H3c Cr16000-f User manual

H3C CR16000-F Routers

Comware 7 OAA Configuration Guide

New H3C Technologies Co., Ltd.

http://www.h3c.com

Software version: CR16000-CMW710-R7951P01 or later

Document version: 6W100-20191122

No part of this manual may be reproduced or transmitted in any form or by any means without prior written

consent of New H3C Technologies Co., Ltd.

Trademarks

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this

document are the property of their respective owners.

Notice

The information in this document is subject to change without notice. All contents in this document, including

statements, information, and recommendations, are believed to be accurate, but they are presented without

warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions

contained herein.

Preface

This configuration guide describes OAA fundamentals and configuration. It describes how to

configure the H3C open application platform (OAP) module connected to your device to exchange

information between your device and the OAP module.

This preface includes the following topics about the documentation:

•Audience.

•Conventions.

•Documentation feedback.

Audience

This documentation is intended for:

•Network planners.

•Field technical support and servicing engineers.

•Network administrators working with the routers.

Conventions

The following information describes the conventions used in the documentation.

Command conventions

Convention Description

Boldface Bold text represents commands and keywords that you enter literally as shown.

Italic Italic text represents arguments that you replace with actual values.

[ ] Square brackets enclose syntax choices (keywords or arguments) that are optional.

{ x | y | ... }

Braces enclose a set of required syntax choices separated by vertical bars, from which

you select one.

[ x | y | ... ]

Square brackets enclose a set of optional syntax choices separated by vertical bars,

from which you select one or none.

{ x | y | ... } *

Asterisk marked braces enclose a set of required syntax choices separated by vertical

bars, from which you select a minimum of one.

[ x | y | ... ] *

Asterisk marked square brackets enclose optional syntax choices separated by vertical

bars, from which you select one choice, multiple choices, or none.

&<1-n> The argument or keyword and argument combination before the ampersand (&) sign

can be entered 1 to n times.

# A line that starts with a pound (#) sign is comments.

GUI conventions

Convention Description

Boldface Window names, button names, field names, and menu items are in Boldface. For

example, the New User window opens; click OK.

> Multi-level menus are separated by angle brackets. For example, File > Create >

Convention Description

Folde

Symbols

Convention Description

WARNING! An alert that calls attention to important information that if not understood or followed

can result in personal injury.

CAUTION: An alert that calls attention to important information that if not understood or followed

can result in data loss, data corruption, or damage to hardware or software.

IMPORTANT: An alert that calls attention to essential information.

NOTE: An alert that contains additional or supplementary information.

TIP: An alert that provides helpful information.

Network topology icons

Convention Description

Represents a generic network device, such as a router, switch, or firewall.

Represents a routing-capable device, such as a router or Layer 3 switch.

Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that

supports Layer 2 forwarding and other Layer 2 features.

Represents an access controller, a unified wired-WLAN module, or the access

controller engine on a unified wired-WLAN switch.

Represents an access point.

Represents a wireless terminator unit.

Represents a wireless terminator.

Represents a mesh access point.

Represents omnidirectional signals.

Represents directional signals.

Represents a security product, such as a firewall, UTM, multiservice security

gateway, or load balancing device.

Represents a security module, such as a firewall, load balancing, NetStream, SSL

VPN, IPS, or ACG module.



Examples provided in this document

Examples in this document might use devices that differ from your device in hardware model,

configuration, or software version. It is normal that the port numbers, sample output, screenshots,

and other information in the examples differ from what you have on your device.

Documentation feedback

You can e-mail your comments about product documentation to info@h3c.com.

We appreciate your comments.

Contents

Configuring the OAP module ······························································1

About OAP modules···················································································································1

Internal interfaces for OAP modules·······························································································1

Logging in to an OAP module·······································································································1

Logging in through the console port on the OAP module······························································1

Logging in through the management Ethernet port on the OAP module by using SSH························2

Logging in through the internal Ethernet interface on the OAP module by using SSH·························2

Logging in from the CLI of the device·······················································································2

Resetting OAP modules ··············································································································3

Configuring the OAP module

About OAP modules

OAP is a hardware platform based on OAA. OAP uses a manager/client model. The OAP client can

be a network device or an OAP module.An OAP module can be an expansion card installed in a

network device or an integrated part of a network device.

