entries are lost after system restart. Static MAC address
entries and blackhole MAC address entries are not aged or lost.

Example
# Set the aging time of dynamic MAC address entries to 500 seconds.
<HUAWEI> system-view
[HUAWEI] mac-address aging-time 500

7.1.12 mac-address learning disable

Function
The mac-address learning disable command disables MAC address learning.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The undo mac-address learning disable command enables MAC address

learning.
By default, MAC address learning is enabled.

Format
(Interface view) mac-address learning disable [ action { discard | forward } ]
(VLAN view) mac-address learning disable
undo mac-address learning disable

Parameters
Parameter Description Value

action Indicates the action that -

the interface takes after
MAC address learning is
disabled.
NOTE
● This parameter takes
effect only in the
interface view, and the
specified interface
must be a Layer 2
interface.
● You can use this
parameter to
determine whether
packets are forwarded
when the specified
interface does not
need to learn MAC
addresses.
By default, an interface
forwards the packets
carrying new MAC
addresses after MAC
address learning is
disabled.

discard Discards the packets -

whose source MAC
addresses do not match
the MAC address table.

forward Forwards the packets -

according to the MAC
address table.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
VLAN view, GE interface view, Eth-Trunk interface view, XGE interface view,
MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

If you want an interface to forward only packets with certain MAC addresses, use
this command. For example, if an interface is connected to a server, configure a
static MAC address entry with the MAC address of the server, and then disable
MAC address learning and set the action to discard on the interface. The
configuration prevents other servers or terminals from accessing the interface and
improves network stability and security.

When a wireless access point with MAC address learning enabled receives an
Ethernet frame, it records the source MAC address and inbound interface of the
Ethernet frame in a MAC address entry. When receiving other Ethernet frames
destined for this MAC address, the wireless access point forwards the frames
through the corresponding outbound interface according to the MAC address
entry. MAC address learning reduces broadcast packets on a network.

You can use the mac-address learning disable command to disable MAC address
learning on an interface. The action performed on received packets can be set to
discard or forward.

● When the action is set to forward, the wireless access point forwards packets
according to the MAC address table. If a packet does not match any MAC
address entry, the wireless access point broadcasts the packet.
● When the action is set to discard, the wireless access point searches for the
source MAC address of the packet in the MAC address table. If the source
MAC address is found in the MAC address table, the wireless access point
forwards the packet according to the MAC address entry. If the source MAC
address is not found, the wireless access point discards the packet. The default
action is forward.

Precautions

The action cannot be configured in the VLAN view.

After MAC address learning is disabled on an interface, the device does not learn
new MAC addresses on the interface, but untrusted terminals can still access the
network.

Example
# Disable MAC address learning in VLAN 2.
<HUAWEI> system-view
[HUAWEI] vlan 2
[HUAWEI-vlan2] mac-address learning disable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.1.13 mac-learning priority

Function
The mac-learning priority command sets the MAC address learning priority of an
interface.

The undo mac-learning priority command restores the default MAC learning
priority of an interface.

By default, the MAC address learning priority of an interface is 0.

Format
mac-learning priority priority-id

undo mac-learning priority

Parameters
Parameter Description Value

priority priority-id Specifies the MAC The value is an integer

address learning priority that ranges from 0 to 3. A
of an interface. larger value indicates a
higher priority.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

An uplink interface of the AP is connected to a server, and downlink interfaces are

connected to users. To prevent unauthorized users from using the server MAC
address to connect to the AP, run the mac-learning priority command to set the
priority of the uplink interface to be higher than the user-side interfaces. When
these interfaces learn the same MAC address, the MAC address entry learned by
the uplink interface overrides MAC address entries learned by the user-side
interfaces. Therefore, the AP will not learn MAC addresses of unauthorized users,
and authorized users can access the server and use network resources.

You can run the undo mac-learning priority allow-flapping command to forbid
MAC address flapping between interfaces with the same priority.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Both the undo mac-learning priority allow-flapping command and the mac-
learning priority command can prevent MAC address flapping. The difference
between the two commands is as follows:

● The undo mac-learning priority allow-flapping command prevents MAC

address flapping between interfaces with the same priority. If an attacker uses
the server MAC address to connect to the AP after the server is powered off,
the AP learns the MAC address of the forged server. After the real server is
powered on, the AP cannot learn the correct server MAC address.
● The mac-learning priority command prevents MAC address flapping between
interfaces with different priorities. If an attacker uses the server MAC address
to connect to the AP after the server is powered off, the AP learns the MAC
address of the forged server. After the real server is powered on, the AP can
learn the correct server MAC address.

Precautions

If you run the mac-learning priority command multiple times in the same
interface view, only the latest configuration takes effect.

Example
# Set the MAC address learning priority of GigabitEthernet0/0/1 to 3.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] mac-learning priority 3

7.1.14 mac-learning priority allow-flapping

Function
The mac-learning priority allow-flapping command allows MAC address
flapping between interfaces with the same priority.

The undo mac-learning priority allow-flapping command prevents MAC address

flapping between interfaces with the same priority.

By default, MAC address flapping between interfaces with the same priority is
allowed.

Format
mac-learning priority priority-id allow-flapping

undo mac-learning priority priority-id allow-flapping

Parameters
Parameter Description Value

priority priority-id Specifies the MAC The value is an integer

address learning priority that ranges from 0 to 3. A
of an interface. larger value indicates a
higher priority.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

An uplink interface of the AP is connected to a server, and downlink interfaces are

connected to users. To prevent unauthorized users from using the server MAC
address to connect to the AP, you can run the undo mac-learning priority allow-
flapping command to forbid MAC address flapping between interfaces with the
same priority. MAC address then will not be learned by multiple interfaces. This
prevents attackers from using the MAC addresses of valid devices to attack the AP.

Both the mac-learning priority command and the undo mac-learning priority
allow-flapping command can prevent MAC address flapping. The difference
between the two commands is as follows:

● The undo mac-learning priority allow-flapping command prevents MAC

Example
# Forbid MAC address flapping between interfaces with priority 1.
<HUAWEI> system-view
[HUAWEI] undo mac-learning priority 1 allow-flapping

7.1.15 mac-limit

Function
The mac-limit command configures a rule to limit the number of MAC addresses
that can be learned.

The undo mac-limit command deletes the rule.

By default, the number of learned MAC addresses is not limited.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
(Interface view) mac-limit { action { discard | forward } | alarm { disable |
enable } | maximum max-num }*

(VLAN view) mac-limit { alarm { disable | enable } | maximum max-num }*

undo mac-limit

Parameters
Parameter Description Value

action { discard | Indicates the action If no action is specified in

forward } performed when the the command, the
number of learned MAC default action discard is
address entries reaches used.
the limit.
● discard: discards
packets with new
source MAC
addresses.
● forward: forwards
packets with new
source MAC addresses
but does not add the
new MAC addresses
to the MAC address
table.
NOTE
This parameter cannot be
specified in the VLAN view.

alarm { disable | Indicates whether the If you do not set this

enable } system generates an parameter in the
alarm when the number command, the alarm
of learned MAC address function is enabled by
entries reaches the limit. default.
● disable: indicates that
no alarm is generated
when the number of
learned MAC
addresses reaches the
limit.
● enable: indicates that
an alarm is generated
when the number of
learned MAC
addresses reaches the
limit.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

maximum max-num Sets the maximum The value is a decimal

number of MAC integer ranging from 0 to
addresses that can be 4096. The value 0
learned. indicates that the highest
NOTE rate of MAC address
If maximum is not set, you learning is not limited.
must run the mac-limit
command with maximum
specified. If you have run
the mac-limit command to
set the maximum number
of MAC addresses that can
be learned, you do not
need to set maximum
max-num when running
this command again.

Views
VLAN view, GE interface view, Eth-Trunk interface view, XGE interface view,
MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The mac-limit command limits the number of access users and prevents attacks
to the MAC address tables. You can enable the function to improve network
security.

Precautions

The action cannot be set in the VLAN view.

Example
# Configure the following MAC address learning rule on GigabitEthernet0/0/1:
● The maximum number of learned MAC addresses is 30.
● When the number of learned MAC addresses exceeds the maximum, and an
alarm is generated.
<HUAWEI> system-view
[HUAWEI] interface GigabitEthernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] mac-limit maximum 30 alarm enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.1.16 port bridge enable

Function
The port bridge enable command enables the port bridge function on an
interface. The interface then can forward packets whose source and destination
MAC addresses are both learned by this interface.
The undo port bridge enable command disables the port bridge function.
By default, the port bridge function is disabled on an interface.

Format
port bridge enable
undo port bridge enable

Parameters
None

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
By default, an interface does not forward packets whose source and destination
MAC addresses are both learned by this interface. When the interface receives
such a packet, it discards the packet as an invalid packet.
After the port bridge function is enabled on the interface, the interface forwards
such a packet if the destination MAC address of the packet is in the MAC address
table.
The port bridge function is used in the following scenarios:
● The device connects to devices that do not support Layer 2 forwarding. When
users connected to these devices need to send packets, the packets are
directly sent to the device and forwarded by the device. These packets have
the same source and destination MAC address; therefore, you need to enable
port bridge to forward packets with the same source and destination MAC
address.
● The device is used as an access device in a data center and is connected to
servers. Each server is configured with multiple virtual machines. The virtual
machines need to transmit data to each other. If data between virtual
machines is transmitted on the server, the data transmission rate and server
performance may be affected. To improve the data transmission rate and

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

server performance, enable the port bridge function on the interfaces

connected to the servers so that the device forwards data packets between
the virtual machines.

Example
# Enable the port bridge function on GigabitEthernet0/0/1.
<HUAWEI> system-view
[HUAWEI] interface GigabitEthernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port bridge enable

7.2 Ethernet Link Aggregation Commands

NOTE

Ethernet link aggregation is supported only by the following models: AP6750-10T, AirEngine
5760-10, AP7060DN, AP5510-W-GP, AD9430DN-12, AD9430DN-24, AD9431DN-24X, AP2051DN,
AP2051DN-E, AP2051DN-S, AP4030TN, AP4051DN, AP4051DN-S, AP4151DN, AP4051TN,
AP5030DN, AP5050DN-S, AP5130DN, AP6050DN, AP6150DN, AP6052DN, AP7050DE,
AP7050DN-E, AP7052DN, AP7152DN, AP7052DE, AP8030DN, AP8130DN, AP8050DN,
AP8050DN-S, AP8150DN, AP8050TN-HD, AP8082DN, AP8182DN, AP9130DN, AP9131DN,
AP9132DN.

7.2.1 display eth-trunk

Function
The display eth-trunk command displays the configuration about an Eth-Trunk.

Format
display eth-trunk [ trunk-id [ interface interface-type interface-number |
verbose ] ]

Parameters

Parameter Description Value

trunk-id Specifies the ID of an Eth-Trunk. The value is an
integer that
ranges from 0 to
7.

interface Specifies a member interface. -

interface-type
interface-number interface-type specifies the type of the
member interface.
interface-number specifies the number of
the member interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

verbose Displays the detailed configuration of a -
specified Eth-Trunk, including the statistics
about interface traffic.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
After configuring an Eth-Trunk on a device, you can run the display eth-trunk
command to check whether the configuration of the Eth-Trunk is correct.
When using the display eth-trunk command, note that:
● If no optional parameter is specified, the configurations of all Eth-Trunks are
displayed.
● If trunk-id is specified only, the configuration of a specified Eth-Trunk is
displayed.
● If trunk-id and interface interface-type interface-number are specified, the
configuration of member interfaces of the specified Eth-Trunk is displayed.
● If trunk-id is specified and verbose is configured, the detailed configuration of
a specified Eth-Trunk is displayed, including the statistics about interface
traffic.
Prerequisites
The interface specified in this command must be an existing one; otherwise, the
system prompts an error.
Precautions
If there is a great deal of statistics about traffic on Eth-Trunks, you are
recommended to specify Eth-Trunk ID or interface interface-type interface-
number to filter output information. Otherwise, the following problems may occur
due to excessive output information:
● The displayed information is repeatedly updated, and required information
cannot be located.
● The system does not respond because of long-time information traverse and
search.

Example
# Display the configuration of Eth-Trunk 1 in manual load balancing mode.
<HUAWEI> display eth-trunk 1
Eth-Trunk1's state information is:

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

WorkingMode: NORMAL Hash arithmetic: According to src-dst-ip

Least Active-linknumber: 1 Max Bandwidth-affected-linknumber: 8
Operate status: down Number Of Up Port In Trunk: 0
--------------------------------------------------------------------------------
PortName Status Weight
GigabitEthernet0/0/1 Up 1

Table 7-10 Description of the display eth-trunk command output

Item Description

WorkingMode Operation mode of the Eth-Trunk:

● NORMAL: manual load balancing mode
● : LACP mode

Hash arithmetic Hash algorithm used for load balancing

among member interfaces of the Eth-Trunk.

Least Active-linknumber Minimum number of active member links.

Max Bandwidth-affected- Maximum number connections that affect

linknumber the Eth-Trunk bandwidth.

Operate status Status of the Eth-Trunk:

● UP: The interface is Up.
● DOWN: The interface is Down.

Number Of Up Port In Trunk Number of Up member interfaces in the

Eth-Trunk.

PortName Name of a member interface.

Status Status of local member interfaces in

Manual Load Balancing Mode:
● Up: indicates that the interface is
properly started.
● Down: indicates that the interface is
faulty.

Weight Weight of the member interface.

7.2.2 display interface eth-trunk

Function
The display interface eth-trunk command displays the status of an Eth-Trunk.

Format
display interface eth-trunk [ trunk-id | main ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

trunk-id Specifies the ID of an Eth-Trunk. The value is an

integer that
ranges from 0 to
7.

main Displays status and traffic statistics about an -

Eth-Trunk main interface.
If you do not specify the main parameter, status
and traffic statistics about both an Eth-Trunk
main interface and Eth-Trunk sub-interfaces are
displayed.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
You can run the display interface eth-trunk command to view the status and
weight of each member interface of the Eth-Trunk.
To monitor the status of an interface or locate an interface fault, you can use the
display interface eth-trunk command to collect the status of and statistics on
the interface. You can collect traffic statistics and locate faults on the interface
according to the command output.

Example
# Display the status of Eth-Trunk 2.
<HUAWEI> display interface Eth-Trunk 2
Eth-Trunk2 current state : DOWN
Line protocol current state : DOWN
Description:HUAWEI, AP Series, Eth-Trunk5 Interface
Switch Port, PVID : 1, TPID : 8100(Hex), Hash arithmetic : According to src-d
st-ip,The Maximum Frame Length is 9216
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is dcd2-fcf9-b5ca
Current system time: 2011-12-14 04:26:14+08:00
Input: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Discard: 0
Total Error: 0

Output: 0 packets, 0 bytes

Unicast: 0, Multicast: 0
Broadcast: 0, Discard: 0
Total Error: 0

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Input bandwidth utilization : 0%

Output bandwidth utilization : 0%
-----------------------------------------------------
PortName Status Weight
-----------------------------------------------------
-----------------------------------------------------
The Number of Ports in Trunk : 0
The Number of UP Ports in Trunk : 0

Table 7-11 Description of the display interface eth-trunk command output

Item Description

Eth-Trunk2 current state Status of the Eth-Trunk2:

● UP: indicates that the interface is
properly started.
● DOWN: indicates that the interface is
faulty.
● Administratively Down: If the
administrator uses the shutdown
(interface view) command on the
interface, the state is Administratively
Down.

Line protocol current state Link layer protocol status of the interface:
● DOWN: indicates that the link layer
protocol of the interface fails or no IP
address is assigned to the interface.
● UP: indicates that the link layer protocol
of the interface is running properly.

Description Description of the interface.

Switch Port Layer 2 interface.

PVID ID of the VLAN to which the interface

belongs

TPID Type of frames that are supported on the

interface.
By default, this field displays 0x8100,
indicating an 802.1Q frame.
This field is displayed only for a Layer 2
interface.

Hash arithmetic Hash algorithm used for load balancing

among member interfaces of the Eth-
Trunk.

Maximal BW Maximum bandwidth.

Current BW Current bandwidth.

The Maximum Frame Length MTU of the Eth-Trunk.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

IP Sending Frames' Format Format of the frame contained in the sent

IP packet, which can be PKTFMT_ETHNT_2,
Ethernet_802.3, or Ethernet_SNAP.

Hardware address MAC address of the Eth-Trunk.

Current system time Indicates the current system time.

If the system is configured with a time
zone and is in the summer time, the time
is displayed in the format of YYYY/MM/DD
HH:MM:SS UTC±HH:MM DST.

Input bandwidth utilization Inbound bandwidth usage.

Output bandwidth utilization Outbound bandwidth usage.

Input Number of packets received by the

interface.

Output Number of packets sent by the interface.

packets Total number of packets that the interface

receives or sends.

bytes Total number of bytes that the interface

receives or sends.

Unicast Number of unicast packets that the

interface receives or sends.

Broadcast Number of broadcast packets that the

interface receives or sends.

Multicast Number of multicast packets that the

interface receives or sends.

Discard Number of packets discarded by the Eth-

Trunk during physical layer detection.

Total Error Number of error packets discovered by the

Eth-Trunk during physical layer detection.

PortName Name of the Eth-Trunk member interface.

Status Status of the Eth-Trunk member interface.

Weight Weight of the Eth-Trunk member interface

in load balancing.

The Number of Ports in Trunk Number of Eth-Trunk member interfaces.

The Number of UP Ports in Trunk Number of Eth-Trunk member interfaces in

Up state.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.2.3 display trunk index-map

Function
The display trunk index-map command displays the mapping between Eth-Trunk
interface IDs and internal indexes.

Format
display trunk index-map

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
An ID is manually allocated to an Eth-Trunk during Eth-Trunk creation. For
example, the ID of Eth-Trunk 1 is 1. In addition, the device also allocates an
internal number to each Eth-Trunk. The internal number is the index. When
allocating indexes, the device traverses indexes in ascending order. The
unallocated index is used as the index of an Eth-Trunk. Therefore, the mapping
between Eth-Trunk IDs and indexes is unordered.

Example
# Display the mapping between Eth-Trunk interface IDs and internal indexes.
<HUAWEI> display trunk index-map
Index Interface Name

-----------------------------
1 Eth-Trunk10
2 Eth-Trunk20
3 Eth-Trunk5

Table 7-12 Description of the display trunk index-map command output

Item Description

Index Index of the Eth-Trunk.

Interface Name Name of the Eth-Trunk.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.2.4 display trunk resource

Function
The display trunk resource command displays trunk resources that have been
used on a device.

Format
display trunk resource

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To learn about used trunk resources, run the display trunk resource command to
check the number of created trunks and the number of interfaces added to the
trunk interface.

Example
# Display trunk resources used on a device.
<HUAWEI> display trunk resource
Number of configured trunk interfaces is : 4
Interface Member Count
-----------------------------------------------------------
Eth-Trunk1 2
Eth-Trunk10 0
Eth-Trunk30 0
Eth-Trunk55 0

Table 7-13 Description of the display trunk resource command output

Item Description

Number of configured trunk Number of configured trunk interfaces.

interfaces is

Interface Trunk interface type:

● Eth-Trunk

Member Count Number of member interfaces added to a

trunk interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.2.5 display trunkmembership eth-trunk

Function
The display trunkmembership eth-trunk command displays information about
member interfaces of an Eth-Trunk.

Format
display trunkmembership eth-trunk trunk-id

Parameters
Parameter Description Value

trunk-id Specifies the ID The value is an integer that

of an Eth- ranges from 0 to 7.
Trunk.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
After an Eth-Trunk interface is successfully configured, you can run the display
trunkmembership eth-trunk command to view the configuration of the Eth-
Trunk interface and its member interfaces.
In the scenario where you need to monitor the status of an interface or locate an
interface fault, you can use the display trunkmembership eth-trunk command
to view detailed information about an Eth-Trunk interface and its member
interfaces. You can troubleshoot the interface and its member interfaces according
to the queried information.
Prerequisites
An Eth-Trunk interface is correctly configured. The Eth-Trunk interface must be
created in advance; otherwise, the system prompts an error when you run the
display trunkmembership eth-trunk command.

Example
# Display information about member interfaces of Eth-Trunk 2.
<HUAWEI> display trunkmembership eth-trunk 2
Trunk ID: 2

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Used status: VALID

TYPE: ethernet
Working Mode : Normal
Number Of Ports in Trunk = 2
Number Of Up Ports in Trunk = 2
Operate status: up

Interface GigabitEthernet0/0/0, valid, operate up, weight=1

Interface GigabitEthernet0/0/1, valid, operate up, weight=1

Table 7-14 Description of the display trunkmembership eth-trunk command

output

Item Description

Trunk ID ID of the Eth-Trunk.

Used status Whether the Eth-Trunk is available:

● VALID: indicates that the Eth-Trunk is available.
● INVALID: indicates that the Eth-Trunk is unavailable.

TYPE Type of an Eth-Trunk.

Working Mode Working mode of an Eth-Trunk.

● Normal: indicates the manual load balancing mode.

Number Of Ports in Indicates the number of interfaces that are added to

Trunk the Eth-Trunk.

Number Of Up Ports Indicates the number of Up interfaces that are added

in Trunk to the Eth-Trunk.

Operate status Eth-Trunk status:

● up: indicates that the Eth-Trunk is in Up state.
● down: indicates that the Eth-Trunk is in Down state.

Interface,valid,operate, Detailed information about a member interface:

weight ● Interface: indicates the interface type and number.
● valid: indicates that the interface is available.
● operate: indicates the status of the interface.
● weight: indicates the weight of the interface in load
balancing.

7.2.6 eth-trunk

Function
The eth-trunk command adds an interface to an Eth-Trunk.

The undo eth-trunk command removes an interface from an Eth-Trunk.

By default, an interface does not belong to any Eth-Trunk.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
eth-trunk trunk-id

undo eth-trunk

Parameters
Parameter Description Value

trunk-id Specifies the ID of an The value is an integer

Eth-Trunk interface. that ranges from 0 to 7.

Views
GE interface view, XGE interface view

Default Level
2: Configuration level

Usage Guidelines
To improve the connection reliability and increase the bandwidth, you can use the
eth-trunk command to bind multiple interfaces into an Eth-Trunk.

When you add an Ethernet interface to an Eth-Trunk, the interface must use the
default settings of certain attributes. Otherwise, the interface cannot be added to
the Eth-Trunk. The attributes that use the default settings include:

● Link type
● VLAN that the interface belongs to
● Interface priority
● Whether the interface allows BPDUs to pass through
● MAC address learning
● Adding the interface to a multicast group statically
● Discarding broadcast packets
● Discarding unknown multicast packets
● Discarding unknown unicast packets

Those attributes must remain consistent and cannot be changed individually. If the
preceding attributes of an Eth-Trunk are changed, the attributes of all the member
interfaces are changed accordingly.

It is recommended that you run the shutdown (interface view) command to

disable an interface before adding the interface to an Eth-Trunk. After adding
interfaces at both ends of a link to an Eth-Trunk, run the undo shutdown
(interface view) command to enable the interfaces. Otherwise, traffic
interruption or broadcast storms may occur.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

It is recommended that you run the shutdown (interface view) command to

disable a member interface before running the undo eth-trunk command to
remove the member interface from an Eth-Trunk.
The number of member interfaces of the Eth-Trunk on devices at both ends must
be equal. The interfaces at both ends must be connected with straight-through
cables.

Example
# Add GigabitEthernet0/0/1 to Eth-Trunk 2.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] eth-trunk 2

7.2.7 interface eth-trunk

Function
The interface eth-trunk command displays the view of an existing Eth-Trunk or
creates an Eth-Trunk and displays its view.
The undo interface eth-trunk command deletes an Eth-Trunk.

Format
interface eth-trunk trunk-id
undo interface eth-trunk trunk-id

Parameters
Parameter Description Value

trunk-id Specifies the ID The value is an integer that ranges

of an Eth- from 0 to 7.
Trunk.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
If the specified Eth-Trunk already exists, you can directly enter the Eth-Trunk
interface view by using the interface eth-trunk command.
You can delete an Eth-Trunk only if the Eth-Trunk does not contain any member
interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Create Eth-Trunk 2.
<HUAWEI> system-view
[HUAWEI] interface eth-trunk 2
[HUAWEI-Eth-Trunk2]

7.2.8 least active-linknumber

Function
The least active-linknumber command sets the lower threshold for the number
of active member links on an Eth-Trunk.

The undo least active-linknumber command restores the default lower threshold
for the number of active member links.

By default, the lower threshold for the number of active member links on an Eth-
Trunk is 1.

Format
least active-linknumber link-number

undo least active-linknumber

Parameters
Parameter Description Value

link-number Specifies the lower threshold for the The value is an integer
number of active member links. ranging from 1 to 8.

Views
Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The number of active member links on an Eth-Trunk affects the status and
bandwidth of the Eth-Trunk. The bandwidth of an Eth-Trunk equals the total
bandwidth of all member interfaces in Up state.

The number of Up member links affects the status and bandwidth of the Eth-
Trunk. To ensure that the Eth-Trunk functions properly and is less affected by
member link status change, set the following threshold.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● Lower threshold for the number of active member links

When the number of active interfaces falls below this threshold, the Eth-Trunk
goes Down. This guarantees the Eth-Trunk a minimum available bandwidth.
For example, if the Eth-Trunk is required to provide a minimum bandwidth of
2 Gbit/s and each member link's bandwidth is 1 Gbit/s, the lower threshold
for the number of active member links must be set to at least 2.

To delete the configured lower threshold for the number of active member links or
restore the default value, use the undo least active-linknumber command or
least active-linknumber 1 command.

Prerequisites

The Eth-Trunk interface has been correctly configured.

Precautions

If you run the least active-linknumber command multiple times, only the latest
configuration takes effect.

After the upper threshold for the number of active member links is configured,

● The Eth-Trunk interface goes Down when the number of active member links
falls below the configured lower threshold.
● The Eth-Trunk interface goes Up when the number of active member links
reaches the configured lower threshold.

Example
# Set the lower threshold for the number of active member links to 3.
<HUAWEI> system-view
[HUAWEI] interface eth-trunk 1
[HUAWEI-Eth-Trunk1] least active-linknumber 3

7.2.9 load-balance

Function
The load-balance command sets a load balancing mode of an Eth-Trunk.

The undo load-balance command restores the default load balancing mode of an
Eth-Trunk.

By default, the load balancing mode is src-dst-ip.

Format
load-balance { dst-ip | dst-mac | src-ip | src-mac | src-dst-ip | src-dst-mac }

undo load-balance

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

dst-ip Indicates load -

balancing based on
destination IP
addresses.

dst-mac Indicates load -

balancing based on
destination MAC
addresses.

src-ip Indicates load -

balancing based on
source IP addresses.

src-mac Indicates load -

balancing based on
source MAC
addresses.

src-dst-ip Indicates load -

balancing based on
source and
destination IP
addresses.

src-dst-mac Indicates load -

balancing based on
source and
destination MAC
addresses.

Views
Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To ensure proper load balancing between physical links of an Eth-Trunk and avoid
link congestion, use the load-balance command to set the load balancing mode
of the Eth-Trunk.
Load balancing is valid only for outgoing traffic; therefore, the load balancing
modes for the interfaces at both ends of the link can be different and do not
affect each other.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

You can set the load balancing mode based on traffic models. When a parameter
of traffic changes frequently, you can set the load balancing mode based on this
parameter to ensure that the traffic is load balanced evenly. For example, if IP
addresses in packets change frequently, use the load balancing mode based on
dst-ip, src-ip, or src-dst-ip so that traffic can be properly load balanced among
physical links. If MAC addresses in packets change frequently and IP addresses are
fixed, use the load balancing mode based on dst-mac, src-mac, or src-dst-mac so
that traffic can be properly load balanced among physical links.

The device supports the following load balancing modes:

● dst-ip: load balancing based on destination IP address. In this mode, the

system obtains the specified three bits from each of the destination IP address
and the TCP or UDP port number in outgoing packets to perform the
Exclusive-OR calculation, and then selects the outgoing interface from the
Eth-Trunk table according to the calculation result.
● dst-mac: load balancing based on destination MAC address. In this mode, the
system obtains the specified three bits from each of the destination MAC
address, VLAN ID, Ethernet type, and incoming interface information to
perform the Exclusive-OR calculation, and then selects the outgoing interface
from the Eth-Trunk table according to the calculation result.
● src-ip: load balancing based on source IP address. In this mode, the system
obtains the specified three bits from each of the source IP address and the
TCP or UDP port number in incoming packets to perform the Exclusive-OR
calculation, and then selects the outgoing interface from the Eth-Trunk table
according to the calculation result.
● src-mac: load balancing based on source MAC address. In this mode, the
system obtains the specified three bits from each of the source MAC address,
VLAN ID, Ethernet type, and incoming interface information to perform the
Exclusive-OR calculation, and then selects the outgoing interface from the
Eth-Trunk table according to the calculation result.
● src-dst-ip: load balancing based on the Exclusive-OR result of the source IP
address and destination IP address. In this mode, the system performs the
Exclusive-OR calculation between the Exclusive-OR results of the dip and
dmac modes, and then selects the outgoing interface from the Eth-Trunk
table according to the calculation result.
● src-dst-mac: load balancing based on the Exclusive-OR result of the source
MAC address and destination MAC address. In this mode, the system obtains
three bits from each of the source MAC address, destination MAC address,
VLAN ID, Ethernet type, and incoming interface information to perform the
Exclusive-OR calculation, and then selects the outgoing interface from the
Eth-Trunk table according to the calculation result.

Precautions

If you run the load-balance command multiple times, only the latest
configuration takes effect.

Example
# Set the load balancing mode of an Eth-Trunk to dst-mac.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> system-view
[HUAWEI] interface Eth-Trunk 1
[HUAWEI-Eth-Trunk1] load-balance dst-mac

7.2.10 mode

Function
The mode command configures the working mode of an Eth-Trunk.

The undo mode command restores the default working mode of an Eth-Trunk.

By default, an Eth-Trunk works in manual load balancing mode.

Format
mode manual load-balance

undo mode

Parameters
Parameter Description Value
manual load-balance Indicates the manual load balancing mode. -

Views
Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenarios

Currently, the device supports Eth-Trunks to work in the following modes:

● Manual load balancing mode
When one of the devices at the two ends of an Eth-Trunk link does not
support LACP, you can run the command to configure the Eth-Trunk interface
to work in manual load balancing mode. In addition, you can add multiple
member interfaces to increase the bandwidth between the two devices and
improve reliability.
The manual load balancing mode is a basic link aggregation mode. In this
mode, you must manually create an Eth-Trunk interface, add interfaces to the
Eth-Trunk interface. LACP is not involved.
In manual load balancing mode, all active member interfaces forward data
and perform load balancing.

Precautions

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

If you run the mode command multiple times, only the latest configuration takes
effect.

Example
# Configure Eth-Trunk 1 to work in manual load-balance mode.
<HUAWEI> system-view
[HUAWEI] interface eth-trunk 1
[HUAWEI-Eth-Trunk1] mode manual load-balance

7.2.11 trunk-member trap

Function
The trunk-member trap in private-mib enable command configures Eth-Trunk
member interfaces to send trap messages through the private MIB.
The undo trunk-member trap in private-mib enable command configures Eth-
Trunk member interfaces to send trap messages through the public MIB.
By default, trap messages of the Eth-Trunk member interfaces are sent by the
public MIB.

Format
trunk-member trap in private-mib enable
undo trunk-member trap in private-mib enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
When a trunk member interface changes from Up to Down or from Down to Up,
you are informed of the status change so as to check whether the device fails or
recovers.
If you want to know to which trunk interface the member interface belongs, you
can run the trunk-member trap in private-mib enable command to configure
trunk member interfaces to send trap messages through the private MIB. This is
because the trap message sent through a private MIB carries information about
the trunk interface with the specified ID, whereas the trap messages sent through
the public MIB do not carry information about trunk interfaces with specified IDs.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Prerequisites

The trunk interfaces are correctly configured.

Precautions

After the trunk-member trap in private-mib enable command is configured,

trap messages are sent only through the private MIB. That is, you need to view the
sent trap messages by using the private MIB of Huawei.

