01-04 managing the system of the ggsn9811
TRANSCRIPT
-
7/25/2019 01-04 Managing the System of the GGSN9811
1/28
4Managing the System of the GGSN9811About This Chapter
This part describes how to manage the system of the GGSN9811. The overall management of
the system ofthe GGSN9811 is often used to guarantee the normal running of the
GGSN9811.
4.1 ManagingFiles of the GGSN9811
This part describes how to manage the files of the GGSN9811. The system of the GGSN9811
generates substantial data files during daily running. The data files include the information about
the alarm, performance, and log. The primary purpose of this function is to manage and maintain
the files periodically so that the statistics and analysis are simplified.
4.2 ManagingLogs of the GGSN9811
This part describes how to manage the logs of the GGSN9811. The log management refers to
managing the operation logs and security logs.
4.3 Collecting Information
This part describes how to collect the information of the GGSN9811. The information about the
running of theGGSN9811 must be collected periodically. The unified collection tool is available
on the local maintenance terminal (LMT), which facilitates information collection and improves
maintenance efficiency.
4.4 Managing the Reliability of the GGSN9811
This part describes how to manage the reliability of the GGSN9811. The GGSN9811 is well
designed in terms of reliability, which enables the system and the network to be quick in responseand be restored in the case of device abnormality. In addition, the reliability management can
prolong the mean time between failures (MTBF) and minimize the adverse effect on services.
4.5 Managing the NTP
This part describes how to manage the Network Time Protocol (NTP) that is used to issue precise
time over the network.
4.6 Managing the SNMP
This part describes the principle, configuration, and examples of the Simple Network
Management Protocol (SNMP).
4.7 Managing SSH
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-1
-
7/25/2019 01-04 Managing the System of the GGSN9811
2/28
This part describes the principle, functions, operation steps, and commands of the secure shell
(SSH).
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-2 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
3/28
4.1 Managing Files of the GGSN9811
This part describes how to manage the files of the GGSN9811. The system of the GGSN9811
generates substantial data files during daily running. The data files include the information about
the alarm, performance, and log. The primary purpose of this function is to manage and maintain
the files periodically so that the statistics and analysis are simplified.
4.1.1 Introduction to the File System
The file system manages the data files in an effective way, including querying, moving, deleting,
and dumping the data file.
4.1.2 Managing General Files
This part describes how to manage the general files. You can delete, rename, copy, move, and
display the general files of the same GGSN9811. In addition, the files can be uploaded and
downloaded between the File Transfer Protocol (FTP) server and the GGSN9811.
4.1.3 Managing Configuration FilesThis part describes how to manage the configuration files. The configuration parameters of the
GGSN9811 are saved in the configuration files. The configuration files are of two types, that is,
CFGFILE and DATAFILE (including log files, alarm files, and tracing files).
4.1.4 Managing Group Files
This part describes how to manage the group files. The GGSN9811 manages the group files by
complying with the File Transfer Protocol (FTP). The group files can be dumped manually or
automatically.
4.1.5 Managing License Files
This part describes how to manage the license files. The license file can dynamically control the
availability of certain features as well as the maximum available resources.
4.1.6 Managing Paths
This part describes how to manage the paths. You can create or delete the directory. In addition,
you can display or switch over the current work directory.
4.1.1 Introduction to the File System
The file system manages the data files in an effective way, including querying, moving, deleting,
and dumpingthe data file.
The data filesare saved in the hard disk ofthe SRU. To facilitate the file management, the files
are categorized into general files, configuration files, group files, and license files.
General Files
The files thatare managed through the file namesare called general files. The operation on
general files is often used. For example, you can delete the files of which the names are
mml.txt.
Configuration Files
The configurations are saved in the configuration files of the GGSN9811. For the configuration
files, the commands can be executed in terms of file names or file types. The configuration files
are categorized into two types, that is, CFGFILE and DATAFILE. Running the commands interms of the file types can facilitate the management of the M2000.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-3
-
7/25/2019 01-04 Managing the System of the GGSN9811
4/28
Group Files
The group files contain alarm files, tracing files, performance files, and files of operation logs.
Running the commands on the group files in terms of special type can facilitate the file backup.
License Files
The license file is used to dynamically control the availability of a feature. If the feature is
unavailable in the license file, the relevant commands cannot be executed.
4.1.2 Managing General Files
This part describes how to manage the general files. You can delete, rename, copy, move, and
display the general files of the same GGSN9811. In addition, the files can be uploaded and
downloaded between the File Transfer Protocol (FTP) server and the GGSN9811.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Context
CAUTION
Do not rename, move, or delete the general file at random. The modification to the system file
of the GGSN9811 may result in abnormal running of the GGSN9811.
NOTE
You can use the wildcard to operate on more general files.
For example, if you want to display files of which the suffix is mrf, you can use the wildcard *to display
all the files of which the suffix is mrf. That is, enter *.mrf.
Procedurel Run DLD GENFILEto download the general files from the FTP server to the host.
l Run ULD GENFILEto upload the general files from the host to the FTP server.
l Run LST GENFILEto list all the general files in the current directory.
l Run DEL GENFILEto delete the specified general files.
l Run RNM GENFILEto rename the specified general files.
l Run MOV GENFILEto move the general files to a specified path.
l Run CPY GENFILEto copy the general files to a specified path.
l Run LST CRCto list the checksum of the general files.
