01-04 Basic Configurations Commands
Uploaded by
Benny Lim01-04 Basic Configurations Commands
Uploaded by
Benny LimNetEngine AR
Command Reference 4 Basic Configurations Commands
4 Basic Configurations Commands
4.1 CLI Overview Commands
4.2 Auto-Config Commands
4.3 Auto-Start Configuration Commands
4.4 USB-based Deployment Configuration Commands
4.5 SMS-based Deployment Configuration Commands
4.6 Fast Provisioning Configuration Commands
4.7 First Login Commands
4.8 UI Configuration Commands
4.9 User Login Configuration Commands
4.10 HTTP Server Commands
4.11 File Management Commands
4.12 Configuring System Startup Commands
4.13 Upgrade Commands
4.14 Smart Upgrade Commands
4.1 CLI Overview Commands
4.1.1 Support for CLI Overview
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 27
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.1.2 assistant task
Function
The assistant task command creates an assistant task.
The undo assistant task command deletes an assistant task.
By default, no assistant task is created.
Format
assistant task task-name
undo assistant task task-name
Parameters
Parameter Description Value
task-name The value is a string of 1 to 15 characters. It
Specifies the name of
can consist of underscores (_), letters, and
an assistant task.
digits only, and must start with a letter.
Views
System view
Default Level
3: Management level
Usage Guidelines
An assistant task is a virtual assistant on the device to realize automatic
maintenance and management. After you create an assistant task and bind it to a
batch of files to be processed, the device performs operations or configurations
when it is unattended. Assistant tasks are mainly used for scheduled system
upgrade or configuration.
NOTE
You can create a maximum of five assistant tasks on the device.
Example
# Create an assistant task.
<Huawei> system-view
[Huawei] assistant task test
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 28
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.1.3 cls
Function
The cls command clears the current screen.
Format
cls
Parameters
None
Views
User view
Default Level
1: Monitoring level
Usage Guidelines
This command only clears the screen and does not clear the screen buffer.
Example
# Clear screen.
<Huawei> cls
Info: Current terminal monitor is off.
Info: Current terminal debugging is off.
4.1.4 command-privilege level
Function
The command-privilege level command sets the command level in a specified
view.
The undo command-privilege command restores the default command level.
By default, each command in each view has a default command level.
Format
command-privilege level level view view-name command-key
undo command-privilege view view-name command-key
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 29
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
level level Specifies the command level. The value is an
integer that
ranges from 0 to
15.
view view-name Specifies the view name. You can enter a -
question mark (?) in the terminal GUI to
obtain all view names in the command
view.
command-key Specifies a command. The command must -
be entered manually because automatic
command line completion is not supported.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The system divides commands into four levels and sets the command level in the
specified view. The device administrator can change the command level as
required, so that a lower-level user can use some high-level commands. The device
administrator can also change the command level to a larger value to improve
device security.
When using this command to change the level of a command, you can run the
display command-view command-key command to check the view of the
specified command. You can also check common views in Table 4-1.
Table 4-1 Common Views
View View Name
cli_8f All views
user User view
system System view
aaa AAA view
async Async interface view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 30
NetEngine AR
Command Reference 4 Basic Configurations Commands
View View Name
eth-trunk Eth-Trunk interface view
gigabitethernet GE interface view
loopBack Loopback interface view
vlanif VLANIF interface view
voice Voice view
Precautions
You are not advised to change the default command level. If you need to change
it, consult with professional personnel to ensure that routine operation and
maintenance are not affected and security risk is avoided.
The rules for using this command to set the command level of a specified view are
as follows:
● When you degrade the target command, all keywords in the command are
degraded.
● When you upgrade the target command, only the last keyword in the
command is upgraded.
● When you set a level for the target command, the levels of all commands (in
the same view) starting with this command are changed.
● When you set a level for the target command, the keyword level in other
commands having the same index as the keyword whose level is changed is
also changed.
● If the level of keywords that have the same index is modified for multiple
times, the latest configured level takes effect.
Example
# Set the privilege level of the save command to 5.
<Huawei> system-view
[Huawei] command-privilege level 5 view cli_8f save
4.1.5 diagnose
Function
The diagnose command enters the diagnostic view from the system view.
Format
diagnose
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 31
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
System view
Default Level
3: Management level
Usage Guidelines
Diagnostic commands are mainly used for fault diagnosis. However, running some
commands may cause device faults or service interruptions. Therefore, use these
commands under the instruction of Huawei technical engineers.
Example
# Enter the diagnostic view.
<Huawei> system-view
[Huawei] diagnose
[Huawei-diagnose]
4.1.6 display assistant task history
Function
The display assistant task history command displays operation records of an
assistant task.
Format
display assistant task history [ task-name ]
Parameters
Parameter Description Value
task-name Specifies the name of The value is a string of 1 to 15 characters
an existing assistant consisting only of underscores (_), letters,
task. and digits, and must start with a letter.
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
The latest five operations of each assistant task are displayed in an earlier-to-later
order.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 32
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Displays operation records of an assistant task.
<Huawei> display assistant task history
--------------------------------------------------------------------------------
Assistant task name: nemo
--------------------------------------------------------------------------------
Assistant task name: song
Action type : Batch file
Batch file name: flash:/reboottest.bat
Start time : 2012-07-16 09:25:00
End time : 2012-07-16 09:25:00
State : Finished
Action type : Batch file
Batch file name: flash:/reboottest.bat
Start time : 2012-07-16 09:24:00
End time : 2012-07-16 09:24:00
State : Finished
--------------------------------------------------------------------------------
Assistant task name: xu
Action type : Batch file
Batch file name: flash:/reboottest.bat
Start time : 2012-07-16 09:25:00
End time : 2012-07-16 09:25:00
State : Finished
Action type : Batch file
Batch file name: flash:/reboottest.bat
Start time : 2012-07-16 09:24:00
End time : 2012-07-16 09:24:00
State : Finished
Action type : Batch file
Batch file name: flash:/reboottest.bat
Start time : 2012-07-16 09:23:00
End time : 2012-07-16 09:23:00
State : Finished
--------------------------------------------------------------------------------
Table 4-2 Description of the display assistant task history command output
Item Description
Assistant task name Task name.
This parameter is configured using the
assistant task command.
Action type Operation that an assistant task
performs.
Batch file name Name of the batch file used by an
assistant task.
This parameter is configured using the
perform batch-file command.
Start time Operation start time of an assistant
task.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 33
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
End time Operation end time of an assistant
task.
State Running status of an assistant task.
● Running indicates that the assistant
task is in operation.
● Finished indicates that the assistant
task has finished operation.
4.1.7 display command-view
Function
The display command-view command displays the view of a specified command.
Format
display command-view command-key
Parameters
Parameter Description Value
command- Specifies the command word of the The value is a string of
key command to be queried. Currently, the 1 to 200 case-insensitive
command word cannot be characters that can
automatically displayed through the include spaces.
question mark help function, and needs
to be entered manually.
Views
System view
Default Level
3: Management level
Usage Guidelines
You can run this command to check the view of a specified command. For
example, if you need to run the command-privilege level command to change
the level of a specified command, run the display command-view command to
check the view of the specified command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 34
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Display the view of the if-match timer cron command.
<Huawei> system-view
[Huawei] display command-view if-match timer cron
It will take several minutes, please wait.........
Matching result(s):
----------------
assistant-task
----------------
Table 4-3 Description of the display command-view command output
Item Description
Matching result(s) Query result.
NOTE
The return value cli_8f indicates all views.
4.1.8 display history-command
Function
The display history-command command displays the historical commands stored
on the current device.
Format
display history-command
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
You can run this command to check historical commands the user has executed
recently. This command facilitates information search. Historical commands are
stored in the circular mode and a maximum of 200 historical commands can be
displayed.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 35
NetEngine AR
Command Reference 4 Basic Configurations Commands
All the historical commands entered by a user are automatically saved on the
terminal, that is, any input that ends with Enter is saved as a historical command.
NOTE
● Historical commands are saved in the same format as that used in the input. If a
command that is entered by a user is in an incomplete format, the saved historical
command is also in the incomplete format.
● If a user runs a command several times, only the latest command is saved on the device.
If the command is entered in different formats, they are considered as different
commands.
You can view historical commands using the following methods:
● To view the previous historical command, press the Up arrow key or Ctrl+P.
If there is an earlier historical command, the earlier historical command is
displayed.
● To view the next historical command, press the Down arrow key or Ctrl+N.
