What’s the MSTP Configuration on region-name

MSTP Configuration

Function Description

The multiple spanning tree protocol (MSTP) applies to the redundant network. MSTP is an improvement of STP and RSTP. MSTP prevents the proliferation and infinite cycling of the packets in the loop network. In addition, MSTP provides multiple redundant paths for VLAN data transmission to achieve the load-sharing purpose. The MA5680T/MA5683T/MA5608T supports MSTP, which is compatible with the STP and RSTP. It supports MSTP loop network that helps meet various networking requirements.

region-name

Function

The region-name command is used to set the region name of multiple spanning tree (MST) which bridges belong to. The MST region name is used to identify the MST region. Devices with different names are in different MST regions. After the MST region name is set, two devices with the same MST region name may be in the same MST region.

The undo region-name command is used to restore the default region name of MST. When users need to identify the MST region by using the default name or query the default MST region name, run this command. After that, the MST region name is in the hexadecimal form of device MAC address.

Format

region-name name

undo region-name

Parameters

Parameter Description Value
name Indicates the MST region name of the bridge. Character string type, a string of 1-32 case sensitive characters that consists of letters, digits, hyphens (-), and underscores (_).

Default: the hexadecimal form of device MAC address.

Modes

MST region mode

Level

Operator level

Usage Guidelines

  • Run the config command to enter global config mode, and then run the stp region-configuration command to enter MST region mode.
  • Two devices that belong to a same MST region meet the following requirements:
    • The region names are the same.
    • The revision levels are the same.
    • The configuration digests are the same. The configuration digest is calculated by VLAN mapping table of all the spanning trees and MD5-KEY through MD5 encryption algorithm.

Example

To set MST region name of the bridge as huawei-bridge, do as follows:

huawei(stp-region-configuration)#region-name 
{ string<S><Length 1-32> }:huawei-bridge

  Command:
          region-name huawei-bridge

To restore the default MST region name, do as follows:

huawei(stp-region-configuration)#undo region-name 

System Response

  • The system does not display any message after the command is executed successfully.

Update of V100R011C00SPC200 Compared with V100R010C10SPC200

Hardware Name Update Type Description
TN97ERPC New Added the TN97ERPC board.
TN11AST2 New Added the TN11AST2 board.
TN18LSC New Added the TN18LSC board.
TN51MCS0816 New Added the TN51MCS0816 board.
TN17LTX Modified The TN17LTX boards add the support for InfiniBand 5G service. Added the TN17LTXT62 and TN17LTXT50 board.
TN17LSC Modified Added the TN17LSCT62 and TN17LSCT50 board.
TN58NS4 Modified Added the TN58NS4T62 and TN58NS4T50 board.
TN11DCP02 Modified Added the application of the TN11DCP02 board in the OptiX OSN 8800 T16.
TN11LOA Modified Added the support for the ISC 1G, ISC 2G services on the TN11LOA board.
TN15TM20

TN15DWSS20

TN97TM20

Modified Flexible allocation and grooming of n x 6.25 GHz bandwidth are newly supported on the board.
TN54HUNS3 Modified The Electrical-layer ASON are newly supported on the board.
N3SLH41 Modified Added the support for new STM-1 electrical interfaces.
TN54TOA

TN54THA

TN55TQX

TN53NQ2

TN16SCC

TN16XCH

TN16UXCM

ST2

TOX

STG

Modified The boards newly support the ITU-T G.8275.1 or ITU-T G.8275.2 protocol. For details, see the update description of each board.

How to do when display change of service Ports and service failure in the MA5600T?

Keywords:Access network, OLT, MA5680TMA5683T

Summary:

GEM ports are added in xPON distributed mode but they are not bound to an ONT. After the distributed mode is changed to the profile mode, these GEM ports are still in the system and become distributed GEM ports.

In V800R006C02, if the system has distributed GEM ports, redundant data is generated. As a result, display of service ports changes and services fail after the system is upgraded from a version earlier than V800R009C00 to V800R009C00 or a later version. These two problems affect the Internet access service and may occur on a large number of devices.

[Problem Description]

Trigger conditions:

  1. In V800R006C02, the system changes from the distributed mode to profile mode.
  2. The system has GEM ports that are not bound to an ONT.
  3. The system is upgraded from V800R006C02 to V800R009C00 or a later version.

There is a high probability that display of service ports changes and services fail when these three conditions are met.

Symptom:

The ONT ID and GEM index of a service port cannot be displayed, but the GEM port ID is displayed. As shown in the following query result, VPI is displayed as , and services fail.