Example
# Configure the Eth-Trunk member interface to send trap messages through the
private MIB.
<HUAWEI> system-view
[HUAWEI] trunk-member trap in private-mib enable

7.3 VLAN Configuration Commands

7.3.1 damping time

Function
The damping time command sets the VLAN damping time on a VLANIF interface,
that is, the delay before reporting a VLAN Down event to the VLANIF interface.

The undo damping time command restores the default dumping time.

The default damping time on a VLANIF interface is 0 seconds. That is, the VLANIF
interface is notified immediately after the VLAN becomes Down.

Format
damping time delay-time

undo damping time

Parameters
Parameter Description Value

delay-time Specifies the delay The value ranges from 0

before reporting the to 20, in seconds. The
VLAN Down event to a default value is 0.
VLANIF interface.

Views
VLANIF interface view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Software upgrade or active/standby switchover on the wireless access point may

cause frequent status changes on VLANIF interfaces. To prevent network flapping,
run the damping time command on VLANIF interfaces to configure the VLAN
damping function.

When all interfaces in a VLAN become Down, the wireless access point waits for a
period specified by delay-time and then reports the VLAN Down event to the
VLANIF interface.

Precautions

If any interface in the VLAN becomes Up within the delay time, the VLANIF
interface remains Up.

You can use the display interface vlanif command to view the VLAN damping
time.

If you run the damping time command multiple times in the same VLANIF
interface view, only the latest configuration takes effect.

Example
# Set the VLAN damping time on VLANIF 10 to 10 seconds.
<HUAWEI> system-view
[HUAWEI] vlan 10
[HUAWEI-vlan10] quit
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] damping time 10

7.3.2 description (VLAN view)

Function
The description command sets the description of a VLAN.

The undo description command restores the default description of a VLAN.

By default, the description of a VLAN shows the VLAN ID. For example, the
description of VLAN 2 is "VLAN 0002".

Format
description description

undo description

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

description Specifies the description It is a string of 1 to 80

of a VLAN. characters. The
characters are case
sensitive. Spaces are
allowed.

Views
VLAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The description command is used to set the description of a VLAN, which is
convenient for identifying, memorizing, and maintaining the VLAN.
The display vlan vlan-id verbose command can display the description of a
specified VLAN.
Precautions
Set different descriptions for VLANs to distinguish.
If you run the description command multiple times in the same VLAN view, only
the last configuration takes effect.

Example
# Set the description of VLAN 2 as "test".
<HUAWEI> system-view
[HUAWEI] vlan 2
[HUAWEI-vlan2] description test

7.3.3 description (VLANIF interface view)

Function
The description command set the description of a VLANIF interface.
The undo description command restores the default description of a VLANIF
interface.
By default, the description of a VLANIF interface is in "HUAWEI, AP Series, Vlanif2
Interface" format.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
description description

undo description

Parameters
Parameter Description Value

description Specifies the description It is a string of 1 to 242

of a VLANIF interface. characters. The
characters are case
sensitive. Spaces are
allowed.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

To manage VLANIF interfaces conveniently, use the description command to set

VLANIF interface descriptions. The description of a VLANIF interface helps you
identify the VLANIF interface and know its functions.

You can use the display interface vlanif command to view the description of a
VLANIF interface.

Precautions

The description of a VLANIF interface should provide useful information.

Set different descriptions for VLANIF interfaces to distinguish VLANIF interfaces.

If you run the description command multiple times in the same VLANIF interface
view, only the latest configuration takes effect.

Example
# Set the description of VLANIF 2 to "test".
<HUAWEI> system-view
[HUAWEI] vlan 2
[HUAWEI-vlan2] quit
[HUAWEI] interface vlanif 2
[HUAWEI-Vlanif2] description test

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.3.4 display interface vlanif

Function
The display interface vlanif command displays the status and configuration of a
VLANIF interface.

Format
display interface vlanif [ vlan-id | main ]

Parameters
Parameter Description Value

vlan-id Specifies the ID of a The value is an integer

VLAN. and the value range
depends on the range of
existing VLANIF
interfaces. You can enter
the question mark (?) to
obtain the range of
VLAN IDs.

main Displays status and -

traffic statistics about a
VLANIF interface.
A VLANIF interface has
no sub-interfaces. Status
and traffic statistics
about a VLANIF interface
are displayed whether
you specify the main
parameter or not.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
To monitor an interface or locate an interface fault, you can use the display
interface vlanif command to view the interface status, interface configuration,
and traffic statistics on the interface.
Prerequisites

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The specified VLANIF interface has been created.

Precautions

If vlan-id is not specified, the display interface vlanif command displays

information about all VLANIF interfaces in the system.

Example
# Display the status and configuration of VLANIF 3.
<HUAWEI> display interface vlanif 3
Vlanif3 current state : DOWN
Line protocol current state : DOWN
Description:HUAWEI, AP Series, Vlanif3 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc01-00e1
Current system time: 2007-09-12 20:21:13
Input bandwidth utilization : --
Output bandwidth utilization : --

Table 7-15 Description of the display interface vlanif command output

Item Description

current state Status of a VLANIF interface. The value is UP or Down.

Line protocol current Status of the link-layer protocol on a VLANIF interface.

state The value is UP or Down.

Last line protocol up The last time the line protocol is up.
time

Description Description of a VLANIF interface.

Route Port Indicates that the interface is a Layer 3 interface.

The Maximum Specifies the MTU of a VLANIF interface.

Transmit Unit

Internet Address IP address of a VLANIF interface. If the VLANIF interface

does not have an IP address, the system displays
"Internet protocol processing: disabled."

IP Sending Frames' Encapsulation format of IP packets, which can be

Format PKTFMT_ETHNT_2, Ethernet_802.3, or Ethernet_SNAP.

Hardware address MAC address of the VLANIF interface.

Current system time Indicates the current system time.

If the system is configured with a time zone and is in
the summer time, the time is displayed in the format of
YYYY/MM/DD HH:MM:SS UTC±HH:MM DST.

Input/Output Inbound/outbound bandwidth utilization on an

bandwidth utilization interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.3.5 display port vlan

Function
The display port vlan command displays information about interfaces of the
VLAN.

Format
display port vlan [ interface-type interface-number | active ] *

Parameters
Parameter Description Value

interface-type interface- Specifies the type and -

number number of an interface
in the VLAN.
If this parameter is not
specified, information
about all interfaces in
the VLAN is displayed.

active Indicates the interface -

information of dynamic
entries in the VLAN.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
You can run the display port vlan command to view information about interfaces
of the VLAN and check whether the VLAN is assigned by the command, protocols,
or services. If a fault occurs on an interface, you can locate the fault based on the
information about the interface and VLAN.
Prerequisite
A VLAN has been created and the Layer 2 interface has joined the VLAN.
Precautions
If a large number of mappings between interfaces and VLANs exist on the device,
you are advised to specify the interface or active to filter the command output.
Otherwise, the following problems may occur due to excessive output information:

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● The displayed information is repeatedly refreshed, causing required

information to fail to be obtained.
● The system does not respond because of long-time information traverse and
search.

Example
# Display information about interfaces that belong to each VLAN on the device.
<HUAWEI> display port vlan
Port Link Type PVID Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1 trunk 1 1 2001

# Display information about all dynamic entries.

<HUAWEI> display port vlan active
T=TAG U=UNTAG C=Configured H=HVRP G=GVRP V=VOICE-VLAN E=E-LMI
DA=Dynamic-authorization-VLAN UU=Unauthenticated-user-VLAN M=Mac-Flapping
LBDT=Loopback-detect LDT=Loop-detection
-------------------------------------------------------------------------------
Port Link Type PVID VLAN List
-------------------------------------------------------------------------------
GE0/0/1 trunk 1(C) U: 1(C)
T: 2001(C)

Table 7-16 Description of the display port vlan command output

Item Description

Port Indicates the type and number of the interface.

Link Type Indicates the types of the interface link.

PVID Indicates the default VLAN ID of the interface. By

default, VLAN 1 is the default VLAN of all interfaces.

Trunk VLAN List ● Indicates the VLAN IDs that are dynamically added
by an interface.
● Indicates the VLAN IDs of packets that are statically
configured to pass through an interface.

VLAN List Indicates the VLAN IDs of packets that are statically
configured to pass through an interface.

7.3.6 display vlan

Function
The display vlan command displays information about all VLANs.

If no parameter is specified, brief information about all VLANs is displayed.

Format
display vlan [ vlan-id [ verbose ] ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

display vlan vlan-name vlan-name [ verbose ]

display vlan [ vlan-id1 [ to vlan-id2 ] | vlan-name vlan-name | brief | summary ]

Parameters
Parameter Description Value

vlan-id Specifies the ID of a The value is an integer

VLAN. that ranges from 1 to
4094.

vlan-id1 [ to vlan-id2 ] Specifies a range of ● The value of vlan-id1

VLAN IDs. is an integer that
● vlan-id1 specifies the ranges from 1 to
first VLAN ID. 4094.
● to vlan-id2 specifies ● The value of vlan-id2
the last VLAN ID. The is an integer that
value of vlan-id2 ranges from 1 to
must be greater than 4094.
or equal to the value
of vlan-id1. If to vlan-
id2 is not specified,
only information
about the VLAN
specified by vlan-id1
is displayed.

summary Displays summary of all -

VLANs.

verbose Displays detailed -

information about a
specified VLAN.

vlan-name vlan-name Specifies a VLAN name. The value is a string of 1

to 31 case-sensitive
characters without
spaces.

brief Indicates brief -

information about
VLANs.

Views
All views

Default Level
1: Monitoring level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario

The display vlan command displays VLAN configuration or packet statistics on

interfaces in a VLAN.

Example
# Display brief information about all VLANs.
<HUAWEI> display vlan
* : management-vlan
---------------------
The total number of vlans is : 6
VLAN ID Type Status MAC Learning Broadcast/Multicast/Unicast Property
--------------------------------------------------------------------------------
1 common enable enable forward forward forward default
10 common enable enable forward forward forward default
100 common enable enable forward forward forward default
199 common enable enable forward forward forward default
900 common enable enable forward forward forward default
4094 common enable enable forward forward forward default

# Display detailed information about VLAN 100.

<HUAWEI> display vlan 100 verbose
* : Management-VLAN
---------------------
VLAN ID : 100
VLAN Name :
VLAN Type : Common
Description : VLAN 0100
Status : Enable
Broadcast : Enable
MAC Learning : Enable
Smart MAC Learning : Disable
Current MAC Learning Result : Enable
Statistics : Disable
Property : Default
VLAN State : Down
----------------
Tagged Port: GigabitEthernet0/0/1
----------------
Active Tag Port: GigabitEthernet0/0/1
-------------------
Interface Physical
GigabitEthernet0/0/1 DOWN

# Display summary of all VLANs.

<HUAWEI> display vlan summary
static vlan:
Total 8 static vlan exist(s).
1 10 to 12 20 100 200 470
dynamic vlan:
Total 0 dynamic vlan exist(s).

# Display brief of all VLANs.

<HUAWEI> display vlan brief
U:Up;D:Down;TG:Tagged;UT:Untagged;

VID Name Status Ports

--------------------------------------------------------------------------------
1 enable UT: GE0/0/1(U)
2001 enable TG: GE0/0/1(U)

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-17 Description of the display vlan command output

Item Description

VID or VLAN ID ID of a VLAN.

Type or VLAN Type Type of a VLAN.

● mux: indicates a principal VLAN used in the
MUX VLAN function.
● mux-sub: indicates a subordinate VLAN used
in the MUX VLAN function.
● super: indicates a super-VLAN used for VLAN
aggregation.
● sub: indicates a sub-VLAN used for VLAN
aggregation.
● Common: indicates a common VLAN.
● *Common: indicates the management VLAN.

Ports Interfaces in a VLAN.

VLAN Name Name of a VLAN.

Description Description of a VLAN.

Status Status of a VLAN. The value is always Enable.

Broadcast Whether the broadcast function is enabled in a

VLAN.
● disable: The broadcast function is disabled.
● enable: The broadcast function is enabled.

MAC Learning/MAC-LRN Whether MAC address learning is enabled:

● disable: MAC address learning is disabled.
● enable: MAC addresses learning is enabled.

Broadcast/Multicast/Unicast Indicates whether broadcast packets, multicast

packets, or unicast packets are forwarded. The
value can be:
● forward: forwarding broadcast packets,
multicast packets, or unicast packets
● discard: discarding broadcast packets,
multicast packets, or unicast packets

Smart MAC Learning Whether smart MAC address learning is

enabled:
● disable: Smart MAC address learning is
disabled.
● enable: Smart MAC addresses learning is
enabled.

Current MAC Learning Result MAC address learning result.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Statistics Whether the traffic statistics function is enabled

in a VLAN.
● disable: Traffic statistics function is disabled.
● enable: Traffic statistics function is enabled.

Property Property of a VLAN.

● Default: indicates a default VLAN.
● MutilcastVlan: indicates a multicast VLAN.
● UserVlan: indicates a user VLAN.

VLAN state Indicates the status of the VLAN. The value can
be:
● Up
● Down
The status of a VLAN is determined by the
status of member interfaces in the VLAN. A
VLAN is Up only when at least one member
interface in the VLAN is Up.

Tagged/Untagged Port Interfaces that are manually added to a VLAN in

tagged or untagged mode.

Active Tag/Active Untag Port Active interfaces that join a VLAN in tagged or
untagged mode.

static vlan VLANs that are created manually.

dynamic vlan VLANs that are learned dynamically.

7.3.7 interface vlanif

Function
The interface vlanif command creates a VLANIF interface and displays the
VLANIF interface view.
The undo interface vlanif command deletes a VLANIF interface.
By default, VLANIF interfaces are not created.

Format
interface vlanif vlan-id
undo interface vlanif vlan-id

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

vlan-id Specifies the ID of the The value is an integer

VLAN that a VLANIF that ranges from 1 to
interface belongs to. 4094.
The device supports 129
VLANIF interfaces.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
When a device needs to communicate with devices at the network layer, you can
create a logical interface based on a VLAN on the device, namely, a VLANIF
interface. A VLANIF interface is a network layer interface and can be configured
with an IP address. The device then users the VLANIF interface to communicate
with devices at the network layer.
Prerequisites
The specified VLAN has been created using the vlan command before you create a
VLANIF interface.
Follow-up Procedure
Run the ip address to assign an IP address to the VLANIF interface.
Precautions
If the specified VLANIF interface exists, the interface vlanif command displays the
VLANIF interface view directly.
When a VLANIF interface is used as a management VLANIF interface where you
can telnet to the device, the user VLAN ID cannot be the same as the
management VLAN ID; otherwise, you will fail to telnet to the device.

Example
# Create VLANIF 2 and enter the VLANIF interface view.
<HUAWEI> system-view
[HUAWEI] vlan 2
[HUAWEI-vlan2] quit
[HUAWEI] interface vlanif 2
[HUAWEI-Vlanif2]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.3.8 ip pool (VLAN view)

Function
The ip pool command configures an IP address pool for a sub-VLAN.
The undo ip pool command deletes the IP address pool of a sub-VLAN.
By default, no IP address pool is configured for sub-VLANs.

Format
ip pool start-address [ to end-address ]
undo ip pool

Parameters
Parameter Description Value
start-address Specifies the start IP address in an IP It is in dotted
address pool. decimal notation.
to end-address Specifies the end IP address in an IP address It is in dotted
pool. decimal notation.
If end-address is not specified, only one IP
address, that is, start-address, exists in the
IP address pool.

Views
VLAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After assigning an IP address to the super-VLAN by assigning the IP address to a
VLANIF interface, you can specify the IP address range for users in the VLAN. In
this manner, the ARP module filters out packets with IP addresses beyond the IP
address range so that the number of ARP packets can be exactly controlled.
If the super VLAN is enabled with proxy ARP, the system directly sends an ARP
Request packet from a user in the sub-VLAN to the destination sub-VLAN based
on the IP address carried in the packet, which reduces broadcast traffic.
The ip pool command can be used to set an IP address pool for the sub-VLAN. In
the IP address pool, a single IP address or a consecutive IP address segment can be
configured, but inconsecutive IP address segments cannot be configured.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Precautions
If only one IP address is assigned to the VLANIF interface of the super-VLAN, the
range of IP addresses in the IP address pool of a sub-VLAN is determined by the
mask length of the IP address assigned to the VLANIF interface.
If multiple IP addresses are assigned to the VLANIF interface of the super-VLAN,
the range of IP addresses in the IP address pool of a sub-VLAN is determined by
the difference between the largest and smallest IP addresses assigned to the
VLANIF interface.
After the ip pool command is run for a sub-VLAN, only ARP packets (such as ARP
Request, ARP Response, and Proxy ARP) for the IP addresses in the IP address pool
can be processed in the sub-VLAN.

Example
# Configure an IP address pool for VLAN 20, with IP addresses ranging from
10.10.10.10 to 10.10.10.20.
<HUAWEI> system-view
[HUAWEI] vlan 20
[HUAWEI-vlan20] ip pool 10.10.10.10 to 10.10.10.20

7.3.9 management-vlan
Function
Using the management-vlan command, you can configure a VLAN as a
management VLAN.
Using the undo management-vlan command, you can cancel the configuration.
By default, no VLAN is configured as a management VLAN.

Format
management-vlan
undo management-vlan

Parameters
None

Views
VLAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

To use a network management system to manage multiple devices, create a

VLANIF interface on each device and configure a management IP address for the
VLANIF interface. You can then log in to a device and manage it using its
management IP address. If a user-side interface is added to the VLAN, users
connected to the interface can also log in to the device. This brings security risks
to the device.

After a VLAN is configured as a management VLAN, no access interface can be

added to the VLAN. An access interface is connected to users. The management
VLAN forbids users connected to access interfaces to log in to the device,
improving device performance.

Follow-up Procedure

Create a VLANIF interface corresponding to the VLAN and configure a

management IP address on the VLANIF interface.

Precautions

VLAN 1 cannot be configured as an mVLAN.

You can run the display vlan command to view the management VLAN
configuration. In the command output, the VLAN marked with a * is the
management VLAN.

After a VLAN is configured as a management VLAN, only trunk and hybrid

interfaces can be added to the VLAN.

Example
# Configure VLAN 100 as a management VLAN.
<HUAWEI> system-view
[HUAWEI] vlan 100
[HUAWEI-vlan100] management-vlan

7.3.10 mtu (VLANIF interface view)

Function
Using the mtu command, you can set the maximum transmission unit (MTU) of a
VLANIF interface.

Using the undo mtu command, you can restore the default MTU of a VLAN
interface.

By default, the MTU of a VLAN interface is 1500 bytes.

Format
mtu mtu

undo mtu

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

mtu Specifies the MTU of a The value is an integer

VLANIF interface. that ranges from 128 to
1700, in bytes.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The MTU determines the maximum number of bytes in IP packets each time a
sender can send. The MTU of an IP packet refers to the number of bytes from the
IP header of the packet to the data.
The size of data frames is limited at the network layer. Any time the IP layer
receives an IP packet to be sent, it checks to which local interface the packet
needs to be sent and obtains the MTU configured on the interface. Then the IP
layer compares the MTU with the packet length. If the packet length is longer
than the MTU, the IP layer fragments the packet into smaller packets, which are
shorter than or equal to the MTU. If unfragmentation is configured, some packets
may be discarded during data transmission at the IP layer. To ensure jumbo
packets are not dropped during transmission, you need to configure forcible
fragmentation. In this case, you can run the mtu command to set the size of a
fragment.
Therefore, a proper MTU is a prerequisite for normal communication on a
network.
● If the configured MTU is excessively small and the packet size is larger,
packets are discarded when being forwarded through the forwarding chip;
packets are broken into a great number of fragments when being forwarded
through the CPU, affecting proper data transmission.
● If the size of packets exceeds the MTU supported by a transit node or a
receiver, the transit node or receiver fragments the packets or even discards
them, aggravating the network transmission load.
The default MTU is recommended. When the size of packets to be transmitted or
the device that receives packets changes, you can change the MTU based on the
actual network.
Precautions
● DHCP packets cannot be fragmented. When the MTU value set using the mtu
command is smaller than the DHCP packet length, DHCP packets cannot be
forwarded. Therefore, set a larger MTU value.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● If the MTU value is smaller than the DHCP packet length, the AP may be
disconnected. In this case, restart the AP.
● When the MTU is too small and the DF bit is set to 1, packets cannot be
fragmented. In this case, use the forced fragmentation function.
● Configuring the MTU of an interface affects the maximum number of bytes
for IP packets to be sent by the interface at a time. This configuration also
affects the maximum frame length of sent Ethernet packets. The Ethernet
packet size cannot exceed the maximum frame length allowed by the peer
interface, which can be set using the jumboframe enable command.

Example
# Set the MTU of the VLANIF100 interface to 1492 bytes.
<HUAWEI> system-view
[HUAWEI] interface Vlanif 100
[HUAWEI-Vlanif100] mtu 1492

7.3.11 name (VLAN view)

Function
The name command configures a name for a VLAN.
The undo name command deletes a configured VLAN name.
By default, a VLAN does not have a name.

Format
name vlan-name
undo name

Parameters
Parameter Description Value
vlan-name Specifies the VLAN The name is a string of 1 to 31 case-
name. sensitive characters, spaces not supported.

Views
VLAN view

Default Level
2: Configuration level

Usage Guidelines
If a device is configured with multiple VLANs for transmitting different services,
you can name the VLANs in their corresponding VLAN views to facilitate service

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

management. In this manner, you can check the deployed services of a VLAN by
the VLAN name.
After VLANs are named, you can run the vlan vlan-name command in the system
view to enter the view of a specific VLAN, and then check or modify the
configuration of the VLAN.

Example
# Create VLAN 2, which is used to transmit voice services, and name it as voice.
<HUAWEI> system-view
[HUAWEI] vlan 2
[HUAWEI-vlan2] name voice

7.3.12 port
Function
Using the port command, you can configure a VLAN as the default VLAN of an
interface and add the interface to the VLAN.
Using the undo port command, you can restore the default VLAN of an interface
to the default setting.
By default, VLAN 1 is the default VLAN of all interfaces.

Format
port interface-type { interface-number1 [ to interface-number2 ] }&<1-10>
undo port interface-type { interface-number1 [ to interface-number2 ] }&<1-10>

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

interface-type Configures the default -

{ interface-number1 [ to VLAN for multiple
interface-number2 ] } interfaces.
● interface-type
specifies the type of
interfaces.
● interface-number1
specifies the number
of the first interface.
● interface-number2
specifies the number
of the last interface.
The value of
interface-number2
must be greater than
the value of interface-
number1. The
interface-number1
and interface-
number2 parameters
identify a range of
interfaces.
If to interface-number2
is not specified, only one
interface is specified. You
can specify 10 interface
ranges at one time.

Views
VLAN view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

All frames sent from a user device are untagged, and frames sent from a remote
device may also be untagged. However, the device processes only tagged frames.
Therefore, the device adds a tag to each untagged frame received by an interface.
The default VLAN ID of the interface can be added to untagged frames so that
these frames are forwarded in the default VLAN.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

After the default VLAN is specified for an access interface, packets passing through
the interface are processed as follows:
● When the interface receives an untagged frame, it tags the frame with the
default VLAN ID.
● When the interface receives a tagged packet:
– If the interface is an access interface, it compares the VLAN ID of the
packet with the default VLAN ID. If they are the same, the interface
forwards the packets; otherwise, the interface discards the packets.
● Before forwarding a tagged packet, the interface removes the VLAN tag from
the packet.

Prerequisites

The link-type of specified interfaces cannot be access or trunk before you run the
port command.

Precautions

A super VLAN cannot be configured as the default VLAN of interfaces. The undo
port command deletes the default VLAN of the specified interfaces only if the
current VLAN is the default VLAN of these interfaces.

If you run the port command multiple times in the same VLAN view, the VLAN is
configured as the default VLAN of all the specified interfaces.

You can also run the port default vlan command in the interface view to
configure the default VLAN for an interface. The two commands have the same
function.

Example
# Configure VLAN 3 as the default VLAN of interfaces GE0/0/1.
<HUAWEI> system-view
[HUAWEI] vlan 3
[HUAWEI-vlan3] port gigabitethernet 0/0/1

7.3.13 port default vlan

Function
The port default vlan command configures the default VLAN of an interface and
adds the interface to the VLAN.

The undo port default vlan command restores the default VLAN of an interface
to the default setting.

By default, VLAN 1 is the default VLAN of all interfaces.

Format
port default vlan vlan-id

undo port default vlan

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

vlan-id Specifies the ID of the The value is an integer

default VLAN. that ranges from 1 to
4094.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
All frames sent from a user device are untagged, and frames sent from a remote
device may also be untagged. However, the AP processes only tagged frames.
Therefore, the AP adds a tag to each untagged frame received by an interface. The
default VLAN ID of the interface can be added to untagged frames so that these
frames are forwarded in the default VLAN.
After the default VLAN is specified for an access interface, packets passing through
the interface are processed as follows:
● When the interface receives an untagged frame, it tags the frame with the
default VLAN tag.
● When the interface receives a tagged packet:
– If the interface is an access interface, it compares the VLAN ID of the
packet with the default VLAN ID. If they are the same, the interface
forwards the packets; otherwise, the interface discards the packets.
● Before forwarding a tagged packet, the interface removes the VLAN tag from
the packet.
Prerequisites
The VLAN to be configured as the default VLAN has been created.
The interface type is access. If not, run the port link-type command to change the
interface type.
Precautions
You can also run the port command in the VLAN view to configure the default
VLAN of an interface. The two commands have the same function.
A super VLAN cannot be configured as the default VLAN of interfaces.
If you run the port default vlan command multiple times in the same interface
view, only the latest configuration takes effect.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Configure VLAN 3 (an existing VLAN) as the default VLAN of GE0/0/1 (an
access interface).
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type access
[HUAWEI-GigabitEthernet0/0/1] port default vlan 3

7.3.14 port hybrid pvid vlan

Function
The port hybrid pvid vlan command specifies the default VLAN ID of a hybrid
interface.
The undo port hybrid pvid vlan command restores the default VLAN ID of a
hybrid interface to the default setting.
By default, VLAN 1 is the default VLAN ID of all interfaces.

Format
port hybrid pvid vlan vlan-id
undo port hybrid pvid vlan

Parameters
Parameter Description Value

vlan-id Specifies the default The value is an integer

VLAN ID of a hybrid that ranges from 1 to
interface. 4094.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
An interface may receive untagged and tagged frames, but the AP processes only
tagged frames. Therefore, the AP adds a tag to each untagged frame received by
an interface. The default VLAN ID of the interface can be added to untagged
frames so that these frames are forwarded in the default VLAN.
A hybrid interface processes Ethernet frames as follows:

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● When the interface receives an untagged frame, it tags the frame with the
default VLAN ID. If the default VLAN ID is allowed by the interface, the
interface accepts the frame. Otherwise, the interface discards the frame.
● When the interface receives a tagged frame, it accepts the frame if the VLAN
ID of the frame is in the list of allowed VLAN IDs. Otherwise, the interface
discards the frame.
● If the VLAN ID of a frame is allowed by the interface, the interface forwards
the frame.
Prerequisites
The VLAN to be specified as the default VLAN has been created.
Precautions
The port hybrid pvid vlan command only specifies the default VLAN for an
interface but does not add the interface to the default VLAN.
If you run the port hybrid pvid vlan command multiple times in the same
interface view, only the latest configuration takes effect.

Example
# Specify VLAN 5 as the default VLAN of GE0/0/1.
<HUAWEI> system-view
[HUAWEI] vlan 5
[HUAWEI-vlan5] quit
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type hybrid
[HUAWEI-GigabitEthernet0/0/1] port hybrid pvid vlan 5

7.3.15 port hybrid tagged vlan

Function
The port hybrid tagged vlan command adds a hybrid interface to the specified
VLANs. Frames of the VLANs then pass through the hybrid interface in tagged
mode.
The undo port hybrid vlan command removes a hybrid interface from the
specified VLANs.
By default, a hybrid interface is added to VLAN 1 in untagged mode.

Format
port hybrid tagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }
undo port hybrid vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

vlan-id1 [ to vlan-id2 ] Adds a hybrid interface The value of vlan-id1 is

to specified VLANs. an integer that ranges
● vlan-id1 specifies the from 1 to 4094.
start VLAN ID. The value of vlan-id2 is
● to vlan-id2 specifies an integer that ranges
the end VLAN ID. The from 1 to 4094.
value of vlan-id2
must be greater than
or equal to the value
of vlan-id1.

all Adds a hybrid interface -

to or deletes it from all
VLANs.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A hybrid interface can connect to either a user device or a wireless access point.
This command adds a hybrid interface to VLANs in tagged mode so that the
hybrid interface allows frames from the VLANs to pass.
After a hybrid interface is added to VLANs in tagged mode, the interface forwards
frames without removing VLAN tags of frames.
Prerequisites
If an interface is not a hybrid interface, run the port link-type hybrid command
to change the interface type to hybrid.
Precautions
If you run the port hybrid tagged vlan command multiple times in the same
interface view, the interface is added to all the specified VLANs.

Example
# Add GE0/0/1 to VLAN 3 to VLAN 5 in tagged mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

[HUAWEI-GigabitEthernet0/0/1] port link-type hybrid

[HUAWEI-GigabitEthernet0/0/1] port hybrid tagged vlan 3 to 5

7.3.16 port hybrid untagged vlan

Function
The port hybrid untagged vlan command adds a hybrid interface to the specified
VLANs. Frames of the VLANs then pass through the hybrid interface in untagged
mode.
The undo port hybrid vlan command removes a hybrid interface from the
specified VLANs.
By default, a hybrid interface is added to VLAN 1 in untagged mode.

Format
port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }
undo port hybrid vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

Parameters
Parameter Description Value

vlan-id1 [ to vlan-id2 ] Adds a hybrid interface The value of vlan-id1 is

all Adds a hybrid interface -

to or deletes it from all
VLANs.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

A hybrid interface can connect to either a user device or a wireless access point.
When a hybrid interface is connected to a user device, it must be added to VLANs
in untagged mode so that it sends untagged frames.

After a hybrid interface is added to VLANs in untagged mode, the interface

removes VLAN tags of frames before sending frames.

Prerequisites

If an interface is not a hybrid interface, run the port link-type hybrid command
to change the interface type to hybrid.

Precautions

If you run the port hybrid untagged vlan command multiple times in the same
interface view, the interface is added to all the specified VLANs.

Example
# Add GE0/0/1 to VLAN 3 to VLAN 5 in untagged mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type hybrid
[HUAWEI-GigabitEthernet0/0/1] port hybrid untagged vlan 3 to 5

7.3.17 port link-type

Function
The port link-type command sets the link type of an interface.

The undo port link-type command restores the default link type of an interface.

By default, the link type of an interface is hybrid.

Format
port link-type { access | hybrid | trunk }

undo port link-type

Parameters
Parameter Description Value

access Sets the link type of an -

interface to access.

hybrid Sets the link type of an -

interface to hybrid.

trunk Sets the link type of an -

interface to trunk.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
GE interface view, Eth-Trunk interface view, MultiGE interface view, XGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Characteristics of different interfaces are:

● An access interface connects to a user device. It can connect only to an access
link, and Ethernet frames transmitted on the access link are untagged. An
access interface adds a VLAN tag to packets and sets the VID field in the
VLAN tag to the default VLAN ID. The access link transmits only the packets
with the default VLAN ID.
● A trunk interface connects to a wireless access point and can connect only to
a trunk link. A trunk interface allows frames from multiple VLANs to pass.
● A hybrid interface can connect to either a user device or a wireless access
point, and it can connect to an access link or a trunk link. A hybrid interface
allows frames from multiple VLANs to pass and can remove VLAN tags of
outgoing frames.

Prerequisites

Before changing the interface type, restore the default VLAN configuration of the
interface so that the interface belongs to only VLAN 1.

Follow-up Procedure

Add the interface to VLANs.

Precautions

If you run the port link-type command multiple times in the same interface view,
only the latest configuration takes effect.

