H3C S10500 Series User manual

H3C S10500 Switch Series

Comware 7 OAA Configuration Guide

New H3C Technologies Co., Ltd.

http://www.h3c.com.hk

Software version: S10500-CMW710-R7536P05

Document version:6W100-20170630

No part of this manual may be reproduced or transmitted in any form or by any means without prior written

consent of New H3C Technologies Co., Ltd.

Trademarks

H3C, , H3CS, H3CIE, H3CNE,Aolynk, , H3Care, , IRF, NetPilot, Netflow, SecEngine,

SecPath, SecCenter, SecBlade, Comware, ITCMM and HUASAN are trademarks of New H3C Technologies

Co., Ltd.

All other trademarksthat may be mentioned in this manual are the property of their respective owners

Notice

The information in this document is subject to change without notice. Every effort has been made in the

preparation of this document to ensure accuracy of the contents, but all statements, information, and

recommendations in this document do not constitute the warranty of any kind, express or implied.

Preface

This configuration guide describes OAA fundamentals and configuration. It describes how to

configure the H3C open application platform (OAP) module connected to your switch to exchange

information between your switch and the OAP module.

This preface includes the following topics about the documentation:

•Audience.

•Conventions

•Obtaining documentation

•Technical support

•Documentation feedback

Audience

This documentation is intended for:

•Network planners.

•Field technical support and servicing engineers.

•Network administrators working with the routers.

Conventions

The following information describes the conventions used in the documentation.

Command conventions

Convention Description

Boldface Bold text represents commands and keywords that you enter literally as shown.

Italic Italic text represents arguments that you replace with actual values.

[ ] Square brackets enclose syntax choices (keywords or arguments) that are optional.

{ x | y | ... }

Braces enclose a set of required syntax choices separated by vertical bars, from which

you select one.

[ x | y | ... ]

Square brackets enclose a set of optional syntax choices separated by vertical bars,

from which you select one or none.

{ x | y | ... } *

Asterisk marked braces enclose a set of required syntax choices separated by vertical

bars, from which you select a minimum of one.

[ x | y | ... ] *

Asterisk marked square brackets enclose optional syntax choices separated by vertical

bars, from which you select one choice, multiple choices, or none.

&<1-n> The argument or keyword and argument combination before the ampersand (&) sign

can be entered 1 to n times.

# A line that starts with a pound (#) sign is comments.

GUI conventions

Convention Description

Boldface Window names, button names, field names, and menu items are in Boldface. For

Convention Description

example, the New Use

window opens; click O

> Multi-level menus are separated by angle brackets. For example,

File>Create>Folder.

Symbols

Convention Description

WARNING! Analertthatcallsattentiontoimportantinformationthatifnotunderstoodorfollowedcanresu

ltinpersonalinjury.

CAUTION: An alert that calls attention to important information that if not understood or followed

can result in data loss, data corruption, or damage to hardware or software.

IMPORTANT: Analertthatcallsattentiontoessentialinformation.

NOTE: Analertthatcontainsadditionalorsupplementaryinformation.

TIP: An alert that provides helpful information.

Network topology icons

Convention Description

Represents a generic network device, such as a router, switch, or firewall.

Represents a routing-capable device, such as a router or Layer 3 switch.

Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that

supports Layer 2 forwarding and other Layer 2 features.

Represents an access controller, a unified wired-WLAN module, or the access

controller engine on a unified wired-WLAN switch.

Represents an access point.

Wireless terminator unit.

Wireless terminator.

Represents a mesh access point.

Represents omnidirectional signals.

Represents directional signals.

Represents a security product, such as a firewall, UTM, multiservice security

gateway, or loadbalancing device.

Represents a security module, such as a firewall, loadbalancing, NetStream, SSL

VPN, IPS, or ACG module.



Examples provided in this document

Examples in this document might use devices that differ from your device in hardware model,

configuration, or software version. It is normal that the port numbers, sample output, screenshots,

and other information in the examples differ from what you have on your device.

Obtaining documentation

To access the most up-to-date H3Cproduct documentation, go to the H3C website at

http://www.h3c.com.hk

To obtain information about installation, configuration, and maintenance, click

http://www.h3c.com.hk/Technical_Documents

To obtain software version information such as release notes, click

http://www.h3c.com.hk/Software_Download

Technical support

service@h3c.com

http://www.h3c.com.hk

Documentation feedback

You can e-mail your comments about product documentation toinf[email protected].