MA5600T(config)#display service-port port  0/4/0

{ <cr>|autosense<K>|ont<K>|sort-by<K> }:

 

Command:

display service-port port  0/4/0

Switch-Oriented Flow List

—————————————————————————-

INDEX VLAN VLAN     PORT F/ S/ P VPI  VCI   FLOW  FLOW       RX   TX   STATE

ID   ATTR     TYPE                       TYPE  PARA

—————————————————————————-

1  100 common   gpon 0/4 /0       130   vlan  10         –    –    down

2  100 common   gpon 0/4 /0    0    0     vlan  10         –    –    down

—————————————————————————-

Total : 2  (Up/Down :    0/2)

Identification method:

Check whether the system has a distributed GEM port.

MA5600T(config)#display current-configuration section gpon

{ <cr>||<K> }:

 

Command:

display current-configuration section gpon

[MA5600V800R010: 5900]

#

[gpon]

<gpon-0/4>

interface gpon 0/4

GEM Port add 0 GEM Port-ID 128-137 eth                                            

ont add 0 0 sn-auth “1111111111111111” omci ont-lineprofile-id 100

ont-srvprofile-id 100 desc “ONT_NO_DESCRIPTION”

sippstnuser add 0 0 1

ont add 0 1 sn-auth “2222222222222222” omci ont-lineprofile-id 0

ont-srvprofile-id 101 desc “ONT_NO_DESCRIPTION”

ont port native-vlan 0 1 eth 1 vlan 1 priority 3

#

return

If the configuration in red is displayed in the command output, the system has a distributed GEM port. (Normally, GEM Port add is not displayed in GPON interface mode.)

 

[Root Cause]

In V800R006C02, if the system has GEM ports that are not bound to an ONT and the system changes from the distributed mode to the profile mode, these GEM ports become distributed GEM ports. However, these GEM ports should have been changed to be GEM ports on a line profile for management and usage.

Distributed GEM ports trigger disorder and redundant data. Consequently, the system has two identical GEM port IDs (the GEM port ID should have been unique), between which, one is applied by the distributed GEM port and the other one is applied by the line profile according to the ONT ID and GEM index.

In versions earlier than V800R009C00, the system saves the ONT ID and GEM index of a service port, displays them and generates corresponding configurations directly. However, in V800R009C00 and later versions, the system supports expandability between modules so that the system queries the information about a service port based on the GEM port ID and displays the query information. Because of distributed GEM ports in the system, the GEM port ID is not unique and resources occupied by a distributed GEM port may be queried. Then, configurations are generated based on these resources. As a result, problems occur.

 

[Impact and Risk]

In the preceding scenario, upgrades will be affected. For example, if the system is upgraded from V800R007C00 to V800R011, configurations will be incorrect and services will fail. These problems may occur on a large number of devices.

 

[Measures and Solutions]

All distributed GEM ports in the system need to be deleted. The following uses slot 4 as an example to delete all its distributed GEM ports.

Recovery measures:

  1. Query distributed GEM ports.

MA5600T(config)#display current-configuration section gpon

{ <cr>||<K> }:

 

Command:

display current-configuration section gpon

[MA5600V800R010: 5900]

#

[gpon]

<gpon-0/4>

interface gpon 0/4

 GEM Port add 0 GEM Port-ID 128-137 eth                                            

ont add 0 0 sn-auth “1111111111111111” omci ont-lineprofile-id 100

ont-srvprofile-id 100 desc “ONT_NO_DESCRIPTION”

sippstnuser add 0 0 1

ont add 0 1 sn-auth “2222222222222222” omci ont-lineprofile-id 0

ont-srvprofile-id 101 desc “ONT_NO_DESCRIPTION”

ont port native-vlan 0 1 eth 1 vlan 1 priority 3

#

return

  1. Delete the distributed GEM port.

Check whether this distributed GEM port has a service port.

MA5600T(config)#display service-port port  0/4/0

{ <cr>|autosense<K>|ont<K>|sort-by<K> }:

 

Command:

display service-port port  0/4/0

Switch-Oriented Flow List

—————————————————————————-

INDEX VLAN VLAN     PORT F/ S/ P VPI  VCI   FLOW  FLOW       RX   TX   STATE

ID   ATTR     TYPE                       TYPE  PARA

—————————————————————————-

 1  100 common   gpon 0/4 /0       130   vlan  10         –    –    down

2  100 common   gpon 0/4 /0    0    0     vlan  10         –    –    down

—————————————————————————-

Total : 2  (Up/Down :    0/2)

If yes, delete the service port. If no, delete the distributed GEM port.

MA5600T(config)#undo service-port 1

Delete the distributed GEM port.