Example
# Set the link type of GE0/0/1 to trunk.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type trunk

7.3.18 port trunk allow-pass vlan

Function
The port trunk allow-pass vlan command adds a trunk interface to the specified
VLANs.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The undo port trunk allow-pass vlan command deletes a trunk interface from
the specified VLANs.
By default, a trunk interface is in VLAN 1.

Format
port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }
undo port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

Parameters
Parameter Description Value

vlan-id1 [ to vlan-id2 ] Adds a trunk interface to The value of vlan-id1 is

specified VLANs. an integer that ranges
● vlan-id1 specifies the from 1 to 4094.
start VLAN ID. The value of vlan-id2 is
● to vlan-id2 specifies an integer that ranges
the end VLAN ID. The from 1 to 4094.
value of vlan-id2
must be greater than
or equal to the value
of vlan-id1.

all Adds a trunk interface to -

or deletes it from all
VLANs.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A trunk interface can join multiple VLANs and connects to a network device. To
allow all packets from one or multiple VLANs to pass through a trunk interface,
the trunk interface must be added to the VLANs using the port trunk allow-pass
vlan command.
Prerequisites
The link-type of the interface is configured to trunk.
Precautions

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

If you run the port trunk allow-pass vlan command multiple times in the same
interface view, the interface is added to all the specified VLANs.

Example
# Add GE0/0/1 to VLANs 10 to 30.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type trunk
[HUAWEI-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 to 30

7.3.19 port trunk pvid vlan

Function
The port trunk pvid vlan command specifies the default VLAN for a trunk
interface.
The undo port trunk pvid vlan command restores the default VLAN of a trunk
interface to the default setting.
By default, VLAN 1 is the default VLAN of trunk interfaces.

Format
port trunk pvid vlan vlan-id
undo port trunk pvid vlan

Parameters
Parameter Description Value

vlan-id Specifies the default The value is an integer

VLAN ID of a trunk that ranges from 1 to
interface. 4094.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
An interface may receive untagged and tagged frames, but the device processes
only tagged frames. Therefore, the device adds a tag to each untagged frame

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

received by an interface. The default VLAN ID of the interface can be added to

untagged frames so that these frames are forwarded in the default VLAN.

Prerequisites

The VLAN to be specified as the default VLAN has been created.

Follow-up Procedure

Add the trunk interface to the default VLAN.

Precautions

The port trunk pvid vlan command only specifies the default VLAN of a trunk
interface but does not add the trunk interface to the default VLAN. A trunk
interface forwards frames with the default VLAN ID only after it is added to the
default VLAN using the port trunk allow-pass vlan command.

If you run the port trunk pvid vlan command multiple times in the same
interface view, only the latest configuration takes effect.

Example
# Specify VLAN 5 as the default VLAN of GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port link-type trunk
[HUAWEI-GigabitEthernet0/0/1] port trunk pvid vlan 5

7.3.20 reset vlan statistics

Function
Using the reset vlan statistics command, you can clear traffic statistics in a
specified VLAN.

Format
reset vlan statistics vlan-id

Parameters
Parameter Description Value

vlan-id Specifies the ID of a The value is an integer

VLAN. that ranges from 1 to
4094.

Views
User view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
3: Management level

Usage Guidelines
Usage Scenario

This command is used when you need to collect new packet statistics in a VLAN.
After this command is executed, the packet count in the VLAN becomes 0.

Precautions

NOTICE

Traffic statistics cannot be restored after they are cleared. Exercise caution when
you use the command.

Example
# Clear traffic statistics in VLAN 3.
<HUAWEI> reset vlan statistics 3

7.3.21 shutdown (VLANIF interface view)

Function
Using the shutdown command, you can shut down a VLANIF interface.

Using the undo shutdown command, you can enable a VLANIF interface.

By default, a VLANIF interface is enabled.

Format
shutdown

undo shutdown

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario

When a VLANIF interface fails or is not needed, you can run the shutdown
command on the VLANIF interface.

Precautions

● A VLANIF interface is Up as long as an interface in the corresponding VLAN is

Up.
● After the VLANIF interface is shut down, the interface status changes to Down
even if physical interfaces in the corresponding VLAN are Up.
● After a VLANIF interface is shut down, none of the users that use the VLANIF
interface address as the gateway address can communicate at Layer 3. In
addition, the VLANIF interface address cannot be used in route calculation.
● After a VLANIF interface is shut down, the dynamic ARP entry corresponding
to the VLANIF interface starts aging in the ARP table. If the VLANIF interface
address is in a static ARP entry, the ARP entry is not deleted.
● To ensure that the cloud AP is managed by the SDN controller, you cannot
run the shutdown command on the cloud AP to disable the following
interfaces:
– Physical interface and VLANIF interface used to communicate with the
SDN controller
– VLANIF interface corresponding to the management VLAN

Example
# Enable VLANIF 2.
<HUAWEI> system-view
[HUAWEI] interface vlanif 2
[HUAWEI-Vlanif2] undo shutdown

7.3.22 vlan

Function
The vlan command creates a VLAN and displays the VLAN view. If the VLAN
exists, the VLAN view is displayed.

The undo vlan command deletes a VLAN.

By default, all interfaces belong to the default VLAN, named VLAN 1.

Format
vlan vlan-id

vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo vlan vlan-id

undo vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10>

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

vlan-id Specifies the VLAN ID. The value is an

integer ranging
from 1 to 4094.

batch Configures VLANs in batches. -

vlan-id1 to Specifies range of VLANs to be configured The vlan-id1 and

vlan-id2 in batches: vlan-id2 are
● vlan-id1 specifies the start VLAN ID. integers ranging
from 1 to 4094.
● vlan-id2 specifies the end VLAN ID.
vlan-id2 must be greater than or equal
to vlan-id1. vlan-id1 and vlan-id2
define a range together.
● If the parameter to vlan-id2 is not
specified, only the VLAN specified by
vlan-id1 is created.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
To reduce broadcast domains and enhance security on a complex network, VLANs
can be created on the network to isolate the devices that do not need to
communicate each other. The vlan batch command creates multiple VLANs at
one time, simplifying VLAN configuration.
Follow-up Procedure
Assign VLANs according to network requirements.
Precautions
VLAN 1 is the default VLAN, which cannot be deleted and does not need to be
created.
The vlan command can be used to create a VLAN and enter the VLAN view. If a
VLAN has been created, the VLAN view is displayed after this command is used.
The vlan command multiple times creates multiple VLANs. If a VLAN has been
created, using this command cannot be used to create the same VLAN or modify
the configurations of the VLAN.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The vlan batch command can be used to create multiple VLANs in batches. If a
VLAN has been created, using this command cannot be used to create the same
VLAN or modify the configurations of the VLAN. The vlan batch commands
multiple times creates VLANs in multiple batches.
Before deleting a VLAN, run the undo interface vlanif command to delete the
corresponding VLANIF interface.

Example
# Create VLAN 100 and enter the VLAN 100 view. If VLAN 100 exists, the VLAN
100 view is displayed directly.
<HUAWEI> system-view
[HUAWEI] vlan 100
[HUAWEI-vlan100]

7.3.23 vlan vlan-name

Function
The vlan vlan-name command displays the view of a VLAN with the specified
VLAN name.
The undo vlan vlan-name command deletes a VLAN with the specified VLAN
name. After the command is used, the VLAN name is also deleted.

Format
vlan vlan-name vlan-name
undo vlan vlan-name vlan-name

Parameters
Parameter Description Value
vlan-name Specifies the VLAN The name is a string of 1 to 31 case-
name. sensitive characters, spaces not supported.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
After the name command is run to set a VLAN name, you can run the vlan vlan-
name command in the system view to enter the corresponding VLAN view.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Assume that a device has multiple VLANs and each VLAN has a name. If you need
to delete the VLAN that is used to transmit voice services but cannot remember
the ID of the VLAN, you can run the undo vlan vlan-name command to delete
the VLAN by inputting the VLAN name.

Prerequisites

Before running the vlan vlan-name command, ensure that the name command is
run to set the VLAN name.

Precautions

When you run the undo vlan vlan-name command to delete a VLAN, services
configured for the VLAN are deleted at the same time. The deleted services cannot
be restored even if you recreate the VLAN. Therefore, exercise caution when
running the undo vlan vlan-name command.

Example
# Enter the view of the VLAN named user1.
<HUAWEI> system-view
[HUAWEI] vlan vlan-name user1
[HUAWEI-vlan2]

7.4 STP/RSTP/MSTP Configuration Commands

7.4.1 active region-configuration

Function
The active region-configuration command activates the configuration of a
multiple spanning tree (MST) region.

Format
active region-configuration

Parameters
None

Views
MST region view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Configuring MST region parameters, especially VLAN mapping tables for MST
regions, is likely to cause network topology flapping. To reduce network flapping,
make sure that newly configured MST region parameters take effect only after the
active region-configuration command is run.

Precautions

After the active region-configuration command is run, configured MST region

parameters will take effect and the spanning tree will be recalculated.

Example
# Map VLAN 5 to the spanning tree instance 2 and activate the configuration.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] instance 2 vlan 5
[HUAWEI-mst-region] active region-configuration

7.4.2 check region-configuration

Function
The check region-configuration command displays the configuration of an MST
region such as the region name, revision level, and VLAN mapping table.

Format
check region-configuration

Parameters
None

Views
MST region view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees that are independent of each other. Each region is called
an MST region and each spanning tree is called a multiple spanning tree instance
(MSTI).

Two switching devices belong to the same MST region only when they have the
following same configurations:
● MST region name

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● MST region revision level

● Mappings between MSTIs and VLANs

To ensure that MST region configurations on each switching device are correct,
you are recommended to run the check region-configuration command to check
the MST region configurations before running the active region-configuration
command. If the MST region configurations are correct, run the active region-
configuration command to activate them.

Precautions

By default, VLANs that are not mapped to any instances with non-zero IDs using
the instance command are mapped to instance 0.

Example
# Display the configuration of an MST region.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] check region-configuration
Admin configuration
Format selector :0
Region name :00b010000001
Revision level :0
Instance VLANs Mapped
0 1 to 9, 11 to 4094
16 10

Table 7-18 Description of the check region-configuration command output

Item Description

Format selector Selection factor defined by MSTP

Region name Name of the MST region. To configure the

name for an MST region, run the region-name
command.

Revision level Revision level of the MST region. To set the

revision level of the MST region, run the
revision-level command.

Instance VLANs Mapped Mapping between MSTIs and VLANs. To

configure the mapping between MSTIs and
VLANs, run the instance or vlan-mapping
modulo.

7.4.3 display stp

Function
The display stp command displays the status of and statistics on a spanning tree
instance.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
display stp [ instance instance-id ] [ interface interface-type interface-number ]
[ brief ]

Parameters
Parameter Description Value

instance Displays the status and statistics of a The value is an

instance-id spanning tree instance. integer ranging
from 0 to 4094.
If instance instance-id is not specified, the Value 0 refers
status and statistics of all spanning tree to CIST.
instances will be displayed in the sequence
of the interface numbers.

interface Displays the information of a spanning tree -

interface-type on a specified interface.
interface-number
If interface interface-type interface-number
is not specified, the status and statistics of
all interfaces will be displayed in the
sequence of the interface numbers.

brief Displays the brief status. -

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
The display stp command is used to check whether STP/RSTP/MSTP is run in the
existing switching device or specified interface.
● If the Protocol Status field value is Disabled, STP/RSTP/MSTP is not run.
● If STP/RSTP/MSTP has been run, information such as the working mode of
STP/RSTP/MSTP will be displayed.
When the network planner has deployed STP/RSTP/MSTP on the network, you can
run the display stp command to check whether the configurations and calculation
result.

Example
# When the stp enable command does not run, the status and statistics of STP
are displayed.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> display stp

Protocol Status :Disabled
Protocol Standard :IEEE 802.1s
Version :3
CIST Bridge Priority :32768
MAC address :00e0-6343-6800
Max age(s) :20
Forward delay(s) :15
Hello time(s) :2
Max hops :20

Table 7-19 Description table of the display stp command output

Item Description

Protocol Status Status of the protocol.

● Disabled
● Enabled

Protocol Standard Standards of the protocol.

Version Protocol version:

● 0: STP
● 2: RSTP
● 3: MSTP
To set the protocol version, run the stp mode
command.

CIST Bridge Priority Priority of the switch in the CIST. To set the STP
priority, run the stp priority command.

MAC address MAC address of the switch.

Max age (s) Maximum TTL of BPDU. To set the value of Max Age,
run the stp timer max-age command.

Forward delay (s) Time taken by interface status transition. To set the
value of Forward Delay, run the stp timer forward-
delay command.

Hello time (s) Interval for sending BPDUs from the root switch. To set
the hello time, run the stp timer hello command.

Max hops Maximum number of hops in an MST region. To set

the maximum number of hops, run the stp max-hops
command.

# Display the status of and statistics on a spanning tree instance when the stp
enable command is configured.
<HUAWEI> display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 DESI FORWARDING NONE
0 GigabitEthernet0/0/4 ROOT FORWARDING NONE

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-20 Description of the display stp brief command output

Item Description

MSTID MSTP instance ID.

Port -

Role Interface role:

● DESI: Designated port
● ROOT: Root port
● ALTE: Alternate port
● BACK: Backup port
● MAST: Master port
● DISA: The interface is in
initialization state.

STP State Interface status. In the CIST region, the

statuses of interfaces are as follows:
● FORWARDING
● LEARNING
● DISCARDING

Protection Protection function:

● ROOTPROTECTION
● LOOPPROTECTION
● NONE
● LOOPBACK: loopback detection
● PVIDCONSISTENCY: The PVID of the
directly connected interface is
inconsistent.

# Display the status of and statistics on the spanning tree instance 0 on GE0/0/1.
<HUAWEI> display stp instance 0 interface GigabitEthernet 0/0/1

-------[CIST Global Info][Mode MSTP]-------

CIST Bridge :32768.00e0-fc0e-a421
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :32768.00e0-fc0e-a421 / 0 (This bridge is the root)
CIST RegRoot/IRPC :32768.00e0-fc0e-a421 / 0 (This bridge is the root)
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :0
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 23h:9m:30s
Number of TC :1
Last TC occurred :GigabitEthernet0/0/1
----[Port3(GigabitEthernet0/0/1)][FORWARDING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Port Cost(Legacy) :Config=auto / Active=19

Designated Bridge/Port :32768.00e0-fc0e-a421 / 128.1229
Port Edged :Config=disabled / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :6 packets/s
Protection Type :None
Port STP Mode :MSTP
Port Protocol Type :Config=auto / Active=dot1s
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 0
TC or TCN send :0
TC or TCN received :0
BPDU Sent :147
TCN: 0, Config: 0, RST: 0, MST: 147
BPDU Received :0
TCN: 0, Config: 0, RST: 0, MST: 0

Table 7-21 Description of the display stp instance command output

Item Description

CIST Global Info CIST global information.

Mode MSTP The operation mode is MSTP. By default, the mode is

MSTP. To set the operation mode, run the stp mode
command.

CIST Bridge ID of the CIST bridge.

● The previous 16 bits are the priority of the switch in
CIST.
● The latter 48 bits is the MAC address of the switch.

Config Times Values that is configured manually in the bridge

protocol information:
● Hello: the period of sending BPDUs.
● MaxAge: the maximum life cycle of BPDU.
● FwDly: deferred time of the change of the port
status.
● MaxHop: the maximum hops in the MST region.

Active Times Values that is used actually in the bridge protocol

information:
● Hello: the period of sending BPDUs.
● MaxAge: the maximum life cycle of BPDU.
● FwDly: deferred time of the change of the port
status.
● MaxHop: the maximum hops in the MST region.

CIST Root/ERPC CIST root bridge ID/External path cost (the path cost
from the switch to the CIST root bridge.)

CIST RegRoot/IRPC Region root bridge ID/Internal path cost (the path cost
from the switch to region root bridge.)

CIST RootPortId CIST root port ID. "0.0" indicates the switch is a root
bridge and has no root port.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

BPDU-Protection BPDU protection function:

● Disabled
● Enabled

TC or TCN received Number of the received TC or TCN packets.

TC count per hello Number of TC packets received within a hello interval.

STP Converge Mode STP converge mode

Time since last TC Period from the last topology change to now.

Number of TC Topology change count.

Last TC occurred Interface which causes the last topology change

NOTE
This parameter does not appear when Number of TC is 0.

Port Protocol The status of the port protocol is as follows:

● Enable: STP is enabled on the port.
● disable: STP is disabled on the port.

Port Role In CIST area, the four port roles are as follows:
● Root Port
● Designated Port
● Alternate Port
● Backup Port

Port Priority Priority of the port. To set the priority for a port, run
the stp port priority command.

Port Cost(Dot1T) Path cost of the port. It is calculated by dot1t

algorithm.
● config: refers to the path cost that is configure
manually.
● active: refers to the path cost actually.

Designated Bridge/ ID of the designated switch and port. The first 16 bits
Port of the switch ID represent the priority of the switch in
the CIST region; the last 48 bits represent the MAC
address of the switch. The first 4 bits of the port ID
represent the priority and the last 12 bits represent the
port number.

Port Edged Edged port that is specified by the administrator:

● enabled
● disabled

Point-to-point Link type of the port. Config indicates that the link
type is configured by running the stp point-to-point
command. Active indicates the actual link type.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Transit Limit Limit of the BPDUs sent by the current port during
each Hello time. To set the limit of the BPDUs sent by
the current port during each Hello time, run the stp
transmit-limit (interface view) command.

Protection Type The protection type is as follows:

● root-protection: valid only on a designed port.
● loop-protection: valid only on a root port or an
alternate one.

Port STP Mode STP mode on an interface.

Port Protocol Type Format of the packets that the interface receives and
sends. The formats are as follows:
● auto
● legacy
● dot1s
The default value is auto.

PortTimes Values in the bridge protocol information of the

interface:
● Hello: the period of sending BPDUs.
● MaxAge: the maximum life cycle of BPDU.
● FwDly: deferred time of the change of the port
status.
● MaxHop: the maximum hops in the MST region.

TC or TCN send Number of BPDUs with TC flags or TCN BPDUs sent by

the port.

TC or TCN received Number of BPDUs with TC flags or TCN BPDUs

received by the port.

BPDU Sent Statistics about the packets sent by BPDU is as follows:

● TCN: topology change notification
● Config: STP packets
● RST: RSTP packets
● MST: MSTP packets

BPDU Received Statistics about the packets received by BPDU.

Last forwarding time Time when the interface last entered the forwarding
state.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.4 display stp abnormal-interface

Function
The display stp abnormal-interface command displays information about
abnormal interfaces running the Spanning Tree Protocol (STP).

Format
display stp [ instance instance-id ] abnormal-interface

Parameters

Parameter Description Value

instance Displays the status and statistics of a The value is an integer in
instance-id specified spanning tree instance. the range 0 to 4094. The
value 0 indicates a
If instance instance-id is not common and internal
specified, the status and statistics of spanning tree (CIST)
all spanning tree instances will be instance.
displayed in the sequence of the
interface numbers.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

If a device has many interfaces and the display stp command output displays vast
information, viewing information about abnormal interfaces running STP is
difficult.

You can use the display stp abnormal-interface command to view information
about abnormal interfaces running STP.

Example
# Display information about abnormal interfaces in process 0 running STP
<HUAWEI> display stp instance 0 abnormal-interface
MSTID Interface Status Reason
0 GigabitEthernet0/0/1 DISCARDING LOOP-Protected

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-22 Description of the display stp abnormal-interface command output

Item Description

MSTID MSTP instance ID

Interface Interface type

Status Status of an interface after the STP protection takes

effect
● DOWN: indicates that the physical status of the
interface is Down (including error-down).
● DISCARDING: indicates the blocked interface after
the topology of the spanning tree becomes stable.

Reason An interface running STP becomes abnormal due to

one of the following:
● Root-Protected: indicates that the root protection
takes effect.
● Loop-Protected: indicates that the loop protection
takes effect.
● BPDU-Protected: indicates that the BPDU
protection takes effect.
● Loop-Detected: indicates that the loop detection
takes effect.

7.4.5 display stp active

Function
The display stp active command displays the status of and statistics on spanning
trees of all Up interfaces.

Format
display stp active

Parameters
None

Views
All views

Default Level
1: Monitoring level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario
The display stp active command displays information about spanning trees of Up
interfaces only.

Example
# Display information about spanning trees of all Up interfaces.
<HUAWEI> display stp active
-------[CIST Global Info][Mode MSTP]-------
CIST Bridge :32768.dcd2-fc21-5d40
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :32768.dcd2-fc21-5d40 / 0 (This bridge is the root)
CIST RegRoot/IRPC :32768.dcd2-fc21-5d40 / 0 (This bridge is the root)
CIST RootPortId :0.0
BPDU-Protection :Enabled
TC or TCN received :0
TC count per hello :0
STP Converge Mode :Fast
Time since last TC :0 days 2h:42m:10s
Number of TC :1
Last TC occurred :GigabitEthernet0/0/1
----[Port1(GigabitEthernet0/0/1)][FORWARDING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=20000
Designated Bridge/Port :32768.dcd2-fc21-5d40 / 128.1
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :6 packets/s
Protection Type :Root
Port STP Mode :MSTP
Port Protocol Type :Config=auto / Active=dot1s
PortTimes :Hello 2s MaxAge 20s FwDly 15s RemHop 20
TC or TCN send :1
TC or TCN received :0
BPDU Sent :4802
TCN: 0, Config: 0, RST: 0, MST: 4802
BPDU Received :0
TCN: 0, Config: 0, RST: 0, MST: 0
Last forwarding time: 2005/08/07 15:07:09 UTC+08:00

Table 7-23 Description of the display stp active command output

Item Description

CIST Bridge ● The 16 leftmost bits are the switch's priority in the
CIST.
● The 48 rightmost bits are the switch's MAC address.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Config Times Configured bridge protocol parameters:

● Hello: interval at which Bridge Protocol Data Units
(BPDUs) are sent
● MaxAge: maximum TTL of a BPDU
● FwDly: delay in interface status transition
● MaxHop: maximum number of hops in the MST
region

Active Times Bridge protocol parameters that are being used:

● Hello: interval at which BPDUs are sent
● MaxAge: maximum TTL of a BPDU
● FwDly: delay in interface status transition
● MaxHop: maximum number of hops in the MST
region

CIST Root/ERPC CIST root bridge ID/external path cost from the switch
to the root bridge.

CIST RegRoot/IRPC ID of the CIST region root bridge/Cost of the internal

path (path from the switch to the CIST region root
switch)

CIST RootPortId CIST root port ID. "0.0" indicates that the switch is the
root switch without the root port.

BPDU-Protection Whether BPDU protection is enabled:

● Disabled: BPDU protection is disabled.
● Enabled: BPDU protection is enabled.

TC or TCN received Number of received topology change (TC) or topology

change notification (TCN) packets

TC count per hello Number of TC packets received per Hello time

STP Converge Mode Convergence mode of the Spanning Tree Protocol

(SPT), which can be fast or normal. For details, see stp
converge.

Time since last TC Time since the last topology change

Number of TC Number of topology changes

Last TC occurred Interface which causes the last topology change

NOTE
This parameter does not appear when Number of TC is 0.

Port Protocol STP status on the interface:

● Enabled: STP is enabled on the interface.
● Disabled: STP is disabled on the interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Port Role Role of an interface. In the CIST region, the roles of

interfaces are as follows:
● Root Port
● Designated Port
● Alternate Port
● Backup Port

Port Priority Interface priority. For details, see stp port priority.

Port Cost(Dot1T) Path cost (calculated by dot1t) of an interface:

● Config: configured path cost
● Active: path cost that is being used

Designated Bridge/ Switch ID/Port ID The first 16 bits represent the

Port switch's priority in the CIST region, and the last 48 bits
represent the switch's MAC address. The first 4 bits of
the port ID represent the port's priority, and the last 12
bits represent the port number.

Port Edged Whether the edge interface (specified by the

administrator) is enabled:
● enabled: The edge interface is enabled.
● disabled: The edge interface is disabled.
Config indicates the value that is specified in the stp
edged-port command, and Active indicates the value
in use.

Point-to-point Link type of the interface. Config indicates the link

type that is specified in the stp point-to-point
command, and Active indicates the link type that is
being used.

Transit Limit Maximum number of BPDUs that the current interface

can send per second. For details, see stp transmit-
limit.

Protection Type Protection type, which can be:

● root-protection: Protection takes effect only on the
specified interface.
● loop-protection: Protection takes effect only on the
root interface or alternate interface.
● None: none.

Port STP Mode STP mode of the interface

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Port Protocol Type Format of packets sent and received on the interface,
which can be:
● auto
● legacy
● dot1s
The default value is auto. Config indicates the packet
format that is specified in the stp compliance
command, and Active indicates the packet format in
use.

PortTimes Bridge protocol parameters of the interface:

● Hello: interval at which BPDUs are sent
● MaxAge: maximum TTL of a BPDU
● FwDly: delay in interface status transition
● RemHop: maximum number of hops in the MST
region

TC or TCN send Number of TC or TCN packets sent on the interface

TC or TCN received Number of TC or TCN packets received on the interface

BPDU Sent Statistics on sent BPDUs, including:

● TCN: TCN BPDUs
● Config: STP BPDUs
● RST: Rapid Spanning Tree Protocol (RSTP) BPDUs
● MST: MSTP BPDUs

BPDU Received Statistics on received BPDUs

Last forwarding time Time when the interface last entered the forwarding
state

7.4.6 display stp bridge

Function
The display stp bridge command displays details about the spanning tree of a
bridge.

Format
display stp bridge { root | local }

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

root Displays details about the spanning tree of the root bridge. -

local Displays details about the spanning tree of the local bridge. -

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
When a device provides many interfaces, running the display stp command
displays a large amount of information, and it is difficult to find information about
the spanning trees of the root and local bridges.
Using the display stp bridge command, you can easily view details about the
spanning trees of the root and local bridges.

Example
# Display details about the spanning tree of the root bridge of MSTP.
<HUAWEI> display stp bridge root
MSTID Root ID Root Cost Hello Max Forward Root Port
Time Age Delay
----- -------------------- ---------- ----- --- ------- -----------------
0 0.4c1f-cc48-6514 419998 2 20 15

Table 7-24 Description of the display stp bridge command output

Item Description

MSTID MSTP instance ID

Root ID MSTP root bridge ID

Root Cost MSTP root path cost

Hello Time Interval at which Bridge Protocol Data Units (BPDUs)

are sent from the root switch

Max Age Maximum TTL of a BPDU

Forward Delay Delay in interface status transition

Root Port Root interface

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.7 display stp error packet

Function
The display stp error packet command displays the statistics about error packets
received by MSTP and the contents of recently received packets.

Format
display stp error packet

Parameters
None.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
If a device on a Layer 2 network runs MSTP is attacked by MSTP error packets, the
display stp error packet command can be used to view recently received MSTP
error packets.

Example
# Display the statistics about error packets received by MSTP and the contents of
recently received packets.
<HUAWEI> display stp error packet
4 error-packet(s) have been recieved and the last one is recieved at 2011/05/02 12:45:31.
01 80 C2 00 00 00 38 AA D2 11 11 10 00 69 42 42
03 00 00 03 02 7C 00 00 38 AA D2 11 11 10 00 00
00 00 00 00 38 AA D2 11 11 10 80 01 00 00 14 00
02 00 0F 00 00 00 40 00 33 38 61 61 64 32 31 31
31 31 31 30 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 AC 36 17 7F 50 28
3C D4 B8 38 21 D8 AB 26 DE 62 00 00 00 00 00 00
38 AA D2 11 11 10 14

7.4.8 display stp global

Function
The display stp global command displays global Spanning Tree Protocol (STP)
information.

Format
display stp global

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario
When a device provides many interfaces, the display stp command output
contains a large amount of information, and it is difficult to find the desired
information quickly and view global information at a glance. The display stp brief
command output, by comparison, displays information about spanning trees on
interfaces, but not global information.
Using the display stp global command, you can view global STP information
conveniently.

Example
# Display brief STP information about MSTP.
<HUAWEI> display stp global
Protocol Status : Enabled
Bpdu-filter default : Disabled
Tc-protection : Disabled
Tc-protection threshold : 1
Tc-protection interval : 2s
Edged port default : Enabled
Pathcost-standard : Dot1t
Timer-factor :3
Transmit-limit : 10
Bridge-diameter :7
-------[CIST Global Info][Mode MSTP]-------
CIST Bridge :61440.781d-ba56-f06c
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :61440.781d-ba56-f06c / 0 (This bridge is the root)
CIST RegRoot/IRPC :61440.781d-ba56-f06c / 0 (This bridge is the root)
CIST RootPortId :0.0
BPDU-Protection :Disabled
TC or TCN received :85
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 9h:12m:34s
Number of TC :13
Last TC occurred :GigabitEthernet0/0/1

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-25 Description of the display stp global command output

Item Description

Protocol Status Spanning Tree Protocol (STP) status:

● Enabled: STP is enabled.
● Disabled: STP is disabled.

Bpdu-filter default Whether the function of configuring device interfaces

as Bridge Protocol Data Unit (BPDU) filter interfaces is
enabled:
● Enabled: The function is enabled.
● Disabled: The function is disabled.

Tc-protection Topology change (TC) protection status:

● Enabled: TC protection is enabled.
● Disabled: TC protection is disabled.

Tc-protection Threshold of TC packets that the device can handle

threshold and immediately refresh forwarding entries in a given
period

Tc-protection interval Time the MSTP takes to handle a given number of TC

packets and immediately refresh forwarding entries

Edged port default Whether the function of configuring all ports of the
switch as edge ports is enabled:
● Enabled: The function is enabled.
● Disabled: The function is disabled.

Pathcost-standard Method of calculating the MSTP path cost

Timer-factor Multiplier of Hello time

Transmit-limit Maximum number of BPDUs that the current interface

can send per Hello time. For details, see stp transmit-
limit.

Bridge-diameter Network diameter of the MSTP

CIST Bridge Common and internal spanning tree (CIST) bridge ID

● The first 16 bits represent the switch's priority in the
CIST.
● The last 48 bits represent the switch's MAC address.

Config Times Configured bridge protocol parameters:

● Hello: interval at which BPDUs are sent
● MaxAge: maximum TTL of a BPDU
● FwDly: delay in interface status transition
● MaxHop: maximum number of hops in the MST
region

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Active Times Bridge protocol parameters that are being used:

● Hello: interval at which BPDUs are sent
● MaxAge: maximum TTL of a BPDU
● FwDly: delay in interface status transition
● MaxHop: maximum number of hops in the MST
region

CIST Root/ERPC CIST root switch ID/Cost of the external path (path
from the switch to the CIST root switch)

CIST RegRoot/IRPC ID of the CIST region root bridge/Cost of the internal

path (path from the switch to the CIST region root
switch)

CIST RootPortId ID of the CIST root interface. 0.0 indicates that the
switch is the root switch and does not provide any root
interface.

BPDU-Protection Whether BPDU protection is enabled:

● Disabled: BPDU protection is disabled.
● Enabled: BPDU protection is enabled.

TC or TCN received Number of received TC or topology change notification

(TCN) packets

TC count per hello Number of TC packets received per Hello time

STP Converge Mode Convergence mode of the Spanning Tree Protocol

(SPT), which can be fast or normal. For details, see stp
converge.

Time since last TC Time since the last topology change

Number of TC Number of topology changes

Last TC occurred Interface which causes the last topology change

NOTE
This parameter does not appear when Number of TC is 0.

7.4.9 display stp region-configuration

Function
The display stp region-configuration command displays the effective
configuration of the MST region on the switching device. The configuration
includes the region name, revision level and mapping relationship between VLANs
and spanning tree instances.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
display stp region-configuration [ digest ]

Parameters
Parameter Description Value
digest Displays brief information about the effective MST region. -

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

After an MST region is configured and takes effect on the network running MSTP,
you can run the display stp region-configuration command to view the name,
revision level, STP instance, and inter-VLAN mapping of the MST region.