If there is a new historical command, the new historical command is
displayed.
NOTE
Access to historical commands using the Up arrow key does not apply to Windows 9X. The
Up arrow key has different functions in Windows 9X and needs to be replaced by shortcut
keys Ctrl+P.
Example
# Display the historical commands that have been executed on the current
terminal.
<Huawei> display history-command
quit
user privilege level 15
user-interface vty 0 4
system-view
4.1.9 display hotkey
Function
The display hotkey command displays the status of the defined, undefined, and
system hotkeys.
Format
display hotkey
Parameters
None
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 36
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
1: Monitoring level
Usage Guidelines
After you understand the defined, undefined, and system hotkeys in the system,
you can use hotkeys to quickly enter commands. To redefine hotkeys for a
command, run the hotkey command.
The system allows hotkeys in places where commands can be entered, and
displays the commands corresponding to hotkeys. You can run the display hotkey
command to view the commands corresponding to hotkeys.
Example
# Display defined, undefined, and system hotkeys.
In versions earlier than V300R021C10SPC100:
<Huawei> display hotkey
----------------- HOTKEY -----------------
=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configuration
CTRL_L undo idle-timeout
CTRL_O undo debugging all
=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL
=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the first line
CTRL_B Move the cursor one character left
CTRL_C Stop current command function
CTRL_D Erase current character
CTRL_E Move the cursor to the end of the Last line
CTRL_F Move the cursor one character right
CTRL_H Erase the character left of the cursor
CTRL_K Kill outgoing connection when connecting
CTRL_N Display the next command from the history buffer
CTRL_P Display the previous command from the history buffer
CTRL_T Function as a question mark
CTRL_W Delete the word left of the cursor
CTRL_X Delete all characters up to the cursor
CTRL_Y Delete all characters after the cursor
CTRL_Z Return to the user view
CTRL_] Kill incoming connection or redirect connection
ESC_B Move the cursor one word back
ESC_D Delete remainder of word
ESC_F Move the cursor forward one word
V300R021C10SPC100 and later versions:
<Huawei> display hotkey
----------------- HOTKEY -----------------
=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configuration
CTRL_L undo idle-timeout
CTRL_O undo debugging all
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 37
NetEngine AR
Command Reference 4 Basic Configurations Commands
=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL
=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the first line
CTRL_B Move the cursor one character left
CTRL_C Stop current command function
CTRL_D Erase current character
CTRL_E Move the cursor to the end of the Last line
CTRL_F Move the cursor one character right
CTRL_H Erase the character left of the cursor
CTRL_J Line feed function
CTRL_K Kill outgoing connection when connecting
CTRL_N Display the next command from the history buffer
CTRL_P Display the previous command from the history buffer
CTRL_T Function as a question mark
CTRL_W Delete the word left of the cursor
CTRL_X Delete all characters up to the cursor
CTRL_Y Delete all characters after the cursor
CTRL_Z Return to the user view
CTRL_] Kill incoming connection or redirect connection
ESC_B Move the cursor one word back
ESC_D Delete remainder of word
ESC_F Move the cursor forward one word
Table 4-4 Description of the display hotkey command output
Item Description
Defined hotkeys Defined hotkeys.
Undefined hotkeys Undefined hotkeys.
System hotkeys System hotkeys.
4.1.10 display this
Function
The display this command displays the running configuration in the current view.
Format
display this
Parameters
None
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 38
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
After the configurations are complete in a certain view, run the display this
command to check the current configurations.
Precautions
If a configuration parameter uses the default value, this parameter is not
displayed. The set parameters that do not be committed successfully are neither
displayed.
If you run the display this command in an interface view, configuration of the
interface view is displayed. If you run this command in a protocol view,
configuration of the protocol view is displayed.
Example
# Display the running configuration in the current view.
<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] display this
#
interface Ethernet2/0/0
port link-type trunk
#
return
4.1.11 header
Function
The header command configures the header information displayed on a terminal
when users log in to a connected device.
The undo header command deletes the header information displayed on a
terminal when users log in to a connected device.
By default, no header information is displayed on terminals when users log in to a
connected device.
Format
header { login | shell } { information text | file file-name }
undo header { login | shell }
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 39
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
login Indicates header -
information displayed on
a terminal when a user
logs in to the device and
a connection between the
terminal and the device is
activated.
shell Indicates the header -
displayed on a terminal
when the session is set up
after the user logs in to
the connected device.
information Specifies the header and The value is a string with spaces
text content. and carriage returns supported. The
maximum length of the string that
can be entered at one time is 220
characters, if a linefeed is contained
in the first line. If no linefeed is
contained in the first line, a
maximum of 480 characters can be
entered at one time, and the total
string length ranges from 1 to 2000
characters.
file file-name Specifies the file name The value is a string of 5 to 64
that the header uses. characters. The maximum header
file size is 128 KB. If the file size is
greater than 128 KB, only the first
128 KB file information can be
displayed.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
To provide some prompts or alarms to users, you can use the header command to
configure a title on the device. If a user logs in to the device, the title is displayed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 40
NetEngine AR
Command Reference 4 Basic Configurations Commands
Procedure
If information is specified, the header text starts and ends with the same
character. You can set the header text in either of the following modes:
● Non-interactive: enter the header text behind the start character.
Use the same character at the beginning and end of the header and press
Enter. If the start and end characters are inconsistent, the system prompts an
error message.
● Interactive: enter the start character and press Enter.
The system displays a message prompting the correct header information.
Then enter the required information and enter the same character at the
beginning and end of the header, and press Enter. The system quits the
interactive process.
During interaction, you can press Enter at any time to enter information in
the next line.
Precautions
● Before setting the login parameter, you must set login authentication
parameters; otherwise, no header information about authentication is
displayed.
● Before setting the file parameter, ensure that the file containing the header
exists; otherwise, the file name cannot be obtained.
● After you use the file parameter to specify the file used by the header, if the
header information does not contain all file information after you log in to
the device, you are advised to open the header file in text format and check
whether the file contains garbled characters. If the file contains garbled
characters, delete garbled characters and reconfigure the header { login |
shell } file file-name command.
● If the file parameter is specified, only a file (with any file name extension) in
flash:/header can be configured as the file that stores a login header.
● If you use SSH1.X to log in to the device, the shell header rather than the
login header is displayed.
● If you use SSH2.0 to log in to the device, both login and shell headers are
displayed in the login process.
● If the header command is configured several times, only the latest
configuration takes effect.
● After the login title is configured, any user that logs in to the system can view
the title.
● The start and end characters in the header text can be double quotation
marks (""). However, the header text content cannot contain double
quotation marks ("").
Example
# Configure a shell header. (non-interactive process)
<Huawei> system-view
[Huawei] header shell information &Hello! Welcome to system!& # Enter the header text behind the
start character '&' and enter '&' at the end of the header text, and press Enter.
# Display the shell header if the login succeeds.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 41
NetEngine AR
Command Reference 4 Basic Configurations Commands
Hello! Welcome to system!
# Configure a shell header (interactive process).
<Huawei> system-view
[Huawei] header shell information % # Press Enter after entering the start character '%' to start the
interactive process.
Info: Input banner text, and quit with the character '%'. Hello! Welcome to system!%
[Huawei] quit
<Huawei> quit // Log off.
# Press Enter. The shell header is displayed when the user logs in again.
Hello!
Welcome to system!
<Huawei>
# Specify the file that stores a login header.
<Huawei> system-view
[Huawei] header login file header-file.txt
4.1.12 hotkey
Function
The hotkey command sets a shortcut key for a command.
The undo hotkey restores the system shortcut keys to the default values.
By default, the system sets the default values for three shortcut keys CTRL+G,
CTRL+L, and CTRL+O, while does not set default value for CTRL+U.
Format
hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U } command-text
undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_U }
Parameters
Parameter Description Value
CTRL_G Specifies the shortcut key Ctrl+G for a -
command.
CTRL_L Specifies the shortcut key Ctrl+L for a -
command.
CTRL_O Specifies the shortcut key Ctrl+O for a -
command.
CTRL_U Specifies the shortcut key Ctrl+U for a -
command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 42
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
command-text Specifies the associated command line The value is a string
for shortcut keys. of 1 to 240
characters.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
You can set a shortcut key for a command that is often used; you can also change
the default value of the shortcut key that is defined by the system according to
your requirements.
Precautions
Four shortcut keys are customized by users: CTRL+G, CTRL+L, CTRL+O, and CTRL
+U.