We appreciate your comments.

Contents

Configuring the OAP module ······························································1

Internal interfaces for OAP modules·······························································································1

Logging in to an OAP module·······································································································2

Logging in through the console port ontheOAP module ·······························································2

Logging in through the management Ethernet port ontheOAP module by using SSH ·························2

Logging in through the internal Ethernet interface ontheOAP module by using SSH···························3

Logging in to the OAP module from the CLI of the device·····························································3

Resetting OAP modules ··············································································································3

Configuring OAP··············································································5

Overview··································································································································5

OAP functions ····················································································································5

OAPmanager timers ············································································································6

Configuring OAP························································································································6

Enabling OAP·····················································································································6

Setting the clock synchronization timer·····················································································6

Setting the client monitoring timer ···························································································6

Managing OAP clients·················································································································7

Restarting an OAP client·······································································································7

Shutting down an OAP client ·································································································7

Displaying and maintaining OAP ···································································································7

Index·····························································································8

Configuring the OAP module

The Open Application Architecture provides an open interface for third-party vendors to develop and

integrate value-added applications into H3C products. The hardware platforms for these applications

can be devices or modules. H3C has developed the application-specific modules called Open

Application Platform (OAP) modules shown in Table 1.

OAP modules have their own operating systems. You can log in to the operating system of an OAP

module to install features. For example, you can install security features and voice features on the

OAP module operating system to provide security and voice services for users.

OAP modules exchange data, status information, and control information with hosting devices

through internal interfaces.

Table 1 OAP modules

OAP module Module type Number of internal interfaces

LSU1FWCEA0

Firewall card

Four 10G Ethernet interfaces

LSU3FWCEA0 Four 10G Ethernet interfaces

LSUM1FWCEAB0 Four 10G Ethernet interfaces

LSUM1FWDEC0 Three 40G Ethernet interfaces

LSQM1FWDSC0 One 40G Ethernet interface

LSQM1IPSDSC0 IPS card One 40G Ethernet interface

LSU1IPSBEA0 Four 10G Ethernet interfaces

LSU1NSCEA0

NetStream card

Four 10G Ethernet interfaces

LSUM1NSDEC0 Three 40G Ethernet interfaces

LSQM1NSDSC0 One 40G Ethernet interface

LSU3WCMD0

High performance access

controller module

Two 10G Ethernet interfaces

LSU1WCME0 Four 10G Ethernet interfaces

LSUM1WCMX20RT Two 10G Ethernet interfaces

LSUM1WCMX40RT Four 10G Ethernet interfaces

LSQM1WCMX40 Four 10G Ethernet interfaces

LSQM1ACGDSC0 Application control gateway

module

One 40G Ethernet interface

LSQM2ACGDSC0 One 40G Ethernet interface

LSUM1ACGDEC0 Three 40G Ethernet interfaces

LSQM1ADEDSC0 Application delivery engine

module One 40G Ethernet interface

LSU1ADECEA0 Four 10G Ethernet interfaces

Internal interfaces for OAP modules

An OAP module integrates a front card and a rear card. The front card provides value-added security

services, such as firewall, intrusion prevention, and application control. The rear card is responsible

for data exchange between the front card and the switch. The rear card communicates with the front

card through the internal interface, as shown in Figure 1.

Figure 1 Internal interface diagram

Logging in to an OAP module

Logging in through the console port ontheOAP module

1. Connect one end of the console cable to the serial port of the configuration terminal (for

example, a PC).

2. Connect the other end of the console cable to the console port of the OAP module.

3. Start the PC and run a terminal emulation program, such as HyperTerminal.

4. Select the COM connection mode and set the terminal parameters as follows:

{Bits per second—9600.

{Data bits—8.

{Parity check mode—None.

{Stop bits—1.

{Flow control—None.

5. Follow the OAP module user guide to log in to the operating system of the OAP module through

the terminal emulation program.

Logging in through the management Ethernet port ontheOAP

module by using SSH

1. Connect the management Ethernet port of the OAP module to the network by using a network

cable.

2. Log in to the OAP module through the console port and enable the SSH server function on the

OAP module.

3. Assign an IP address to the management Ethernet port of the OAP module. Make sure the

management Ethernet port and the SSH client (an H3C device or a PC with SSHclient software)

can reach each other.

4. From the SSH client, establish an SSH connection to the IP address of the management

Ethernet port on the OAP module.

After the SSH connection is successfully established, you are logged in to the operating system of

the OAP module.