----End
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-4 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
5/28
4.1.3 Managing Configuration Files
This part describes how to manage the configuration files. The configuration parameters of the
GGSN9811 are saved in the configuration files. The configuration files are of two types, that is,
CFGFILE and DATAFILE (including log files, alarm files, and tracing files).
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Procedure
l Run DLD CFGFILEto download the data file and configuration file from the File Transfer
Protocol (FTP) server to hd:/soft/backupof the main control board of the GGSN9811.
l Run ULD CFGFILEto upload the data files and configuration files from hd:/soft/
backupof the main control board of the GGSN9811 to the FTP server.
l Run BKP CFGFILEto back up the configuration files of the GGSN9811.
l Run RTR CFGFILEto restore the configuration files and data files of the GGSN9811.
----End
4.1.4 Managing Group Files
This part describes how to manage the group files. The GGSN9811 manages the group files by
complying with the File Transfer Protocol (FTP). The group files can be dumped manually or
automatically.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Context
The FTP protocol, belonging to the Transmission Control Protocol/Internet Protocol (TCP/IP),
is used in the application layer. It is used to transmit the file.
The GGSN9811 manages the group files by complying with the FTP protocol. The
GGSN9811, serving as an FTP client, is connected to the specified FTP server to dump the groupfiles to the FTP server.
The alarm files, performance files, tracing file, and operation files can be dumped to the specified
FTP server. Thus, all these files can be backed up.
You can manually or automatically dump the group files of the GGSN9811. Only alarm files,
operation files, and log files can be automatically dumped. Tracing files and performance files
can only be manually dumped.
The management of the group files includes:
l Setting a default FTP server
l Dumping group files manually
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-5
-
7/25/2019 01-04 Managing the System of the GGSN9811
6/28
The default FTP server is the one that is used when the group files are dumped manually or
automatically. You can set the FTP server and the types of the files that need to be automatically
dumped.
If the function of automatically dumping the files is enabled, the alarm.almfiles are
automatically dumped from 00:00 every day. The alarm.almfiles of the last day on the FTPserver are overwritten by the current alarm.almfiles, which guarantees the information
integrity. The OLOG files are automatically dumped from 00:00 every day.
Procedure
Step 1 Run SET FTPSVRto set the FTP server.
NOTE
After the FTP server is set successfully, you can run LST FTPSVRto list the FTP server. Alternatively,
you can run RMV FTPSVRto delete the configuration of the default FTP server.
Step 2 Run BCK GRPFILEto dump a certain type of data files of the master SRU to a specified FTPserver.
NOTE
Before dumping the files, you can run LST GRPFILEto list the information of the specified data files of
the master SRU.
Step 3 Run RMV GRPFILEto delete the specified type of data files of the master SRU.
CAUTION
Before deleting the files, ensure that the files to be deleted are not used or are dumped.
----End
4.1.5 Managing License Files
This part describes how to manage the license files. The license file can dynamically control the
availability of certain features as well as the maximum available resources.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Procedure
l Run DLD LICENSEto download the license file from the File Transfer Protocol (FTP)
server to the hard disk of the SRU.
l Run ULD LICENSEto upload the license file from the hard disk of the SRU to the FTP
server.
l Run ACT LICENSEto activate the license file downloaded to the hard disk.
l
Run DSP LICENSEto display the current configuration information, including the currentvalue of each control item, of the license file.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-6 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
7/28
l Run LST LICENSEto list the information of the license file. The information includes
the name and invalidity of the current license file.
l Run LST ESNto query the electronic serial number (ESN).
NOTE
The ESN is specific to the license file. Obtain the ESN before applying for the license file. The ESN
varies with the configuration of the original signaling point. The ESN changes when the original
signaling point is added, deleted, or modified.
----End
4.1.6 Managing Paths
This part describes how to manage the paths. You can create or delete the directory. In addition,
you can display or switch over the current work directory.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Context
CAUTION
Do not rename, move, or delete the directory at random. The modification to the directory where
the system file of the GGSN9811 is saved may result in abnormal running of the GGSN9811.
Procedure
l Run CRE DIRto create a directory in a specified path of a specified storage device.
l Run RMV DIRto delete a specified directory in a specified storage device.
l Run SWP DIRto change the current work directory of the GGSN9811.
l Run DSP DIRto display the current work directory.
----End
4.2 Managing Logs of the GGSN9811
This part describes how to manage the logs of the GGSN9811. The log management refers to
managing the operation logs and security logs.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-7
-
7/25/2019 01-04 Managing the System of the GGSN9811
8/28
Context
l The operation logs record all the information regarding the operation on the GGSN9811
through the LMT. You can query and dump the operation logs.
l The security logs record all the events regarding login, authentication, and management.
The operation log includes the information such as the operator name, operator ID, IP address
of the computer where the LMT is installed, executed commands, date, time, and results. Each
operation log file is generated every day and saved in hd:/bam/data/olgon the hard disk of the
SRU.
You can query the operation log. A maximum of 64 latest records can be displayed. If the query
records outnumber the threshold, narrow down the querying conditions.