● By default, the shortcut key CTRL+G corresponds to the display current-
configuration command which displays current configuration.
● By default, the shortcut key CTRL+L corresponds to the undo idle-timeout
command which restores the default timeout period.
● By default, the shortcut key CTRL+O corresponds to the undo debugging all
command which stops the output of all debugging information.
After you use the hotkey command to set a shortcut key for a command, you can
run the command by pressing the shortcut key or entering a command.
NOTE
One shortcut key can be set for only one command. If you set a shortcut key for multiple
commands, only the latest configuration takes effect.
When assigning a command for a shortcut key, you need to mark the command with
double quotation marks if the command consists of several words, that is, the command
includes spaces. You do not need to mark the command with double quotation marks if the
command consists of only one word.
Example
# Assign the display tcp status command for the shortcut key CTRL+L.
<Huawei> system-view
[Huawei] hotkey ctrl_l "display tcp status"
[Huawei] display hotkey
----------------- HOTKEY -----------------
=Defined hotkeys=
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 43
NetEngine AR
Command Reference 4 Basic Configurations Commands
Hotkeys Command
CTRL_G display current-configuration
CTRL_L display tcp status
CTRL_O undo debugging all
=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL
=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the first line
CTRL_B Move the cursor one character left
CTRL_C Stop current command function
CTRL_D Erase current character
CTRL_E Move the cursor to the end of the Last line
CTRL_F Move the cursor one character right
CTRL_H Erase the character left of the cursor
CTRL_K Kill outgoing connection when connecting
CTRL_N Display the next command from the history buffer
CTRL_P Display the previous command from the history buffer
CTRL_T Function as a question mark
CTRL_W Delete the word left of the cursor
CTRL_X Delete all characters up to the cursor
CTRL_Y Delete all characters after the cursor
CTRL_Z Return to the user view
CTRL_] Kill incoming connection or redirect connection
ESC_B Move the cursor one word back
ESC_D Delete remainder of word
ESC_F Move the cursor forward one word
4.1.13 if-match timer cron
Function
The if-match timer cron command sets the time to perform an assistant task.
The undo if-match timer cron command cancels the time configured for an
assistant task.
By default, the time to perform an assistant task is not specified.
Format
if-match timer cron seconds minutes hours days-of-month months days-of-week
[ years ]
undo if-match timer cron
Parameters
Parameter Description Value
seconds Sets second. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
Currently, the device supports asterisk (*) only,
indicating that the value is accurate to minute but
not second.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 44
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
minutes Sets minute. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
hours Sets hour. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
days-of- Sets date. The value is a string of characters in the cron
month format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
This parameter is exclusive with the days-of-week
parameter. At least one of the two contains asterisk
(*).
months Sets month. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
days-of-week Sets week. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
The parameter is exclusive with the days-of-month
parameter. At least one of the two contains asterisk
(*).
years Sets year. The value is a string of characters in the cron
format. A cron time string consists of digits (0 to 9)
and special characters asterisk (*), hyphen (-), slash
(/), and comma (,). The value ranges from 1 to 127.
If this parameter is not specified, it refers to all the
years between 2000 to 2099.
Views
Assistant task view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 45
NetEngine AR
Command Reference 4 Basic Configurations Commands
The if-match timer cron command is used to set the time to perform an assistant
task. The time is expressed in the cron format defined in UNIX or Linux.
The commonly used time format (hh:mm:ss dd-mm-yyyy) can specify only one
specific time value. The cron time format is more flexible and powerful and uses
simple methods to display single or multiple time, duration, and period. The
method is as follows:
● Valid characters include digits 0 to 9, and special characters asterisk (*),
hyphen (-), slash (/), and comma (,).
● This table shows the syntax of cron format:
Express Format Description Example
ion
Mode
Single <time> <time>: The value is Command: if-match
time an integer that timer cron * 0 1 2 5 *
point specifies a specific 2012
time value. Meaning: perform an
The value range is assistant task at 1:00 on
dependent on May 2, 2012.
specific parameter.
The range of
minutes is 0 to 59.
The range of hours
is 0 to 23. The range
of days-of-month
depends on the
number of days in a
specific month. The
range of months is 1
to 12. The range of
days-of-week is 0 to
7. The range of
years is 2000 to
2099.
Multipl <time1>,<time <timen>: The value Command: if-match
e time 2>,...,<timen> is an integer. The timer cron * 0 1,2,3 2 3 *
points value range depends 2012
on specific Meaning: perform an
parameter. assistant task at the
Multiple time points following time points:
are separated by a ● 1:00, March 2, 2012
comma (,) with no
space before or ● 2:00, March 2, 2012
behind it. The time ● 3:00, March 2, 2012
values in a list can
be arranged at any
sequence.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 46
NetEngine AR
Command Reference 4 Basic Configurations Commands
Express Format Description Example
ion
Mode
Specific <time>/<step> <time>: The value is Command: if-match
time an integer that timer cron * 0 0/10 * 3 *
point specifies a specific 2012
time value. Meaning: perform an
<step>: The value is assistant task at the
an integer that following time points:
specifies the time ● 0:00, March 1, 2012
incremental.
● 10:00, March 1, 2012
The two values are
separated by a slash ● 20:00, March 1, 2012
(/) with no space ● 0:00, March 2, 2012
before or behind it. ● ...
The format: ● 10:00, March 31, 2012
<time>,<time>
+<step>,<time> ● 20:00, March 31, 2012
+2*<step>,...,<time>
+n*<step>. The
maximum time
(<time>+n*<step>)
depends on specific
parameter in the
command line.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 47
NetEngine AR
Command Reference 4 Basic Configurations Commands
Express Format Description Example
ion
Mode
Duratio <time1>- <time1> and Command: if-match
n <time2> <time2>: The values timer cron *0 0-3 1 3 *
are integers, 2012
specifying the start Meaning: perform an
and end time assistant task at the
respectively. following time points:
<time2> must be
later than or equal ● 0:00, March 1, 2012
to <time1>. ● 1:00, March 1, 2012
The two values are ● 2:00, March 1, 2012
separated by a ● 3:00, March 1, 2012
hyphen (—) with no
space before or
behind it.
the <time1>-
<time2> is same
with
<time1>,<time1>
+1,<time1>+2,
……,<time2>. If
<time1> and
<time2> are the
same, the two
specify the same
time point.
Period * If the parameter in Command: if-match
the command line is timer cron * 30 10 * 1 1
set to *, the 2012
parameter may refer Meaning: perform an
to any time point. assistant task at 10:30,
By setting the Monday every week in
parameter to *, you January, 2012.
can configure the
system to
periodically perform
an assistant task
every year, week,
month, day, hour, or
minute.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 48
NetEngine AR
Command Reference 4 Basic Configurations Commands
Express Format Description Example
ion
Mode
Combin Combination All the expression Command: if-match
ation format modes can be timer cron * 0 0/10,2,4-5
combined except 1 3 * 2012
"period". The Meaning: perform an
expression modes assistant task at the
are separated by a following time points:
comma (,) with no
space before or ● 0:00, March 1, 2012
behind it. ● 2:00, March 1, 2012
● 4:00, March 1, 2012
● 5:00, March 1, 2012
● 10:00, March 1, 2012
● 20:00, March 1, 2012
Precautions
● If you run this command multiple times in the same view, only the latest
configuration takes effect.
● The days-of-month and days-of-week parameters are exclusive. Set one or
both of them to "*". If one parameter is set to *, the other one specifies a
specific date. If both parameters are set to *, they can refer to any date.
● The minimum unit supported is second, so set the second parameter to *. The
specified assistant task can work only once every minute.
● Since the system can perform only one assistant task at a time, the time
when one assistant task finished working may be later than the time when
the next task is schedule to start. There may be a time span between the time
when an assistant task is scheduled to work and the time when it actually
starts to work. The if-match timer cron command specifies the time when an
assistant task is scheduled to work.
● When you enter digits, such as 000002012, the numeric string means the
same as 2012.
Example
# Configure an assistant task to work at 20:00, 2012-05-04.
<Huawei> system-view
[Huawei] assistant task test
[Huawei-assistant-task-test] if-match timer cron * 0 20 4 5 * 2012
[Huawei-assistant-task-test] perform 1 batch-file sys.bat
# Cancel the time for an assistant task to start to work.
<Huawei> system-view
[Huawei] assistant task test
[Huawei-assistant-task-test] undo if-match timer cron
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 49
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.1.14 perform batch-file
Function
The perform batch-file command configures an assistant task to process a batch
file.