Example
# Display the configuration of MST regions.
<HUAWEI> display stp region-configuration
Oper configuration
Format selector :0
Region name :dcd2fc9a2110
Revision level :0

Instance VLANs Mapped

0 1 to 4094

# Display brief information about the effective MST region.

<HUAWEI> display stp region-configuration digest
Oper configuration
Format selector :0
Region name :dcd2fc9a2110
Revision level :0
Digest :0xAC36177F50283CD4B83821D8AB26DE62

Table 7-26 Description of the display stp region-configuration command output

Item Description

Format selector Selection factors defined by the MSTP protocol.

Region name Name of the MST region.

Revision level Revision level of the MST region.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Instance VLANs Mapped Mapping between the spanning tree instance and
VLANs of the MST region.

Digest Brief information about the MST region.

7.4.10 display stp tc-bpdu statistics

Function
The display stp tc-bpdu statistics command displays statistics of sent and
received topology change (TC) and topology change notification (TCN) BPDUs on
interfaces.

Format
display stp [ instance instance-id ] [ interface interface-type interface-number ]
tc-bpdu statistics

Parameters

Parameter Description Value

instance Specifies the ID of an MSTP instance of which The value is an
instance-id statistics of TC and TCN BPDUs are displayed. integer that
ranges from 0 to
If the parameter instance instance-id is not
4094. The value
specified, statistics of TC and TCN BPDUs on
0 indicates a
all interfaces are displayed in the sequence of
CIST instance.
the interface numbers.

interface Specifies the interface on which statistics of -

interface-type TC and TCN BPDUs are displayed.
interface-
number If the parameter interface interface-type
interface-number is not specified, statistics of
TC and TCN BPDUs on all interfaces are
displayed in the sequence of the interface
numbers.

Views
All views

Default Level
1: Monitoring level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
If you need to know whether a fault has occurred on interfaces that send and
receive TC/TCN BPDUs, you can run this command to view statistics of these
BPDUs and locate the fault.

Example
# Display the statistics of TC/TCN BPDUs on interfaces of an MSTP instance.
<HUAWEI> display stp tc-bpdu statistics
-------------------------- STP TC/TCN information --------------------------
MSTID Port TC(Send/Receive) TCN(Send/Receive)
0 GigabitEthernet0/0/1 1/0 0/0

Table 7-27 Description of the display stp tc-bpdu statistics command output

Item Description

MSTID ID of an MSTP instance

Port Interface name

TC(Send/Receive) Statistics of send and received TC BPDUs

TCN(Send/Receive) Statistics of send and received TCN BPDUs ("-"

indicates that MSTP instances except MSTP instance 0
do not have TCN BPDUs sent and received)

7.4.11 display stp topology-change

Function
The display stp topology-change command displays the statistics about MSTP
topology changes.

Format
display stp [ instance instance-id ] topology-change

Parameters

Parameter Description Value

instance Displays statistics about the topology The value is an

instance-id changes of a specified STP instance. integer ranging from
0 to 4094. Value 0
If this parameter is not specified, the refers to CIST.
statistics about the topology changes
of a CIST instance are displayed.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

On a Layer 2 network running MSTP, a device clears ARP entries and MAC entries
after receiving topology change packets. If a device receives too many topology
change packets, the device will frequently clear ARP entries and MAC entries,
causing high CPU usage. As a result, network traffic is unstable.

The display stp topology-change command can be used to display the statistics
about MSTP topology changes. If the statistics increase, network flapping occurs.

Example
# Display statistics about MSTP topology changes.
<HUAWEI> display stp topology-change
CIST topology change information
Number of topology changes :173
Time since last topology change :0 days 0h:1m:15s
Topology change initiator(notified) :GigabitEthernet0/0/1
Topology change last received from :5489-9876-b7d7
Number of generated topologychange traps : 1
Number of suppressed topologychange traps: 0

Table 7-28 Description of the display stp topology-change command output

Item Description

Number of topology Total number of topology changes since MSTP

changes initialization.

Time since last Time since the last topology change

topology change

Topology change Interface that initiates a topology change because the

initiator(notified) interface status changes to detected

Topology change last Source bridge MAC address contained in a topology

received from change packet

Number of generated Total number of generated topology-change traps.

topologychange traps

Number of suppressed Total number of suppressed topology-change traps.

topologychange traps

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.12 display stp vlan

Function
The display stp vlan command displays the STP status on an interface added to a
specified VLAN.

Format
display stp vlan vlan-id

Parameters
Parameter Description Value
vlan-id Displays the STP status on an The value is an integer
interface added to a specified VLAN. ranging from 1 to 4094.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
After an interface is added to a VLAN, the display stp vlan command can be used
to the display the STP status on the interface. In this case, the mapping between
VLANs and instances does not need to be concerned with.

Example
# Display the STP status on an interface added to a specified VLAN.
<HUAWEI> display stp vlan 1
InstanceId Port Role State
----------------------------------------------------------
0 GigabitEthernet0/0/1 DESI FORWARDING

Table 7-29 Description of the display stp vlan command output

Item Description

InstanceId. Instance ID

Port Interface

Role Interface role

State Interface status

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.13 instance
Function
The instance command maps a VLAN to a spanning tree instance.
The undo instance command deletes the mapping between a VLAN and a
spanning tree instance.
By default, all VLANs are mapped to CIST, that is, instance 0.

Format
instance instance-id vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>
undo instance instance-id [ vlan { vlan-id1 [ to vlan-id2 ] } &<1-10> ]

Parameters
Parameter Description Value
instance-id Specifies the number The value is an integer ranging from 0 to
of a spanning tree 4094. Value 0 refers to CIST.
instance.
The value of instance-id specified in the
undo instance command cannot be 0. This
means that instance 0 cannot be deleted.

vlan vlan-id1 Specifies a start The value is an integer ranging from 1 to

VLAN ID. 4094. The start VLAN ID must be smaller
than the end VLAN ID.
to vlan-id2 Specifies an end The value is an integer that ranges from 1
VLAN ID. to 4094.

Views
MST region view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees that are independent of each other. Each spanning tree is
called an MSTI and each region is called an MST region.
Two switching devices belong to the same MST region only when they have the
following same configurations:
● MST region name

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● Mappings between MSTIs and VLANs

● MST region revision level
The instance command is used to set mappings between spanning tree instances
and VLANs.
Precautions
When using the undo instance command, note the following points:
● After the mapping between specified VLANs and a specified spanning tree
instance is deleted, these VLANs will be mapped to a CIST, namely, instance 0.
● If no VLAN is specified, all VLANs that have established mappings with the
spanning tree instance will be mapped to a CIST.
A VLAN cannot be mapped to different spanning tree instances. If the instance
command is run several times, the latest configuration overrides the previous one.

Example
# Map VLAN 2 to spanning tree instance 1.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] instance 1 vlan 2

7.4.14 max bandwidth-affected-linknumber

Function
The max bandwidth-affected-linknumber command sets the upper threshold for
the number of interfaces that determine the bandwidth of an Eth-Trunk.
The undo max bandwidth-affected-linknumber command restores the default
upper threshold for the number of interfaces that determine the bandwidth of an
Eth-Trunk.
By default, the upper threshold for the number of interfaces that determine the
bandwidth of an Eth-Trunk is 8.

Format
max bandwidth-affected-linknumber link-number
undo max bandwidth-affected-linknumber

Parameters
Parameter Description Value

link-number Specifies the upper The value is an integer ranging

threshold for the number from 1 to 8.
of interfaces that
determine the bandwidth
of an Eth-Trunk.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
Eth-Trunk interface view

Default Level
2: Configuration level

Usage Guidelines
The upper threshold for the number of interfaces that determine the bandwidth of
an Eth-Trunk is used for STP calculation.

For example, device A and device B are connected by two Eth-Trunks. Eth-Trunk1
has three member links that are Up; the Eth-Trunk2 has two member links that
are Up. The bandwidth of each member link is 1 Gbit/s, so the bandwidth of Eth-
Trunk1 is 3 Gbit/s and the bandwidth of Eth-Trunk2 is 2 Gbit/s. If device A is the
root bridge during STP calculation, Eth-Trunk1 on device B is the root port and
Eth-Trunk2 is the alternate port. You can run this command to set the upper
threshold to 1. Then the bandwidth of Eth-Trunk1 becomes 1 Gbit/s during STP
calculation. Bandwidth decrease affects the interface cost, causing STP
recalculation. The max bandwidth-affected-linknumber command does not
affect traffic forwarding on the Eth-Trunk. The bandwidth used to forward traffic is
still 3 Gbit/s.

Example
# Set the upper threshold to 3.
<HUAWEI> system-view
[HUAWEI] interface eth-trunk 1
[HUAWEI-Eth-Trunk1] max bandwidth-affected-linknumber 3

7.4.15 region-name

Function
The region-name command configures the MST region name of the switching
device.

The undo region-name command restores the default name.

By default, the MST region name is the MAC address of the management network
interface on the MPU of the switching device.

Format
region-name name

undo region-name

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

name Specifies the region name of The value is a case-sensitive string of

the switching device. 1 to 32 characters without spaces.

Views
MST region view

Default Level
2: Configuration level

Usage Guidelines
MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees that are independent of each other. Each spanning tree is
called an MSTI and each region is called an MST region.

Two switching devices belong to the same MST region only when they have the
following same configurations:
● MST region name
● Mappings between MSTIs and VLANs
● MST region revision level

The region-name command is used to configure MST region names in order to

identify different regions.

Run the active region-configuration command to activate the MST region so

that the changed configurations can take effect.

Example
# Set the MST region name of the switch to "test".
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] region-name test

7.4.16 reset stp error packet statistics

Function
The reset stp error packet statistics command clears the statistics of error STP
packets.

Format
reset stp error packet statistics

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
All views

Default Level
3: Management level

Usage Guidelines
Applicable Scenario

You can use the reset stp error packet statistics command to clear the history
statistics when you need to observe the statistics of error STP packets in a period
from the current time.

Precautions

The reset stp error packet statistics command clears the statistics about error
STP packets are cleared and cannot be restored. Therefore, confirm the action
before you use the command.

Example
# Clear the statistics about error STP packets.
<HUAWEI> reset stp error packet statistics

7.4.17 reset stp statistics

Function
The reset stp statistics command clears the statistics of a spanning tree.

Format
reset stp [ interface interface-type interface-number ] statistics

Parameters
Parameter Description Value
interface interface-type Specifies an interface type and the
-
interface-number number of the interface.

Views
User view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
3: Management level

Usage Guidelines
Sometimes, traffic statistics within a certain period is needed. In this situation,
clear the existing statistics before restarting the count.
When you run the reset stp statistics command:
● If you specify an interface, you can clear the statistics of a spanning tree on
the interface.
● If you do not specify an interface, you can clear the statistics of spanning
trees on all interfaces.

Example
# Clear the statistics of spanning trees on GE0/0/1.
<HUAWEI> reset stp interface gigabitethernet 0/0/1 statistics

7.4.18 revision-level
Function
The revision-level command configures the revision level of MST region of a
switching device.
The undo revision-level command restores the default level.
By default, the revision level of MST region is 0.

Format
revision-level level
undo revision-level

Parameters
Parameter Description Value

level Specifies the revision level of the The value is an integer ranging
MST region. from 0 to 65535.

Views
MST region view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees that are independent of each other. Each region is called
an MST region and each spanning tree is called a multiple spanning tree instance
(MSTI).
Two switching devices belong to the same MST region only when they have the
following same configurations:
● MST region name
● Mappings between MSTIs and VLANs
● MST region revision level
If two switching devices have the same region name and VLAN mapping table, the
revision-level command can be used to set different revision levels for the two
devices so that the two devices belong to different MST regions.
Run the active region-configuration command to activate the MST region so
that the changed configurations can take effect.

Example
# Set the MSTP revision level of the switching device to 5.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] revision-level 5

7.4.19 stp bpdu-filter

Function
The stp bpdu-filter enable command specifies a port as a BPDU-filter port.
The stp bpdu-filter disable command specifies a port as a non-BPDU-filter port.
The undo stp bpdu-filter command restores the default attribute of a BPDU-filter
port.
By default, a port is a non-BPDU-filter port.

Format
stp bpdu-filter { enable | disable }
undo stp bpdu-filter

Parameters
None

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

CAUTION

If the stp bpdu-filter enable command is run on a port, the port will not transmit
or process BPDUs. The port cannot negotiate the STP status with the directly
connected port on the remote device. Therefore, exercise cautions when using the
stp bpdu-filter enable command. Running the stp bpdu-filter enable command
only on edge ports is recommended.

Running the stp bpdu-filter enable command in the interface view configures
only the current port as a BPDU-filter port. If multiple BPDU-filter ports are
required on a device, the stp bpdu-filter default command can be used in the
system view to configure all the ports as BPDU-filter ports. If some ports need to
participate in spanning tree calculation but do not need to be configured as
BPDU-filter ports, the stp bpdu-filter disable command can be used in the view
of these ports to configure them as non-BPDU-filter ports. Similarly, if the stp
bpdu-filter disable command has been run on a port, the non-BPDU filter port
attributes of the port will not change after the stp bpdu-filter default command
is run.
Precautions
After the stp bpdu-filter disable command is run on a port, the port becomes a
non-BPDU-filter port. The port is still a non-BPDU-filter port even if the stp bpdu-
filter default command is run in the system view. After the undo stp bpdu-filter
command is run on the port, the BPDU-filter attributes of the port restore to the
default ones.

Example
# On a network edge device, specify GE0/0/1 as a non-BPDU-filter port.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp bpdu-filter disable

# On a network edge device, specify GE0/0/1 as a BPDU-filter port.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

[HUAWEI-GigabitEthernet0/0/1] stp bpdu-filter enable

7.4.20 stp bpdu-filter default

Function
The stp bpdu-filter default command specifies all ports of a device as BPDU-filter
ports.
The undo stp bpdu-filter default command specifies all ports of a device as non-
BPDU-filter ports.
By default, a port is a non-BPDU-filter port.

Format
stp bpdu-filter default
undo stp bpdu-filter default

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a network running a spanning tree protocol, if the stp edged-port enable
command is used to configure a port as an edge port, the port will not participate
in the spanning tree calculation. This speeds up network convergence and
improves network stability. This port, however, will still send BPDUs. This may
cause BPDUs to be sent to other networks. As a result, these networks flap.
The stp bpdu-filter enable command can be used on the port to address this
problem. After the stp bpdu-filter enable command is used on the port, the port
will become a BPDU-filter port, and will not process BPDUs.
Running the stp bpdu-filter enable command in the interface view configures
only the current port as a BPDU-filter port. If multiple BPDU-filter ports are
required on a device, the stp bpdu-filter default command can be used in the
system view to configure all ports as BPDU-filter ports. Then run the stp bpdu-
filter disable command in the interface view to change the interfaces that need
not to be configured as BPDU filter interfaces into non-BPDU filter interfaces.
Precautions
After the stp bpdu-filter default command is run, a port that has been
configured with the undo stp bpdu-filter command will become a BPDU-filter

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

port. After the stp bpdu-filter disable command is run, the port that has been
configured with the undo stp bpdu-filter command, however, will still serve as a
non-BPDU-filter port.

CAUTION

After the stp bpdu-filter default and stp edged-port default commands are run
in the system view, none of the ports on the device will initiate any BPDUs or
initiate a negotiation with the remote device, and all the ports are in the
forwarding state. This may lead to a loop and cause a broadcast storm. Exercise
cautions when using the stp bpdu-filter default and stp edged-port default
commands in the system view.

Example
# On a network edge device, specify all ports as BPDU-filter ports.
<HUAWEI> system-view
[HUAWEI] stp bpdu-filter default

7.4.21 stp bpdu-protection

Function
The stp bpdu-protection command enables BPDU protection on a switching
device.
The undo stp bpdu-protection command disables BPDU protection on a
switching device.
By default, the BPDU protection is disabled.

Format
stp bpdu-protection
undo stp bpdu-protection

Parameters
None.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

On a Layer 2 network running a spanning tree protocol, a port connected to

terminals does not need to participate in spanning tree calculation. If the port
participates in spanning tree calculation, the network convergence speed will be
affected. In addition, status changes of the port may cause network flapping,
interrupting user traffic. To address this problem, you can run the stp edged-port
enable command to configure the port as an edge port. Then, the port will not
participate in the spanning tree calculation. This speeds up network convergence
and improves network stability.
An edge port will lose edge port attributes after receiving BPDUs. To prevent
attackers from forging BPDUs to change edge ports to non-edge ports, you can
run the stp bpdu-protection command to configure BPDU protection on a
switching device.

Example
# Enable the BPDU protection on the switching device.
<HUAWEI> system-view
[HUAWEI] stp bpdu-protection

7.4.22 stp bridge-diameter

Function
The stp bridge-diameter command configures the diameter of the spanning tree.
The undo stp bridge-diameter command restores the default diameter.
By default, the diameter of the spanning tree is 7.

Format
stp bridge-diameter diameter
undo stp bridge-diameter

Parameters
Parameter Description Value

diameter Specifies the diameter. The value is an integer ranging from 2 to 7.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

On a network running a spanning tree protocol, the network diameter is the

maximum number of devices between two switching devices. If the network
diameter is improperly set, network converge may slow down, affecting users'
normal communication.
The stp bridge-diameter command can be used to set a proper network diameter
based on the network scale. This helps to accelerate network convergence.
The following time parameters are related to the network scale:
● Hello Time
● Forward Delay
● Max Age
Precautions
After the stp bridge-diameter command is used on a switching device, the
switching device will automatically set proper values for Hello Time, Forward
Delay, and Max Age based on the configured network diameter.
On an MSTP network, the network diameter configured using the stp bridge-
diameter command is valid only for CISTs.

Example
# Set the network diameter to 5.
<HUAWEI> system-view
[HUAWEI] stp bridge-diameter 5

7.4.23 stp compliance

Function
The stp compliance command configures the format for the MSTP packets that
are received and sent on the device.
The undo stp compliance command restores the default format for the MSTP
packets that are received and sent on the device.
By default, the MSTP packet format is auto.

Format
stp compliance { auto | dot1s | legacy }
undo stp compliance

Parameters
Parameter Description Value

auto Indicates that the protocol format is self-adaptive. -

dot1s Indicates that the format is standard IEEE 802.1s. -

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

legacy Indicates the private packet format. -

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

MSTP protocol packets have two formats: dot1s (IEEE 802.1s standard packets)
and legacy (proprietary protocol packets). The stp compliance command can be
used on a device to set an MSTP packet format based on the format of the MSTP
packet received from a remote device so that this device can better communicate
with the remote device.

The auto mode is set to allow a port to automatically switch to the MSTP protocol
packet format used by the remote end based on the MSTP protocol packet format
received from the remote end. This enables the two interfaces to use the same
MSTP protocol packet format.

Precautions

If you configure different packet formats on the same interface in the system view
and the interface view, the latest configuration overrides the previous one.

Example
# Set the format of the MSTP packets to the standard format of the interface.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp compliance dot1s

# Restore the self-adaptive format of the MSTP packets that are received and sent
by the switching device.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo stp compliance

7.4.24 stp config-digest-snoop

Function
The stp config-digest-snoop command enables digest snooping.

The undo stp config-digest-snoop command disables digest snooping.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

By default, the digest snooping is disabled.

Format
stp config-digest-snoop

undo stp config-digest-snoop

Parameters
None

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
On an MSTP network where Huawei and non-Huawei devices are interconnected,
if the Huawei and non-Huawei devices have the same region name, revision level,
and VLAN mapping table but different BPDU keys, the stp config-digest-snoop
command can be used to enable the Huawei and non-Huawei devices to
exchange BPDUs.

Example
# Enable digest snooping on GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp config-digest-snoop

7.4.25 stp converge

Function
The stp converge command sets the converging mode of a spanning tree
protocol.

The undo stp converge command restores the default mode.

By default, the converging mode of the spanning tree protocol is normal.

Format
stp converge { fast | normal }

undo stp converge

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters

Parameter Description Value

fast Indicates ARP entries that will be directly deleted. -

normal Indicates ARP entries that will age quickly. -

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On a Layer 2 network running a spanning tree protocol, if the topology of a

spanning tree instance changes, the forwarding paths of VLANs that are mapped
to this instance change. As a result, ARP entries related to these VLANs need to be
updated. Based on methods for processing ARP entries, the converging modes of a
spanning tree protocol are classified into fast and normal:
● In fast mode, entries that need to be updated in an ARP table are directly
deleted.
● In normal mode, entries that need to be updated in an ARP table quickly age.
A switching device sets the EXPIRE time of these ARP entries to 0 in order to
age them. If the number of detection times for aging out ARP entries is
greater than 0, the switching device detects these ARP entries before deleting
them.

The stp converge command can be used to set a converging mode based on the
method for processing ARP entries.

Precautions

If the stp converge fast command is run on a switching device and the topology
of a spanning tree instance changes, the switching device will directly delete the
ARP entries that need to be updated in the ARP table.

If the stp converge normal command is run on a switching device and the
topology of a spanning tree instance changes, the switching device will age the
ARP entries that need to be updated in the ARP table.

Setting the converging mode of a spanning tree protocol to normal is

recommended. If the fast mode is used, frequent ARP entry deletion will affect
services and even may cause the CPU usage of the device to reach 100%. As a
result, packet processing will time out, causing network flapping.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Set the converging mode of the spanning tree protocol on the Ethernet switch
as normal.
<HUAWEI> system-view
[HUAWEI] stp converge normal

7.4.26 stp cost

Function
The stp cost command sets the path cost of a port in a spanning tree.

The undo stp cost command restores the default path cost.

By default, the path cost of a port in a spanning tree is the path cost
corresponding to the port rate.

Format
stp [ instance instance-id ] cost cost

undo stp [ instance instance-id ] cost

Parameters
Parameter Description Value

instance Specifies the number of a The value is an integer ranging

instance-id spanning tree instance. from 0 to 4094. Value 0 refers to
CIST.
If instance instance-id is
not specified, it indicates
the path cost of an
interface in CIST.

cost Specifies the path cost of According to different calculation

an interface. standards, the value ranges are as
follows:
● Huawei legacy standard: 1 to
200,000
● IEEE 802.1d-1998 standard: 1 to
65535
● IEEE 802.1t standard: 1 to
200,000,000

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The path cost of a port is an important basis for calculating a spanning tree. Path
costs determine root port selection. In a spanning tree, the port with the lowest
path cost to the root bridge is selected as a root port.
If different path costs are set for a port on an MSTP device in different spanning
tree instances, traffic of different VLANs will be forwarded along different physical
links and VLAN-based load balancing can be carried out.
Path costs depend on path cost calculation standards. After the path cost
calculation standard is determined, set a relatively small path cost within a
specified range for a port that has a high link rate. In the Huawei legacy standard,
default path costs for ports with different link rates are different, as shown in the
following table.

Table 7-30 Mappings between link rates and path costs

Link Rate Recommended Recommended Value Range
Value Value Range
Default, Value

10 Mbit/s 2000 200-20000 1-200,000

100 Mbit/s 200 20-2000 1-200,000

1 Gbit/s 20 2-200 1-200,000

10 Gbit/s 2 2-20 1-200,000

Over 10 Gbit/s 1 1-2 1-200,000

Prerequisites
A path cost calculation standard has been set using the stp pathcost-standard
command.
Precautions
If the path cost of a port, the spanning tree where the port resides needs to be
recalculated.
If the stp pathcost-standard command is used to change the path cost
calculation standard, the path cost set using the stp cost command for a port will
be restored to the default value.

Example
# Set the path cost of GE0/0/1 in spanning tree instance 2 to 200.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp instance 2 cost 200

7.4.27 stp edged-port

Function
The stp edged-port enable command sets the current port as an edge port.
The stp edged-port disable command sets the current port as a non-edge port.
The undo stp edged-port command restores the default attribute of an edge
port.
By default, all the ports on the switching device are non-edge ports.

Format
stp edged-port { enable | disable }
undo stp edged-port

Parameters
Parameter Description Value

enable Sets the current port as an edge port. -

disable Sets the current port as a non-edge port. -

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a Layer 2 network running a spanning tree protocol, a port connected to
terminals does not need to participate in spanning tree calculation. If the port
participates in spanning tree calculation, the network convergence speed will be
affected. In addition, status changes of the port may cause network flapping,
interrupting user traffic. To address this problem, you can run the stp edged-port
enable command to configure the port as an edge port. Then, the port will not
participate in the spanning tree calculation. This speeds up network convergence
and improves network stability.
Precautions

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

If a port of a switching device receives a BPDU after being configured as an edge

port, the switching device will automatically set the port as a non-edge port and
recalculate the spanning tree.

Example
# Configure GE0/0/1 as an edge port.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp edged-port enable

7.4.28 stp edged-port default

Function
The stp edged-port default command configures the ports on a switching device
as edge ports.

The undo stp edged-port default command restores the default setting.

By default, the ports on a switching device are non-edge ports.

Format
stp edged-port default

undo stp edged-port default

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On a Layer 2 network running a spanning tree protocol, a port connected to

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

CAUTION

After the stp edged-port default command is run on a device, all ports of the
device will be become edge ports. During network topology calculation, running
the stp edged-port default command may cause a loop. Exercise caution when
using this command.

Precautions

If a port of a switching device receives a BPDU after being configured as an edge

port, the switching device will automatically set the port as a non-edge port and
recalculate the spanning tree.

To prevent attackers from forging BPDUs to change edge ports on a switching

device to non-edge ports, you can run the stp bpdu-protection command in the
system view to configure BPDU protection on the switching device. After BPDU
protection is enabled on a switching device, the switching device shuts down the
edge port if the edge port receives a BPDU. The attributes of the edge port are not
changed.

Example
# Configure all ports on an edge device as edge ports.
<HUAWEI> system-view
[HUAWEI] stp edged-port default
Warning: All ports of the device will become edge ports, this may cause a loop.

7.4.29 stp enable

Function
The stp enable command enables STP/RSTP/MSTP on a switching device or an
interface.

The undo stp enable command disables STP/RSTP/MSTP on a switching device or

an interface.

The stp disable command disables STP/RSTP/MSTP on a switching device or an

interface.

The undo stp disable command enables STP/RSTP/MSTP on a switching device or

an interface.

By default, STP/RSTP/MSTP is disabled globally and enabled on an interface.

Format
stp enable

undo stp enable

stp disable

undo stp disable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
System view, GE interface view, Eth-Trunk interface view, XGE interface view,
MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On a complex Layer 2 network, to prevent loops or break loops, STP/RSTP/MSTP

can be configured on switching devices.

Running the stp enable command enables STP/RSTP/MSTP. The devices running
STP/RSTP/MSTP discover loops on the network by exchanging information with
each other and trim the ring topology into a loop-free tree topology by blocking a
certain interface. In this manner, replication and circular propagation of packets
are prevented on the network. In addition, the processing performance of devices
is prevented from deteriorating.

Enabling STP/RSTP/MSTP consumes system resources so that you can run the stp
disable command to disable STP/RSTP/MSTP on devices or interfaces that do not
participate in the spanning tree calculation.

Pre-configuration Tasks

After STP/RSTP/MSTP is enabled on a ring network, STP/RSTP/MSTP immediately

calculates spanning trees on the network. Configurations on a switching device,
such as, the switching device priority and port priority, will affect spanning tree
calculation. Any change of the configurations may cause network flapping.
Therefore, to ensure rapid and stable spanning tree calculation, before enabling
STP/RSTP/MSTP, perform basic configurations on the switching device and its
interfaces. For example:
● Run the stp [ instance instance-id ] priority priority command to set the
priority of the switching device in the spanning tree.
● Run the stp [ instance instance-id ] root primary command to set the
switching device as the primary root bridge of the spanning tree.
● Run the stp [ instance instance-id ] root secondary command to set the
switching device as the secondary root bridge of the spanning tree.

Other configurations are needed based on real-world situations.

Precautions

● If STP/RSTP/MSTP is enabled on an interface, the interface participates in the

spanning tree calculation and determine whether it is in the forwarding state
according to the calculation result.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● If STP/RSTP/MSTP is disabled on an interface, the interface does not

participate in the spanning tree calculation and it is always in the forwarding
state.
● STP/RSTP/MSTP must be enabled on all interfaces that participate in the
spanning tree calculation. Otherwise, a loop may occur.
● Spanning tree calculation may result in network flapping. Before network
convergence, packets cannot be correctly forwarded. In this case, if the DHCP
server is configured on a VLANIF interface, DHCP clients obtain IP addresses
slowly. To solve the problem, disable STP or configure the device interface
connected to a terminal as the edge interface.

Example
# Enable STP/RSTP/MSTP on a switching device.
<HUAWEI> system-view
[HUAWEI] stp enable

# Disable STP/RSTP/MSTP on GE0/0/1.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp disable

7.4.30 stp loop-protection

Function
The stp loop-protection command enables loop protection on the current port.

The undo stp loop-protection command disables loop protection on the current
port.

By default, loop protection on ports is disabled.

Format
stp loop-protection

undo stp loop-protection

Parameters
None.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario
On a network running a spanning tree protocol, a switching device maintains the
status of the root port and blocked port by continually receiving BPDUs from the
upstream switching device. If ports cannot receive BPDUs from the upstream
switching device due to link congestion or unidirectional link failures, the
switching device will re-select a root port. Then, the previous root port becomes a
designated port and the previous blocked port enters the Forwarding state. As a
result, loops may occur on the network.
The stp loop-protection command can be used to configure loop protection in
order to prevent this problem. If the root port or the Alternate port cannot receive
BPDUs from the upstream device for a long period of time after the loop
protection function is enabled, the root port or the Alternate port will send a
notification message to the NMS. The root port will enter the Discarding state,
and the Alternate port remains in the blocked state and no longer forwards
packets. This prevents loops on the network. The root port or Alternate port
restores the Forwarding state after receiving BPDUs.

NOTE

● An Alternate port is the backup of the root port. When the root port can normally send
and receive BPDUs, the Alternate port is in the blocked state.
● Between two interconnected switching devices in a spanning tree, the switching device
nearer to the root bridge is the upstream device of the other devices.

Precautions
Loop protection and root protection cannot be configured on the same interface
simultaneously.

Example
# Enable loop protection on the GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp loop-protection

7.4.31 stp max-hops

Function
The stp max-hops command sets the maximum hops of a spanning tree in an
MST region.
The undo stp max-hops command restores the default value of the maximum
hops of a spanning tree.
By default, the maximum hops in an MST region is 20.

Format
stp max-hops hop
undo stp max-hops

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

hop Specifies the maximum hops. The value ranges from 1 to 40.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Switching devices on a Layer 2 network running MSTP communicate with each

other by exchanging MST BPDUs. An MST BPDU has a field that indicates the
number of remaining hops.
● The number of remaining hops in a BPDU sent by the root switching device
equals the maximum number of hops.
● The number of remaining hops in a BPDU sent by a non-root switching device
equals the maximum number of hops minus the number of hops from the
non-root switching device to the root switching device.
● If a switching device receives a BPDU in which the number of remaining hops
is 0, the switching device will discard the BPDU.

Therefore, the maximum number of hops of a spanning tree in an MST region

determines the network scale. The stp max-hops command can be used to set the
maximum number of hops in an MST domain so that the network scale of a
spanning tree can be controlled.

Precautions

In an MST region, the maximum number of hops set on the root switching device
in a CIST or an MSTI is the maximum number of hops in the CIST or MSTI.

Example
# Set the maximum hops in the MST region to 35.
<HUAWEI> system-view
[HUAWEI] stp max-hops 35

7.4.32 stp mcheck

Function
The stp mcheck command configures a port to automatically switch from the STP
mode back to the RSTP/MSTP mode.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

By default, a port does not switch from the STP mode back to the RSTP/MSTP
mode.

Format
stp mcheck

Parameters
None

Views
System view, GE interface view, Eth-Trunk interface view, XGE interface view,
MultiGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

If a port of an RSTP/MSTP switching device is directly connected to an STP

switching device, the port automatically switches to the STP mode and then sends
BPDUs. This ensures that the two switching devices properly communicate with
each other. If the STP switching device is powered off, removed, or is configured to
run RSTP/MSTP, the port on the RSTP/MSTP switching device cannot switch back
to the RSTP/MSTP mode. As a result, the RSTP/MSTP device cannot communicate
with other RSTP/MSTP switching devices.