Create a folder of which the name is slgin the directory bam/data. The security log is saved in
hd:/bam/data/slg. Similar to the operation log file, each security log file is generated every day.
The security log file is named after the date. The extension name is slg. For example, the security
log file on Aug 15, 2007 is named 20070815.slg.
The security log is basically the same as that of the operation log in terms of items including but
not limited to the following:
l By default, a maximum of 350 files can be saved in the directory of the security log. This
value can be set in the bam.inifile.
l By default, the size of the security log is 100 MB that can be set in the bam.inifile.
l If the number of the security log files saved in the directory exceeds the threshold, or the
security log files in the directory are oversize, ALM_0083 occurs.
l The security logs between the master and slave SRUs can be backed up in real-time or in
batches.
l The security log file, as part of the data file, can be uploaded, downloaded, backed up, or
recovered.
Procedure
l Querying the operation log
1. Run LST LOGto query the operation log.
NOTE
Only the admin can query the operation logs of other users.
l Querying the security log
1. Run LST SECLOGto query the security log.
----End
4.3 Collecting Information
This part describes how to collect the information of the GGSN9811. The information about the
running of the GGSN9811 must be collected periodically. The unified collection tool is available
on the local maintenance terminal (LMT), which facilitates information collection and improves
maintenance efficiency.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-8 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
9/28
Prerequisite
l The LMT is started.
l The user logs in to the GGSN9811.
Context
Using the information collection tool can reduce the workload, guarantee the accurate
information, and improve the collection efficiency.
The information collected by using the information collection tool includes the following:
l Files on the hard disk of the SRU
l Information that can be obtained by using the MML command
The information collection tool can help users obtain the information through the File Transfer
Protocol (FTP).
The information collection tool can be connected to the network element (NE) through port
6000. The FTP function of the GGSN9811 is enabled by using the MML command through port
6000. The information collection tool employs the FTP command of Windows system to
download the file on the hard disk of the SRU.
Procedure
Step 1 Click the Maintenancetab in the navigation tree pane of the LMT. Double-click InformationCollectionin Service. The Information Collectionwindow is displayed. Refer to Figure
4-1.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-9
-
7/25/2019 01-04 Managing the System of the GGSN9811
10/28
Figure 4-1Information Collectionwindow
Step 2 Enter the IP address, user name, and password in the Loginarea.
NOTE
The office to which the information collection tool is connected can be different from the one to which the
LMT is connected.
Step 3 Click Save Asin the Save Patharea to select a path where the collection result is saved.
The collected information is saved in a folder of which the name is in the form of yyyymmdd,
for example, 20070813.
CAUTION
The save path where the collected information is saved cannot have any space or Chinese
character. For example, the collected information cannot be saved in D:\HW LMT.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-10 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
11/28
Step 4 Select necessary options in the Filesand Host Informationareas.
NOTE
l Collecting substantial information is likely to incur system errors. Thus, you are recommended to
collect proper amount of information at one time.
l You can click Set Defaultto set the selected options in the Filesand Host Informationareas to be
default ones. Then, click Load Default.
Step 5 Click Executeto collect the information. All the information is collected, Information
collection succeeds!!!is displayed in the blank area of the Information Collection
Toolwindow.
Step 6 Click Exit. Then, the window disappears.
----End
4.4 Managing the Reliability of the GGSN9811This part describes how to manage the reliability of the GGSN9811. The GGSN9811 is well
designed in terms of reliability, which enables the system and the network to be quick in response
and be restored in the case of device abnormality. In addition, the reliability management can
prolong the mean time between failures (MTBF) and minimize the adverse effect on services.
4.4.1 Instruction of Swapping Master and Slave SRUs/SPUs
This part describes the swapping characters between the master and slave boards. The SRUs and
the SPUs of the GGSN9811 work in master/slave mode. When the master board is faulty, the
slave board can take over the services.
4.4.2 Managing the Swapping of Master and Slave SRUs
This part describes how to activate, deactivate the mandatory swapping and perform mandatory
swapping of the SRU.
4.4.3 Managing the Swapping of Master and Slave SPUs
This part describes how to activate, deactivate the mandatory swapping, set the function of
reporting the information about the SPU swapping, and perform mandatory swapping of the
SPU.
4.4.4 Managing the Reliability of the Route
This part describes how to manage the reliability of the route. Managing the reliability of the
route refers to checking the consistency of the routing tables. The reliability management can
prolong the mean time between failures (MTBF).
4.4.1 Instruction of Swapping Master and Slave SRUs/SPUs
This part describes the swapping characters between the master and slave boards. The SRUs and
the SPUs of the GGSN9811 work in master/slave mode. When the master board is faulty, the
slave board can take over the services.
Common terms in master/slave swapping are as follows:
l Swapping: also called handover. In the dual-system, the master and slave boards exchange
their roles. That is, the master board works as the slave board and the slave board works as
the master board.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-11
-
7/25/2019 01-04 Managing the System of the GGSN9811
12/28
l Backup: During the system running, the information such as configuration information and
user profile on the master board is backed up to the slave board in real time.
l Seamlessness: After the swapping, the data of the new master board may be inconsistent
with that of the hardware and software. The seamless swapping is to eliminate the
inconsistency, which guarantees the normal running of the system.