The undo perform command disables the assistant task from processing a batch
file.
By default, no batch file is configured for the assistant task.
Format
perform priority batch-file filename
undo perform priority
Parameters
Parameter Description Value
priority It has a fixed value of 1 at current
Specifies the priority of an
because one assistant task can
assistant task.
process only one batch file.
filename Specifies the name of the batch The value is a string of 5 to 64
file processed by the assistant case-insensitive characters
task. The file name is in the *.bat without spaces.
format.
Views
Assistant task template view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After you successfully create an assistant task and specify the execution time, you
can run this command to configure the device to process a batch file at the
specified time.
Prerequisites
An assistant task has been created using the assistant task command and the
time at which the task is executed has been specified using the if-match timer
cron command.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 50
NetEngine AR
Command Reference 4 Basic Configurations Commands
If an assistant task is being executed, stop the assistant task before you can delete
it. If an assistant task is to be executed, directly delete it. The device will not
execute the assistant task later.
By default, the commands listed in the batch file are executed in the system view.
Example
# Configure the assistant task huawei to process the batch file sys.bat at
2012-05-04 20:00.
<Huawei> system-view
[Huawei] assistant task huawei
[Huawei-assistant-task-huawei] if-match timer cron * 0 20 4 5 * 2012
[Huawei-assistant-task-huawei] perform 1 batch-file sys.bat
# Disable the assistant task to process the batch file.
<Huawei> system-view
[Huawei] assistant task huawei
[Huawei-assistant-task-huawei] undo perform 1
Info: Start to delete the action.
[Huawei-assistant-task-huawei] display this
#
assistant task huawei
if-match timer cron * 0 20 4 5 * 2012
#
return
4.1.15 quit
Function
The quit command returns from the current view to a lower-level view. If the
current view is the user view, this command exits from the system.
Format
quit
Parameters
None
Views
All views
Default Level
0: Visit level
Usage Guidelines
Usage Scenario
Three types of views are available and they are listed as follows from a lower level
to a higher level:
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 51
NetEngine AR
Command Reference 4 Basic Configurations Commands
● User view
● System view
● Service view, such as interface view
Run the quit command to return to a lower-level command view from the current
view. If you are in the user view currently, after you run the quit command, you
quit from the system.
Example
# Return to the system view from the AAA view, and then return to the user view.
After this, quit the system.
<Huawei> system-view
[Huawei] aaa
[Huawei-aaa] quit
[Huawei] quit
<Huawei> quit
4.1.16 return
Function
The return command returns to the user view from other views except the user
view.
Format
return
Parameters
None
Views
All views
Default Level
0: Visit level
Usage Guidelines
In other views, you can use the return command to return to the user view.
● Run this command to return to the user view if the current view is another
view except the user view.
● If the current view is the user view, no change occurs after running this
command.
● The shortcut keys<Ctrl+Z> have the same function as the return command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 52
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Return to the user view from the user interface view.
<Huawei> system-view
[Huawei] user-interface vty 0
[Huawei-ui-vty0] return
<Huawei>
4.1.17 set current-configuration display
Function
The set current-configuration display command sets the configurations that the
user of a specified level can view.
The undo set current-configuration display command cancels the configuration.
By default, no configuration is specified for users.
Format
set current-configuration display [ all ] level level command-key
undo set current-configuration display [ all ] level level command-key
Parameters
Parameter Description Value
all Indicates that all configuration sub- -
items are displayed if the
configuration contains sub-items.
level level The value is an integer
Specifies the user level.
ranging from 0 to 15.
command-key The value is a string of 1 to
Specifies the command of which
255 case-sensitive
the output will be displayed.
characters.
Views
System view
Default Level
3: Management level
Usage Guidelines
Use Scenario
After the administrator runs the command-privilege level command to degrade
the level of display current-configuration, low-level users can run the display
current-configuration command to view all device configurations.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 53
NetEngine AR
Command Reference 4 Basic Configurations Commands
To allow the low-level users to view the specified configurations, the administrator
can run the set current-configuration display command to specify the
configurations to be displayed.
Precaution
● If you enter a part of a command in the command-key parameter, the system
matches the commands starting with the characters you entered.
● If the command specified in command-key is executed in a sub-view, the
display current-configuration command displays the configurations in the
parent view.
● To view all configuration sub-items in a configuration item, use the all
keyword.
● If you run the set current-configuration display command multiple times,
multiple configurations can be specified. You can specify 128 configurations
for the user of the certain level.
Example
# Set the display current-configuration command level to 0 and specify the
configurations that level-0 users can view.
<Huawei> system-view
[Huawei] command-privilege level 0 view cli_8f display current-configuration
[Huawei] set current-configuration display level 0 ip address
[Huawei] set current-configuration display level 0 aaa
[Huawei] set current-configuration display level 0 network
# Display configurations as a level-0 user.
<Huawei> display current-configuration
#
aaa
#
interface GigabitEthernet0/0/0
ip address 192.168.200.183 255.255.255.0
#
interface LoopBack0
ip address 10.168.1.1 255.255.255.0
#
ospf 1
area 0.0.0.0
network 10.168.1.0 0.0.0.255
network 172.16.1.0 0.0.0.255
#
return
# Specify other configurations that level-0 user can view.
<Huawei> system-view
[Huawei] set current-configuration display all level 0 aaa
# Display configurations as a level-0 user.
<Huawei> display current-configuration
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user huawei password cipher %$%$^XcfPki5NVJ)ceVfc.;-f"Ei%$%$
local-user huawei privilege level 3
#
interface GigabitEthernet0/0/0
ip address 192.168.200.183 255.255.255.0
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 54
NetEngine AR
Command Reference 4 Basic Configurations Commands
#
interface LoopBack0
ip address 10.168.1.1 255.255.255.0
#
ospf 1
area 0.0.0.0
network 10.168.1.0 0.0.0.255
network 172.16.1.0 0.0.0.255
#
return
4.1.18 system-view
Function
The system-view command enables you to enter the system view from the user
view.
Format
system-view
Parameters
None
Views
User view
Default Level
2: Configuration level
Usage Guidelines
You must configure the device in the system view. Run this command in the user
view to enter the system view.
Example
# Enter the system view.
<Huawei> system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]
4.2 Auto-Config Commands
4.2.1 Support for Auto-Config
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 55
NetEngine AR
Command Reference 4 Basic Configurations Commands
Hardware Requirements
Table 4-5 Hardware requirements
Series Feature Support
AR300, AR600, AR700, Only Layer 3 Ethernet interfaces (except VDSL
AR1600, and AR6000 series interfaces working in PTM mode) support the
Auto-Config function.
AR6000-S series Only Layer 3 Ethernet interfaces (except VDSL
interfaces working in PTM mode) support the
Auto-Config function.
4.2.2 autoconfig enable
Function
The autoconfig enable command enables Auto-Config.
The undo autoconfig enable command disables Auto-Config.
By default, Auto-Config is enabled on the device.
Format
autoconfig enable
undo autoconfig enable
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
You can configure the Auto-Config function only after it is enabled. The
autoconfig enable command is used in the following scenarios:
● Auto-Config is disabled on the device (You can run the display autoconfig
enable command to check whether Auto-Config is enabled). In such a case,
you can use the autoconfig enable command to enable Auto-Config.
● If the Auto-Config function cannot be automatically recovered after an error
occurs in the Auto-Config process, run the undo autoconfig enable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 56
NetEngine AR
Command Reference 4 Basic Configurations Commands
command to disable the Auto-Config function. After Auto-Config stops, run
the autoconfig enable command to enable Auto-Config again. You can use
the display autoconfig-status command to check whether Auto-Config is
enabled.
Example
# Enable Auto-Config.
<Huawei> system-view
[Huawei] autoconfig enable
Info: Enable autoconfig successfully.
4.2.3 autoconfig getting-file restart
Function
The autoconfig getting-file restart command enables the device to re-obtain the
intermediate file, the system software, patch file and configuration file from the
file server.
Format
autoconfig getting-file restart
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
If the device fails to obtain the intermediate file, system software, patch file or
configuration file, the Auto-Config process is suspended and needs to be restarted.
The autoconfig getting-file restart command restarts the Auto-Config process,
enabling the device to re-obtain the intermediate file, system software, patch file
and configuration file. The display autoconfig-status command displays whether
the Auto-Config process is suspended.
NOTE
This command can be executed only when obtaining files failed and the Auto-Config
process is suspended.