OAP modules have their own operating systems. You can log in to the operating system of an OAP

module to install features. For example, you can install security features and voice features on the

OAP module operating system to provide security and voice services for users.

OAP modules exchange data, status information, and control information with hosting devices

through internal interfaces.

OAP provides an open interface for third-party vendors to develop and integrate value-added

applications into H3C products.

Internal interfaces for OAP modules

An OAP module integrates a front card and a rear card. The front card provides value-added security

services, such as firewall, intrusion prevention, and application control. The rear card is responsible

for data exchange between the front card and the router. The rear card communicates with the front

card through the internal interface, as shown in Figure 1.

Figure 1 Internal interface diagram

Logging in to an OAP module

Logging in through the console port on the OAP module

1. Connect one end of the console cable to the serial port of the configuration terminal (for

example, a PC).

2. Connect the other end of the console cable to the console port of the OAP module.

3. Start the PC and run a terminal emulation program, such as HyperTerminal.

4. Select the COM connection mode and set the terminal parameters as follows:

{Bits per second—9600.

{Data bits—8.

{Parity check mode—None.

{Stop bits—1.

{Flow control—None.

5. Follow the OAP module user guide to log in to the operating system of the OAP module through

the terminal emulation program.

Logging in through the management Ethernet port on the

OAP module by using SSH

1. Connect the management Ethernet port of the OAP module to the network by using a network

cable.

2. Log in to the OAP module through the console port and enable the SSH server function on the

OAP module.

3. Assign an IP address to the management Ethernet port of the OAP module. Make sure the

management Ethernet port and the SSH client (an H3C device or a PC with SSHclient software)

can reach each other.

4. From the SSH client, establish an SSH connection to the IP address of the management

Ethernet port on the OAP module.

After the SSH connection is successfully established, you are logged in to the operating system of

the OAP module.

Logging in through the internal Ethernet interface on the OAP

module by using SSH

When installed in the expansion slot of a device, an OAP module can exchange information with the

device through internal interfaces, including a fast Ethernet interface.

To log in to the operating system of an OAP module through the internal Ethernet interface:

1. Connect the SSH client (for example, a PC) to the Ethernet port of the device by using a

network cable.

2. Log in to the OAP module through the console port and enable the SSH server function on the

OAP module.

3. Assign an IP address to the internal Ethernet interface on the OAP module. Make sure the PC

and the fast Ethernet interface on the OAP module can reach each other.

4. From the SSH client, establish an SSH connection to the IP address of the fast Ethernet

interface.

After the SSH connection is successfully established, you are logged in to the operating system of

the OAP module.

Logging in from the CLI of the device

About logging in from the CLI of the device

From the CLI of the device, you can log in to the CLI of the OAP module. To return to the CLI of the

device, press Ctrl+K.

Restrictions and guidelines

The following OAP modules do not support logging in from the CLI of the device:

•LSUM1ADECEA0.

•LSUM1FWCEA0.

•LSUM1IPSBEA0.

•LSUM3FWCEA0.

Procedure

To log in to an OAP module from the CLI of the device, execute one of the following commands in

user view:

In standalone mode:

oap connect slot slot-number

In IRF mode:

oap connect chassis chassis-number slot slot-number

Resetting OAP modules

About resetting OAP modules

You can reset an OAP module to restore it to normal operation in the following situations:

•The OAP module fails.

•The OAP module is not operating correctly. For example, the OAP module does not respond to

your operation.

Pressing the reset button of the OAP module has the same effect. The device can still identify and

control the OAP module after the module starts up again.

Restrictions and guidelines

Resetting an OAP module might cause a service outage. To avoid service data loss, close the

operating system of an OAP module before resetting the module.

The following OAP modules do not support resetting:

•LSUM1ADECEA0.

•LSUM1FWCEA0.

•LSUM1IPSBEA0.

•LSUM3FWCEA0.

Procedure

To reset an OAP module, execute one of the following commands in user view:

In standalone mode:

oap reboot slot slot-number

In IRF mode:

oap reboot chassis chassis-number slot slot-number

Contents

Configuring the OAP manager ····························································1

About OAP manager···················································································································1

About OAP·························································································································1

OAP manager/client model····································································································1

OAP functions ····················································································································1

OAP manager timers············································································································2

Configuring the OAP manager······································································································2

Enabling OAP·····················································································································2

Setting OAP manager timers ·································································································2

Managing OAP clients·················································································································2

Restarting an OAP client·······································································································2

Shutting down an OAP client ·································································································3

Display and maintenance commands for OAP manager·····································································3

Configuring the OAP manager

About OAP manager

About OAP

The Open Application Platform (OAP) is a physical platform that is based on the Open Application

Architecture (OAA). OAP allows products from different vendors to operate together to meet service

requirements.