The stp mcheck command can be used to address this problem. After this
command is run on a port, the port will automatically switch from the STP mode
back to the RSTP/MSTP mode.

Precautions

Running the stp mcheck command in the system view configures all ports on the
current switching device to automatically switch back to the RSTP/MSTP mode.

Running the stp mcheck command in the interface view configures only the
current port to automatically switch back to the RSTP/MSTP mode.

Example
# Perform MCheck on GE0/0/1 and switch it to the MSTP mode.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp mcheck

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.33 stp mode (system view)

Function
The stp mode command sets the operation mode of the spanning tree protocol
on a switching device.

The undo stp mode command restores the default operation mode of the
spanning tree protocol.

By default, the switching device operates in MSTP mode.

Format
stp mode { mstp | rstp | stp }

undo stp mode

Parameters
Parameter Description Value

mstp Indicates the MSTP mode. -

rstp Indicates the RSTP mode. -

stp Indicates the STP mode. -

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On an STP/RSTP/MSTP network, switching devices running different spanning tree

protocols cannot communicate with each other. As a result, spanning trees cannot
be properly calculated. A switching device has three operation modes: MSTP, RSTP,
and STP.

The stp mode command can be used to set a proper operation mode for a
spanning tree protocol on a switching device and enables the switching device to
identify BPDUs sent by a switching device that runs a different spanning tree
protocol during communication.

By default, all ports on a switching device operate in MSTP mode. When a

switching device finds that it is directly connected to an STP switching device, it

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

automatically switches the operation mode the port directly connected to the STP
switching device to STP.
Configuration Impact
● After the stp mode mstp command is run on a switching device, all ports
running MSTP on the switching device, excluding the ports directly connected
to STP switching devices, operate in MSTP mode and can send MSTP BPDUs.
The ports directly connected to STP switching devices operate in STP mode.
● After the stp mode rstp command is run on a switching device, all ports
running RSTP on the switching device, excluding the ports directly connected
to STP switching devices, operate in RSTP mode and can send RSTP BPDUs.
The ports directly connected to STP switching devices operate in STP mode.
● After the stp mode stp command is run on a switching device, all ports of the
switching device operate in STP mode and send configured BPDUs.
Precautions
● A port operating in MSTP mode can communicate with a port operating in
RSTP mode.
● The stp mode rstp command can be used to enable a switch that does not
support MSTP to communicate with an STP switch.

Example
# Set the operation mode of the switching device to the STP mode.
<HUAWEI> system-view
[HUAWEI] stp mode stp

7.4.34 stp no-agreement-check

Function
The stp no-agreement-check command configures the common fast transition
mechanism on an interface.
The undo stp no-agreement-check command restores the default fast transition
mechanism on an interface.
By default, the enhanced transition mechanism is configured on an interface.

Format
stp no-agreement-check
undo stp no-agreement-check

Parameters
None

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If Huawei and non-Huawei data communication devices are deployed on a
network running a spanning tree protocol, the Huawei devices and non-Huawei
devices may fail to communicate with each other, because they have different
Proposal/Agreement mechanisms. To address this problem, the stp no-
agreement-check command can be used to set a common fast transition
mechanism or an enhanced transition mechanism on a port.
● Running the stp no-agreement-check command configures a common fast
transition mechanism on a port.
● Running the undo stp no-agreement-check command configures an
enhanced fast transition mechanism on a port.
Precautions
The fast transition mechanism is also called the Proposal/Agreement mechanism.
The device currently supports the following modes:
● Enhanced mode: The current interface counts a root port when it calculates
the synchronization flag bit.
a. An upstream device sends a Proposal message to a downstream device
requesting fast status transition. After receiving the message, the
downstream device sets the port connected to the upstream device as the
root port and blocks all non-edge ports.
b. The upstream device then sends an Agreement message to the
downstream device. After the downstream device receives the message,
the root port transitions to the Forwarding state.
c. The downstream device then responds with an Agreement message. After
receiving the message, the upstream device sets the port connected to
the downstream device as the designated port, and then the status of the
designated port changes to Forwarding.
● Common mode: The current interface ignores the root port when it calculates
the synchronization flag bit.
a. An upstream device sends a Proposal message to a downstream device
requesting fast transition. After receiving the message, the downstream
device sets the port connected to the upstream device as the root port
and blocks all non-edge ports. Then, the status of the root port changes
to Forwarding.
b. The downstream device then responds with an Agreement message. After
receiving the message, the upstream device sets the port connected to
the downstream device as the designated port, and then the status of the
designated port changes to Forwarding.

NOTE

Between two interconnected switching devices in a spanning tree, the switching device
nearer to the root bridge is the upstream device of the other devices.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Configure the common fast transition mechanism for the GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp no-agreement-check

7.4.35 stp pathcost-standard

Function
The stp pathcost-standard command sets the standard used to calculate the path
cost.
The undo stp pathcost-standard command restores the default standard used to
calculate the path cost.
By default, the IEEE 802.1T is used to calculate the path cost.

Format
stp pathcost-standard { dot1d-1998 | dot1t | legacy }
undo stp pathcost-standard

Parameters
Parameter Description Value

dot1d-1998 Indicates IEEE 802.1D standard that used to calculate the -

path cost.

dot1t Indicates IEEE 802.1T standard that used to calculate the -

path cost.

legacy Indicates Huawei legacy standard that used to calculate the -

path cost.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A path cost is a port parameter, and is used by a spanning tree protocol to select a
link. By calculating path costs, a spanning tree protocol selects stable links, blocks
redundant paths, and trims a network into a loop-free network. The path cost
range is determined by the path cost calculation standard.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-31 lists path costs defined by the IEEE 802.1D-1998 standard, IEEE 802.1T
standard, and Huawei legacy standard. Different vendors use different standards.

Table 7-31 Path cost list

Interface Interface Recommended STP Path Cost
Rate Mode
IEEE IEEE 802.1T Huawei Legacy
802.1D-1998 Standard Standard
Standard

0 - 65535 200,000,000 200,000

10 Mbps Half-Duplex 100 2,000,000 2000

Full-Duplex 99 1,999,999 1999

Aggregated 95 1,000,000 1800

Link 2 Ports

Aggregated 95 666,666 1600

Link 3 Ports

Aggregated 95 500,000 1400

Link 4 Ports

100 Mbps Half-Duplex 19 200,000 200

Full-Duplex 18 199,999 199

Aggregated 15 100,000 180

Link 2 Ports

Aggregated 15 66,666 160

Link 3 Ports

Aggregated 15 50,000 140

Link 4 Ports

1000 Full-Duplex 4 20,000 20

Mbps
Aggregated 3 10,000 18
Link 2 Ports

Aggregated 3 6666 16
Link 3 Ports

Aggregated 3 5000 14
Link 4 Ports

10 Gbps Full-Duplex 2 2000 2

Aggregated 1 1000 1
Link 2 Ports

Aggregated 1 666 1
Link 3 Ports

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Interface Interface Recommended STP Path Cost

Rate Mode
IEEE IEEE 802.1T Huawei Legacy
802.1D-1998 Standard Standard
Standard

Aggregated 1 500 1
Link 4 Ports

Precautions

If the path cost calculation standard is changed on a port, the path cost of the
port is restored to the default value. The stp cost command can be used to set a
path cost for a port.

Usually, all switching devices on the same network use the same path cost
calculation standard.

Example
# Use the IEEE 802.1d-1998 to calculate the path cost.
<HUAWEI> system-view
[HUAWEI] stp pathcost-standard dot1d-1998

7.4.36 stp point-to-point

Function
The stp point-to-point command sets the link type of a port.

The undo stp point-to-point command restores the default link type.

By default, the link type of the ports on the switching device is auto. That is, the
spanning tree protocol detects whether a port is connected to a P2P link.

Format
stp point-to-point { auto | force-false | force-true }

undo stp point-to-point

Parameters

Parameter Description Value

force-true Indicates the link type is P2P. -

force-false Indicates the link type is non-P2P. -

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

auto Indicates that the spanning tree protocol detects -

automatically whether the port is connected to a P2P link.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a Layer 2 network running a spanning tree protocol, if a port of a switching
device is connected to a non-P2P link, the port cannot perform fast status
transition.
If a port works in full-duplex mode, the port is connected to a P2P link, and force-
true can be set in the stp point-to-point command.
If a port works in half-duplex mode, the stp point-to-point force-true command
can be used to forcibly set the type of the link to which the port is connected to
P2P, implementing rapid network convergence.
Precautions
The stp point-to-point command configuration on a port takes effect in all
spanning tree instances where the port resides.

Example
# Set the link type of GE0/0/1 as P2P.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp point-to-point force-true

7.4.37 stp port priority

Function
The stp port priority command sets the priority of a port in a spanning tree.
The undo stp port priority command restores the default priority.
By default, the priority of a port in a spanning tree is 128.

Format
stp [ instance instance-id ] port priority priority

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

undo stp [ instance instance-id ] port priority

Parameters
Parameter Description Value

instance Specifies the spanning tree The value is an integer ranging

instance-id instance. from 0 to 4094. Value 0 refers to
CIST.
If this parameter is not
specified, the statistics about
the topology changes of a
CIST are displayed.

priority Specifies the priority of a The priority ranks from 0 to 240

port. in descending order. The value is
an integer multiple of 16, such
as, 0, 16, and 32.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

When ports participate in spanning tree calculation, the PIDs of these ports on
switching devices may affect the designated port election result. During spanning
tree calculation, the port with the smallest PID is elected as the designated port.

NOTE

A PID is the ID of a port, and consists of a 4-bit priority and a 12-bit port number.

The stp port priority command can be used to change the priority of a port. This
affects the PID of the port and determines whether the port can be elected as the
designated port.

Precautions

When the priority of a port changes, a spanning tree protocol recalculates the role
of the port and performs status transition for the port.

The priority of a port determines the role of the port in a specified spanning tree
instance. You can set different priorities for a port in different spanning tree
instances so that user traffic can be forwarded along different links and traffic
load balancing can be implemented.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Set the priority of GE0/0/1 to 16 in the spanning tree instance 2.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp instance 2 port priority 16

7.4.38 stp priority

Function
The stp priority command sets the priority of the switching device in a spanning
tree.

The undo stp priority command restores the default priority.

By default, the priority of the switching device in a spanning tree is 32768.

Format
stp [ instance instance-id ] priority priority

undo stp [ instance instance-id ] priority

Parameters
Parameter Description Value

instance Specifies the ID of a spanning tree The value is an integer

instance-id instance. ranging from 0 to 4094.
Value 0 refers to CIST.
If the parameter instance instance-
id is not specified, the configuration
takes effect on a CIST instance.

priority Specifies the priority of the The priority ranks from 0

switching device in a spanning tree. to 61440. The value is an
integer multiple of 4096,
The smaller the value is, the higher such as 0, 4096 and 8192.
the switch priority is. The default is 32768.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Priorities of switching devices are an important factor to calculate a spanning tree

and determine the selection of the root bridge.
On an STP/RSTP/MSTP network, each spanning tree has only one root bridge,
which is responsible for sending BPDUs. Owning to the importance of the root
bridge, the switching device with high performance and network hierarchy is
generally chosen as the root bridge. The priority of such a switching device,
however, may not be that high. Therefore, setting a high priority for the switching
device is necessary so that the device can function as a root bridge.
Other devices with low performance and network hierarchy are not fit to be a root
bridge. Therefore, set low priorities for these devices.
On an MSTP network, each switching device can be set with a distinct priority in
each spanning tree instance.
Precautions
The smaller the priority value of a switching device is, the higher the possibility
that the switching device is selected as the root bridge.
If a switching device has been configured as the primary or secondary root bridge,
before changing the priority of the switching device, run the undo stp [ instance
instance-id ] root command to disable the root bridge or secondary root bridge
function.
If the stp root primary command is run to set a switching device as the primary
root bridge, the priority value of the switching device is 0.
If the stp root secondary command is run to set a switching device as the
secondary root bridge, the priority value of the switching device is 4096.

Example
# Set the priority of the switching device in spanning tree instance 1 to 4096.
<HUAWEI> system-view
[HUAWEI] stp instance 1 priority 4096

7.4.39 stp region-configuration

Function
The stp region-configuration command displays the MST region view.
The undo stp region-configuration command restores the default configuration
of the MST region.
The default parameters of the MST regions are as follows:
● MST region name: MAC address of the main processing unit of the switching
device.
● MSTP revision level 0.
● VLAN mapping table: all VLANs are mapped to CIST.

Format
stp region-configuration

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

undo stp region-configuration

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees and these spanning trees are independent of each other.
Each spanning tree is called a multiple spanning tree instance (MSTI) and each
region is called a multiple spanning tree (MST) region.

Two switching devices belong to the same MST region if they have the following
parameters the same:
● MST region name
● Mappings between VLANs and MSTIs
● Revision level of the MST region

If the preceding parameters need to be set for the current switching device, run
the stp region-configuration command to enter the MST region view first.

Follow-up Procedure

After the stp region-configuration command is run to enter the MST region view,
run the following commands:
● Run the region-name command to set the MST region name.
● Run the instance or the vlan-mapping modulo command to set the
mappings between VLANs and MSTIs.
● Run the revision-level name command to set the revision level of the MST
region.

Example
# Enter the MST region view.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.40 stp root

Function
The stp root command configures a switching device as a root bridge or
secondary root bridge of a spanning tree.
The undo stp root command cancels the configuration.
By default, a switching device does not function as the root bridge or secondary
root bridge of a spanning tree.

Format
stp [ instance instance-id ] root { primary | secondary }
undo stp [ instance instance-id ] root

Parameters
Parameter Description Value

instance Specifies the ID of a spanning tree The value is an

instance-id instance. integer ranging
from 0 to 4094.
If the parameter instance instance-id is not
Value 0 refers to
specified, the configuration takes effect on
CIST.
a CIST instance.

primary Indicates that the switching device -

functions as the root bridge of a spanning
tree.

secondary Indicates that the switching device -

functions as the secondary root bridge of a
spanning tree.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On an STP/RSTP/MSTP network, each spanning tree has only one root bridge,
which is responsible for sending BPDUs. Owning to the importance of the root
bridge, the switching device with high performance and network hierarchy is

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

generally chosen as a root bridge. The priority of such a device, however, may be
not that high. Therefore, setting a high priority for the switching device is
necessary so that the device can function as a root bridge.

To ensure nonstop traffic transmission, run the stp root command to configure
the switching device as the secondary root bridge. When the root bridge is faulty
or is powered off, the secondary root bridge becomes the root bridge during
spanning tree calculation.

NOTE

After the stp root primary command is run to set a switching device to be the primary root
bridge, the priority value of the switching device is 0 in the spanning tree and the priority
cannot be modified.
The secondary root bridge specified using the stp root secondary command has the
priority value of 4096 and the priority cannot be modified.

Precautions

A spanning tree has only one root bridge.

A switching device in a spanning tree cannot function both as the primary root
bridge and as the secondary root bridge.

If multiple secondary root bridges are set in a spanning tree, the one with the
smallest MAC address functions as the secondary root bridge of the spanning tree.

Example
# Set the switching device as the root bridge of spanning tree instance 1.
<HUAWEI> system-view
[HUAWEI] stp instance 1 root primary

# Set the switching device as the secondary root bridge of spanning tree instance
4.
<HUAWEI> system-view
[HUAWEI] stp instance 4 root secondary

7.4.41 stp root-protection

Function
The stp root-protection command enables root protection at the current port.

The undo stp root-protection command restores the default setting of root
protection.

By default, root protection is disabled at all ports.

Format
stp root-protection

undo stp root-protection

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Owning to incorrect configurations or malicious attacks on the network, a root

bridge may receive BPDUs with a higher priority. Consequently, the root bridge is
no longer able to serve as the root bridge, and the network topology is changed,
triggering a spanning tree recalculation. This spanning tree recalculation may
transfer traffic from high-speed links to low-speed links, causing traffic congestion.

If a designated port is enabled with the root protection function, the port role
cannot be changed. Once a designated port that is enabled with root protection
receives BPDUs with a higher priority, the port enters the Discarding state and
does not forward packets. If the port does not receive any BPDUs with a higher
priority before a period (generally two Forward Delay periods) expires, the port
automatically enters the Forwarding state.

NOTE

You can run the stp timer forward-delay command to set the Forward Delay period.

Precautions

The root protection function takes effect only on a designated port. In addition,
configuring the root protection function on a port that functions as the designated
port in all instances is recommended.

If the stp root-protection command is run on other types of ports, the root
protection function does not take effect.

Loop protection and root protection cannot be configured on the same interface
simultaneously.

Example
# Enable the root protection function on GE0/0/1.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp root-protection

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.42 stp tc-protection

Function
The stp tc-protection command enables TC BPDU protection.
The undo stp tc-protection command disables TC BPDU protection.
By default, TC BPDU protection is disabled.

Format
stp tc-protection
undo stp tc-protection

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a Layer 2 network where MSTP is run, a switching device that receives TC
BPDUs will delete the corresponding MAC entries and ARP entries. Frequent
deletion operations will greatly affect the CPU, leading to a high CPU usage. In
this case, you can run the stp tc-protection command to enable the TC BPDU
attack defense function.
After the stp tc-protection command is run to enable the TC BPDU attack
defense function, the number of times that TC BPDUs are processed by the
switching device within a unit time is configurable (the default unit time is 2s, and
the default number of times is 1). If the number of TC BPDUs that the switching
device receives within a unit time exceeds the specified threshold, the switching
device handles TC BPDUs only for the specified number of times. Additional TC
BPDUs are processed by the switching device as a whole for once after the timer
(that is, the specified time period) expires. In this manner, the switching device is
prevented from frequently deleting its MAC entries and ARP entries so that the
CPU is protected against overburden.

NOTE

The value of the unit time is consistent with the MSTP Hello time and can be set using the
stp timer hello command.

Follow-up Procedure

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

After the stp tc-protection command is run, run the stp tc-protection threshold
command to set the number of times that TC BPDUs are processed by the
switching device within a unit time.

Example
# Enable the TC BPDU protection function.
<HUAWEI> system-view
[HUAWEI] stp tc-protection

7.4.43 stp tc-protection interval

Function
The stp tc-protection interval command sets the time for a device to process the
maximum number of TC BPDUs.
The undo stp tc-protection interval command restores the default value.
By default, the time is the Hello timer length.

Format
stp tc-protection interval interval-value
undo stp tc-protection interval

Parameters
Parameter Description Value

interval-value Specifies the time for a device to The value is an integer

process the maximum number of ranging from 1 to 600, in
TC BPDUs. seconds.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a Layer 2 network running a spanning tree protocol, a device deletes MAC
address entries and ARP entries after receiving TC packets. Frequent entry deletion
may cause high CPU usage.
After you have run the stp tc-protection command to enable TC protection, you
can configure the time, which the device takes to handle a given number of TC

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

packets and immediately refresh forwarding entries, by running the stp tc-
protection interval command. Within the time specified by interval-value, the
device handles a given number of TC packets. Excess TC packets are processed by
the device at once after the timer (whose length is the configured time) expires.
This mechanism ensures that the device does not frequently delete its MAC entries
and ARP entries, and therefore does not have excessive CPU usage.
NOTE

You can specify the maximum number of TC packets that the device processes can handle
in the specified time by running the stp tc-protection threshold command.

Prerequisites

TC protection has been enabled by running the stp tc-protection command.

Example
# Configure the amount of time, which MSTP process takes to handle a given
number of TC packets and immediately refreshes forwarding entries, to 10
seconds.
<HUAWEI> system-view
[HUAWEI] stp tc-protection interval 10

7.4.44 stp tc-protection threshold

Function
The stp tc-protection threshold command sets the number of times that a device
handles received TC BPDUs and updates forwarding entries within a unit time.

The undo stp tc-protection threshold command restores the default setting.

By default, after a device receives TC BPDUs, the default number of times that the
device handles the TC BPDUs and updates forwarding entries is 1 within a unit
time.

Format
stp tc-protection threshold threshold

undo stp tc-protection threshold

Parameters
Parameter Description Value

threshold Indicates the number of times that a The value is an integer

device handles the TC BPDUs and updates ranging from 1 to 255.
forwarding entries per unit of time.

Views
System view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a Layer 2 network where MSTP is run, a switching device that receives TC
BPDUs will delete the corresponding MAC entries and ARP entries. Frequent
deletion operations will greatly affect the CPU, leading to a high CPU usage.
After the stp tc-protection command is run to enable the TC BPDU attack
defense function, the number of times that TC BPDUs are processed by the
switching device within a unit time is configurable (the default unit time is 2s, and
the default number of times is 1). If the number of TC BPDUs that the switching
device receives within a unit time exceeds the specified threshold, the switching
device handles TC BPDUs only for the specified number of times. Additional TC
BPDUs are processed by the switching device as a whole for once after the timer
(that is, the specified time period) expires. In this manner, the switching device is
prevented from frequently deleting its MAC entries and ARP entries so that the
CPU is protected against overburden.
NOTE

The value of the unit time is consistent with the Hello time and can be set using the stp
timer hello command.

Prerequisites
Before running the stp tc-protection threshold command, ensure that the stp tc-
protection command is run to enable the TC BPDU attack defense function.

Example
# Set the threshold update forwarding entries to 5.
<HUAWEI> system-view
[HUAWEI] stp tc-protection threshold 5

7.4.45 stp timer forward-delay

Function
The stp timer forward-delay command sets the value of the Forward Delay of a
switching device.
The undo stp timer forward-delay command restores the default value of the
Forward Delay.
By default, the value of the Forward Delay of a switching device is 1500
centiseconds.

Format
stp timer forward-delay forward-delay
undo stp timer forward-delay

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters

Parameter Description Value

forward-delay Specifies the value of the The value ranges from 400 to 3000
Forward Delay. centiseconds by a step of 100.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On a network running a spanning tree algorithm, if the network topology is

changed, it takes time to advertise new BPDU configuration messages on the
network. During this period, interfaces to be blocked may not be blocked in time
and interface ever blocked may not be blocked. As a result, a temporary loop may
be formed. To prevent this problem, you can use the Forward Delay timer to set a
delay time. During the delay time, all interfaces are blocked temporarily.

The stp timer forward-delay command is used to set the Forward Delay timer.

Precautions

The value of the Forward Delay timer set on the root bridge is advertised to other
devices of the same spanning tree using BPDUs. Then it becomes the value of the
Forward Delay timer of all devices in the spanning tree.

The relationships between the Hello Time, Forward Delay, and MaxAge are as
follows. The spanning tree functions properly only if the correct relationships are
established. Otherwise, frequent network flapping occurs.
● 2 x (Forward Delay - 1.0 second) >= Max Age
● Max Age >= 2 x (Hello Time + 1.0 second)

Running the stp bridge-diameter command to set the network diameter is

recommended. After the stp bridge-diameter command is run, the switching
device sets optimum values for the three parameters, Hello Time, Forward Delay,
and Max Age.

Example
# Set the Forward Delay to 2000 centiseconds.
<HUAWEI> system-view
[HUAWEI] stp timer forward-delay 2000

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.4.46 stp timer hello

Function
The stp timer hello command sets the interval of the switching device to send
BPDUs, that is, the value of the Hello Time.

The undo stp timer hello command restores the default setting.

By default, the interval of the switch to send BPDUs is 200 centiseconds.

Format
stp timer hello hello-time

undo stp timer hello

Parameters
Parameter Description Value

hello-time Specifies the interval of the The value ranges from 100 to 1000,
switch to send BPDUs. in centiseconds by a step of 100.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

On a network where a spanning tree protocol is enabled, a switching device

periodically sends BPDUs to other devices in the same spanning tree at the
interval of the Hello Time. Sending BPDUs periodically ensures that the spanning
tree is stable. The stp timer hello command can be used to set the BPDU sending
interval, that is, the Hello Time.

If no BPDUs are received by the switching device within the timeout period
(timeout period = Hello Time x 3 x Timer Factor), the spanning tree is calculated
again.
NOTE

In a spanning tree, the device closer to the root bridge is the upstream device of another
connected device.

Precautions

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The value of the Hello Time set on the root bridge is advertised to other devices of
the same spanning tree using BPDUs. Then it becomes the value of the Hello Time
of all devices in the spanning tree.
The relationships between the Hello Time, Forward Delay, and Max Age are as
follows. The spanning tree works properly only if the relationships are correctly
established. Otherwise, frequent network flapping occurs.
● 2 x (Forward Delay - 1.0 second) >= Max Age
● Max Age >= 2 x (Hello Time + 1.0 second)
Running the stp bridge-diameter command to set the network diameter is
recommended. After the stp bridge-diameter command is run, the switching
device sets optimum values for the three parameters, Hello Time, Forward Delay,
and Max Age.

Example
# Set the Hello Time to 400 centiseconds.
<HUAWEI> system-view
[HUAWEI] stp timer hello 400

7.4.47 stp timer max-age

Function
The stp timer max-age command sets the Max Age of a switching device, that is,
the BPDU aging time on a port of the switching device.
The undo stp timer max-age command restores the default setting.
By default, the Max Age of a switching device is 2000 centiseconds.

Format
stp timer max-age max-age
undo stp timer max-age

Parameters
Parameter Description Value

max-age Specifies the BPDU aging time The value ranges from 600 to 4000
on a port of the switch. in centiseconds with a step of 100.

Views
System view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario

On a network where a spanning tree protocol is enabled, a switching device

checks whether the BPDUs received from an upstream switching device time out
based on the set Max Age value. If the received BPDUs time out, the switching
device ages the BPDUs and blocks the port that receives the BPDUs. Then, the
switching device sends the BPDUs with the switching device as the root bridge.
This aging mechanism effectively controls the diameter of the spanning tree. After
the stp timer max-age command is run, the Max Age value is set to control the
timeout period of received BPDUs.
NOTE

In a spanning tree, the device closer to the root bridge is the upstream device of another
connected device.

Precautions

The value of the Max Age set on the root bridge is advertised to other devices of
the same spanning tree using BPDUs. Then it becomes the MaxAge value of all
devices in the spanning tree.

The timer MaxAge value takes effect for only the CIST and does not take effect for
MSTIs.

The relationships between the Hello Time, Forward Delay, and Max Age are as
follows. The spanning tree functions properly only if the relationships are correctly
established. Otherwise, frequent network flapping occurs.
● 2 x (Forward Delay - 1.0 second) >= Max Age
● Max Age >= 2 x (Hello Time + 1.0 second)

Running the stp bridge-diameter command to set the network diameter is

recommended. After the stp bridge-diameter command is run, the switching
device sets optimum values for the three parameters, Hello Time, Forward Delay,
and Max Age.

Example
# Set the Max Age to 1000 centiseconds.
<HUAWEI> system-view
[HUAWEI] stp timer max-age 1000

7.4.48 stp timer-factor

Function
The stp timer-factor command sets the timer factor of the timeout period of a
switching device to the Hello Time.

The undo stp timer-factor command restores the default setting.

By default, the timer factor is 3.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

NOTE

If a switching device does not receive BPDUs from an upstream device within the timeout
period (timeout period = Hello Time × 3 × Timer Factor), the spanning tree is calculated
again.

Format
stp timer-factor factor
undo stp timer-factor

Parameters
Parameter Description Value

factor Specifies the timer factor. The value ranges from 1 to 10.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a network where a spanning tree protocol is enabled, if a switching device
does not receive BPDUs from an upstream device within the timeout period, it
considers that the upstream device becomes faulty, and will recalculate the
spanning tree.
Sometimes, however, the failure of the upstream device to send BPDUs within the
timeout period is only because it is busy processing services. In this case, the
spanning tree cannot be calculated. Therefore, you can set a long timeout period
on a stable network to avoid the waste of network resources.
NOTE

In a spanning tree, the device closer to the root bridge is the upstream device of another
connected device.

Precautions
If the parameter factor is set smaller, the timeout period of the switching device to
re-calculate the spanning tree is shorter. In this case, there is a higher probability
that the switching device incorrectly considers the upstream device as being faulty.
If the parameter factor is set larger, the timeout period of the switching device to
re-calculate the spanning tree is longer. In this case, there is a higher probability
that the traffic becomes interrupted because the upstream device has become
faulty.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Set the Time-Factor of the switching device to 6.
<HUAWEI> system-view
[HUAWEI] stp timer-factor 6

7.4.49 stp transmit-limit (interface view)

Function
The stp transmit-limit command sets the maximum number of BPDUs that the
current port can send in a specified period.
The undo stp transmit-limit command restores the default maximum BPDUs.

Format
stp transmit-limit packet-number
undo stp transmit-limit

Parameters
Parameter Description Value

packet-number Specifies the maximum number of The value is an integer

BPDUs that a port can send in a that ranges from 1 to 255.
specified period.

Views
GE interface view, Eth-Trunk interface view, XGE interface view, MultiGE interface
view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a network where a spanning tree protocol is enabled, a switching device
periodically sends BPDUs to other devices in the same spanning tree with the
interval of the Hello Time. Sending BPDUs periodically ensures that the spanning
tree is stable. If the number of sent BPDUs are great in a specified period,
excessive system and bandwidth resources will be consumed.
To prevent this problem from occurring, run the stp transmit-limit command to
set the maximum number of BPDUs that can be sent by an interface in a specified
period. In this manner, the BPDU sending speed is controlled, preventing excessive
use of system and bandwidth resources by MSTP when the network topology
flaps.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Precautions
After the stp transmit-limit command is configured, the maximum number of
BPDUs sent in a specified period by the interface is determined by the set value.

Example
# Set the maximum BPDUs that GE0/0/1 can send in a specified period to 5.
<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] stp transmit-limit 5

7.4.50 stp transmit-limit (system view)

Function
The stp transmit-limit command configures the maximum number of Bridge
Protocol Data Units (BPDUs) that each interface of the local device can send per
second.
The undo stp transmit-limit command restores the maximum number of BPDUs,
which can be sent by each interface of the local device per second, to the default
value.
By default, each interface can send a maximum of 6 BPDUs per second.

Format
stp transmit-limit packet-number
undo stp transmit-limit

Parameters
Parameter Description Value

packet-number Maximum number of BPDUs that The value is an integer

each interface of the local device can ranging from 1 to 255.
send per second

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
On a network running the Spanning Tree Protocol (STP), a switch sends BPDUs to
other devices in the same spanning tree at the interval of the Hello time, to

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

maintain the spanning tree stability. If a number of BPDUs are sent every second,
system and bandwidth resources will be greatly consumed.

NOTE

You can configure the Hello time by using the stp timer hello command. The Hello time is
the length of the Hello timer and specifies the interval at which the switch sends BPDUs.

To prevent excessive usage of system and bandwidth resources, you can run the
stp transmit-limit command to configure the maximum number of BPDUs that
each interface of the local device can send per second. This configuration controls
the BPDU sending rate and prevents the Multiple Spanning Tree Protocol (MSTP)
from consuming too many system and bandwidth resources when topology
flapping occurs.

Precautions

After the stp transmit-limit command is executed, packet-number controls the

maximum number of BPDUs that each interface can send per second.

You can also configure the maximum number of BPDUs that a specific interface
can send per second by running the stp transmit-limit (interface view)
command in the view of this interface. The stp transmit-limit (interface view)
command configuration in the interface view takes precedence over the stp
transmit-limit command configuration in the system view. That is, if the stp
transmit-limit (interface view) command is configured in the view of an
interface, the stp transmit-limit command configuration in the system view does
not take effect for this interface.

Example
# Configure the maximum number of BPDUs that each interface of the local
device can send per second to 5.
<HUAWEI> system-view
[HUAWEI] stp transmit-limit 5

7.4.51 vlan-mapping modulo

Function
The vlan-mapping modulo command enables VLAN-to-instance mapping
assignment based on a default algorithm.

The undo vlan-mapping modulo command restores the default mapping.

By default, all VLANs are mapped to CIST, namely, spanning tree instance 0.

Format
vlan-mapping modulo modulo

undo vlan-mapping modulo

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value
modulo Specifies the value of a The value is an integer ranging from
module. 1 to 48.

Views
MST region view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

MSTP divides a switching network into multiple regions, each of which has
multiple spanning trees that are independent of each other. Each spanning tree is
called an MSTI and each region is called an MST region.