Example
# Configure the device to re-obtain files from the file server and continue the
AutoConfig process.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 57
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] autoconfig getting-file restart
4.2.4 autoconfig permit interface
Function
The autoconfig permit interface command configures an interface for Auto-
Config pre-configured deployment.
The undo autoconfig permit interface command deletes the interface used for
Auto-Config pre-configured deployment.
By default, no interface is configured for Auto-Config pre-configured deployment.
Format
autoconfig permit interface { interface-type interface-number | interface-name }
&<1-4>
undo autoconfig permit interface
Parameters
Parameter Description Value
interface-type interface- Specifies the type and The value depends on
number number of an interface. the interface type and
slot ID.
Currently, only Ethernet,
GE, and XGE interfaces
and their sub-interfaces
are supported.
interface-name Specifies the name of an The value depends on
interface. the interface type and
slot ID.
Currently, only Ethernet,
GE, and XGE interfaces
and their sub-interfaces
are supported.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 58
NetEngine AR
Command Reference 4 Basic Configurations Commands
To use the plug-and-play deployment function with user-defined factory settings,
ensure that the autoconfig permit interface command has been run to configure
the interface for Auto-Config pre-configured deployment and the autoconfig
from pre-factory-configuration command has been run to enable the pre-
configured deployment function.
Precautions
● Before deleting the interface used for Auto-Config pre-configured
deployment, you need to disable the pre-configured deployment function on
the interface.
● Before using the plug-and-play deployment function with user-defined factory
settings, run the autoconfig permit interface command to configure the
interface for Auto-Config pre-configured deployment and run the autoconfig
from pre-factory-configuration command to enable the pre-configured
deployment function. The two commands cannot take effect after being
executed on the device. To make the plug-and-play function take effect, write
the two commands into the configuration file, run the set factory-
configuration command to set the configuration file to factory settings, and
ensure that there is no input on the console port and no user login to the
device.
Example
# Configure GigabitEthernet 0/0/0 and GigabitEthernet 0/0/0.1 for Auto-Config
pre-configured deployment.
<Huawei> system-view
[Huawei] autoconfig permit interface GigabitEthernet 0/0/0 GigabitEthernet 0/0/0.1
Info: Interfaces have been configured for AutoConfig.
4.2.5 autoconfig from pre-factory-configuration
Function
The autoconfig from pre-factory-configuration command enables the pre-
configured deployment function.
The undo autoconfig from pre-factory-configuration command disables the
pre-configured deployment function.
By default, the pre-configured deployment function is disabled.
Format
autoconfig from pre-factory-configuration
undo autoconfig from pre-factory-configuration
Parameters
None
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 59
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
To use the plug-and-play deployment function with user-defined factory settings,
ensure that the autoconfig permit interface command has been run to configure
the interface for Auto-Config pre-configured deployment and the autoconfig
from pre-factory-configuration command has been run to enable the pre-
configured deployment function.
Prerequisites
Before enabling the pre-configured deployment function, ensure that the
autoconfig permit interface command has been run to configure the interface
for Auto-Config pre-configured deployment.
Precautions
To use the plug-and-play deployment function with user-defined factory settings,
run the autoconfig permit interface command to configure the interface for
Auto-Config pre-configured deployment and run the autoconfig from pre-
factory-configuration command to enable the pre-configured deployment
function. The two commands cannot take effect after being executed on the
device. To make the plug-and-play function take effect, write the two commands
into the configuration file, run the set factory-configuration command to set the
configuration file as factory settings, and ensure that there is no input on the
console port and no user login.
Example
# Enable the pre-configured deployment function on GigabitEthernet 0/0/0 and
GigabitEthernet 0/0/0.1.
<Huawei> system-view
[Huawei] autoconfig permit interface GigabitEthernet 0/0/0 GigabitEthernet 0/0/0.1
Info: Interfaces have been configured for AutoConfig.
[Huawei] autoconfig from pre-factory-configuration
Info: The autoconfig from pre-factory-configuration command is executed successfully.
4.2.6 display autoconfig activating-config delay
Function
The display autoconfig activating-config delay command displays the delay in
restarting a device after a configuration file is downloaded using Auto-Config.
Format
display autoconfig activating-config delay
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 60
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
After a user uses the Option 146 parameter to set the delay in restarting a device,
there is a delay in restarting the device after the version file, patch file, and
configuration file are downloaded using Auto-Config. After the device is restarted,
loaded files can take effect. Run the display autoconfig activating-config delay
command to check the configured delay in restarting a device.
Precautions
By default, the device is restarted immediately if no delay is set using the Option
146 parameter.
Example
# Display the delay in restarting a device after a configuration file is downloaded
using Auto-Config.
<Huawei> display autoconfig activating-config delay
The delay in activating configuration is 0 seconds.
4.2.7 display autoconfig activating-config remanent-time
Function
The display autoconfig activating-config remanent-time command displays the
remaining delay in restarting a device after a configuration file is downloaded
using Auto-Config.
Format
display autoconfig activating-config remanent-time
Parameters
None
Views
All views
Default Level
1: Monitoring level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 61
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
After a user uses the Option 146 parameter to set the delay in restarting a device,
there is a delay in restarting the device after the version file, patch file, and
configuration file are downloaded using Auto-Config. After the device is restarted,
loaded files can take effect. Run the display autoconfig activating-config
remanent-time command to check the remaining delay in restarting a device.
Precautions
By default, the device is restarted immediately if no delay is set using the Option
146 parameter.
Example
# Display the remaining delay in restarting a device after a configuration file is
downloaded using Auto-Config.
<Huawei> display autoconfig activating-config remanent-time
The remanent time of activating configuration is 10 seconds.
4.2.8 display autoconfig enable
Function
The display autoconfig enable command displays whether Auto-Config is
enabled.
Format
display autoconfig enable
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Auto-Config runs only after it is enabled. You can run the display autoconfig
enable command to check whether Auto-Config is enabled to ensure that Auto-
Config runs properly.
Example
# Check whether Auto-Config is enabled.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 62
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> display autoconfig enable
Autoconfig is enabled.
4.2.9 display autoconfig-status
Function
The display autoconfig-status command displays the running status of Auto-
Config.
Format
display autoconfig-status
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
None
Example
# Display the configuration and running status of Auto-Config.
<Huawei> display autoconfig-status
Running: No
Can deploy configurations with a USB disk: Yes
Stop : Yes
Reason : Current startup configuration file already exists.
Suspend: No
Reason : --
The status of DHCP phase:
Operation result: --
Failed reason : --
The status of setting ACS phase:
URL : --
User name : --
Password : --
Operation result: --
Failed reason : --
The status of getting middle file phase:
File name : --
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 63
NetEngine AR
Command Reference 4 Basic Configurations Commands
Operation result: --
Failed reason : --
The status of getting system software phase:
File name : --
Operation result: --
Failed reason : --
The status of getting patch file phase:
File name : --
Operation result: --
Failed reason : --
The status of getting configuration file phase:
File name : --
Operation result: --
Failed reason : --
The status of activating configuration phase:
Remained time : --
Operation result: --
Failed reason : --
Table 4-6 Description of the display autoconfig-status command output
Item Description
Running Whether Auto-Config is running.
Can deploy configurations with a USB Whether a USB disk can be used for
disk deployment.
NOTE
The device can be configured using Auto-
Config or USB deployment. However, two
deployment methods cannot be used
together.
Stop Whether Auto-Config stops.
Reason Reason that Auto-Config stops:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
Suspend Whether Auto-Config is suspended.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 64
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Reason Reason that Auto-Config is suspended:
● Autoconfig is completed.
● Connecting to file server failed.
● Deploying configurations with a
USB disk.
● Failed to get the TFTP server
address from the host.
● Getting file server information
failed.
● Getting system MAC address and
ESN failed.
● Getting system MAC address failed
and the ESN is wrong.
● Getting system ESN failed and the
MAC address is wrong.
● No file can be deleted.
● Option 147 check failed.
● Option 147 does not exist or check
is successful, but check of other
information fails.
● Option 141 is too long: The FTP
user name is too long.
● Option 142 is too long: The FTP
user password is too long.
● Option 67 is too long: The
configuration file information is too
long.
● Option 66 is too long: The TFTP
server name is too long.
● Option 15 is too long: The DNS
domain name is too long.
● Option 145 is too long: The non-
configuration file information, such
as system software information,
version information, or patch file
information, is too long.
● Option 146 is too long: The
operation information is too long.
● Option 43 is too long: The ACS
configuration is too long.