The characteristics of the swapping between the master and slave SRUs and SPUs are as follows:
l Reliable swapping mechanism: When the master board is faulty, the slave board can take
over the services immediately.
l Correct swapping: When the master board is normal, the slave board cannot take over the
services.
l Seamless swapping: The data can be restored immediately and accurately.
4.4.2 Managing the Swapping of Master and Slave SRUs
This part describes how to activate, deactivate the mandatory swapping and perform mandatoryswapping of the SRU.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
l The master and slave SRUs work at normal level.
Procedure
l Activating or deactivating mandatory swapping
1. Run ACT SRUSWPto activate the mandatory swapping of the main control board
SRU.
2. Run DEA SRUSWPto deactivate the mandatory swapping of the main control board
SRU.
NOTE
The SWP SRUcommand cannot be executed to swap the SRU after the DEA SRUSWP
command is executed.
l Swapping the SRU forcibly
1. Run SWP SRUto perform mandatory swapping of the SRU.
----End
4.4.3 Managing the Swapping of Master and Slave SPUs
This part describes how to activate, deactivate the mandatory swapping, set the function of
reporting the information about the SPU swapping, and perform mandatory swapping of the
SPU.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-12 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
13/28
l The master and slave SPUs work at normal level.
Procedure
l Activating or deactivating mandatory swapping
1. Run ACT SPUSWPto activate the mandatory swapping of the main control board
SPU.
2. Run DEA SPUSWPto deactivate the mandatory swapping of the main control board
SPU.
NOTE
The SWP SPUBDcommand cannot be executed to swap the SPU after the DEA SPUSWP
command is executed.
l Handing over the SPU in a mandatory way
1. Run SWP SPUBDto perform mandatory handover to the SPU.
----End
4.4.4 Managing the Reliability of the Route
This part describes how to manage the reliability of the route. Managing the reliability of the
route refers to checking the consistency of the routing tables. The reliability management can
prolong the mean time between failures (MTBF).
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Context
The GGSN9811 adopts distributed processing structure. The LPU/SPU and the SRU retain the
same duplicate of the forward information base (FIB) table (also called routing table). In general,
the FIB table of the SRU sends entries regularly to the LPU/SPU, and then the LPU/SPU
refreshes the FIB table. This guarantees that the FIB entries of the LPU/SPU are consistent with
those of the SRU. If some FIB entries of the LPU/SPU do not exist in the FIB table of the SRU,
those entries are deleted through aging mechanism.
Checking the consistency of the routing table (also called routing aging) can guarantee that the
FIB table of the LPU/SPU is consistent with that of the SRU. Users can determine when the
route is aged. In addition, this function guarantees that the FIB table and the Address ResolutionProtocol (ARP) table of the LPU/SPU are consistent with the duplicate of the SRU.
Procedure
l Activating aging
1. Run ACT AGINGto activate the aging.
l Deactivating aging
1. Run DEA AGINGto deactivate the aging.
l Querying aging
1. Run LST AGINGto list the information of the aging function.
----End
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-13
-
7/25/2019 01-04 Managing the System of the GGSN9811
14/28
4.5 Managing the NTP
This part describes how to manage the Network Time Protocol (NTP) that is used to issue precise
time over the network.
4.5.1 Introduction to NTP
The Network Time Protocol (NTP) is used to synchronize the time between the network elements
(NEs) and the time server.
4.5.2 Querying Basic Configurations of the NTP
This part describes how to query the status of all Network Time Protocol (NTP) sessions, status
of the NTP service, and the connection between the network element (NE) and the specified
NTP server.
4.5.3 Managing the NTP Server
If the remote Network Time Protocol (NTP) server is set as the local time server and the localdevice serves as a client, only the local client can synchronize with the remote NTP server. The
remote NTP server does not synchronize with the local client.
4.5.1 Introduction to NTP
The Network Time Protocol (NTP) is used to synchronize the time between the network elements
(NEs) and the time server.
The NTP is used to synchronize all the devices with clocks so that the time of all the devices is
basically the same. If the NTP server is not configured, the preciseness of the system time of the
NEs cannot be guaranteed and the distributed applications cannot be conducted.
One NE can be configured with 128 NTP servers. In general, one to three NTP servers are
configured. The NEs can automatically synchronize with the most precise NTP server. If the
identity authentication is selected when you configure the NTP server, the same key No. and the
key value must be configured between the NE and the NTP server. The identity authentication
is used to authenticate the identity and encrypt the data.
4.5.2 Querying Basic Configurations of the NTP
This part describes how to query the status of all Network Time Protocol (NTP) sessions, status
of the NTP service, and the connection between the network element (NE) and the specified
NTP server.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Procedure
l Run DSP NTPASto query the status of all NTP sessions.
l Run DSP NTPSTATto query the status of the NTP service.
l Run DSP NTPSVRto query whether the specified NTP server is available.
----End
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-14 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
15/28
4.5.3 Managing the NTP Server
If the remote Network Time Protocol (NTP) server is set as the local time server and the local
device serves as a client, only the local client can synchronize with the remote NTP server. The
remote NTP server does not synchronize with the local client.
Prerequisite
l The local maintenance terminal (LMT) is started.
l The user logs in to the GGSN9811.