OAP manager/client model

OAP uses a manager/client model.

•OAP manager—A feature integrated in the Comware system software.

•OAP client—Afeature that is integrated in the Comware system software of the device or in the

operating system of an OAP module. On the operating system of an OAP module, you can

install service software (such as security software and voice software) as needed.

Figure 1 OAA diagram

As shown in Figure 1, OAA includes the following components:

•Routing/switching component—Provides routing and switching services. This component is

the control center of the entire architecture and acts as the OAP manager.

•Standalone service component—Provides services to meet specific requirements and acts

as the OAP client.

•Interfacing component—Connects the standalone service component to the

routing/switching component

OAP is used for communication and cooperation between the routing/switching component and the

standalone service component.

You can install an OAP module in the device. For example, you can install an IDS/IPS OAP module

in the device to provide intrusion detection and protection services.

OAP functions

OAP provides the following functions:

•OAP clients register with and deregister from the OAP manager.

•The OAP manager assigns IDs to OAP clients to uniquely identify the clients.

•The OAP manager and an OAPclient exchange information to, for example, monitor eachother

and synchronize the clock.

From the OAP manager, you can perform the following tasks:

•Restart OAP clients.

•Shut down OAP clients.

•Display OAP client information.

An OAP manager can manage up to 255 OAP clients.

OAP manager timers

The OAP manager uses the following timers:

•Clock synchronization timer—Regularly triggers the OAP manager to send clock and time

zone synchronization notifications to OAP clients. This mechanism keeps the clients' clocks

synchronized with the manager's clock.

•Client monitoring timer—Regularly triggers the OAP manager to send client monitoring

packets to OAP clients.

Configuring the OAP manager

Enabling OAP

1. Enter system view.

system-view

2. Enter interface view.

interface interface-type interface-number

3. Enable OAP.

oap enable

By default, OAP is disabled on an interface.

Setting OAP manager timers

1. Enter system view.

system-view

2. Set the clock synchronization timer.

oap timer clock-sync minutes

By default, the clock synchronization timer is set to 5 minutes.

3. Set the client monitoring timer.

oap timer monitor seconds

By default, the client monitoring timer is set to 5 seconds.

Managing OAP clients

Restarting an OAP client

1. Enter system view.

system-view

2. Restart an OAP client.

oap client reboot client-id

Shutting down an OAP client

Restrictions and guidelines

This feature applies only to OAP clients on Linux.

Procedure

1. Enter system view.

system-view

2. Shut down an OAP client.

oap client close client-id

Display and maintenance commands for OAP

manager

Execute display commands in any view.

Task Command

Display the summary registration information of OAP

clients. display oap client summary [ client-id ]

Display OAP client information. display oap client info [ client-id ]

Other manuals for CR16000-F

Table of contents

Popular Network Router manuals by other brands

D-Link

D-Link DSL-3890 user manual

Vicon

Vicon CE-4US1TPC Installation and operation manual

D-Link

D-Link DES-1008D user guide

Draytek

Draytek Vigor2620PVn Series quick start guide

Ascend Communications

Ascend Communications MAX 1800 Series Network configuration guide

Cisco

Cisco 7201 quick start guide

Huawei

Huawei AR530 Series Configuration guide

HP J8726A installation guide

Comtrend Corporation

Comtrend Corporation NexusLink 3120 user manual

Atag

Atag MadQ/2 installation manual

Cisco

Cisco RV120W manual

VIA Technologies

VIA Technologies VIA16 installation guide

HP Series 200 installation guide

3One data

3One data MES600 Series user manual

ViewZ

ViewZ VZ-PRO-MINI quick guide

Planet

Planet G.SHDSL.bis Bridge Router GRT-504 Quick installation guide

Show Tec

Show Tec 50809 manual

Aztech

Aztech WL557RT4 Easy start guide

H3C CR16000-F User manual

Popular Network Router manuals by other brands