● Space is not insufficient.
● Specifying startup patch file failed.
● Specifying startup system software
failed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 65
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
● Specifying startup configuration file
failed.
● Some ACS information is empty.
● Setting ACS URL failed.
● Setting ACS user name failed.
● Setting ACS password failed.
● The obtained version is different
from the version in the system
software name.
● The system software already exists
and is the current startup file.
● The user name or password used to
connect to the file server is wrong.
● The file does not exist on the file
server.
● The extension name of the system
software is wrong.
● The extension name of the patch
file is wrong.
● The extension name of
configuration file is wrong.
● The configuration file already exists
and is the current startup file.
● The patch file already exists and is
the current startup file.
● The length of the middle file is
incorrect.
● The MAC address and ESN do not
match.
● The TFTP server cannot be found.
● The length of some ACS
information is wrong.
● The format of ACS URL is wrong.
● The format of ACS user name is
wrong.
● The format of ACS password is
wrong.
● The system software name or
version is not received.
● The system software name is too
long.
● The patch file name is too long.
● The version is too long.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 66
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
● The configuration file name is too
long.
● The opervalue is too long.
● The delaytime is too long.
● The middle file does not have a
configuration file name.
The status of DHCP phase DHCP exchange phase.
Operation result Result of interaction between the
device and the DHCP server:
● --: The DHCP exchange phase is not
started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 67
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Failed reason Reason for interaction failure between
the device and the DHCP server:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Deploying configurations with a
USB disk.
● Failed to get the TFTP server
address from the host.
● Getting file server information
failed.
● Option 147 check failed.
● Option 147 does not exist or check
is successful, but check of other
information fails.
● Option 141 is too long.
● Option 142 is too long.
● Option 67 is too long.
● Option 66 is too long.
● Option 15 is too long.
● Option 145 is too long.
● Option 146 is too long.
● Option 43 is too long.
● The TFTP server cannot be found.
● The system software name is too
long.
● The patch file name is too long.
● The version is too long.
● The configuration file name is too
long.
● The opervalue is too long.
● The delaytime is too long.
NOTE
If Auto-Config keeps running during the
interaction between the device and the
DHCP server, The last failed reason is
displayed, indicating the latest reason for
failure.
The status of setting ACS phase ACS configuration phase.
URL ACS URL.
User name ACS user name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 68
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Password ACS password.
Operation result Operation result:
● --: The ACS configuration phase is
not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Failed reason Reason for a failure:
● Autoconfig is completed.
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Some ACS information is empty.
● Setting ACS URL failed.
● Setting ACS user name failed.
● Setting ACS password failed.
● The length of some ACS
information is wrong.
● The format of ACS URL is wrong.
● The format of ACS user name is
wrong.
● The format of ACS password is
wrong.
NOTE
If Auto-Config keeps running when ACS
runs, The last failed reason is displayed,
indicating the latest reason for failure.
The status of getting middle file phase Phase of obtaining the intermediate
file.
File name Intermediate file name.
Operation result Result of obtaining the intermediate
file:
● --: The phase of obtaining the
intermediate file is not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 69
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Failed reason Reason for failing to obtain the
intermediate file:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Connecting to file server failed.
● Getting system MAC address and
ESN failed.
● Getting system MAC address failed
and the ESN is wrong.
● Getting system ESN failed and the
MAC address is wrong.
● Space is not insufficient.
● The user name or password used to
connect to the file server is wrong.
● The file does not exist on the file
server.
● The length of the middle file is
incorrect.
● The MAC address and ESN do not
match.
● The middle file does not have a
configuration file name.
● The system software name is too
long.
● The patch file name is too long.
● The version is too long.
● The configuration file name is too
long.
NOTE
If Auto-Config keeps running during the
phase of obtaining the intermediate file,
The last failed reason is displayed,
indicating the latest reason for failure.
The status of getting system software Phase of obtaining the system
phase software.
File name System software name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 70
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Operation result Result of obtaining system software:
● --: The phase of obtaining a version
file is not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Failed reason Reason for failing to obtain the system
software:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Connecting to file server failed.
● No file can be deleted.
● Specifying startup system software
failed.
● Space is not insufficient.
● The file does not exist on the file
server.
● The user name or password used to
connect to the file server is wrong.
● The obtained version is different
from the version in the system
software name.
● The system software already exists
and is the current startup file.
● The extension name of the system
software is wrong.
● The system software name or
version is not received.
● The system software already exists
and is the rollback startup file.
NOTE
If Auto-Config keeps running during the
phase of obtaining the system software,
The last failed reason is displayed,
indicating the latest reason for failure.
The status of getting patch file phase Phase of obtaining a patch file.
File name Patch file name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 71
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Operation result Result of obtaining the patch file:
● --: The phase of obtaining a patch
file is not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Failed reason Reason for failing to obtain the patch
file:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Connecting to file server failed.
● Specifying startup patch file failed.
● Space is not insufficient.
● The file does not exist on the file
server.
● The user name or password used to
connect to the file server is wrong.
● The extension name of the patch
file is wrong.
● The patch file already exists and is
the current startup file.
● The patch file already exists and is
the rollback startup file.
NOTE
If Auto-Config keeps running during the
phase of obtaining the patch file, The last
failed reason is displayed, indicating the
latest reason for failure.
The status of getting configuration file Phase of obtaining a configuration file.
phase
File name Configuration file name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 72
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Operation result Result of obtaining the configuration
file:
● --: The phase of obtaining a
configuration file is not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Failed reason Reason for failing to obtain the
configuration file:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
● Connecting to file server failed.
● Specifying startup configuration file
failed.
● Space is not insufficient.
● The file does not exist on the file
server.
● The user name or password used to
connect to the file server is wrong.
● The extension name of
configuration file is wrong.
● The configuration file already exists
and is the current startup file.
● The configuration file already exists
and is the rollback startup file.
NOTE
If Auto-Config keeps running during the
phase of obtaining the configuration file,
The last failed reason is displayed,
indicating the latest reason for failure.
The status of activating configuration Phase of activating the configuration.
phase
Remained time Remaining relay for restarting a
device.
The command output of this
command is the same as that of the
display autoconfig activating-config
remanent-time command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 73
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Operation result Result of activating configurations:
● --: The phase of activating the
configuration is not started.
● Running: Auto-Config is running.
● Successful: Auto-Config is
successful.
● Suspend: Auto-Config is suspended.
● Stop: Auto-Config stops.
Failed reason Reason for failing to activate
configurations:
● AutoConfig is disabled.
● Current startup configuration file
already exists.
4.3 Auto-Start Configuration Commands
4.3.1 Support for Auto-Start
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.3.2 autostart
Function
The autostart command displays the autostart view.
Format
autostart
Parameters
None
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 74
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
To perform configurations related to Auto-Start, enter the autostart view first. You
can run this command in the system view to enter the autostart view.
Example
# Display the autostart view.
<Huawei> system-view
[Huawei] autostart
[Huawei-autostart]
4.3.3 autostart enable
Function
The autostart enable command enables Auto-Start on a device.
The undo autostart enable command disables Auto-Start on a device.
By default, Auto-Start is disabled on a device.
Format
autostart enable
undo autostart enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
You can run this command to enable Auto-Start. You can use Auto-Start to deploy
or upgrade a device only after enabling Auto-Start.
Example
# Enable Auto-Start.
[Huawei] autostart enable
Info: Enable autostart successfully.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 75
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.3.4 autostart run
Function
The autostart run command configures a device to immediately start the Auto-
Start process.
Format
autostart run
Parameters
None
Views
Autostart view
Default Level
3: Management level
Usage Guidelines
When the Auto-Start process fails, you can modify file server parameters or
reconfigure the intermediate file and file server, and run this command to
configure the device to immediately start the Auto-Start process.
Example
# Configure the device to immediately start the Auto-Start process.
<Huawei> system-view
[Huawei] autostart
[Huawei-autostart] autostart run
Are you sure to run autostart function? (Please set autostart config first.)[Y/N]:
y
Info: Autostart function run.
4.3.5 display autostart config
Function
The display autostart config command displays the file server configuration.
Format
display autostart config
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 76
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
System view
Default Level
3: Management level
Usage Guidelines
You can run this command to view the file server configuration on the device,
including the type and IP address of the file server, and the user name and
password for accessing the file server.
Example
# Display the file server configuration.
[Huawei] display autostart config
Server type :FTP
Server IP address :192.168.1.1
Username :user1
Password :***
4.3.6 display autostart status
Function
The display autostart status command displays the running status of Auto-Start.