MA5600T(config)#interface gpon 0/4

 

MA5600T(config-if-gpon-0/4)#unbound-GEM Port delete 0 GEM Port-ID 128-137

Deleting GEM ports succeeded: 10

Deleting GEM ports failed: 0

  1. Save the data.

MA5600T(config-if-gpon-0/4)#quit

 

MA5600T(config)#save

{ <cr>|configuration<K>|data<K> }:

 

Command:

save

  1. Perform an active/standby switchover or reset the system.

MA5600T(config)#system switch-over

Are you sure to switch over? (y/n)[n]:y

MA5600T(config)#reboot system

Please check whether data has saved, the unsaved data will lose if reboot

system, are you sure to reboot system? (y/n)[n]:y

Workarounds:

  1. Check whether the system has a distributed GEM portbefore an upgrade using the CLI or preventative maintenance script.

MA5600T(config)#display current-configuration section gpon

{ <cr>||<K> }:

 

Command:

display current-configuration section gpon

[MA5600V800R010: 5900]

#

[gpon]

<gpon-0/4>

interface gpon 0/4

 GEM Port add 0 GEM Port-ID 128-137 eth                                            

ont add 0 0 sn-auth “1111111111111111” omci ont-lineprofile-id 100

ont-srvprofile-id 100 desc “ONT_NO_DESCRIPTION”

sippstnuser add 0 0 1

ont add 0 1 sn-auth “2222222222222222” omci ont-lineprofile-id 0

ont-srvprofile-id 101 desc “ONT_NO_DESCRIPTION”

ont port native-vlan 0 1 eth 1 vlan 1 priority 3

#

return

 

  1. Delete the distributed GEM port.

Check whether this distributed GEM port has a service port.

MA5600T(config)#display service-port port  0/4/0

{ <cr>|autosense<K>|ont<K>|sort-by<K> }:

 

Command:

display service-port port  0/4/0

Switch-Oriented Flow List

—————————————————————————-

INDEX VLAN VLAN     PORT F/ S/ P VPI  VCI   FLOW  FLOW       RX   TX   STATE

ID   ATTR     TYPE                       TYPE  PARA

—————————————————————————-

1  100 common   gpon 0/4 /0       130   vlan  10         –    –    down

2  100 common   gpon 0/4 /0    0    0     vlan  10         –    –    down

—————————————————————————-

Total : 2  (Up/Down :    0/2)

If yes, delete the service port. If no, delete the distributed GEM port.

MA5600T(config)#undo service-port 1

 

Delete the distributed GEM port.

MA5600T(config)#interface gpon 0/4

 

MA5600T(config-if-gpon-0/4)#unbound-GEM Port delete 0 GEM Port-ID 128-137

Deleting GEM ports succeeded: 10

Deleting GEM ports failed: 0

 

  1. Save the data.

MA5600T(config-if-gpon-0/4)#quit

 

MA5600T(config)#save

{ <cr>|configuration<K>|data<K> }:

 

Command:

save

Preventive measures:

None

FTTH Network Application

The MA5680T/MA5683T supports the fiber to the home (FTTH) network application. It can be
connected to the ONT in the user’s house through the PON port or provide the P2P optical access
service through the FE or GE port.
Service Description
The MA5680T/MA5683T can be applicable to the fiber to the home (FTTH) environment for
home users. The MA5680T/MA5683T is connected to the ONT or HG (Home Gateway) in the
user’s house through optical fibers to provide users with the voice, data, and video services.
Example Network
Figure 5-1 shows an example network of the FTTH application, the MA5600T/MA5603T
functioning as the OLT.
Figure 5-1 FTTH network application
1
BRAS: broadband remote access server

OLT: optical line terminal
ODN: optical distribution network

ONT: Optical network terminal
STB: set-top box

Network Description
In the FTTH network application, the MA5600T/MA5603T is connected to the ONT or HG in
the user’s house through optical fibers to provide users with the voice, Internet, and IPTV
services.
The MA5600T/MA5603T implements the FTTH application in two modes:
l Mode 1: The ONT in the user’s house is connected to the MA5600T/MA5603T through
the GPON line.
l Mode 2: The home gateway (HG) in the user’s house is connected to the MA5600T/
MA5603T through the FE or GE optical port.
The MA5600T/MA5603T is connected to the upstream network through the Ethernet port (GE
or 10GE), cooperating with the BRAS and other application layer devices to provide users with
abundant services.

What’s the Product Features of S3700?