Two switching devices belong to the same MST region only when they have the
following same configurations:
● MST region name
● Mappings between MSTIs and VLANs
● MST region revision level

The vlan-mapping modulo command is used to enable VLAN-to-instance

mapping assignment based on a default algorithm.
NOTE

In the command, vlan-mapping modulo indicates that the formula (VLAN ID-1)%modulo
+1 is used. In the formula, (VLAN ID-1)%modulo means the remainder of (VLAN ID-1)
divided by the value of modulo. This formula is used to map a VLAN to the corresponding
MSTI. The calculation result of the formula is ID of the mapping MSTI. For example, if the
modulus is 16, the switch maps VLAN 1 to MSTI 1, VLAN 2 to MSTI 2 VLAN 16 to MSTI 16,
VLAN 17 to MSTI 1, and so on.

Precautions

The instance instance-id vlan { vlan-id [ to vlan-id ] }&<1-10> command is

recommended because VLAN-to-instance mapping assignments cannot meet
actual mapping requirements.

Example
# Map all VLANs to spanning tree instances modulo 16.
<HUAWEI> system-view
[HUAWEI] stp region-configuration
[HUAWEI-mst-region] vlan-mapping modulo 16

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.5 IPv4 Configuration Commands

7.5.1 ip address
Function
The ip address command configures an IP address for an interface.
The undo ip address command deletes an IP address from an interface.
By default, no IP address is configured for an interface.

Format
ip address ip-address { mask | mask-length } [ sub ]
undo ip address [ ip-address { mask | mask-length } [ sub ] ]

Parameters
Parameter Description Value

ip-address { mask | Specifies the IP address ● The value of ip-

mask-length } of an interface. address is in dotted
● ip-address specifies decimal notation.
the IP address. ● The value of mask is
● mask specifies the in dotted decimal
mask of the IP notation.
address. ● The value of mask-
● mask-length specifies length is an integer
the mask length of IP that ranges from 0 to
address. 32.

sub Configures a secondary -

IP address for an
interface.

Views
VLANIF interface view, loopback interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The ip address command configures IP addresses for interfaces on the wireless

access point so that the wireless access point can communicate with different
network segments. To connect an interface to multiple network segments,
configure multiple IP addresses for the interface. Among these IP addresses, one is
the primary IP address and the others are secondary IP addresses. If you configure
a new primary IP address for the interface, the new IP address overrides the
original one.

● The undo ip address command deletes all IP addresses from an interface.

● The undo ip address ip-address { mask | mask-length } command deletes the
primary IP address of an interface.
● The undo ip address ip-address { mask | mask-length } sub command deletes
a secondary IP address.

Precautions

You must delete all secondary IP addresses before deleting the primary IP address.

Example
# Configure a primary IP address 192.168.0.1 and a secondary IP address
10.38.160.1 for VLANIF100, with subnet mask 255.255.255.0.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 192.168.0.1 255.255.255.0
[HUAWEI-Vlanif100] ip address 10.38.160.1 255.255.255.0 sub

7.6 ARP Configuration Commands

7.6.1 arp detect-mode unicast

Function
The arp detect-mode unicast command configures an interface to send ARP
aging probe packets in unicast mode.

The undo arp detect-mode unicast command restores the default configuration
of detection modes on an interface.

By default, an interface broadcasts ARP aging probe packets.

Format
arp detect-mode unicast

undo arp detect-mode unicast

Parameters
None

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Before an ARP entry is aged, the interface periodically sends ARP aging probe
packets at a set interval to update ARP entries. The device deletes an ARP entry if
it does not receive a reply after a specified number of probes. The aging probe
packet can be a unicast or broadcast packet.
When a non-Huawei device connected to a Huawei wireless access point receives
an ARP aging probe packet whose destination MAC address is a broadcast address,
the non-Huawei device checks the ARP table. If the mapping between the IP
address and the MAC address of the Huawei wireless access point exists in the
ARP table, the non-Huawei device discards the ARP aging probe packet. Then the
Huawei wireless access point cannot receive a response and deletes the
corresponding ARP entry. As a result, traffic from the non-Huawei device cannot
be forwarded. Therefore, when a non-Huawei device is connected to a Huawei
wireless access point, configure the Huawei switch to unicast ARP aging probe
packets. The non-Huawei device needs to respond to the ARP aging probe packet.
Precautions
If the IP address of the peer device remains the same but the MAC address
changes frequently, it is recommended that you configure ARP aging probe
packets to be broadcast.
When the MAC address of the peer device remains the same, and the bandwidth
of the network is insufficient, it is recommended that you set the interface to send
ARP aging probe packets in unicast mode.

Example
# Configure an interface to send ARP aging probe packets in unicast mode.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp detect-mode unicast

7.6.2 arp detect-times

Function
The arp detect-times command sets the number of ARP probes for aging
dynamic ARP entries.
The undo arp detect-times command restores the default number of ARP probes
for aging dynamic ARP entries.
By default, the number of ARP probes for aging dynamic ARP entries is 3.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
arp detect-times detect-times

undo arp detect-times

Parameters
Parameter Description Value
detect-times Specifies the number of ARP The value is an integer ranging
probes for aging dynamic ARP from 0 to 10. The default value is
entries. 3.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The arp detect-times command sets the number of ARP probes for aging
dynamic ARP entries to reduce address resolution errors. Before aging a dynamic
ARP entry, the system first performs probes. If no response is received after the
number of probes reaches the upper limit, the ARP entry is deleted.

Precautions

If the number of ARP probes is set to 0, the system directly deletes expired ARP
entries.

Example
# Set the number of ARP probes to 5 on VLANIF 10.
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp detect-times 5

7.6.3 arp expire-time

Function
The arp expire-time command sets the aging time of dynamic ARP entries.

The undo arp expire-time command restores the default aging time of dynamic
ARP entries.

By default, the aging time of dynamic ARP entries is 1200 seconds, that is, 20
minutes.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
arp expire-time expire-time
undo arp expire-time

Parameters
Parameter Description Value

expire-time Specifies the aging time The value is an integer ranging from 30
of dynamic ARP entries. to 62640, in seconds. The default value
is 1200 seconds, that is, 20 minutes.

Views
VLANIF interface view, GE interface view, Ethernet interface view, MultiGE
interface view, XGE interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The arp expire-time command sets the aging time of dynamic ARP entries to
reduce address resolution errors.
Precautions
After proxy ARP is enabled, the aging time of ARP entries on hosts should be
shortened so that invalid ARP entries can be deleted as soon as possible. Then IP
packet forwarding failures decrease on the router.

Example
# Set the aging time of dynamic ARP entries to 600s on VLANIF 10.
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp expire-time 600

7.6.4 arp fixup

Function
The arp fixup command enables fixed ARP on a specific interface so that the
interface can convert generated dynamic ARP entries to static ARP entries.

Format
arp fixup

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

To prevent a network attacker from sending pseudo ARP packets to modify ARP
entries on a device, run the arp fixup command on the VLANIF interface to enable
fixed ARP. Running this command converts dynamic ARP entries that are
generated on the interface to static ARP entries.

Prerequisites

ARP automatic scanning has been enabled using the arp scan command.

NOTE
ARP automatic scanning is generally used with fixed ARP. A device can use ARP automatic
scanning to generate dynamic ARP entries about all its neighbor devices. Then the device
can use fixed ARP to convert the dynamic ARP entries to static ARP entries. This process
prevents a network from attacks.

Precautions

● The number of static ARP entries converted by fixed ARP must be below the
upper limit of static ARP entries that a device can generate. If the device has a
maximum of static ARP entries, subsequent dynamic ARP entries cannot be
converted into static ones. The limit of static ARP entries may cause some
dynamic ARP entries to be fixed. In this case, the device prompts you with an
error message.
● Like configured static ARP entries, static ARP entries converted by fixed ARP
can be deleted one by one using the undo arp static command or deleted
altogether using the reset arp command.

Example
# Enable fixed ARP.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp fixup
Warning: This operation may generate configuration of static ARP, and take a lon
g time, press CTRL+C to break. Continue?[Y/N]:y
Processing...
Info: ARP fixup is completed.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.5 arp ip-conflict-detect enable

Function
The arp ip-conflict-detect enable command enables the function to detect IP
address conflicts.

The undo arp ip-conflict-detect enable command disables the function to detect
IP address conflicts.

By default, the function to detect IP address conflicts is disabled.

Format
arp ip-conflict-detect enable

undo arp ip-conflict-detect enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
When an IP address conflict occurs between network devices, it causes high CPU
usage and route flapping. User services will be affected and even interrupted. To
help users better manage the address of a network device and to prevent IP
address conflicts from affecting user services, run the arp ip-conflict-detect
enable command to enable the function to detect IP address conflicts.

When receiving a non-gratuitous ARP packet, the device compares the source IP
address and the source MAC address of this ARP packet with that of the ARP entry
learned on the device. If the source IP address and the IP address in the ARP entry
are the same but the source MAC address and the MAC address in the ARP entry
are different, the client considers that an IP address conflict occurs in the network.

Example
# Enable the function to detect IP address conflicts.
<HUAWEI> system-view
[HUAWEI] arp ip-conflict-detect enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.6 arp scan

Function
The arp scan command enables ARP automatic scanning on an interface so that
the interface can send ARP Request packets to all interfaces whose IP addresses
are in the same network segment with the IP address of the interface.

Format
arp scan [ start-ip-address to end-ip-address ]

Parameters
Parameter Description Value
start-ip-address Specifies a start IP address for ARP The value is in
automatic scanning. dotted decimal
notation.
The start IP address must be less than or
equal to the end IP address.

end-ip-address Specifies an end IP address for ARP The value is in

automatic scanning. dotted decimal
notation.
The end IP address must be greater than or
equal to the start IP address.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The arp scan command enables ARP automatic scanning to allow a device rapidly
learn MAC addresses from the neighbor devices whose IP addresses are in the
same network segment and generate corresponding ARP entries.
Follow-up Procedure
Enable fixed ARP using the arp fixup command.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Precautions
● A start IP address and an end IP address within a specific IP address range
must be in the same network segment with the IP address of the VLANIF
interface. The IP address of the VLANIF interface can be either the primary IP
address or a configured secondary IP address. The start IP address must be
less than or equal to the end IP address.
● If no IP address range is specified, ARP automatic scanning enables a device
to scan all its neighbor devices whose IP addresses are in the same network
segment with the primary IP address of the VLANIF interface.
● If a device has already obtained a MAC address corresponding to the IP
address, ARP automatic scanning is not performed on the device.
● ARP automatic scanning consumes system resources. You are advised to
perform ARP automatic scanning when system resources are available. Other
operations should not be performed during scanning.
● ARP automatic scanning may be time-consuming. You can press Ctrl_C to
stop ARP automatic scanning. If a device receives ARP Reply packets from its
neighbor devices when ARP automatic scanning is stopped, the device
generates dynamic ARP entries about its neighbors. Run the display arp all
command to view all dynamic ARP entries that the device has generated.

Example
# Enable ARP automatic scanning.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp scan

7.6.7 arp static

Function
The arp static command configures static ARP entries.
The undo arp static command deletes static ARP entries.
By default, the ARP mapping table is empty and address mappings are obtained
using dynamic ARP.

Format
arp static ip-address mac-address [ vid vlan-id [ interface interface-type
interface-number ] ]
undo arp static ip-address [ mac-address ] [ vid vlan-id interface interface-type
interface-number ]

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

ip-address Specifies the IP address in a static The value is in dotted

ARP entry. decimal notation.

mac-address Specifies the MAC address of a The value is in H-H-H

static ARP entry. format. An H contains
four hexadecimal
numbers.

interface Specifies the outbound interface -

interface-type of a static ARP packet.
interface-number
● interface-type specifies the
interface type.
● interface-number specifies the
interface number.

vid vlan-id Specifies the ID of the VLAN to The value is an integer

which a static ARP entry belongs. ranging from 1 to 4094.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

To ensure security and facilitate management, you may need to configure

mappings between IP addresses and MAC addresses. In this case, run the arp
static command to configure a fixed ARP mapping entry that maps an IP address
to a MAC address.

A static ARP entry cannot be dynamically modified.

A static ARP entry is used in the following situations:

● Direct the packets whose destination IP addresses are not on the local
network segment to a gateway on the local network segment so that the
packets can be forwarded by the gateway.
● Bind the destination IP addresses of invalid packets to a nonexistent MAC
address so that the invalid packets are filtered out.

Precautions

If a static ARP entry to be created exists, the system updates the entry.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

After a static ARP entry is configured, it cannot be dynamically updated.

The IP address specified by ip-address and the IP address of the outbound
interface specified by interface must be on the same network segment.

Example
# Configure a static ARP entry that maps the IP address 10.0.0.1 to the MAC
address aaaa-fccc-1212.
<HUAWEI> system-view
[HUAWEI] arp static 10.0.0.1 aaaa-fccc-1212

7.6.8 arp topology-change disable

Function
The arp topology-change disable command disables a device from aging or
deleting ARP entries in response to network topology changes.
The undo arp topology-change disable command enables a device to age or
delete ARP entries in response to network topology changes.
By default, when the network topology changes, ARP entries are aged or deleted.

Format
arp topology-change disable
undo arp topology-change disable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Usually, when a ring protocol detects a network topology change, it will send a
protocol packet to notify the ARP module to age or delete ARP entries. Then the
device will re-learn ARP entries.
However, if the network topology changes frequently or a device has a large
number of ARP entries, re-learning of ARP entries will cause flooding of ARP
entries, consuming mass network resources and affecting other services running
on the device. To avoid this problem, the arp topology-change disable command

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

can be used to disable a device from aging or deleting ARP entries for network
topology changes.

Example
# Disable the device from aging or deleting ARP entries for network topology
changes.
<HUAWEI> system-view
[HUAWEI] arp topology-change disable
Warning: This operation will not age or delete dynamic ARP entries when the topology changes,continue?
[Y/N]:y

7.6.9 arp-proxy enable

Function
The arp-proxy enable command enables routed proxy ARP on an interface.
The undo arp-proxy enable command disables routed proxy ARP on an interface.
By default, routed proxy ARP is disabled on an interface.

Format
arp-proxy enable
undo arp-proxy enable

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If two hosts on different physical networks of the same logical network segment
are not configured with the default gateways, you can use the arp-proxy enable
command to enable routed proxy ARP on a device between the two hosts to
resolve IP addresses of the hosts.
Precautions
Routed ARP proxy allows hosts on different physical networks of the same logical
network segment to communicate. The IP addresses of the hosts on a subnet have
the same network ID; therefore, the default gateway address does not need to be
configured on the hosts.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Enable routed proxy ARP on VLANIF 10.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp-proxy enable

7.6.10 arp-proxy inner-sub-vlan-proxy enable

Function
The arp-proxy inner-sub-vlan-proxy enable command enables intra-VLAN proxy
ARP.

The undo arp-proxy inner-sub-vlan-proxy enable command disables intra-VLAN

proxy ARP.

By default, intra-VLAN proxy ARP is disabled.

Format
arp-proxy inner-sub-vlan-proxy enable

undo arp-proxy inner-sub-vlan-proxy enable

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
If host isolation is configured on the wireless access point, you need to configure
intra-VLAN proxy ARP to allow hosts to communicate in a VLAN.

Example
# Enable intra-VLAN proxy ARP on VLANIF 10.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp-proxy inner-sub-vlan-proxy enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.11 arp-proxy inter-sub-vlan-proxy enable

Function
The arp-proxy inter-sub-vlan-proxy enable command enables inter-VLAN proxy
ARP.

The undo arp-proxy inter-sub-vlan-proxy enable command disables inter-VLAN

proxy ARP.

By default, inter-VLAN proxy ARP is disabled.

Format
arp-proxy inter-sub-vlan-proxy enable

undo arp-proxy inter-sub-vlan-proxy enable

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
To allow users in different VLANs to communicate at Layer 3, you must enable
inter-VLAN proxy ARP on the interface.

After inter-VLAN proxy ARP is enabled and packets are sent from different VLANs
but do not have the corresponding ARP entries, ARP packets are replicated in all
VLANs on the involved sub-interface. If a lot of VLANs are configured, a large
number of ARP packets need to be replicated, causing heavy burden on the peer
device and abnormalities (such as high CPU usage and broadcast suppression) on
downstream devices. In addition, the local device may fail to send ARP packets in
time due to the replication of a large number of packets, which may lead to ARP
learning failures. Therefore, do not configure too many VLANs on an interface.

Example
# Enable inter-VLAN proxy ARP on VLANIF 10.
<HUAWEI> system-view
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] arp-proxy inter-sub-vlan-proxy enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.12 arp send-packet

Function
The arp send-packet command configures the ARP unicast detection function.

Format
arp send-packet ip-address mac-address interface interface-type interface-
number [ vid vid ]

Parameters
Parameter Description Value

ip-address Specifies a destination IP This value is in dotted

address for a unicast ARP decimal notation.
request packet to be sent.

mac-address Specifies a destination MAC The value is in H-H-H

address for a unicast ARP format. H is a hexadecimal
request packet to be sent. number of 4 digits. mac-
address cannot be FFFF-
FFFF-FFFF.

interface Specifies the type and number -

interface-type of an interface for sending out a
interface-number unicast ARP request packet.

vid vid Specifies an outer tag value for The value is an integer
a unicast ARP request packet to ranging from 1 to 4094.
be sent.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To check whether a peer device is reachable and learn a peer device's MAC
address, run the arp send-packet command to configure a local interface to send
a unicast ARP request packet that carries the peer device's IP and MAC addresses
as the destination addresses.
● If the peer is reachable, the peer sends an ARP reply packet to the local
device. Then, the local device uses information carried in the ARP reply packet
to create or update an ARP entry for the peer.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● If the peer is unreachable, the peer device does not send an ARP reply packet.
The local device does not generate an ARP entry.

The ARP entries learned or updated by the local device will be deleted after their
aging time expires and can be updated again after the local device receives ARP
request packets from the peer device.

Example
# Configure VLANIF10 to send a unicast ARP request packet that carries the
destination IP address 10.1.1.1 and destination MAC address 5489-98f4-786e.
<HUAWEI> arp send-packet 10.1.1.1 5489-98f4-786e interface vlanif 10

7.6.13 arp-suppress enable

Function
Using the arp-suppress enable command, you can enable ARP suppression.

Using the undo arp-suppress command, you can disable ARP suppression.

By default, ARP suppression is disabled but is enabled on VLANIF interfaces.

Format
arp-suppress enable

undo arp-suppress

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
If the system receives a great number of ARP packets from the same source at a
time, it needs to update ARP entries repeatedly, causing performance
deterioration. To ensure system performance, you can enable ARP suppression. The
system then only responds to ARP Request packets but does not update ARP
entries.

If ARP suppression is enabled for all interfaces, ARP entries on some interfaces
cannot be updated temporarily. ARP suppression is applicable to only VLANIF
interfaces. By default, it always takes effect on VLANIF interfaces. It can be
configured on other logical interfaces.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

After the undo arp-suppress command is executed, ARP suppression is enabled

only on VLANIF interfaces.

Example
# Enable ARP suppression.
<HUAWEI> system-view
[HUAWEI] arp-suppress enable

7.6.14 display arp

Function
The display arp command displays all ARP mapping entries.

Format
display arp [ all | brief ]

Parameters
Parameter Description Value

all Displays all ARP -

mapping entries.

brief Displays brief -

information about ARP
mapping entries.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
This command displays all ARP mapping entries, including the aging time of ARP
entries, ARP entry type, and VPN instance to which ARP entries belong.

Example
# Display all ARP mapping entries.
<HUAWEI> display arp all
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE
VLAN
------------------------------------------------------------------------------
192.168.120.251 60de-4474-9640 I - Vlanif1
192.168.120.1 7054-f5df-9b40 6 D-0 GE0/0/0

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

1
192.168.120.252 04f9-3895-8300 20 D-0 GE0/0/0
1
------------------------------------------------------------------------------
Total:3 Dynamic:2 Static:0 Interface:1

# Display brief information about all ARP mapping entries.

<HUAWEI> display arp brief
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VLAN/CEVLAN
------------------------------------------------------------------------------
192.168.120.251 60de-4474-9640 I - Vlanif1
192.168.120.1 7054-f5df-9b40 3 D-0 GE0/0/0 1/-
192.168.120.252 04f9-3895-8300 19 D-0 GE0/0/0 1/-
------------------------------------------------------------------------------
Total:3 Dynamic:2 Static:0 Interface:1

Table 7-32 Description of the display arp command output

Item Description

IP ADDRESS IP address in the ARP entry.

MAC ADDRESS MAC address in the ARP entry.

EXPIRE(M) Remaining lifetime of ARP entries, in

minutes.

TYPE ARP entry type and slot ID of the LPU that

obtains the entry. The entry type contains 3
bits. The first bit can be any of the
following:
● I: Interface, indicating the MAC address
of the interface
● D: Dynamic, indicating the dynamic
entry obtained through the ARP packet
● S: Static, indicating the static entry
obtained through static configuration
If the second bit is F, the ARP entry has
been reported to the routing module, the
route to this IP address has been
calculated, and the entry in the FIB has
been updated. If the entry is not reported
to the routing module, this field displays
"-".
NOTE
For the ARP entry with the type as "I", this flag
bit does not exist.
The third bit indicates the slot ID of the
LPU that obtains the entry.
NOTE
For the ARP entry with the type as "I" or "S",
this field displays "-".

VPN-INSTANCE Name of the VPN instance to which the

ARP entry belongs.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

INTERFACE Type and number of the interface that has

learnt ARP entries.

VLAN ID of the VLAN to which the ARP entry

belongs. The value is set using the vlan
command.

Total Total number of ARP entries in the ARP

mapping table.

Dynamic Number of dynamic ARP entries in the ARP

mapping table.

Static Number of static ARP entries in the ARP

mapping table.

Interface Number of ARP entries in the ARP mapping

table on the local interface.

7.6.15 display arp dynamic

Function
The display arp dynamic command displays all dynamic ARP entries.

Format
display arp dynamic

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# Display all dynamic ARP mapping entries.
<HUAWEI> display arp dynamic
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

VLAN
------------------------------------------------------------------------------
192.168.120.251 60de-4474-9640 I - Vlanif1
192.168.120.1 7054-f5df-9b40 15 D-0 GE0/0/0
1
192.168.120.252 04f9-3895-8300 19 D-0 GE0/0/0
1
------------------------------------------------------------------------------
Total:3 Dynamic:2 Static:0 Interface:1

Table 7-33 Description of the display arp dynamic command output

Item Description

IP ADDRESS IP address in the ARP entry.

MAC ADDRESS MAC address in the ARP entry.

EXPIRE(M) Remaining lifetime of ARP entries, in

minutes.

TYPE ARP entry type and slot ID of the LPU that

obtains the entry. The entry type contains 3
bits. The first bit can be any of the
following:
● I: Interface, indicating the MAC address
of the interface
● D: Dynamic, indicating the dynamic
entry obtained through the ARP packet
● S: Static, indicating the static entry
obtained through static configuration
The second bit can only be F, indicating
that the ARP entry has been reported to
the routing module, the route to this IP
address has been calculated, and the entry
in the FIB has been updated.
NOTE
If the entry is not reported to the routing
module, this field displays "-". For the ARP entry
with the type as "I", this flag bit does not exist.
The third bit indicates the slot ID of the
LPU that obtains the entry.
NOTE
For the ARP entry with the type as "I" or "S",
this field displays "-".

VPN-INSTANCE Name of the VPN instance to which the

ARP entry belongs.

INTERFACE Type and number of the interface that has

learnt ARP entries.

VLAN ID of the VLAN to which the ARP entry

belongs. The value is set using the vlan
command.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Total Total number of ARP entries in the ARP

mapping table.

Dynamic Number of dynamic ARP entries in the ARP

mapping table.

Static Number of static ARP entries in the ARP

mapping table.

Interface Number of ARP entries in the ARP mapping

table on the local interface.

7.6.16 display arp error packet

Function
The display arp error packet command displays the latest ten ARP error packets.

Format
display arp error packet

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
If a device cannot learn ARP entries, you can run this command to check the latest
received ARP error packets. The ARP error packets help locate the fault.

Example
# Display the latest ten ARP error packets.
<HUAWEI> display arp error packet
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:34:53]:
00 01 08 00 06 04 00 01 00 25 9E 4B 1F 75 0A 8A
4E 02 00 00 00 00 00 00 0A 8A 4E FF 00 00 00 00
00 00 00 00 00 00 FF FF FF FF FF FF 00 25
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:34:54]:
00 01 08 00 06 04 00 01 00 13 72 FD E7 1C 0A 8A
4E 98 00 00 00 00 00 00 0A 8A 4E 30 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:34:55]:
00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A
4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:05]:
00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A
4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:05]:
00 01 08 00 06 04 00 01 00 E0 FC 8F B2 DD 0A 8A
4E 01 00 00 00 00 00 00 0A 8A 4F FA 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:08]:
00 01 08 00 06 04 00 01 00 0F E2 5C 8C EA AC 12
3E FE 00 00 00 00 00 00 AC 12 3E FE 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:11]:
00 01 08 00 06 04 00 01 00 1B B9 78 25 2E 0A 8A
4E A5 00 00 00 00 00 00 0A 8A 4E 2D 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:15]:
00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A
4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:19]:
00 01 08 00 06 04 00 01 00 13 72 9B 21 A7 0A 8A
4E 82 00 00 00 00 00 00 0A 8A 4E 01 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------------------------------------------------
[interface = Vlanif10, time = 2010-05-24 20:35:22]:
00 01 08 00 06 04 00 01 00 E0 FC 8F B2 DD 0A 8A
4E 01 00 00 00 00 00 00 0A 8A 4F FA 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00

Table 7-34 Description of the display arp error packet command output

Item Description

interface Interface name.

time Time when an ARP error packet is received.

7.6.17 display arp interface

Function
The display arp interface command displays ARP mapping entries of a specified
interface.

Format
display arp interface interface-type interface-number

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

interface-type interface- Specifies the type and -

number number of an interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To monitor dynamic ARP entries or locate the faults in ARP, you can run this
command to check the ARP entries.

Example
# Display all the ARP entries of VLANIF 10.
<HUAWEI> display arp interface vlanif 10
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE
VLAN
------------------------------------------------------------------------------
192.168.78.1 dcd2-fcf9-b5ca I- Vlanif10
------------------------------------------------------------------------------
Total:1 Dynamic:0 Static:0 Interface:1

Table 7-35 Description of the display arp interface command output

Item Description

IP ADDRESS IP address in the ARP entry.

MAC ADDRESS MAC address in the ARP entry.

EXPIRE(M) Remaining lifetime of the ARP entry, in

minutes.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

TYPE ARP entry type and slot ID of the LPU that

obtains the entry. The entry type contains 3
bits. The first bit can be any of the
following:
● I: Interface, indicating the MAC address
of the interface
● D: Dynamic, indicating the dynamic
entry obtained through the ARP packet
● S: Static, indicating the static entry
obtained through static configuration
The second bit can only be F, indicating
that the entry is reported to the routing
module, the route to this IP address is
calculated, and entries in the FIB are
correspondingly updated.
NOTE
If the entry is not reported to the routing
module, this field displays "-". For the ARP entry
with the type as "I", this flag bit does not exist.
The third bit indicates the slot ID of the
LPU that obtains the entry.
NOTE
For the ARP entry with the type as "I" or "S",
this field displays "-".

INTERFACE Type and number of the interface that has

learnt ARP entries.

VPN-INSTANCE Name of the VPN instance to which the

ARP entry belongs.

VLAN ID of the VLAN to which the ARP entry

belongs. The value is set using the vlan
command.

Total: 1 One ARP entry exists in the ARP mapping

table.

Dynamic: 0 No dynamic ARP entry exists in the ARP

mapping table.

Static: 0 No static ARP entry exists in the ARP

mapping table.

Interface: 1 One ARP entry of the local interface exists

in the ARP mapping table.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.18 display arp ip-conflict track

Function
The display arp ip-conflict track command displays recorded information about
the detected IP address conflict.

Format
display arp ip-conflict track

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

Route flapping caused by IP address conflicts affects user services. To help users
quickly locate IP conflicts to better manage IP addresses of network devices, run
the display arp ip-conflict track command to view the recorded information
about the detected IP address conflict.

NOTE
The maximum number of IP conflict information that can be recorded by the system is 200,
and the oldest recorded information will be covered by newly added if the conflicted IP
address is more than 200.

Example
# Display the information of the detected IP address conflict.
<HUAWEI> display arp ip-conflict track

Conflict type : Local IP conflict

IP address : 192.168.1.1
System time : 2011-11-19 03:22:16+08:00
Conflict count :1
Suppress count :0
Local interface : Vlanif1001
Receive interface : GE0/0/1
Receive VLAN/CEVLAN : 1001/0
Receive MAC : 0000-0a88-36f5

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Table 7-36 Description of the display arp ip-conflict track command output

Item Description

Conflict type IP address conflict type

IP address Conflicting IP address

System time System time when an IP conflict occurred

Conflict count Total number of the IP conflict times

NOTE
The field is displayed as 0 if the ARP entry
corresponding to the IP address expires or is
deleted.

Suppress count Number of the suppressed IP conflicts

NOTE
The field is displayed as 0 if the ARP entry
corresponding to the IP address expires or is
deleted.

Local interface Interface recorded in the ARP entry of the

IP address

Receive interface Interface that receives the ARP packet with

duplicate IP address

Receive VLAN/CEVLAN VLAN and CEVLAN configured on the

interface that receives the ARP packet with
duplicate IP address

Receive MAC Source MAC address of the second ARP

packet with duplicate IP address

7.6.19 display arp network

Function
The display arp network command displays ARP mapping entries of a specified
network segment.

Format
display arp network net-number [ net-mask | mask-length ] [ dynamic | static ]

Parameters
Parameter Description Value

net-number Specifies the network ID. The value is in dotted

decimal notation.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

net-mask Specifies the subnet The value is in dotted

mask. decimal notation.

mask-length Specifies the mask The value is a decimal

length. integer ranging from 1
to 32.

dynamic Displays dynamic ARP -

entries of a specified
network segment.

static Displays static ARP -

entries of a specified
network segment.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# Display all ARP entries of the network segment with network ID 10.10.0.0 and
subnet mask 255.255.0.0.
<HUAWEI> display arp network 10.10.0.0 255.255.0.0
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE
VLAN
------------------------------------------------------------------------------
10.10.20.9 0018-2000-0083 I- Vlanif1
10.10.10.6 0018-2000-0083 I- Vlanif20
------------------------------------------------------------------------------
Total:2 Dynamic:0 Static:0 Interface:2

Table 7-37 Description of the display arp network command output

Item Description

IP ADDRESS IP address in the ARP entry.

MAC ADDRESS MAC address in the ARP entry.

EXPIRE(M) Remaining lifetime of ARP entries, in

minutes.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

TYPE ARP entry type and slot ID of the LPU that

obtains the entry. The entry type contains 3
bits. The first bit can be any of the
following:
● I: Interface, indicating the MAC address
of the interface
● D: Dynamic, indicating the dynamic
entry obtained through the ARP packet
● S: Static, indicating the static entry
obtained through static configuration
The second bit can only be F, indicating
that the ARP entry has been reported to
the routing module, the route to this IP
address has been calculated, and the entry
in the FIB has been updated.
NOTE
If the entry is not reported to the routing
module, this field displays "-". For the ARP entry
with the type as "I", this flag bit does not exist.
The third bit indicates the slot ID of the
LPU that obtains the entry.
NOTE
For the ARP entry with the type as "I" or "S",
this field displays "-".

VPN-INSTANCE Name of the VPN instance to which the

ARP entry belongs.

INTERFACE Type and number of the interface that has

learnt ARP entries.

VLAN ID of the VLAN to which the ARP entry

belongs. The value is set using the vlan
command.

Total Total number of ARP entries in the ARP

mapping table.

Dynamic Number of dynamic ARP entries in the ARP

mapping table.

Static Number of static ARP entries in the ARP

mapping table.

Interface Number of ARP entries in the ARP mapping

table on the local interface.