Format
display autostart status
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
None
Example
# Display the running status of Auto-Start.
[Huawei] display autostart status
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 77
NetEngine AR
Command Reference 4 Basic Configurations Commands
Enable : Yes
Running: No
Can deploy configurations by USB disk or AutoConfig: Yes
Suspend: No
Reason : --
The status of getting middle file phase:
File name : arstart.ini
Operation result: Suspend
Failed reason : The unknown reason cause getting file from file server failed
The status of getting system software phase:
File name : --
Operation result: --
Failed reason : --
The status of getting patch file phase:
File name : --
Operation result: --
Failed reason : --
The status of getting configuration file phase:
File name : --
Operation result: --
Failed reason : --
The status of activating configuration phase:
Operation result: --
Failed reason : --
Table 4-7 Description of the display autostart status command output
Item Description
Enable Whether Auto-Start is enabled:
● Yes: enabled
● No: disabled
Running Whether Auto-Start is running:
● Yes: running
● No: not running
Can deploy configurations by USB disk Whether site deployment using a USB
or AutoConfig flash drive or Auto-Config is available:
● Yes: available
● No: unavailable
NOTE
The device can be deployed using a USB
flash drive, Auto-Config, or Auto-Start. The
three deployment modes are mutually
exclusive and only one of them can be
used at a time.
Suspend Whether Auto-Start is suspended:
● Yes: suspended
● No: not suspended
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 78
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Reason Reason why Auto-Start is suspended.
● Autostart is completed.
● Connecting to file server failed.
● Getting file server information
failed.
● Getting system MAC address and
ESN failed.
● Getting system MAC address failed
and the ESN is wrong.
● Getting system ESN failed and the
MAC address is wrong.
● No file can be deleted.
● Space is not insufficient.
● Specifying startup patch file failed.
● Specifying startup system software
failed.
● Specifying startup configuration file
failed.
● The obtained version is different
from the version in the system
software name.
● The system software already exists
and is the current startup file.
● The username or password used to
connect to the file server is wrong.
● The file does not exist on the file
server.
● The extension name of the system
software is wrong.
● The extension name of the patch
file is wrong.
● The extension name of
configuration file is wrong.
● The configuration file already exists
and is the current startup file.
● The patch file already exists and is
the current startup file.
● The length of the middle file is
incorrect.
● The MAC address and ESN do not
match.
● The system software name or
version is not received.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 79
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
● The system software name is too
long.
● The patch file name is too long.
● The version is too long.
● The configuration file name is too
long.
● The opervalue is too long.
● The middle file does not have a
configuration file name.
The status of getting middle file phase Phase of obtaining the intermediate
file.
File name Name of the intermediate file, system
software, configuration file, or patch
file.
Operation result Result of the file obtaining phase.
● --: The phase is not started.
● Running: The phase is running.
● Successful: The phase is successful.
● Suspend: The phase is suspended.
● Stop: The phase stops.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 80
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Failed reason Reason for failing to obtain a file.
● AutoStart is disabled.
● Current startup configuration file
already exists.
● Connecting to file server failed.
● Getting system MAC address and
ESN failed.
● Getting system MAC address failed
and the ESN is wrong.
● Getting system ESN failed and the
MAC address is wrong.
● Space is not insufficient.
● The username or password used to
connect to the file server is wrong.
● The file does not exist on the file
server.
● The length of the middle file is
incorrect.
● The MAC address and ESN do not
match.
● The middle file does not have a
configuration file name.
● The system software name is too
long.
● The patch file name is too long.
● The version is too long.
● The configuration file name is too
long.
● Specifying startup system software
failed.
● The obtained version is different
from the version in the system
software name.
● The system software already exists
and is the current startup file.
● The extension name of the system
software is wrong.
● The system software name or
version is not received.
● The system software already exists
and is the rollback startup file.
● Specifying startup patch file failed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 81
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
● The extension name of the patch
file is wrong.
● The patch file already exists and is
the current startup file.
● The patch file already exists and is
the rollback startup file.
● Current startup configuration file
already exists.
● Specifying startup configuration file
failed.
● The extension name of
configuration file is wrong.
● The configuration file already exists
and is the current startup file.
● The configuration file already exists
and is the rollback startup file.
The status of getting system software Phase of obtaining the system
phase software.
The status of getting patch file phase Phase of obtaining the patch file.
The status of getting configuration file Phase of obtaining the configuration
phase file.
The status of activating configuration Phase of activating the configuration.
phase
Operation result Result of the configuration activation
phase.
● --: The phase is not started.
● Running: The phase is running.
● Successful: The phase is successful.
● Suspend: The phase is suspended.
● Stop: The phase stops.
Failed reason Reason for failing to activate the
configuration.
● AutoStart is disabled.
● Current startup configuration file
already exists.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 82
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.3.7 ipaddress
Function
The ipaddress command configures the IP address of the file server.
The undo ipaddress command deletes the IP address of the file server.
Format
ipaddress ip
undo ipaddress
Parameters
Parameter Description Value
ip Specifies the IP address of the file The value is in dotted decimal
server. notation.
Views
Autostart view
Default Level
3: Management level
Usage Guidelines
Before using Auto-Start to deploy or upgrade a device, run this command to
configure the IP address of the file server. After the IP address is configured, the
device can connect to the corresponding file server based on the IP address and
download site deployment files.
Example
# Configure the IP address 192.168.1.20 for the file server.
<Huawei> system-view
[Huawei] autostart
[Huawei-autostart] ipaddress 192.168.1.20
Info: Set ip address successfully.
4.3.8 servertype
Function
The servertype command configures the type of the file server.
The undo servertype command restores the default type of the file server.
By default, the file server used in Auto-Start is an FTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 83
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
servertype { ftp | sftp }
undo servertype
Parameters
Parameter Description Value
ftp Sets the type of the file server to FTP. -
sftp Sets the type of the file server to SFTP. -
Views
Autostart view
Default Level
3: Management level
Usage Guidelines
Before using Auto-Start to deploy or upgrade a device, run this command to
configure the type of the file server.
If the file server type is set to FTP, the device connects to the file server and
downloads site deployment files using FTP. If the file server type is set to SFTP, the
device connects to the file server and downloads site deployment files using SFTP.
Site deployment files contain the intermediate file and one or more of the system
software, patch file, and configuration file.
Example
# Set the type of the file server to SFTP.
<Huawei> system-view
[Huawei] autostart
[Huawei-autostart] servertype sftp
Info: Set server type successfully.
4.3.9 username
Function
The username command configures the user name and password for accessing
the file server.
The undo username command deletes the user for accessing the file server.
By default, no user is configured for accessing the file server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 84
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
username username password password
undo username username
Parameters
Parameter Description Value
username Specifies the user name for The value is a string of 1 to 64 case-
accessing the file server. insensitive characters without spaces. It
can contain special characters.
password Specifies the password The value is a string of case-sensitive
corresponding to the user characters without spaces. It can be a
name for accessing the file string of 1 to 32 characters in plain text,
server. or a string of 80 characters in cipher
text.
Views
Autostart view
Default Level
3: Management level
Usage Guidelines
Before using Auto-Start to deploy or upgrade a device, run this command to
configure the user name and password for accessing the file server. After the user
name and password are configured, the device can be authenticated by and
connect to the file server.
Example
# Set the user name and password for accessing the file server to admin and
huawei, respectively.
<Huawei> system-view
[Huawei] autostart
[Huawei-autostart] username admin password huawei
Info: Set user name and password successfully.
4.4 USB-based Deployment Configuration Commands
4.4.1 Support for USB-based Deployment
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 85
NetEngine AR
Command Reference 4 Basic Configurations Commands
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.4.2 autoupdate enable
Function
The autoupdate enable command enables the USB-based deployment function.
The undo autoupdate enable command disables the USB-based deployment
function.
By default, the USB-based deployment function is disabled.
Format
autoupdate enable
undo autoupdate enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Use Scenario
● If a device has the current configuration file (not an unconfigured device),
you must run the autoupdate enable command to enable the USB-based
deployment function before you can use a USB flash drive to upgrade the
device.
● If a device has no current configuration file (unconfigured), the device can be
upgraded using a flash drive regardless of whether the USB-based
deployment function is enabled.
Prerequisites
This command can take effect only after an authentication password for USB-
based deployment is configured by the set usb autoupdate password command.