Reliable service support
• The S3700 provides the Multi-VPN-Instance CE (MCE) function to isolate users in different VLANs, ensuring data security and reducing costs.
• The S3700 supports multicast functions such as IGMP snooping, IGMP filter, fast leave, and IGMP proxy. It supports line-speed replication of multicast packets between VLANs, multicast load balancing among member interfaces of a trunk, and controllable multicast, meeting requirements for IPTV and other multicast services.

PoE function
• The S3700 PWR offers an improved Power over Ethernet (PoE) function. Users can determine when or whether a PoE port provides power.
• The S3700 PWR can use PoE power supplies with different power levels to provide -48V DC power for powered devices (PDs), such as IP Phones, WLAN APs, and Bluetooth APs. As a power sourcing equipment (PSE), the S3700 PWR complies with IEEE 802.3af and 802.3at (PoE+) and can work with PDs that are incompatible with 802.3af or 802.3at. Each port provides a maximum of 30W of power, complying with IEEE 802.3at. The PoE+ function increases the maximum power available to each port and implements intelligent power management for high power consumption applications. This facilitates the ease of PD use. PoE ports continue to work while in power-saving mode.

Comprehensive QoS policies and security mechanisms
• The S3700 classifies complex traffic based on packet information such as the 5-tuple, IP preference, ToS, DSCP, IP protocol type, ICMP type, TCP source port, VLAN ID, Ethernet protocol type, and CoS. The S3700 supports a flow-based two-rate three-color CAR. Each port supports eight priority queues and multiple queue scheduling algorithms, such as WRR, DRR, SP, WRR+SP, and DRR+SP. Together, these features ensure high-quality voice, video, and data services.
• The S3700 provides multiple security measures to defend against Denial of Service (DoS) attacks, as well as attacks against networks or individual users. DoS attack types include SYN Flood attacks, Land attacks, Smurf attacks, and ICMP Flood attacks. Attacks on networks refer to STP BPDU/root attacks. Attacks on users include bogus DHCP server attacks, man-in-the-middle attacks, IP/MAC spoofing attacks, and DHCP request flood attacks. DoS attacks that change the CHADDR field in DHCP packets are another type of
attack aimed at users.
• The S3700 supports DHCP snooping, which generates user binding entries based on users’ access interfaces, MAC addresses, IP addresses, IP address leases, and VLAN IDs. DHCP snooping discards invalid packets that do not match any binding entries, such as ARP spoofing packets and IP spoofing packets. This prevents hackers from using ARP packets to initiate man-in-the-middle attacks on campus networks. The interface connected to a DHCP server can be configured as a trusted interface to protect the system
S3700-52P-EI-24S-AC against bogus DHCP server attacks.
• The S3700 supports strict ARP learning, which prevents ARP spoofing attacks that exhaust ARP entries. The S3700 also provides IP source guard to prevent DoS attacks caused by MAC address spoofing, IP address spoofing, and MAC/IP spoofing.
• The S3700 supports centralized MAC address authentication and 802.1x authentication. It authenticates users based on statically or dynamically bound user information, such as the user name, IP address, MAC address, VLAN ID, access interface, and flag indicating whether antivirus software is installed. VLANs,

QoS policies, and ACLs can be dynamically applied to users.
• The S3700 can limit the number of MAC addresses learned on an interface to prevent attackers from exhausting MAC address entries by using bogus source MAC addresses. This function minimizes the packet flooding that occurs when users’ MAC addresses cannot be found in the MAC address table.
Various routing and IPv6 features
• The S3700 supports various routing protocols, including static routing, RIPv1, RIPv2, OSPF, IS-IS and BGP.
• S3700 hardware supports IPv4/IPv6 dual stack, IPv6 over IPv4 tunnels (including manual tunnels, 6to4 tunnels, and ISATAP tunnels), and Layer 3 line-speed forwarding. The S3700 can be deployed on IPv4 networks, IPv6 networks, or networks that run both IPv4 and IPv6. This makes networking flexible and enables a network to migrate from IPv4 to IPv6.
• The S3700 supports various IPv6 routing protocols including RIPng and OSPFv3. It uses the IPv6 Neighbor Discovery Protocol (NDP) to manage the packets exchanged between neighbors. The S3700 also provides a path MTU (PMTU) discovery mechanism to select an appropriate MTU on the path from the source to the destination, optimizing network resource utilization and obtaining maximum throughput.