Procedure
l Adding an NTP server
1. Run ADD NTPSVRto add the NTP server.
l Deletingthe NTP server
1. Run RMV NTPSVRto delete the NTP server.
l Modifying the NTP server
1. Run MOD NTPSVRto modify the configured NTP server mode.
NOTE
You can modify the authentication management (including activating the authentication and
setting the key and key value) when the NTP server mode is modified.
l Querying the NTP server
1. Run LST NTPSVRto query the information of the configured NTP server.
----End
4.6 Managing the SNMP
This part describes the principle, configuration, and examples of the Simple Network
Management Protocol (SNMP).
4.6.1 Overview of SNMP
This part describes the principle and functions of the Simple Network Management Protocol
(SNMP).
4.6.2 Configuring SNMP
This part describes the Simple Network Management Protocol (SNMP) configuration and
configuration commands.
4.6.3 SNMP Configuration Examples
This part describes a Simple Network Management Protocol (SNMP) configuration example.
4.6.1 Overview of SNMP
This part describes the principle and functions of the Simple Network Management Protocol
(SNMP).
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-15
-
7/25/2019 01-04 Managing the System of the GGSN9811
16/28
Introduction to SNMP
The purpose of SNMP is to ensure the transmission of management information between any
two nodes so that the network administrator can retrieve network information at any node and
perform modification, troubleshooting, fault diagnosis, volume planning, and reporting.
SNMP adopts a polling mechanism and offers a fundamental function set especially used in
small, fast, and inexpensive applications. SNMP requires only the User Datagram Protocol
(UDP) to exchange data. Therefore, SNMP is used by many products.
Structurally, SNMP can be divided into two parts, network management system (NMS) and
agent.
l NMS is a workstation on which the client program runs.
l Agent is server software running on a network device.
The SNMP work flow is as follows:
l The NMS sends GetRequest, GetNextRequest, Getbulk, or SetRequest packets to the agent.
After receiving the request packets from the NMS, the agent reads or writes management
variables according to the type of the packets and generates Response packets to the NMS.
l If hot/cold start or any abnormality happens to the device, the agent also sends Trap packets
to the NMS, reporting the event.
l All SNMP operations are in read-write mode. That is, the management system is permitted
to read values from the variables (data items) or write values to the variables.
SNMP Versions and MIB Supported
To identify a management variable uniquely in the SNMP packets, SNMP uses a hierarchical
naming convention to differentiate managed objects. The hierarchical structure is like a tree with
its nodes representing managed objects. Refer to Figure 4-2. A managed object can be identified
uniquely by the path from the root to the node.
Figure 4-2MIB tree structure
A
2
6
1
5
21
1
2
1
B
Refer to Figure 4-2. Managed object B can be uniquely determined by a string of digits (1.2.1.1),
which is the object identifier of the managed object. The management information base (MIB)
is used to describe the hierarchical structure of the tree and is a collection of definitions of
standard variables on monitored network devices.
The SNMP agent in the system supports SNMPV3 and is compatible with SNMPV1 and
SNMPV2c. Table 4-1and Table 4-2list the public MIB supported by the system.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-16 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
17/28
Table 4-1Public MIB supported by the system
Module Name MIB Content Standard or Specification
Ethernet RFC2665.MIB RFC2665
IEEE8023-LAG-MIB.MIB IEEE 802.3ad
SONET/SDH RFC2558.MIB RFC2558
ATM RFC2515.MIB RFC2515
PPP RFC1471.MIB RFC1471
RFC1473.MIB RFC1473
RIP-2 RFC1724.MIB RFC1724
OSPF RFC1850.MIB RFC1850
IS-IS IS-IS.MIB draft-ietf-isis-wg-mib-07
BGP RFC1657.MIB RFC1657
IFNET interface
module
RFC1573.MIB RFC1573
SNMP protocol stack
and basic NM
functionality module
RFC1213.MIB RFC1213
FRAMEWORK.MIB RFC2271
GENTRAP.MIB RFC1907
USM.MIB RFC2274
MPD.MIB RFC2272
VACM.MIB RFC2275
TARGET.MIB RFC2273
NOTIFICAT.MIB RFC2273
RADIUS RFC2618.MIB RFC2618
RFC2620.MIB RFC2620
VRRP VRRP.MIB RFC2787
Table 4-2Private MIB supported by the system
MIB Content Specification
HUAWEI-GGSN-HEAD-MIB Definition of OID and MIB group of GGSN9811
MIB.
HUAWEI-GGSN-CONF-MIB Definition of configuration group of GGSN9811
MIB
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-17
-
7/25/2019 01-04 Managing the System of the GGSN9811
18/28
MIB Content Specification
HUAWEI-GGSN-PERF-MIB Definition of performance group of GGSN9811 MIB
HUAWEI-GGSN-GENTRAP-MIB Definition of TRAP of GGSN9811 MIB
HUAWEI-GGSN-TRAP-Vars-MIB Definition of TRAP parameters of GGSN9811 MIB
4.6.2 Configuring SNMP
This part describes the Simple Network Management Protocol (SNMP) configuration and
configuration commands.