7.6.20 display arp packet statistics

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Function
The display arp packet statistics command displays the statistics on ARP-based
packets.

Format
display arp packet statistics

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To locate and rectify ARP faults, you can run this command to the statistics on
ARP-based packets.

Example
# Display the statistics on ARP-based packets.
<HUAWEI> display arp packet statistics
ARP Pkt Received: sum 10088
ARP Learnt Count: sum 52
ARP Pkt Discard For Limit: sum 0
ARP Pkt Discard For SpeedLimit: sum 31
ARP Pkt Discard For Proxy Suppress: sum 307
ARP Pkt Discard For Other: sum 9274

Table 7-38 Description of the display arp packet statistics command output

Item Description

ARP Pkt Received Number of the received ARP packets.

ARP Learnt Count Times of ARP learning.

ARP Pkt Discard For Limit Number of ARP packets discarded due to
the ARP entry limit.

ARP Pkt Discard For SpeedLimit Number of ARP packets discarded when
the number of ARP packets from a
specified source IP address exceeds the
limit.

ARP Pkt Discard For Proxy Suppress Number of packets discarded for the
speed limit.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

ARP Pkt Discard For Other Number of the packets discarded due to
other causes.

7.6.21 display arp static

Function
The display arp static command displays all static ARP mapping entries.

Format
display arp static

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
None

Example
# Display all static ARP entries.
<HUAWEI> display arp static
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE
VLAN
------------------------------------------------------------------------------
172.16.1.1 0efc-0505-86e3 S--
10/-
192.168.0.1 0e00-fc01-0000 S--
10.0.0.1 aa00-fcc0-1200 S--
3/-
------------------------------------------------------------------------------
Total:3 Dynamic:0 Static:3 Interface:0

Table 7-39 Description of the display arp static command output

Item Description

IP ADDRESS IP address in the ARP entry.

MAC ADDRESS MAC address in the ARP entry.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

EXPIRE(M) Remaining lifetime of ARP entries, in

minutes.

TYPE ARP entry type and slot ID of the LPU that

obtains the entry. The entry type contains 3
bits. The first bit can be any of the
following:
● I: Interface, indicating the MAC address
of the interface
● D: Dynamic, indicating the dynamic
entry obtained through the ARP packet
● S: Static, indicating the static entry
obtained through static configuration
The second bit can only be F, indicating
that the ARP entry has been reported to
the routing module, the route to this IP
address has been calculated, and the entry
in the FIB has been updated.
NOTE
If the entry is not reported to the routing
module, this field displays "-". For the ARP entry
with the type as "I", this flag bit does not exist.
The third bit indicates the slot ID of the
LPU that obtains the entry.
NOTE
For the ARP entry with the type as "I" or "S",
this field displays "-".

VPN-INSTANCE Name of the VPN instance to which the

ARP entry belongs.

INTERFACE Type and number of the interface that has

learnt ARP entries.

VLAN ID of the VLAN to which the ARP entry

belongs. The value is set using the vlan
command.

Total Total number of ARP entries in the ARP

mapping table.

Dynamic Number of dynamic ARP entries in the ARP

mapping table.

Static Number of static ARP entries in the ARP

mapping table.

Interface Number of ARP entries in the ARP mapping

table on the local interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.22 display arp statistics

Function
The display arp statistics command displays ARP entry statistics.

Format
display arp statistics { all | interface interface-type interface-number }

Parameters

Parameter Description Value

all Displays ARP entry statistics of the system. -
interface interface-type Displays ARP entry statistics of a specified -
interface-number interface.

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
To monitor ARP entries or locate the faults in ARP, you can run this command to
check ARP entry statistics.

Example
# Display ARP entry statistics.
<HUAWEI> display arp statistics all
Dynamic:1 Static:0

Table 7-40 Description of the display arp statistics all command output

Item Description

Dynamic Number of dynamic ARP entries.

Static Number of static ARP entries.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.6.23 display arp track

Function
The display arp track command displays changes of outbound interfaces in ARP
entries learned by a VLANIF interface.

Format
display arp track

Parameters
None

Views
All views

Default Level
1: Monitoring level

Usage Guidelines
Usage Scenario

If the outbound interfaces change in ARP entries learned by a VLANIF interface,

traffic may be interrupted. In this case, run the display arp track command to
check changes of outbound interfaces and time of changes.

Precautions

After the display arp track command is executed, changes of ARP entries are
displayed in the following situations:
● Outbound interfaces in dynamic ARP entries learnt by the VLANIF interface
change to other interfaces.
● No outbound interface is specified in the static ARP entries. The outbound
interface changes to other interfaces.
● Dynamic ARP entries or static ARP entries in which no VLAN ID or outbound
interface is specified are deleted.

Changes of ARP entries cannot be displayed in the following situations:

● ARP entries change on a non-VLANIF interface.
● New ARP entries are learnt.
● The VLAN ID and outbound interface are manually specified in static ARP
entries.

Example
# Display changes of ARP entries.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> display arp track

Operate Flags: M - Modify, D - Delete
--------------------------------------------------------------------------------
Op IP-Address MAC-Address VLAN Old-Port New-Port System-Time
--------------------------------------------------------------------------------
D 192.168.129.100 0053-6721-9e00 2001 GE0/0/0 02-23 23:52:51+
08:00
D 192.168.129.100 0053-6721-9e00 2001 GE0/0/0 02-27 15:18:02+
08:00

Table 7-41 Description of the display arp track command output

Item Description

Op Operation identifier.
● M: Modify, indicating that the outbound
interface changes.
● D: Delete, indicating that the ARP entry
is deleted.

IP-Address IP address in the ARP entry.

MAC-Address MAC address in the ARP entry.

VLAN ID of the VLAN to which the VLANIF

interface belongs.

Old-Port Original outbound interface in the ARP

entry.

New-Port New outbound interface in the ARP entry.

System-Time System time when the outbound interface

changes.

7.6.24 display snmp-agent trap feature-name arp all

Function
The display snmp-agent trap feature-name arp all command displays all trap
messages of the ARP module.

Format
display snmp-agent trap feature-name arp all

Parameters
None

Views
All views

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
1: Monitoring level

Usage Guidelines
The Simple Network Management Protocol (SNMP) is a standard network
management protocol widely used on TCP/IP networks. It uses a central computer
(a network management station) that runs network management software to
manage network elements. The management agent on the network element
automatically reports traps to the network management station. After that, the
network administrator immediately takes measures to resolve the problem.
After running the snmp-agent trap enable feature-name arp command to
enable or disable a trap function of the ARP module, run the display snmp-agent
trap feature-name arp all command to check the status of all trap functions of
the ARP module.

Example
# Display all trap messages of the ARP module.
<HUAWEI>display snmp-agent trap feature-name arp all
------------------------------------------------------------------------------
Feature name: ARP
Trap number : 6
------------------------------------------------------------------------------
Trap name Default switch status Current switch status
hwEthernetARPSpeedLimitAlarm on on
hwEthernetARPThresholdExceedAlarm
on on
hwEthernetARPThresholdResumeAlarm
on on
hwEthernetARPIPConflictEvent on on
hwEthernetARPLearnStopAlarm on on
hwEthernetARPLearnResumeAlarm on on

Table 7-42 Description of the display snmp-agent trap feature-name arp all
command output
Item Description

Feature name Name of the module to which a trap message

belongs.

Trap number Number of trap messages.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Item Description

Trap name Name of a trap message of the ARP module:

● hwEthernetARPSpeedLimitAlarm: alarm of ARP
speed limit.
● hwEthernetARPThresholdExceedAlarm: alarm of
the number of ARP entries exceeding the upper
threshold.
● hwEthernetARPThresholdResumeAlarm: alarm of
the number of ARP entries falling below the
upper threshold.
● hwEthernetARPIPConflictEvent: alarm of the IP
address conflict.
● hwEthernetARPLearnStopAlarm: alarm of
stopping learning ARP entries because the board
memory usage reaches the threshold.
● hwEthernetARPLearnResumeAlarm: clear alarm of
stopping learning ARPpackets because the board
memory usage falls below the threshold.

Default switch status Status of the default trap switch:

● on: indicates that the trap function is enabled.
● off: indicates that the trap function is disabled.

Current switch status Status of the current trap switch:

● on: indicates that the trap function is enabled.
● off: indicates that the trap function is disabled.

7.6.25 l2-topology detect enable

Function
The l2-topology detect enable command enables Layer 2 topology detection.

The undo l2-topology detect enable command disables Layer 2 topology

detection.

By default, Layer 2 topology detection is disabled.

Format
l2-topology detect enable

undo l2-topology detect enable

Parameters
None

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
System view

Default Level
2: Configuration level

Usage Guidelines
After the l2-topology detect enable command is run, all ARP entries in the VLAN
are updated if the Layer 2 interface changes from Down to Up.

Example
# Enable Layer 2 topology detection.
<HUAWEI> system-view
[HUAWEI] l2-topology detect enable

7.6.26 reset arp

Function
The reset arp command deletes ARP entries in the ARP mapping table.

Format
reset arp { dynamic [ ip ip-address ] | interface interface-type interface-number
[ ip ip-address ] | static }

Parameters
Parameter Description Value
dynamic Deletes dynamic ARP entries. -
interface ● interface-type specifies the type of the -
interface-type interface.
interface-number ● interface-number specifies the number
of the interface.
ip ip-address Deletes dynamic ARP entries of a specified The value is in
interface and with a specified IP address. dotted decimal
notation.
If an interface learns excessive ARP entries,
you can specify this parameter to delete a
specified ARP entry.

static Deletes static ARP entries. -

Views
User view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
If an unauthorized user sends a large number of ARP packets to a device, the
device learns a large number of ARP entries in a short period of time, causing the
buffer to overflow. As a result, users may fail to access the network. To solve the
problem, you can run the reset arp command to delete invalid ARP entries and
create new ARP entries to ensure that users can access the network.
Prerequisites
Before using the reset arp command, ensure that the corresponding ARP entries
exist.
Configuration Impact
After an ARP entry is cleared, the mapping between the IP address and the MAC
address is cleared. As a result, users may fail to assess the network and services
may be interrupted.
Precautions
ARP entries are cleared at an interval of at least 20s.

Example
# Delete dynamic ARP entries in the ARP mapping table.
<HUAWEI> reset arp dynamic

# Delete dynamic ARP entries of VLANIF 10.

<HUAWEI> reset arp interface vlanif 10

7.6.27 reset arp packet statistics

Function
The reset arp packet statistics command clears the statistics on ARP packets.

Format
reset arp packet statistics

Parameters
None

Views
User view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
3: Management level

Usage Guidelines
You can run the display arp packet statistics command to display the statistics
on ARP packets. To obtain correct statistics, run the reset arp packet statistics
command to clear existing statistics first.

Example
# Clear the statistics on all ARP packets.
<HUAWEI> reset arp packet statistics

7.6.28 snmp-agent trap enable feature-name arp

Function
The snmp-agent trap enable feature-name arp command enables the trap
function for the ARP module.

The undo snmp-agent trap enable feature-name arp command disables the
trap function for the ARP module.

By default, the trap function is enabled for the ARP module.

Format
snmp-agent trap enable feature-name arp [ trap-name
{ hwethernetarpspeedlimitalarm | hwethernetarpthresholdexceedalarm |
hwethernetarpthresholdresumealarm | hwethernetarpipconflictevent } ]

undo snmp-agent trap enable feature-name arp [ trap-name

{ hwethernetarpspeedlimitalarm | hwethernetarpthresholdexceedalarm |
hwethernetarpthresholdresumealarm | hwethernetarpipconflictevent } ]

Parameters
Parameter Description Value

trap-name Enables the traps of ARP events -

of specified types.

hwethernetarpspeedlimitalarm Enables the alarm of ARP speed -

limit.

hwethernetarpthresholdexceedalarm Enables the alarm of the -

number of ARP entries
exceeding the upper threshold.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameter Description Value

hwethernetarpthresholdresumealarm Enables the alarm of the -

number of ARP entries falling
below the upper threshold.

hwethernetarpipconflictevent Enables the alarm of IP address -

conflict.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
If you do not specify trap-name, all traps of the ARP module will be enabled.

Example
# Enables the trap function of ARP speed limit.
<HUAWEI> system-view
[HUAWEI] snmp-agent trap enable feature-name arp trap-name hwethernetarpspeedlimitalarm

7.7 DHCP Configuration Commands

7.7.1 alarm ip-used percentage

Function
The alarm ip-used percentage command configures the percentage of the alarms
indicating that the addresses in an address pool are used up, and the percentage
of the clear alarms.

The undo alarm ip-used percentage command restores the default percentages
of the alarms and clear alarms.

By default, the percentage of the alarms indicating that the addresses in an IP

address pool are used up is 100%, and the percentage of the clear alarms is 50%.

Format
alarm ip-used percentage alarm-resume-percentage alarm-percentage

undo alarm ip-used percentage

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

alarm-resume- Specifies the percentage The value is an integer

percentage of the clear alarms. that ranges from 1 to
100. The default value is
50.
NOTE
The percentage of the
clear alarms cannot exceed
that of the alarms.

alarm-percentage Specifies the percentage The value is an integer

of the alarms indicating that ranges from 1 to
that the addresses in an 100. The default value is
address pool are used 100.
up.

Views
IP address pool view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
When the addresses in an IP address pool are used up, alarms are sent to notify
the administrator.
Precautions
The percentage of the clear alarms cannot exceed that of the alarms.

Example
# Configure the percentage of the alarms indicating that the addresses in an
address pool are used up, and the percentage of the clear alarms in the IP address
pool view.
<HUAWEI> system-view
[HUAWEI] ip pool p1
[HUAWEI-ip-pool-p1] alarm ip-used percentage 80 90

7.7.2 bootfile
Function
The bootfile command configures the name of the startup configuration file for a
DHCP client.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The undo bootfile command deletes the configured name of the startup
configuration file for a DHCP client.

By default, the startup configuration file name is not configured for a DHCP client.

Format
bootfile bootfile

undo bootfile

Parameters
Parameter Description Value

bootfile Specifies the name of The value is a string of 1

the startup configuration to 127 case-sensitive
file for a DHCP client. characters without
spaces.

Views
IP address pool view, DHCP Option template view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

This command is used on a DHCP server. Besides assigning IP addresses, a DHCP

server can also provide the required network configuration parameters, such as
the startup configuration file name for the DHCP clients. After the startup
configuration file name is configured using the bootfile command, the Offer and
ACK packets sent from the DHCP server carry this file name. The DHCP client can
acquire the startup configuration file from the specified server based on the file
name.

Precautions

Usually, the startup configuration file is saved on a specified file server. Therefore,
the route between the DHCP client and the file server must be reachable and the
ip address or name of the file server must be specified.

Example
# In the IP address pool view, configure the name of the startup configuration file
as start.ini for the DHCP client.
<HUAWEI> system-view
[HUAWEI] ip pool p1
[HUAWEI-ip-pool-p1] bootfile start.ini

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

# In the DHCP Option template view, configure the name of the startup
configuration file as start.ini for the DHCP client.
<HUAWEI> system-view
[HUAWEI] dhcp option template template1
[HUAWEI-dhcp-option-template-template1] bootfile start.ini

7.7.3 conflict auto-recycle interval

Function
The conflict auto-recycle interval command enables automatic reclaim of
conflicting IP addresses in the global address pool and configures the interval for
the automatic reclaim.
The undo conflict auto-recycle interval command disables automatic reclaim of
conflicting IP addresses in the global address pool and deletes the configured
interval for the automatic reclaim.
By default, automatic reclaim of conflicting IP addresses in the global address pool
is disabled.

Format
conflict auto-recycle interval day day [ hour hour [ minute minute ] ]
undo conflict auto-recycle interval

Parameters
Parameter Description Value

day day Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to
days. 999, in days. The default
value is 0.

hour hour Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to 23,
hours. in hours. The default
value is 0.

minute minute Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to 59,
minutes. in minutes. The default
value is 0.

Views
IP address pool view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario
This command is used on a DHCP server. When a DHCP server allocates IP
addresses to clients, IP address conflict may occur because IP addresses of some
hosts have been manually configured. In this case, the DHCP server considers
these IP addresses as conflicting IP addresses, and allocates available IP addresses
from the conflicting IP addresses to clients only after available IP addresses in the
address pool are used up. To reclaim conflicting IP addresses promptly, the
administrator can run the conflict auto-recycle interval command to enable
automatic reclaim and specify the reclaim interval.
Prerequisites
The global address pool has been created using the ip pool command.

Example
# Enable automatic reclaim for conflicting IP addresses in the global address pool
global1, and set the interval for automatic reclaim to one day.
<HUAWEI> system-view
[HUAWEI] ip pool global1
[HUAWEI-ip-pool-global1] conflict auto-recycle interval day 1

7.7.4 dhcp anti-attack check duplicate option

Function
The dhcp anti-attack check duplicate option command enables the device to
check and discard DHCP messages with duplicate options.
The undo dhcp anti-attack check duplicate option command disables the device
from checking and discarding DHCP messages with duplicate options.
By default, the device is disabled from checking and discarding DHCP messages
with duplicate options.

Format
dhcp anti-attack check duplicate option [ option-start [ to option-end ] ]
&<1-254>
undo dhcp anti-attack check duplicate option [ option-start [ to option-end ] ]
&<1-254>

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

option-start [ to Specifies the option value. The value is an integer

option-end ] in the range 1 to 254.
● option-start: Specifies the start For an option, the end
value of an option in a DHCP value must be larger
packet. than the start value.
● option-end: Specifies the end
value of an option in a DHCP
packet.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The dhcp anti-attack check duplicate option command applies to DHCP servers,
DHCP relay agents, DHCP clients, and DHCP snooping-enabled devices. To discard
DHCP messages with duplicate options 1 to 254, run the dhcp anti-attack check
duplicate option command.

Prerequisites

DHCP has been enabled using the dhcp enable command.

Example
# Configure the device to discard DHCP messages with duplicate options.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp anti-attack check duplicate option

7.7.5 dhcp client class-id (interface view)

Function
The dhcp client class-id command sets the Option60 field in the DHCP request
packet sent by the DHCP client.

The undo dhcp client class-id command deletes the configured Option60 field in
the DHCP request packet sent by the DHCP client.

By default, no Option60 field is configured.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
dhcp client class-id class-id

undo dhcp client class-id

Parameters
Parameter Description Value

class-id Indicates the value of the The value is a string of 1 to 64 case-

Option60 field. sensitive characters.

Views
VLANIF interface view

Default Level
2: Configuration level

After you run the dhcp client class-id class-id command in the VLANIF interface
view, the device that functions as the DHCP client fills the set Option60 in the
DHCP request packet on the VLANIF interface.

Example
# Set the class-id of a DHCP client to test on VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client class-id test

7.7.6 dhcp client class-id (system view)

Function
The dhcp client class-id command is used to set the Option60 field in the DHCP
request packet sent by the DHCP client.

The undo dhcp client class-id command is used to restore the default value of
the Option60 field.

By default, the default value of the Option60 field depends on the device type,
which is "huawei Device Model".

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
dhcp client class-id class-id
undo dhcp client class-id

Parameters
Parameter Description Value

class-id Indicates the value of the The value is a string of 1 to 64 case-

Option60 field. sensitive characters.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
The DHCP server identifies the devices according to the Option60 field in the
DHCP request packet. You can run the dhcp client class-id class-id command to
customize the Option60 field in the DHCP request packet sent from the DHCP
client.
Configuration information of the Option60 field is saved in the storage device:/
dhcp-client.options file. By default, the storage device needs to provide more than
80-byte storage space. You can run the more dhcp-client.options command in
the user view to check configuration information of the Option60 field.
After you run the dhcp client class-id class-id command in the system view, the
device that functions as the DHCP client fills the set Option60 in the DHCP request
packet sent from all of the interfaces.

Example
# Set the class-ID of a DHCP client to test.
<HUAWEI> system-view
[HUAWEI] dhcp client class-id test

7.7.7 dhcp client client-id

Function
The dhcp client client-id command configures an identifier for a DHCP client.
The undo dhcp client client-id command restores the default identifier of a
DHCP client.
By default, the identifier of a DHCP client is the client's MAC address.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
dhcp client client-id client-id
undo dhcp client client-id

Parameters
Parameter Description Value

client-id Specifies the identifier of The value is a string of 2

a DHCP client. to 64 case-sensitive
characters without
spaces.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
The dhcp client client-id command configures an identifier for a DHCP client. The
identifier is encapsulated into a DHCP Request message. When a DHCP client
requests an IP address from a DHCP server, the DHCP server obtains the identifier
of the DHCP client and assigns an IP address to the DHCP client with the specified
identifier.

Example
# Set the identifier of the DHCP client to test_client on VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client client-id test_client

7.7.8 dhcp client expected-lease

Function
The dhcp client expected-lease command enables expected lease on a DHCP
client.
The undo dhcp client expected-lease command disables expected lease on a
DHCP client.
By default, expected lease is disabled on the DHCP client.

Format
dhcp client expected-lease time

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

undo dhcp client expected-lease

Parameters
Parameter Description Value

time Specifies an expected The value is an integer

lease for a DHCP client. that ranges from 60 to
864000, in seconds.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
The dhcp client expected-lease command applies to DHCP clients. An expected
lease can be contained in Option 51 of a DHCP Request message sent to the
server. The server compares the expected lease with the lease in the address pool
and assigns a shorter lease to the client.

Example
# Set the expected lease to 7200s on VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client expected-lease 7200

7.7.9 dhcp client gateway-detect

Function
The dhcp client gateway-detect command enables gateway detection on a
DHCP client.

The undo dhcp client gateway-detect command disables gateway detection on a

DHCP client.

By default, gateway detection is disabled on a DHCP client.

Format
dhcp client gateway-detect period period retransmit retransmit timeout time

undo dhcp client gateway-detect

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

period period Specifies an interval for The value is an integer

gateway detection on a that ranges from 1 to
DHCP client. 86400, in seconds.

retransmit retransmit Specifies the The value is an integer

retransmission count of that ranges from 1 to 10.
gateway detection on a
DHCP client.

timeout time Specifies the timeout It is an integer that

period of gateway ranges from 300 to 2000,
detection on a DHCP in milliseconds.
client.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The dhcp client gateway-detect command applies to DHCP clients. After a DHCP
client obtains an IP address, the dhcp client gateway-detect command enables
the DHCP client to detect the status of the gateway being used. If the gateway
has an incorrect address or the gateway device fails, the DHCP client requests a
new IP address from the DHCP server.

Example
# Enable gateway detection on VLANIF100 of the DHCP client. Set the detection
interval to 3600s, retransmission count to 3, and timeout period to 500 ms.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client gateway-detect period 3600 retransmit 3 timeout 500

7.7.10 dhcp client default-route preference

Function
The dhcp client default-route preference command configures the default route
preference that a DHCP server delivers to a DHCP client.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The undo dhcp client default-route preference command restores the default
value of the default route preference that a DHCP server delivers to a DHCP client.

By default, the default route preference that a DHCP server delivers to a DHCP
client is 60.

Format
dhcp client default-route preference preference-value

undo dhcp client default-route preference

Parameters
Parameter Description Value

preference-value Specifies the default The value is an integer

route preference. that ranges from 1 to
255. A smaller value
indicates a higher
preference.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
A DHCP client can obtain the default route through the DHCP server to
dynamically update the routing table. The next-hop address of the default route is
the DHCP client's gateway address carried in Option3.

The default route that a DHCP server delivers is the user network router (UNR)
route with the default preference 60. You can run the dhcp client default-route
preference command to change the default route preference.

Example
# In the view of VLANIF100, set the default route preference that a DHCP server
delivers to a DHCP client to 30.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client default-route preference 30

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.7.11 dhcp client hostname

Function
The dhcp client hostname command configures a host name for a DHCP client.

The undo dhcp client hostname command deletes the configured host name of a
DHCP client.

By default, no host name is configured for a DHCP client.

Format
dhcp client hostname hostname

undo dhcp client hostname

Parameters
Parameter Description Value

hostname Specifies the name of a The value is a string of 1

DHCP client. to 64 case-sensitive
characters.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
A DHCP server must obtain the host name of a client before assigning an IP
address to the client. To configure a host name for a DHCP client, run the dhcp
client hostname command. The host name is used to match the local domain
name of the DHCP client.

Example
# Set the host name of a DHCP client to gateway1 on VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client hostname gateway1

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.7.12 dhcp client renew

Function
The dhcp client renew command renews the lease of the IP address obtained by
a DHCP client.

Format
dhcp client renew

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
This command applies to the following scenarios:
● Manually renewing the lease
If a DHCP server assigns the original IP address to the client, only the lease is
renewed. If another DHCP server assigns an IP address to the client, the client
obtains a new IP address and related network parameters.
● Updating the IP address
When the DHCP client is migrated from a network segment to another
network segment and the original IP address lease does not expire, the client
needs to update the IP address.
After the dhcp client renew command is run, the DHCP client sends a lease
renewal request to the DHCP server.
● If the DHCP client receives a positive reply from the server, the client updates
the parameters such as the lease duration.
● If the DHCP client receives a negative reply from the server, the client releases
the applied parameters and re-applies to the DHCP server for an IP address
and other network parameters.
● If no reply is received, the client does not perform any operation.
The dhcp client renew command can be normally run only after the DHCP client
function is enabled on the interface and an IP address is obtained.

Example
# Renew the IP address lease on VLANIF100.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client renew

7.7.13 dhcp client request option-list exclude

Function
The dhcp client request option-list exclude command configures a list of default
request options that are not carried in the Option55 field of DHCP Request
messages.
The undo dhcp client request option-list exclude command deletes the list of
default request options that are not carried in the Option55 field of DHCP Request
messages.
By default, the device does not configure the option to be excluded from the
DHCP client request list.

Format
dhcp client request option-list exclude option-code &<1-8>
undo dhcp client request option-list exclude option-code &<1-8>

Parameters
Parameter Description Value

option-code Specifies a list of default The value is of

request options that are enumerated type and
excluded from the can be 3, 6, 15, 28, 33,
Option55 field. 44, 121, and 184.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines

The Option55 field in DHCP Request messages is used to set the request option
list. DHCP clients use this option to specify network configuration parameters that
need to be obtained from the DHCP server. You can run the dhcp client request
option-list exclude command to configure a list of default options that are
excluded from the Option55 field based on network requirements.
For option meanings, see DHCP Options in CLI-based Configuration - Network
Interconnection Configuration Guide - DHCP Configuration.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Configure the default request option 3 to be excluded from the Option55 field
in DHCP Request messages on VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client request option-list exclude 3

7.7.14 dhcp client request option-list

Function
The dhcp client request option-list command configures a list of request options
that the Option55 field in DHCP Request packets carries besides the default
options.
The undo dhcp client request option-list command deletes a list of request
options that the Option55 field in DHCP Request packets carries besides the
default options.
By default, the Option 55 field in DHCP Request packets carries only default
request options.

Format
dhcp client request option-list option-code &<1-9>
undo dhcp client request option-list option-code &<1-9>

Parameters
Parameter Description Value

option-code Specifies a list of request The value is of

options that the enumerated type and
Option55 field carries can be 4, 7, 17, 42, 43,
besides the default 66, 67, 120, and 129.
options.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
The Option55 field in DHCP Request packets is used to set the request option list.
DHCP clients use this option to specify network configuration parameters that
need to be obtained from the DHCP server. Besides the default options, you can

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

run the dhcp client request option-list option-code command to set a list of
other request options that the Option55 field carries.
For option meanings, see DHCP Options in CLI-based Configuration - Network
Interconnection Configuration Guide - DHCP Configuration.

Example
# Configure the Option55 field in DHCP Request packets to carry option 4 on
VLANIF100.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp client request option-list 4

7.7.15 dhcp enable

Function
The dhcp enable command enables the DHCP function.
The undo dhcp enable command disables the DHCP function.
By default, the DHCP function is disabled.

Format
dhcp enable
undo dhcp enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Network scale and complexity increase makes network configurations complex.
For example, computers frequently change their locations, and IP addresses are
insufficient for these computers. The DHCP protocol is developed to address these
problems. The dhcp enable command enables the DHCP function on the device.
Precautions
The dhcp enable command is the prerequisite for configuring DHCP-related
functions, including DHCP relay, DHCP snooping, and DHCP server. These

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

functions take effect only after the dhcp enable command is run. After the undo
dhcp enable command is run, all DHCP-related configurations of the device are
deleted. After DHCP is enabled again using the dhcp enable command, all DHCP-
related configurations of the device are restored to the default configurations.

Example
# Enable the DHCP function on the device.
<HUAWEI> system-view
[HUAWEI] dhcp enable

7.7.16 dhcp option template

Function
The dhcp option template command creates a DHCP Option template and enters
the DHCP Option template view.

The undo dhcp option template command deletes a configured DHCP Option
template.

By default, no DHCP Option template is created on the device.

Format
dhcp option template template-name

undo dhcp option template template-name

Parameters
Parameter Description Value

template-name Specifies the name of The value is a string of 1

the DHCP Option to 31 case-sensitive
template. characters without
spaces. The value can
contain digits, letters,
underscores (_), hyphens
(-), and dots (.), but
cannot be set to - or --.

Views
System view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario

This command is used on a DHCP server. During network deployment, a DHCP

server dynamically allocates IP addresses with leases to clients or allocates fixed IP
addresses to some clients. For example, laptops or terminals are often moved to
different places in enterprises, and they can obtain IP addresses using the dynamic
allocation mode. However, IP addresses obtained dynamically are randomly
allocated, and cannot be set to specified IP addresses. To allocate fixed IP
addresses to some fixed terminals (such as IP phones), run the static-bind
command in the global address view to bind IP addresses to MAC addresses of the
clients so that the clients are allocated fixed IP addresses.

In some cases, you need to allocate other network configuration parameters

except IP addresses to fixed static terminals. For example, besides obtaining an IP
address, an IP phone needs information such as the startup configuration file to
register normally. In this case, you can configure a DHCP Option template and
configure network configuration parameters except the IP address required by the
client in the DHCP Option template. Then bind the DHCP Option template to the
fixed terminal in the global address pool. The DHCP server then allocates the IP
address and other parameters to the terminal.

Precautions

Network parameters configured in the DHCP Option template view take effect
only for static clients. A DHCP Option template can be bound to multiple clients.
Run the static-bind ip-address ip-address mac-address mac-address [ option-
template template-name ] command to configure a DHCP Option template that
is bound to static clients.

Example
# Create a DHCP Option template named test.
<HUAWEI> system-view
[HUAWEI] dhcp option template test

7.7.17 dhcp relay gateway-switch enable

Function
Using the dhcp relay gateway-switch enable command, you can enable DHCP
relay gateway switching.

Using the undo dhcp relay gateway-switch enable command, you can disable
DHCP relay gateway switching.

By default, DHCP relay gateway switching is disabled.

Format
dhcp relay gateway-switch enable

undo dhcp relay gateway-switch enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The dhcp relay gateway-switch enable command is used on DHCP relay agents.
This command allows a DHCP relay agent to use a secondary IP address as the
gateway address to apply for IP addresses for users when it fails to use the
primary IP address to apply for IP addresses.

Prerequisites

● Global DHCP has been enabled by using the dhcp enable command in the
system view.
● DHCP relay has been enabled on an interface by using the dhcp select relay
command.

Precautions

● The gateway address switches from the primary IP address to a secondary IP

address only when a user fails to obtain an IP address by using the primary IP
address for at least three times and the interval between the last failure and
first failure exceeds 24 seconds.
● Before running this command on an interface, ensure that the interface has a
primary IP address and at least one secondary IP address.
● If a primary IP address and multiple secondary IP addresses are configured on
an interface, the system tries the secondary IP addresses one by one until
users successfully obtain IP addresses.

Example
# Enable DHCP relay gateway switching on VLANIF10.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 10
[HUAWEI-Vlanif10] ip address 192.168.30.1 255.255.255.0
[HUAWEI-Vlanif10] ip address 192.168.31.1 255.255.255.0 sub
[HUAWEI-Vlanif10] dhcp select relay
[HUAWEI-Vlanif10] dhcp relay server-ip 192.168.20.1
[HUAWEI-Vlanif10] dhcp relay gateway-switch enable

7.7.18 dhcp relay information enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Function
The dhcp relay information enable command enables the Option 82 function for
the DHCP relay agent.
The undo dhcp relay information enable command disables the Option 82
function for the DHCP relay agent.
By default, the Option 82 function is disabled for the DHCP relay agent.