High scalability and reliability
• The S3700 supports intelligent stacking (iStack). Multiple S3700s can be connected with stack cables to set up a stack, which functions as a virtual switch. The backup switch takes over services when the master switch fails, reducing service interruption time. Stacks support intelligent upgrades so that users do not need to change the software version of a switch when adding it to a stack. The iStack function allows users to connect multiple switches with stack cables to expand the system capacity. These switches can be managed using a single IP address, which greatly reduces the costs of system expansion,
operation, and maintenance. Compared with traditional networking technologies, iStack has distinct advantages regarding scalability, reliability, and system architecture.
• Besides STP, RSTP, and MSTP, the S3700 supports enhanced Ethernet reliability technologies, such as Smart Link and RRPP, which implement millisecond-level protection switchovers and ensure network reliability. The S3700 also provides RRPP multi-instance for load balancing among links, optimizing bandwidth usage.
• The S3700 supports BFD, which provides millisecond-level fault detection for protocols, such as OSPF, IS-IS, VRRP, and PIM to improve network reliability. Complying with IEEE 802.3ah and 802.1ag, the S3700 supports point-to-point Ethernet fault management and can detect faults within the last mile of an Ethernet link to users.
• The reliable design of the S3700 is highly expansible and compatible. The S3700 can work with devices on existing networks, which protects customer investments and enables customers to deploy new services.

Maintenance-free design and manageability
• The S3700 offers a maintenance-free design which supports batch remote upgrades. The S3700 provides
multiple maintenance and management modes to help users monitor various data. In addition, it supports SNMP, NTP, SSH v2, HWTACACS, RMON, port-based traffic statistics, and NQA.
• The S3700 supports GARP VLAN Registration Protocol (GVRP), which dynamically distributes, registers, and propagates VLAN attributes to reduce network administrator workloads and ensure the correct configuration of VLANs. In a complex network topology, GVRP simplifies VLAN configuration and reduces network communication faults caused by incorrect VLAN configuration.
• The S3700 supports MUX VLAN. MUX VLAN isolates the Layer 2 traffic between interfaces in a VLAN. Interfaces in a subordinate separate VLAN can communicate with ports in the principal VLAN, but cannot communicate with each other. MUX VLAN is typically used on an enterprise intranet to isolate user interfaces from each other while still allowing them to communicate with server interfaces. This function prevents communication between network devices connected to certain interfaces or interface groups, but allows these devices to communicate with the default gateway. Unique fan-free and energy-saving design
• S3700s that are equipped with 24 electrical ports offer a fan-free design, which dramatically reduces power consumption and eliminates noise. This design reduces mechanical faults and protects the device against damage caused by condensed water and dust.
• The S3700 incorporates an energy-saving integrated circuit design to ensure even heat dissipation. Idle ports can enter a sleep mode to further reduce power consumption.
• Radiation produced by the S3700 is within the standard range for electric appliances and causes no harm to the human body.

H801GPBC Board information

SmartAX MA5680T/MA5683T/MA5608T Multi-service Access Module

The H801GPBC is a 4-port GPON OLT Interface Board. It works together with the optical
network terminal (ONT) to provide GPON access services.

Feature and Specifications
Please refer to “GPON Service Board Comparison”.
Parameters
Parameters of the H801GPBC board

1

 

Working Principle
Working principle of the H801GPBC board

2

 

The basic working principle of the H801GPBC board is as follows:

  • The control module loads the board software, controls the running of the board, and
    manages the entire board.
  • The switching module aggregates the signals from four GPON ports.
  • The interface module performs conversion between GPON optical signals and Ethernet packets.
  • The power module supplies power to each functional module of the board.
  • The clock module provides clock signals for each functional module of the board.

Port
Ports of the H801GPBC board

3

 

Front Panel and LED
Front panel and LED of the H801GPBC board

4

 

An ASON Service Enabled with Scheduled Reversion Fails to Be Reverted to Its Original Trail After the Scheduled Reversion Time Elapses

An ASON service enabled with scheduled reversion fails to be reverted to its original trail after the scheduled reversion time elapses.

Product

OSN 6800, OSN 8800

Fault Description

After the scheduled reversion time is specified for a rerouted ASON service that is enabled with scheduled reversion, the service is not reverted back to the original trail after the original trail is restored.

Network Topology

None.

Cause Analysis

The ASON software attempts to revert a rerouted ASON service enabled with scheduled reversion to the original trail at the scheduled reversion time. If the original trail fails to be restored within the time, the ASON software no longer attempts to revert the service to the original trail.

Troubleshooting Procedure

Use the following steps to diagnose the fault:

  1. Verify that the original trail is restored.
  2. Specify the scheduled reversion time again. After the specified time elapse, the service is reverted to the original trail.

Conclusion and Suggestion

If the ASON software fails to revert a service to the original trail at the scheduled reversion time, it does not revert the service after the time elapses. At this point, users need to specify the scheduled reversion time again.