1. Configuring agent management
l Enabling or disabling SNMP agent service
l Enabling or disabling the corresponding version of SNMP
l Setting the engine ID of a local device
2. Configuring security management
l Setting an SNMP group
l Adding a user to an SNMP group or deleting a user from it
l Setting community name
l Setting view information
3. Configuring trap managementl Enabling or disabling Trap messages
l Enabling BGP Trap messages
l Enabling VRRP Trap messages
l Setting the address of the Trap destination host
l Specifying the source address for sending Trap messages
l Setting the queue size of Trap messages
l Setting the lifetime of Trap messages
4. Configuring performance managementl Adding an object of an SNMP performance measurement task
l Setting the lifetime of an SNMP performance measurement task
5. Configuring system information management
l Setting the maximum size of the SNMP message
l Setting the system information of the SNMP agent
Configuring Agent Management
ACT SAGENTis used to enable the SNMP agent service. By default, the SNMP agent serviceis disabled.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-18 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
19/28
Table 4-3Enabling or disabling SNMP agent service
Command Function
ACT SAGENT Enable the SNMP agent service.
CLS SAGENT Disable the SNMP agent service.
SET SSYSVERis used to enable the corresponding version of SNMP. By default, SNMP v3
is enabled.
Table 4-4Enabling or disabling the corresponding version of SNMP
Command Function
SET SSYSVER Enables the corresponding version of SNMP.
RMV SSYSVER Disables the corresponding version of
SNMP.
SET ENGIDis used to set the engine ID of a local device. By default, the engine ID is the
companys enterprise number plus the device information. The device information can be the
IP address, MAC address, or a user-defined hexadecimal numeral string.
NOTE
When the SNMP function of the GGSN9811 is enabled, the engine ID of the local device is generated by
default. If you need to set another engine ID, run SET ENGID. In this case, the companys enterprise
number is generated by default, while the device information can be set by the user.
Table 4-5Setting the engine ID of a local device
Command Function
SET ENGID Sets the engine ID of a local device.
RMV ENGID Restores the default engine ID of a device.
Configuring Security Management
SET SGRPis used to set a new SNMP group, that is, you can map an SNMP user to SNMP
view. RMV SGRPis used to delete a specific SNMP group.
Table 4-6Setting or removing an SNMP group
Command Function
SET SGRP Sets a new SNMP group.
RMV SGRP Removes a specific SNMP group.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-19
-
7/25/2019 01-04 Managing the System of the GGSN9811
20/28
ADD SUSRis used to add a user to a specified SNMP group.
Table 4-7Adding or removing a user
Command FunctionADD SUSR Adds a new user to a specified SNMP group.
RMV SUSR Removes a user specified by the SNMP
group.
ADD SCOMMis used to set the community name for SNMPV1 and SNMPV2C, corresponding
MIB view and access control list (ACL).
SNMPV1 and SNMPV2c use community names for authentication. The SNMP packets not
matching the authenticated community name of the device are discarded.
Table 4-8Setting or removing a community name
Command Function
ADD SCOMM Sets a community name and its access
authority.
RMV SCOMM Removes the community name.
With ADD SCOMM, you can create different community names, and assign them with read-
only or read-write authority as required. A community with read-only authority can only query
the device information and a community with read-write authority can configure the devices
additionally. By setting community names and access authorities, you can easily classify the
management stations into communities with different authorities. This guarantees safety and
flexibility.
ADD MIBVIEWis used to create and update the view information.
Table 4-9Creating, updating, or removing the view information
Command Function
ADD MIBVIEW Creates or updates the view information.
RMV MIBVIEW Removes the view information.
Configuring Trap Management
ACT SATRAPis used to enable a device to send the Trap message to the NMS.
The Trap message is the non-requested information sent by a managed device to the NMS, whichis used to report emergencies and critical events such as board restart.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-20 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
21/28
Table 4-10Enabling or disabling the Trap message
Command Function
ACT SATRAP Enable a device to send the Trap message to
the NMS.
DEA SATRAP Disable a device to send the SNMP Trap
message.
ACT BGPTRAPis used to enable a device to send the BGP Trap message.
ACT BGPTRAPis used together with ADD TRAPIP. ADD TRAPIPis used to specify the
hosts to which the Trap message is sent.
To send the Trap message, you must use at least one ADD TRAPIPcommand.
Table 4-11Enabling the device to send the BGP Trap message
Command Function
ACT BGPTRAP Enables a device to send the BGP Trap
message.
DEA BGPTRAP Disables a device to send the BGP Trap
message.
ADD TRAPIPis used to set the address of the host that receives the SNMP Trap message.
ADD TRAPIPis used together with ACT SATRAP. ACT SATRAPis used to enable the
device to send the Trap message. ADD TRAPIPis used to specify the host to which the Trap
message is sent. To send a Trap message, you must use ACT SATRAPand one ADD
TRAPIP.
Table 4-12Setting or removing the address of the host that receives the SNMP Trap message
Command Function
ADD TRAPIP Sets the address of the host that receives the
SNMP Trap message.
RMV TRAPIP Removes the address of the destination host
that receives the SNMP Trap message.