Format
dhcp relay information enable
undo dhcp relay information enable

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
This command applies to the DHCP relay agent. When DHCP Request messages
carry Option 82 information, the DHCP server can locate user positions accurately
and assign IP addresses to users using different policies. After the Option 82
function is enabled on the DHCP relay agent, the device checks the Option 82 field
contained in the packets and processes the packets using corresponding policies.
Prerequisites
DHCP has been enabled by running the dhcp enable command in the system
view.
DHCP relay has been enabled by running the dhcp select relay command in the
interface view.
Follow-up Tasks
Run the dhcp relay information strategy { drop | keep | replace } command in
the interface view to configure strategies for the DHCP relay agent to process
Option 82 information.

Example
# Enable the Option 82 function for the DHCP relay agent on the VLANIF100
interface.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] vlan 100
[HUAWEI-vlan100] quit
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp select relay
[HUAWEI-Vlanif100] dhcp relay information enable

7.7.19 dhcp relay information strategy

Function
The dhcp relay information strategy command configures the strategies used by
a DHCP relay agent to process Option 82 information.
The undo dhcp relay information strategy command restores the default setting.
By default, the strategy used by a DHCP relay agent to process Option 82
information is replace.

Format
dhcp relay information strategy { drop | keep | replace }
undo dhcp relay information strategy

Parameters
Parameters Description Value

drop Configures the DHCP -

relay agent to drop
Option 82 information.

keep Configures the DHCP -

relay agent to keep
Option 82 information.

replace Configures the DHCP -

relay agent to replace
Option 82 information.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

This command applies to the DHCP relay agent. When DHCP Request messages
carry Option 82 information, the DHCP server can locate user positions accurately
and assign IP addresses to users using different policies. When a DHCP relay agent
receives DHCP Request messages, it uses one of the following strategies to process
Option 82 information:
● Drop:
– If the received DHCP message does not carry an Option 82 field, the
DHCP relay agent forwards the message directly without processing it.
– If the received DHCP message carries an Option 82 field, the DHCP relay
agent drops the Option 82 field and forwards the message.
● Keep:
– If the received DHCP message does not carry an Option 82 field, the
DHCP relay agent forwards the message directly without processing it.
– If the received DHCP message carries an Option 82 field, the DHCP relay
agent keeps the Option 82 field and forwards the message.
● Replace:
– If the received DHCP message does not carry an Option 82 field, the
DHCP relay agent inserts an Option 82 field configured by the
administrator into the received message and forwards the message.
– If the received DHCP message carries an Option 82 field, the DHCP relay
agent replaces it with the Option 82 field configured by the administrator
and forwards the message.
Prerequisites
DHCP has been enabled by running the dhcp enable command in the system
view.
DHCP relay has been enabled by running the dhcp select relay command in the
interface view.
The Option 82 function has been enabled for the DHCP relay agent by using the
dhcp relay information enable command.

Example
# Configure the DHCP relay agent to drop Option 82 information on VLANIF 100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] vlan 100
[HUAWEI-vlan100] quit
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp select relay
[HUAWEI-Vlanif100] dhcp relay information enable
[HUAWEI-Vlanif100] dhcp relay information strategy drop

7.7.20 dhcp relay release

Function
The dhcp relay release command configures a DHCP relay agent to send a
release message to a DHCP server for releasing the IP address assigned to a DHCP
client.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
dhcp relay release client-ip-address mac-address [ server-ip-address ]

Parameters
Parameter Description Value

client-ip-address Specifies the IP address The value is in dotted

of a DHCP client. decimal notation.

mac-address Specifies the MAC The value is in H-H-H

address of a DHCP client. format. H is a
hexadecimal number of
4 digits.

server-ip-address Specifies the IP address The value is in dotted

of a DHCP server. If this decimal notation.
parameter is specified, a
DHCP relay agent sends
a release message to the
specified DHCP server for
releasing the IP address
assigned to a DHCP
client.

Views
VLANIF interface view, system view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

This command applies to DHCP relay agents. In some situations, for example, a
user is forced to go offline, the user's IP address is no longer used. However, the
user cannot access the network, and will not send a DHCP release message to the
DHCP server to release the IP address assigned by the DHCP server. Before the IP
address lease expires, the DHCP server will not assign the user's IP address to
another client, wasting IP addresses. In this case, you can run the dhcp relay
release command to configure a DHCP relay agent to send a DHCP release
message to the DHCP server. After receiving the message, the DHCP server sets
the status of the IP address to idle. The DHCP server then can assign the released
IP address to another client.

If a DHCP server IP address is specified, the DHCP relay agent sends an address
release request only to the specified DHCP server. If no DHCP server address is
specified, the following situations occur:

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● When the dhcp relay release command is run in the system view, the DHCP
relay agent sends an address release request to DHCP servers on all the
interfaces working in DHCP relay mode.
● When the dhcp relay release command is run in the interface view, the DHCP
relay agent sends an address release request to all DHCP servers on the
VLANIF interface.
Precautions
The dhcp relay release command only releases the IP addresses dynamically
assigned by DHCP servers.
When multiple DHCP relay agents are connected between the DHCP client and
server, this command must be executed on the first DHCP relay agent.

Example
# Configure a DHCP relay agent to send a release message to the DHCP server at
10.1.1.1 for releasing the IP address 192.168.1.1 assigned to the DHCP client
whose MAC address is 00e0-fc34-2000.
<HUAWEI> system-view
[HUAWEI] dhcp relay release 192.168.1.1 00e0-fc12-3456 10.1.1.1

7.7.21 dhcp relay request server-match enable

Function
The dhcp relay request server-match enable command configures a DHCP relay
agent to check the DHCP server identifier (Option54) in a DHCP Request message
to be forwarded.
The undo dhcp relay request server-match enable command configures a DHCP
relay agent not to check the DHCP server identifier (Option54) in a DHCP Request
message to be forwarded.
By default, a DHCP relay agent checks the DHCP server identifier (Option54) in a
DHCP Request message to be forwarded.

Format
dhcp relay request server-match enable
undo dhcp relay request server-match enable

Parameters
None

Views
System view

Default Level
2: Configuration level

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Usage Guidelines
Usage Scenario
During the four-message exchange process, the DHCP Offer message sent by a
DHCP server carries the DHCP server identifier (Option54) to identify the server.
After receiving the DHCP Offer message, the DHCP client records the DHCP server
identifier and carries it in the DHCP Request message to be replied to indicate
which DHCP server is selected. When the DHCP relay agent forwards the DHCP
Request message, it checks the DHCP server identifier in the message and
forwards the message only to the corresponding DHCP server.
If multiple DHCP servers are deployed on the network and the design of a server
does not comply with standards, the DHCP server identifier carried in the DHCP
Offer message to be sent by the server is not its identifier. As a result, the DHCP
server identifier carried in the DHCP Request message is incorrect, the DHCP relay
agent forwards the message to an incorrect DHCP server rather than the matching
DHCP server, and the client fails to obtain an IP address.
To resolve this issue, you can run the undo dhcp relay request server-match
enable command, so that the DHCP relay agent does not check the DHCP server
identifier (Option54) in the DHCP Request message to be forwarded and forwards
the message to all relayed DHCP servers, ensuring that the matching DHCP server
can receive the DHCP Request message.
Prerequisites
DHCP has been enabled globally using the dhcp enable command.

Example
# Configure a DHCP relay agent not to check the DHCP server identifier
(Option54) in a DHCP Request message to be forwarded.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] undo dhcp relay request server-match enable

7.7.22 dhcp relay reply forward all enable

Function
The dhcp relay reply forward all enable command configures a DHCP relay
agent to forward all DHCP ACK messages.
The undo dhcp relay reply forward all enable command restores the default
setting.
By default, a DHCP relay agent forwards only the first received DHCP ACK
message.

Format
dhcp relay reply forward all enable
undo dhcp relay reply forward all enable

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
As defined in RFC2131, the DHCP server that provides only IP addresses for DHCP
clients replies with DHCP ACK messages. After receiving a DHCP ACK message, a
DHCP relay agent searches for the entry based on the DHCP client's MAC address
contained in the message, forwards the message to the corresponding client, and
then immediately deletes the entry matching the client.
If multiple DHCP servers are deployed on the network, the design of a server does
not comply with standards, and a DHCP client requests for an IP address, the
server does not provide an IP address for the DHCP client but replies with a DHCP
ACK message. If the DHCP relay agent first receives the DHCP ACK message
replied by the server, it incorrectly forwards the message to the client and deletes
the corresponding entry. After the DHCP relay agent receives the correct DHCP
ACK message, it cannot forward the message because the entry matching the
client has been deleted. As a result, the client cannot obtain an IP address.
To resolve this issue, you can run the dhcp relay reply forward all enable
command, so that the DHCP relay agent does not immediately delete the entry
matching a client after forwarding a DHCP ACK message to the client. Instead, the
DHCP relay agent deletes the entry that has been aged out to ensure that the
subsequently received DHCP ACK messages can be forwarded to the client.
Prerequisites
DHCP has been enabled globally using the dhcp enable command.

Example
# Configure a DHCP relay agent to forward all DHCP ACK messages.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp relay reply forward all enable

7.7.23 dhcp relay server-ip

Function
The dhcp relay server-ip command configures a DHCP server address on an
interface enabled with DHCP relay.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The undo dhcp relay server-ip command deletes the configured DHCP server
addresses on an interface enabled with DHCP relay.

By default, no DHCP server address on an interface enabled with DHCP relay is

configured.

Format
dhcp relay server-ip ip-address

undo dhcp relay server-ip { ip-address | all }

Parameters
Parameter Description Value

ip-address Specifies the IP address The value is in dotted

of a DHCP server. decimal notation.

all Deletes all the DHCP -

server addresses
configured on an
interface.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

This command applies to DHCP relay agents. When a DHCP client needs to send a
DHCP Discover message to a DHCP server on a different network segment
through a DHCP relay agent, you must configure the DHCP server address on the
DHCP relay agent.

When a DHCP relay agent forwards a DHCP Discover message, it does not check
whether the DHCP server status is Down. If multiple DHCP server addresses are
configured on an interface, multiple DHCP servers respond with DHCP Offer
messages to the DHCP client. However, the DHCP client uses the first received
DHCP Offer message. As a result, IP addresses in the IP address pool on the first
DHCP server are insufficient, but available IP addresses in the IP address pools on
the other DHCP servers are not allocated. To make each DHCP server allocate the
same number of IP addresses, a DHCP relay agent changes the forwarding order
each time it forwards a DHCP Discover message, so that load balancing is
implemented among DHCP servers. A DHCP relay agent forwards a DHCP
Discover message as follows:

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● The DHCP relay agent forwards the message to all DHCP servers by default,
and changes the forwarding order each time it forwards a DHCP Discover
message.
● You can configure the ip relay address cycle command to reduce the number
of packets received by a DHCP server and lessen the load of a DHCP server.
After this command is configured, the DHCP relay agent forwards a received
DHCP Discover message to one DHCP server at a time, and forwards the
DHCP Discover message to a different DHCP server each time it receives the
message.

Prerequisites

DHCP relay has been enabled on the interface using the dhcp select relay
command.

Precautions

If you run the dhcp relay server-ip command for multiple times, multiple DHCP
server addresses are configured.

Each interface that is enabled with DHCP relay can be configured with a
maximum of 8 DHCP server addresses.

Example
# Configure DHCP relay and two DHCP server addresses on VLANIF 100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] vlan 100
[HUAWEI-vlan100] quit
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp select relay
[HUAWEI-Vlanif100] dhcp relay server-ip 10.1.1.2
[HUAWEI-Vlanif100] dhcp relay server-ip 10.1.1.3

7.7.24 dhcp relay server-select

Function
The dhcp relay server-select command configures a DHCP server group for a
DHCP relay agent.

The undo dhcp relay server-select command deletes the configured DHCP server
group of a DHCP relay agent.

By default, no DHCP server group is configured.

Format
dhcp relay server-select group-name

undo dhcp relay server-select

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

group-name Specifies the name of a The value is a string of 1

DHCP server group. to 32 case-sensitive
characters without
spaces.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The dhcp relay server-select command applies to DHCP relay agents. When a
DHCP client needs to send DHCP requests to a DHCP server using a DHCP relay
agent, you can run the dhcp relay server-select command to specify a DHCP
server group for the DHCP relay agent and configure the DHCP server address.
Prerequisites
1. A DHCP server group has been created using the dhcp server group
command.
2. The DHCP relay function has been enabled using the dhcp select relay
command so that the system can forward DHCP packets to the specified
DHCP server.
Precautions
● Multiple interfaces can be configured with the same DHCP server group, and
one interface can be configured with only one DHCP server group.
● If you run the dhcp relay server-select command in the same interface view
for multiple times, only the latest configuration takes effect. If a specified
DHCP server group does not exist, the configuration fails; however, the latest
configured DHCP server group still takes effect.

Example
# Configure the DHCP server group of a DHCP relay agent as group1 on
VLANIF100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp server group group1
[HUAWEI-dhcp-server-group-group1] dhcp-server 10.10.10.10
[HUAWEI-dhcp-server-group-group1] quit
[HUAWEI] interface vlanif 100

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

[HUAWEI-Vlanif100] dhcp select relay

[HUAWEI-Vlanif100] dhcp relay server-select group1

7.7.25 dhcp relay trust option82

Function
The dhcp relay trust option82 command enables Option 82 on the DHCP relay
agent.

The undo dhcp relay trust option82 command disables Option 82 on the DHCP
relay agent.

By default, Option 82 is enabled on the DHCP relay agent.

Format
dhcp relay trust option82

undo dhcp relay trust option82

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

This command is used on the DHCP relay agent to enable the Option 82 function.
After receiving a DHCP packet that carries the Option 82 field but the giaddr field
of the packet is 0, the DHCP relay agent processes the packet by default. Using
the undo dhcp relay trust option82 command, the DHCP relay agent discards the
packet.

Prerequisites

DHCP has been enabled globally by using the dhcp enable command.

Example
# Enable Option 82 trusted of the DHCP relay agent.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp relay trust option82

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.7.26 dhcp set ttl

Function
The dhcp set ttl command sets the TTL value for DHCP Discover messages after
they are forwarded by the DHCP relay agent at Layer 3.

The undo dhcp set ttl command restores the default setting.

By default, the TTL value of DHCP Discovery messages decreases by 1 after they
are forwarded by the DHCP relay agent at Layer 3.

Format
dhcp set ttl { unvaried | ttl-value }

undo dhcp set ttl

Parameters
Parameter Description Value
unvaried Indicates that the TTL value of DHCP Discovery -
messages remains unchanged after the messages
are forwarded by the DHCP relay agent at Layer 3.
That is, the device does not reduce the TTL value
by 1.
ttl-value Specifies a fixed TTL value for DHCP Discovery The value is an
messages after they are forwarded by the DHCP integer that
relay agent at Layer 3. ranges from 1
to 255.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The dhcp set ttl command is used on DHCP relay agents. When a DHCP relay
agent forwards DHCP Discovery messages at Layer 3, it reduces the TTL value of
the messages by 1 by default. Assume that the TTL value of a DHCP Discovery
message received by the DHCP relay agent is 1. If the DHCP relay agent reduces
the TTL value by 1, the TTL value changes to 0. The next-hop routing device will
discard the message as its TTL value is 0. As a result, the DHCP server cannot
receive the DHCP Discovery message forwarded by the DHCP relay agent. To
ensure that the DHCP server can receive the DHCP Discovery message sent from

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

the client, run the dhcp set ttl command to set the TTL value of the DHCP
Discovery message to a non-zero value after the message is forwarded at Layer 3.

NOTE
If the DHCP relay agent connects to a special client whose TTL value of DHCP Discovery
messages is 1, and if there are routing devices between the DHCP relay agent and DHCP
server, run the dhcp set ttl ttl-value command to specify a fixed TTL value (16 is
recommended) for DHCP Discovery messages after they are forwarded by the DHCP relay
agent at Layer 3.

Prerequisites
The DHCP function has been enabled globally using the dhcp enable command.

Example
# Set the TTL value of DHCP Discovery messages to 16 after the messages are
forwarded by the DHCP relay agent at Layer 3.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp set ttl 16

7.7.27 dhcp select global

Function
The dhcp select global command enables an interface to use the global address
pool.
The undo dhcp select global command disables an interface from using the
global address pool.
By default, an interface is disabled from using the global address pool.

Format
dhcp select global
undo dhcp select global

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

The dhcp select global command applies to DHCP servers. After receiving a DHCP
Request message from a DHCP client, a DHCP server assigns an IP address from
the local address pool to the client. Run the dhcp select global command to
configure the device to assign IP addresses from the global address pool. When no
interface address pool is created for the DHCP server, the DHCP server assigns an
IP address from the global address pool to an online user.

The device can also assign IP addresses from an interface address pool using the
dhcp select interface command in the interface view.

Prerequisites
● DHCP has been enabled using the dhcp enable command in the system view.
● Before running the dhcp select global command, you need to run the ip
address command to configure the interface IP address.

Precautions

If the DHCP relay and DHCP server functions are simultaneously configured on an
interface, only the DHCP server function takes effect.

Example
# Enable VLANIF100 to use the global address pool.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.1.1.1 24
[HUAWEI-Vlanif100] dhcp select global

7.7.28 dhcp select interface

Function
The dhcp select interface command enables an interface to use the interface
address pool.

The undo dhcp select interface command disables an interface from using the
interface address pool.

By default, the DHCP server function using the interface address pool is disabled
on an interface.

Format
dhcp select interface

undo dhcp select interface

Parameters
None

Views
VLANIF interface view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

The dhcp select interface command applies to DHCP servers. After receiving a
DHCP Request message from a DHCP client, a DHCP server assigns an IP address
from the local address pool to the client. Run the dhcp select interface command
to configure a DHCP server to assign IP addresses from the interface address pool
to clients.

The device can also assign IP addresses from a global address pool using the dhcp
select global command.

Prerequisites

DHCP has been enabled globally using the dhcp enable command in the system
view.

An IP address has been configured for an interface using the ip address

command. The IP addresses assigned by the address pool and configured on the
interface are on the same network segment.

Precautions

If the DHCP relay and DHCP server functions are simultaneously configured on an
interface, only the DHCP server function takes effect.

Example
# Enable VLANIF100 to use the interface address pool.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.1.1.2 24
[HUAWEI-Vlanif100] dhcp select interface

7.7.29 dhcp server alarm ip-used percentage

Function
The dhcp server alarm ip-used percentage command configures the percentage
of the alarms indicating that the addresses in an interface address pool are used
up, and the percentage of the clear alarms.

The undo dhcp server alarm ip-used percentage command restores the default
percentages of the alarms and clear alarms.

By default, the percentage of the alarms indicating that the addresses in an

interface address pool are used up is 100%, and the percentage of the clear
alarms is 50%.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Format
dhcp server alarm ip-used percentage alarm-resume-percentage alarm-
percentage
undo dhcp server alarm ip-used percentage

Parameters
Parameter Description Value

alarm-resume- Specifies the percentage The value is an integer

percentage of the clear alarms. that ranges from 1 to
100. The default value is
50.
NOTE
The percentage of the
clear alarms cannot exceed
that of the alarms.

alarm-percentage Specifies the percentage The value is an integer

of the alarms indicating that ranges from 1 to
that the addresses in an 100. The default value is
address pool are used 100.
up.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
When the addresses in an interface address pool are used up, alarms are sent to
notify the administrator.
Prerequisites
1. The DHCP function has been enabled using the dhcp enable command in the
system view.
2. IP addresses in the interface address pool have been configured using the ip
address command.
3. The DHCP server function has been enabled on the interface using the dhcp
select interface command.
Precautions
The percentage of the clear alarms cannot exceed that of the alarms.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Configure the percentage of the alarms indicating that the addresses in an
interface address pool are used up, and the percentage of the clear alarms in the
interface address pool of the VLANIF100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.10.10.10 24
[HUAWEI-Vlanif100] dhcp select interface
[HUAWEI-Vlanif100] dhcp server alarm ip-used percentage 80 90

7.7.30 dhcp select relay

Function
The dhcp select relay command enables the DHCP relay function.
The undo dhcp select relay command disables the DHCP relay function.
By default, the DHCP relay function is disabled.

Format
dhcp select relay
undo dhcp select relay

Parameters
None

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
The dhcp select relay command applies to DHCP relay agents. If the DHCP server
and client are on the same network segment, they can directly communicate with
each other using DHCP. In this case, no DHCP relay agent is needed. If the DHCP
server and client are on different network segments, the DHCP relay function
must be enabled to forward DHCP messages.
Prerequisites
The DHCP function has been enabled using the dhcp enable command in the
system view.
Follow-up Tasks

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● To ensure that a DHCP relay agent can forward DHCP packets to a DHCP
server, run the dhcp relay server-select or dhcp relay server-ip command on
the DHCP relay-enabled interface to configure the correct IP address of the
DHCP server.
● To ensure that a DHCP server can forward DHCP packets to a DHCP relay
agent, you must configure a route to the DHCP relay agent on the DHCP
server.
● If multiple DHCP relay agents exist on the network, run the dhcp relay
detect enable command to enable user entry detection on the DHCP relay
agent to prevent the IP addresses assigned to clients from conflicting with
those of other clients.
Precautions
● If the DHCP relay and DHCP server functions are simultaneously configured
on an interface, only the DHCP server function takes effect.
● The DHCP server must select an IP address in the same network segment with
the DHCP relay agent from the global address pool to ensure that the DHCP
client obtains an IP address on the local network segment. No interface
address pool can be configured on the interface that connects the DHCP
server and relay agent.

Example
# Enable the DHCP relay function on VLANIF100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] dhcp select relay

7.7.31 dhcp server bootfile

Function
The dhcp server bootfile command configures the name of the startup
configuration file for a DHCP client.
The undo dhcp server bootfile command deletes the configured name of the
startup configuration file for a DHCP client.
By default, the startup configuration file name is not configured for a DHCP client.

Format
dhcp server bootfile bootfile
undo dhcp server bootfile

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

bootfile Specifies the name of The value is a string of 1

the startup configuration to 127 case-sensitive
file for a DHCP client. characters without
spaces.

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
Besides assigning IP addresses, a DHCP server can also provide the required
network configuration parameters, such as the startup configuration file name for
the DHCP clients. After the name of the startup configuration file is configured
using the dhcp server bootfile command, the Offer and ACK packets sent from
the DHCP server carry this file name. The DHCP client can acquire the startup
configuration file from the specified server based on the file name.
Prerequisites
1. The DHCP function has been enabled using the dhcp enable command in the
system view.
2. IP addresses in the interface address pool have been configured using the ip
address command.
3. The DHCP server function has been enabled on the interface using the dhcp
select interface command.

Example
# Configure the name of the startup configuration file as start.ini for the DHCP
client on the Vlanif100.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 192.168.1.1 255.255.255.0
[HUAWEI-Vlanif100] dhcp select interface
[HUAWEI-Vlanif100] dhcp server bootfile start.ini

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.7.32 dhcp server bootp

Function
Using the dhcp server bootp command, you can enable a DHCP server to respond
to a Bootstrap Protocol (BOOTP) request.
Using the undo dhcp server bootp command, you can disable a DHCP server
from responding to a BOOTP request.
By default, a DHCP server responds to a BOOTP request.

Format
dhcp server bootp
undo dhcp server bootp

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
A DHCP server and a BOOTP server may reside on the same network segment.
The BOOTP server assigns static IP addresses to BOOTP clients. As defined in the
DHCP protocol, a DHCP server can also respond to BOOTP requests to assign IP
addresses to BOOTP clients. BOOTP clients may obtain IP addresses from the
DHCP server but not the BOOTP server.
Prerequisites
DHCP has been enabled globally using the dhcp enable command in the system
view.
Follow-up Procedure
Using the dhcp server bootp automatic command in the system view, you can
enable the DHCP server to allocate IP addresses to BOOTP clients.

Example
# Enable a DHCP server to respond to a BOOTP request.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp server bootp

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

7.7.33 dhcp server bootp automatic

Function
The dhcp server bootp automatic command enables the DHCP server to
dynamically allocate IP addresses to BOOTP clients.
The undo dhcp server bootp automatic command disables the DHCP server from
dynamically allocating IP addresses to BOOTP clients.
By default, a DHCP server does not dynamically allocate IP addresses to BOOTP
clients.

Format
dhcp server bootp automatic
undo dhcp server bootp automatic

Parameters
None

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
This command applies to DHCP servers. When BOOTP clients need to obtain their
IP addresses, DNS server's IP address, and gateway IP address from a DHCP server,
you need to run the dhcp server bootp automatic command to enable the DHCP
server to dynamically allocate IP addresses to BOOTP clients.
Prerequisites
● DHCP has been enabled globally using the dhcp enable command in the
system view.
● The DHCP server has been enabled to respond to BOOTP requests by using
the dhcp server bootp command, or dhcp server bootp automatic cannot
take effect.
Precautions
When the device functions as the DHCP server, the device can allocate IP
addresses to BOOTP clients if the BOOTP clients reside on the same network as
the DHCP server. You can run the dhcp server bootp automatic command to
dynamically allocate IP addresses. You can also run the static-bind command or
the dhcp server static-bind command to allocate IP addresses to BOOTP clients
in the static binding mode.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Example
# Enable the DHCP server to allocate IP addresses to BOOTP clients.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] dhcp server bootp
[HUAWEI] dhcp server bootp automatic

7.7.34 dhcp server conflict auto-recycle interval

Function
The dhcp server conflict auto-recycle interval command enables automatic
reclaim of conflicting IP addresses in the interface address pool and configures the
interval for the automatic reclaim.

The undo dhcp server conflict auto-recycle interval command disables

automatic reclaim of conflicting IP addresses in the interface address pool and
deletes the configured interval for the automatic reclaim.

By default, automatic reclaim of conflicting IP addresses in the interface address

pool is disabled.

Format
dhcp server conflict auto-recycle interval day day [ hour hour [ minute
minute ] ]
undo dhcp server conflict auto-recycle interval

Parameters
Parameter Description Value

day day Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to
days. 999, in days. The default
value is 0.

hour hour Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to 23,
hours. in hours. The default
value is 0.

minute minute Specifies the interval for The value is an integer

the automatic reclaim, in that ranges from 0 to 59,
minutes. in minutes. The default
value is 0.

Views
VLANIF interface view

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario

This command is used on a DHCP server. When a DHCP server allocates IP

addresses to clients, IP address conflict may occur because IP addresses of some
hosts have been manually configured. In this case, the DHCP server considers
these IP addresses as conflicting IP addresses, and allocates available IP addresses
from the conflicting IP addresses to clients only after available IP addresses in the
address pool are used up. To reclaim conflicting IP addresses promptly, the
administrator can run this command to enable automatic reclaim and specify the
reclaim interval.

Prerequisites

1. The DHCP function has been enabled using the dhcp enable command in the
system view.
2. IP addresses in the interface address pool have been configured using the ip
address command.
3. The DHCP server function has been enabled on the interface using the dhcp
select interface command.

Example
# Enable automatic reclaim for conflicting IP addresses in the address pool on
VLANIF 100, and set the interval for automatic reclaim to one day.
<HUAWEI> system-view
[HUAWEI] dhcp enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 192.168.1.1 24
[HUAWEI-Vlanif100] dhcp select interface
[HUAWEI-Vlanif100] dhcp server conflict auto-recycle interval day 1

7.7.35 dhcp server database

Function
The dhcp server database command enables the function to save the current
DHCP data to storage devices.

The undo dhcp server database command disables the function to save the
DHCP data to storage devices.

By default, DHCP data is not saved to storage devices.

Format
dhcp server database { enable | recover | write-delay interval }

undo dhcp server database { enable | recover | write-delay }

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Parameters
Parameter Description Value

enable Enables the function to -

save DHCP data to
storage devices.

recover Recovers DHCP -

configurations using
DHCP data in storage
device.

write-delay interval Specifies the interval at The value is an integer

which DHCP data is ranging from 300 to
saved. 86400, in seconds. The
default value is 300
seconds.

Views
System view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
When the device functions as a DHCP server, run the dhcp server database
enable command to enable the device to save DHCP data to storage devices. This
avoids data loss caused by device faults. Then the system generates lease.txt and
conflict.txt files in the storage device. The two files save address lease
information and address conflict information respectively. Run the display dhcp
server database command to check the storage device for saving DHCP data.
After the dhcp server database enable command is run, current DHCP data is
automatically saved at the specified interval, and previous data files are
overwritten. The interval can be set using the dhcp server database write-delay
interval command.
If a fault occurs on the device, run the dhcp server database recover command
to recover DHCP data from storage devices during the system restarts.
Prerequisites
The dhcp server database enable command has been run to enable the device to
save DHCP data to storage devices, and ensure that the storage devices work
properly.
Precautions
● The lease.txt and conflict.txt files are overwritten periodically; therefore, you
are advised to back up and save the two files to other locations.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

● The time displayed in the lease.txt and conflict.txt files is the UTC time rather
than the system time, and you do not need to pay attention to time zone
information.

Example
# Enable the device to save the current DHCP data to storage devices and set the
interval at which DHCP data is saved to 2000s.
<HUAWEI> system-view
[HUAWEI] dhcp server database enable
[HUAWEI] dhcp server database write-delay 2000

# Recover DHCP configuration using the DHCP data saved on storage devices.
<HUAWEI> system-view
[HUAWEI] dhcp server database recover

7.7.36 dhcp server dns-list

Function
The dhcp server dns-list command configures DNS server addresses for an
interface address pool.

The undo dhcp server dns-list command deletes the specified DNS server
addresses of an interface address pool.

By default, no DNS server address is configured in an interface address pool.

Format
dhcp server dns-list { ip-address &<1-8> | unnumbered interface interface-type
interface-number }
undo dhcp server dns-list { all | ip-address | unnumbered interface }

Parameters
Parameter Description Value

ip-address Specifies the IP address of the DNS The value is in

server. You can configure up to eight IP dotted decimal
addresses for the DNS servers and notation.
separate two IP addresses with a space.

unnumbered Borrows the DNS server address -

interface interface- obtained by the interface as the DNS
type interface- server IP address.
number

all Deletes all IP addresses of DNS servers -

specified for the client.

Fat AP and Cloud AP 7 Network Interconnection Configurations
Command Reference Commands

Views
VLANIF interface view

Default Level
2: Configuration level

Usage Guidelines
Usage Scenario
This command applies to DHCP servers. If user hosts access hosts on the network
through the domain name, user hosts need to send DNS Request messages to the
DNS server and resolve the domain name. To enable DNS services on the DHCP
client, specify the DNS server address for the interface address pool on the DHCP
server. The DHCP server can assign both the specified DNS server address and an
IP address to the client. To configure DNS server addresses for a global address
pool, run the dns-list command.
Prerequisites
1. The DHCP function has been enabled using the dhcp enable command in the
system view.
2. IP addresses in the interface address pool have been configured using the ip
address command.
3. The DHCP server function has been enabled on the interface using the dhcp
select interface command.
Precautions
● Each address pool can be configured with a maximum of eight DNS server
addresses. If multiple DNS server addresses are configured, the first DNS
server address assigned to the DHCP client functions as the primary address
and other addresses are secondary addresses.
● To specify multiple DNS servers, enter multiple DNS server addresses in the
dhcp server dns-list command.

Example
# Specify a DNS server at 10.10.1.254 for domain name resolution when IP
addresses in the interface address pool on VLANIF100 are assigned to clients.
<HUAWEI> system-view
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] ip address 10.1.1.1 24
[HUAWEI-Vlanif100] dhcp select interface
[HUAWEI-Vlanif100] dhcp server dns-list 10.10.1.254

7.7.37 dhcp server domain-name (interface view)

Function
The dhcp server domain-name command configures a DNS domain name
assigned to a DHCP client.
The undo dhcp server domain-name command deletes a specified domain name.