Logging in through the internal Ethernet interface ontheOAP

module by using SSH

When installed in the expansion slot of a device, an OAP module exchanges information with the

device through two internal interfaces:one serial port and one fast Ethernet interface. The fast

Ethernet interface is used for this login method.

To log in to the operating system of an OAP module through the internal Ethernet interface:

1. Connect the SSH client (for example, a PC) to the Ethernet port of the device by using a

network cable.

2. Log in to the OAP module through the console port and enable the SSH server function on the

OAP module.

3. Assign an IP address to the internal Ethernet interface on the OAP module. Make sure the PC

and the fast Ethernet interface on the OAP module can reach each other.

4. From the SSH client, establish an SSH connection to the IP address of the fast Ethernet

interface.

After the SSH connection is successfully established, you are logged in to the operating system of

the OAP module.

Logging in to the OAP module from the CLI of the device

IMPORTANT:

LSU1IPSBEA0, LSUM1ACGDEC0,and LSQM1ACGDSC0modules do not support this login

method.

From the CLI of the device, you can log in to the CLI of the OAP module. To return to the CLI of the

device, pressCtrl+K.

Perform the following task in user view:

Task Command

device.

In standalone mode:

oapconnectslotslot-number

In IRF mode:

oap connect chassis chassis-number slotslot-number

Resetting OAP modules

CAUTION:

Resetting an OAP module might cause a service outage.

IMPORTANT:

•To avoid service data loss, close the operating system of an OAP module before resetting the

module.

•LSU1IPSBEA0, LSU1WCME0, LSUM1WCMX20RT, and LSUM1WCMX40RT modules do not

support this operation.

You can reset an OAP module to restore it to normal operation in the following situations:

•The OAP modulefails.

•The OAP module is not operating correctly. For example, the OAP module does not respond to

your operation.

Pressing the reset button of the OAP module has the same effect. The device can still identify and

control the OAP module after the module starts up again.

Perform the following task in user view:

Task Command

Reset the OAP module.

In standalone mode:

oaprebootslotslot-number

In IRF mode:

oaprebootchassischassis-numberslotslot-number

Other manuals for S10500 Series

Table of contents

Other H3C Switch manuals

H3C

H3C S12500 Series Service manual

H3C

H3C S9500 Series User manual

H3C

H3C S12500X-2L Operating instructions

H3C

H3C S7508E-X Operating and maintenance manual

H3C

H3C H3C S7500E-X Quick guide

H3C

H3C S5500-SI Series User manual

H3C

H3C S5500-SI Series User manual

H3C

H3C S12500X-AF Series User manual

H3C

H3C S5120-SI Series User manual

H3C

H3C S12500X-AF Series Quick guide

H3C

H3C S3100-8TP-SI User manual

H3C

H3C S7500E-XS Series User manual

H3C

H3C S9500E Series User manual

H3C

H3C S3100 Series Installation instructions

H3C

H3C S7506 User manual

H3C

H3C S5120V3-EI Series User manual

H3C

H3C CR19000-16 Operating and maintenance manual

H3C

H3C S5510 Series User manual

H3C

H3C S5500-28C-EI User manual

H3C

H3C S3610 Series Installation instructions

H3C

H3C S3100 Series Installation instructions

H3C

H3C S5120-EI Series Installation manual

H3C

H3C S12502X-AF User manual

H3C

H3C S9500 Series User manual

Popular Switch manuals by other brands

URC

URC Total Control MFS-8 installation manual

Azbil

Azbil HPQ-D11 user manual

Sony

Sony DFS-900M operating instructions

SICK

SICK i17S operating instructions

F&F

F&F SZR-277 quick start guide

Shure

Shure UAMS/BK user guide

Dräger

Dräger X-zone Switch Off Instructions for use

Asco

Asco Joucomatic 349 Series manual

BT Mini Hub user guide

D-Link

D-Link DES-1226G manual

Johnson Controls

Johnson Controls FS80-C installation instructions

MicroNet

MicroNet SP1200A user manual

Ruijie

Ruijie RG-PF2920 Series Hardware installation and reference guide

Altinex

Altinex DA1914SX user guide

RJM

RJM MASTERMIND PBC/6X user manual

Atlas

Atlas MMK-KVM8 owner's manual

Cabletron Systems

Cabletron Systems GIGAswitch GSR-16 Getting started guide

Cisco

Cisco Catalyst X4448 supplementary guide