SET TRAPSRCis used to set the source address from which the Trap message is sent. If you
attempt to trace a specific event through the Trap address, run this command.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-21
-
7/25/2019 01-04 Managing the System of the GGSN9811
22/28
Table 4-13Setting or removing the source address from which the Trap message is sent
Command Function
SET TRAPSRC Sets the source address from which the Trap
message is sent
RMV TRAPSRC Removes the source address from which the
Trap message is sent
SET TRAPQUESZis used to set the queue size of the Trap message sent to the destination
host.
Table 4-14Setting the queue size of the Trap message
Command Function
SET TRAPQUESZ Sets the queue size of the Trap message sent
to the destination host.
RMV TRAPQUESZ Restores the default queue size of the Trap
message.
SET TRAPLFis used to set the lifetime of the Trap message. The Trap messages exceeding
the lifetime are discarded.
Table 4-15Setting the lifetime of the Trap message
Command Function
SET TRAPLF Sets the lifetime of the Trap message.
RMV TRAPLF Restores the default lifetime of the Trap
message.
Configuring Performance ManagementADD SAOBJis used to set the object of SNMP performance measurement.
Table 4-16Setting the object of SNMP performance measurement
Command Function
ADD SAOBJ Adds an object of SNMP performance
measurement task.
RMV SAOBJ Removes an object of SNMP performance
measurement task.
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-22 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
23/28
SET SAPERIODis used to set or modify the period information about the SNMP performance
measurement.
Table 4-17Setting period information about the SNMP performance measurement
Command Function
SET SAPERIOD Sets period information about the SNMP
performance measurement.
Configuring System Information Management
SET SSIZEis used to set the maximum size of the SNMP message that the agent can receive
or send.
Table 4-18Setting the maximum size of the SNMP message that the agent can receive or send
Command Function
SET SSIZE Sets the maximum size of the SNMP message
that the agent can receive or send.
RMV SSIZE Restores the default size of the SNMP
message that the agent can receive or send.
SET SSYSINFOis used to set SNMP agent system information, including system maintenanceinformation and physical locations of the device nodes.
System information includes the ID and contact information of relevant administrator and the
physical location of the managed device GGSN9811. In this case, the user can store important
information in the device for query in the case of an emergency.
Table 4-19Setting or removing the information of the SNMP agent system
Command Function
SET SSYSINFO Sets the information of the SNMP agent
system.
RMV SSYSINFO Restores the default information of the SNMP
agent system.
4.6.3 SNMP Configuration Examples
This part describes a Simple Network Management Protocol (SNMP) configuration example.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-23
-
7/25/2019 01-04 Managing the System of the GGSN9811
24/28
Prerequisite
Refer to Figure 4-3. The network management system (NMS) is connected to the GGSN9811
through the Ethernet. The IP address of the NMS is 129.102.149.23. The IP address of the
Ethernet interface is 129.102.0.1.
Figure 4-3Networking diagram of the SNMP configuration
Ethernet
Ethernet1/0/0:1.0.1.11Ethernet1/0/0:1.0.1.12
DeviceB
Router A
Configuration Procedure
Procedure
Step 1 Enable the SNMP agent service and set the SNMP agent version to SNMPV2.
Enable SNMP agent service (To configure SNMP, you must enable the SNMP agent service
first).
ACT SAGENT:;
Set the SNMP agent version to SNMPV2.
SET SSYSVER: OP=SPECIFIC, VER=V2C;
Step 2 Set community name and access authority.
ADD SCOMM: COMMRT=READ, NAME="public";
ADD SCOMM: COMMRT=WRITE, NAME="private";
Step 3 Set SNMP agent system information, including the ID and contact information of theadministrator, and the location of the device.
SET SSYSINFO: IDX=CONTACT, INFOTXT="Mr.Wang-Tel:3306";
SET SSYSINFO: IDX=LOCATION, INFOTXT="telephone-closet,3rd-floor";
Step 4 Enable to send the NMS (129.102.149.23) Trap message with community name as public.
ACT SATRAP:;
ADD TRAPIP: IP="129.102.149.23", SECN="public", VER=V2C;
Step 5 Set the time range for reporting the performance measurement data to 10:0012:00,measurement period to 15 minutes, and measurement object to APN.
Set the time range for reporting the performance measurement data to 10:0012:00 and
measurement period to M15.
SET SAPERIOD: PERIODTIMENUM=1, ST1=10&00, ET1=12&00, PRD=M15;
Set the object isp.com with its type of APN.
ADD SAOBJ: OBJECTTYPE=APN, OBJECTPARA="isp.com";
----End
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-24 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
25/28
Postrequisite
NOTE
You need to set the IP address to 129.102.0.1 and community name to PRIVATEon the NMS. Thus, you
can query and operate the device by using the NMS client program. For commands of NMS configuration,
refer to the shipping document.
4.7 Managing SSH
This part describes the principle, functions, operation steps, and commands of the secure shell
(SSH).
4.7.1 Overview of the SSH
This part describes the principle and operation steps of the secure shell (SSH) management.
4.7.2 Starting the SSH Client
This part describes how to start the secure shell (SSH) client before using the SSH function.
4.7.3 Preparations for Sessions
This part describes the preparations for the sessions before the secure shell (SSH) client is
applied.
4.7.4 Activating Sessions
This part describes how to activate the sessions by using the secure shell (SSH) client.
4.7.5 Port Forwarding
This part describes how to transmit and maintain the data in a reliable way. When starting the
local maintenance terminal (LMT), users can log in to the GGSN9811 by using the secure shell
(SSH) client as the proxy server.
4.7.1 Overview of the SSH
This part describes the principle and operation steps of the secure shell (SSH) management.
The SSH is aprotocol stack drafted by the Internet Engineering Task Force (IETF). The purpose
of the SSH isto provide secure remote login and other security network services over the
unsecured network.
The SSH canprovides the GGSN9811 with the secure and reliable remote login mode, secure
file transfer function, and port forwarding function.
The SSH client is installed with independent software installation software. The SSH server isintegrated on the SRU of the GGSN9811. Users can Telnet log in to the GGSN through the SSH
client to maintain the network element (NE). In addition, users can access the GGSN9811 by
using the SSH client as a proxy server when starting the local maintenance terminal (LMT). In
this case, the secure data transmission and maintenance can be realized.
CAUTION
The GGSN9811 can provide the SSH feature only when the corresponding license is purchased.
Figure 4-4shows the principle of the SSH management function.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-25
-
7/25/2019 01-04 Managing the System of the GGSN9811
26/28
Figure 4-4Principle of the SSH management function
Client
Server
program
SSH server
Listener
port
Server
Plain text
transfer
SSH ciphering
transfer
Port 22
Plain text
transfer
SSH client
Listener
port
Clientprogram
The users can start the following sessions through the SSH client.
l SSH session: It is used for STelnet connection and port forwarding. The SSH client transfers
the data to the NE by encapsulating the data.
l SFTP session: It is used to encrypt the FTP transmission data.
NOTE
l The GGSN supports multiple types of SSH client software. The I3SAFE SSH client software developed
by Huawei is recommended. This document details the SSH by taking the I3SAFE SSH client software
as an example.
l If the related operation description is not available in this document, refer to the online help of the SSH
client software.
4.7.2 Starting the SSH Client
This part describes how to start the secure shell (SSH) client before using the SSH function.
Context
To start the SSH client, perform the following steps:
Procedure
Step 1 Start the SSH connection agent.
Choose Start> Programs> I3SAFE SSH> SSH connection agent. The tray icon is
displayed in the taskbar.
NOTE
The SSH connection agent must be enabled when the SSH client software is applied.
Step 2 Start the SSH client.
Choose Start> Programs> I3SAFE SSH> SSH connection agent.
Step 3 Connect to the network element (NE) according to the help of the SSH client software.
----End
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide
4-26 Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
Issue 03 (2008-04-10)
-
7/25/2019 01-04 Managing the System of the GGSN9811
27/28
4.7.3 Preparations for Sessions
This part describes the preparations for the sessions before the secure shell (SSH) client is
applied.
Context
Perform the following steps:
Procedure
Step 1 Add the SSH user before establishing the SSH connections.
Run ADD SSHUSERon the LMT. The added user name must be consistent with that of the
SSH client.
Step 2 (Optional) Generate the key pair when choosing the key authentication.Generate the public and private key pairs according to the help of the SSH client software.
Step 3 (Optional) Download the public key file to the server.
Run DLD SSHRSAPUBKEYon the GGSN9811 to download the public key file from the SSH
client.
----End
4.7.4 Activating Sessions
This part describes how to activate the sessions by using the secure shell (SSH) client.
Context
For details on the operations, refer to the help of the SSH client. Perform the following operations
on the SSH client:
Procedure
Step 1 Configure the SSH connections.
Step 2 Set the general parameters.
Step 3 Set the public key management mode of the server.
Step 4 Start the session.
----End
Postrequisite
NOTE
When the GGSN9811 sets up the session, the number of connections and that of channels are as follows:
l A maximum of five connections are supported.
l One connection occupies one SFTP channel only.
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide 4 Managing the System of the GGSN9811
Issue 03 (2008-04-10) Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd
4-27
-
7/25/2019 01-04 Managing the System of the GGSN9811
28/28
4.7.5 Port Forwarding
This part describes how to transmit and maintain the data in a reliable way. When starting the
local maintenance terminal (LMT), users can log in to the GGSN9811 by using the secure shell
(SSH) client as the proxy server.
Context
To log in to the network element (NE) through the SSH client, perform the following steps:
Procedure
Step 1 Start the SSH client to activate the SSH session.
Step 2 Start the LMT. The User Logindialog box is displayed.
Step 3 Log in to the system with both user name and password as admin if you log in to the system for
the first time.
Step 4 Set the office direction by clicking in the Office Directionbox.
The office direction can be set to the following:
l IP address of the target server in the SSH connection.
The interception relations and mapping in the LMT agent window of the SSH client must be
configured.
l IP address of local computer.
The options in the LMT agent window of the SSH client must not be configured.
Step 5 Set the proxy server.
l If the office direction is set to the IP address of the target server, select the checkbox on the
left side of the proxy server. Then, set the IP address of the local computer to that of the
proxy server.
l If the office direction is set to the IP address of the local computer, the proxy server is not
configured.
Step 6 Set User Typeto Local.
Step 7 Click Login.
----End
4 Managing the System of the GGSN9811
HUAWEI GGSN9811 Gateway GPRS Support Node
Operation Guide