Precautions
If the USB-based deployment is enabled, the clear usb autoupdate password
command disables the USB-based deployment function while deleting the
authentication password for USB-based deployment.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 86
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enable the USB-based deployment function.
<Huawei> system-view
[Huawei] set usb autoupdate password huawei123
[Huawei] autoupdate enable
Info: Enable Autoupdate successfully.
4.4.3 clear usb autoupdate password
Function
The clear usb autoupdate password command deletes the authentication
password for USB-based deployment.
Format
clear usb autoupdate [ hmac ] password
Parameters
Parameter Description Value
hmac Deletes the password used as the key to calculate the hash- -
based message authentication code (HMAC).
Views
System view
Default Level
3: Management level
Usage Guidelines
To disable password authentication for USB-based deployment, run this command
to delete the authentication password configured by the set usb autoupdate
password command.
If you need to disable password authentication for USB-based deployment, run
the clear usb autoupdate hmac password password command to delete the
password configured using the set usb autoupdate hamc password password
command as the key used to calculate the HMAC.
Example
# Delete the authentication password for USB-based deployment.
<Huawei> system-view
[Huawei] clear usb autoupdate password
<Huawei> system-view
[Huawei] clear usb autoupdate password
Info: Successfully cleared the password for USB autoupdate and disabled
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 87
NetEngine AR
Command Reference 4 Basic Configurations Commands
# Delete the password configured as the key used to calculate the HMAC.
<Huawei> system-view
[Huawei] clear usb autoupdate hmac password
Info: Successfully cleared the HMAC password for USB autoupdate and disabled HMAC check.
4.4.4 display autoupdate enable
Function
The display autoupdate enable command displays whether the USB-based
deployment function is enabled.
Format
display autoupdate enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
None
Example
# Check whether the USB-based deployment function is enabled.
<Huawei> system-view
[Huawei] display autoupdate enable
Autoupdate state: enabled.
Table 4-8 Description of the display autoupdate enable command output
Item Description
Autoupdate ● enabled: The USB-based deployment function is enabled.
state ● disabled: The USB-based deployment function is not
enabled.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 88
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.4.5 display hmac enable
Function
The display hmac enable command displays whether the HMAC check function is
enabled for USB-based deployment.
Format
display hmac enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
None
Example
# Check whether the HMAC check function is enabled for USB-based deployment.
<Huawei> system-view
[Huawei] display hmac enable
Autoupdate hmac check state: enabled.
Table 4-9 Description of the display hmac enable command output
Item Description
Autoupdate ● enabled: The HMAC check function is enabled for USB-
hmac check based deployment.
state ● disabled: The HMAC check function is not enabled for
USB-based deployment.
4.4.6 display usb autoupdate state
Function
The display usb autoupdate state command displays the USB-based deployment
status.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 89
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
display usb usb-id autoupdate state
Parameters
Parameter Description Value
usb-id Specifies the USB interface The value is an integer ranging from
ID. 0 to 1.
Views
User view
Default Level
3: Management level
Usage Guidelines
None
Example
# Display the USB-based deployment status.
<Huawei> display usb 1 autoupdate state
Info: Deployment using the USB flash drive is completed successfully.
Table 4-10 Description of the display usb autoupdate state command output
Item Description
Info: Deployment using the USB flash USB-based deployment is
drive is completed successfully. successful.
Info: Deployment using a USB flash drive USB-based deployment has not
is not performed. started.
Info: Deployment using a USB flash drive USB-based deployment is in
is in progress, please wait.... progress.
Info: Deployment using the USB flash USB-based deployment fails.
drive failed!
4.4.7 hmac enable
Function
The hmac enable command enables the hash-based message authentication code
(HMAC) check function for USB-based deployment.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 90
NetEngine AR
Command Reference 4 Basic Configurations Commands
The undo hmac enable command disables the HMAC check function for USB-
based deployment.
By default, the HMAC check function is disabled.
Format
hmac enable
undo hmac enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Use Scenario
To improve security of USB-based deployment, you can run the hmac enable
command to enable the HMAC check function for USB-based deployment.
After HMAC check is configured for USB-based deployment, the device uses the
password configured using the set usb autoupdate hamc password password
command as the key to calculate an HMAC for the specified file based on the
HMAC-SHA256 algorithm. Then the device compares the calculated HMAC with
the value of the HMAC field in the index file. If the two HMAC values are the
same, the device considers the file to be downloaded valid.
Prerequisites
An authentication password has been configured using the set usb autoupdate
hamc password password command.
Precautions
If HMAC check is enabled for USB-based deployment, the command disables the
HMAC function while deleting the authentication password for USB-based
deployment. To delete the password used as the key to calculate an HMAC, run
the clear usb autoupdate hmac password password command.
Example
# Enable the HMAC check function for USB-based deployment.
<Huawei> system-view
[Huawei] set usb autoupdate password huawei123
[Huawei] hmac enable
Info: Enable Autoupdate hmac check successfully.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 91
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.4.8 set usb autoupdate password
Function
The set usb autoupdate password command configures an authentication
password for USB-based deployment.
Format
set usb autoupdate hmac password password
Parameters
Parameter Description Value
hmac Specifies the password -
used as the key to
calculate the hash-based
message authentication
code (HMAC).
password Sets the password for The value is a string of 8 to 64 characters
decrypting the in plain text without spaces, or a string of
configuration file. 8 to 108 characters in cipher text without
spaces. The string must contain at least
two types of the following: uppercase
letters, lowercase letters, digits, and
special characters.
NOTE
After user run the set password min-length
command, the minimum length of the
password is the password length set using the
set password min-length command.
Views
System view
Default Level
3: Management level
Usage Guidelines
The authentication password configured by this command is used in the following
scenarios:
● When HMAC check is enabled, the password configured using the set usb
autoupdate hamc password password command is used as the key to
calculate an HMAC.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 92
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
Currently, the HMAC can only be calculated using the HMAC-SHA256 algorithm.
● When downloading an encrypted configuration file from the USB flash drive,
the device uses the password configured using the set usb autoupdate
password password command to decrypt the configuration file.
NOTE
Currently, configuration files can be encrypted only when they are being compressed
into .zip format. The following encryption methods can be used:
● Simple text encryption: For example, when you compress a .cfg configuration file
into a .zip file, you can enter a password in the compression software to encrypt
the configuration file.
● AES256 encryption algorithm: For example, when you compress a .cfg
configuration file into a .zip file, you can select the AES256 mode and enter a
password in the compression software to encrypt the configuration file. This
encryption method is recommended because it is more secure.
The password used to encrypt the configuration file must be the same as the
password configured by the set usb autoupdate password command.
Example
# Set the authentication password used in USB-based deployment to huawei123.
<Huawei> system-view
[Huawei] set usb autoupdate password huawei123
4.5 SMS-based Deployment Configuration Commands
4.5.1 Support for SMS-based Deployment
Hardware Requirements
Table 4-11 Hardware requirements for SMS-based deployment
Series Feature Support
AR300, AR600, AR700, Only 3G/LTE-supporting devices support SMS-
AR1600, and AR6000 series based deployment.
AR6000-S series Only 3G/LTE-supporting devices support SMS-
based deployment.
4.5.2 sms config autodeploy enable
Function
The sms config autodeploy enable command enables the SMS-based
deployment function.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 93
NetEngine AR
Command Reference 4 Basic Configurations Commands
The undo sms config autodeploy enable command disables the SMS-based
deployment function.
By default, SMS-based deployment is enabled.
Format
sms config autodeploy enable
undo sms config autodeploy enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
As the enterprise network size expands, more branch devices need to be deployed.
Some devices are geographically dispersed and difficult to obtain wired resources
and have services deployed. SMS-based deployment function can solve this
problem. For example, deployment personnel can send deployment short
messages to devices through Short Message Service (SMS). Devices then receive
and parse the short messages, activate 3G/LTE links, and access the file server
through SFTP to obtain and load a configuration file for zero touch deployment in
a batch. By default, SMS-based deployment is enabled. After devices are deployed
successfully, you are advised to disable SMS-based deployment to prevent
unauthorized users from modifying device configurations using forged deployment
short messages.
Example
# Enable SMS-based deployment.
<Huawei> system-view
[Huawei] sms config autodeploy enable
Info: Enable the SMS config function successfully.
4.5.3 sms config caller
Function
The sms config caller command configures a mobile phone number whitelist.
The undo sms config caller command deletes a mobile phone number whitelist.
By default, no mobile phone number whitelist is configured.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 94
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
sms config caller tel-number
undo sms config caller [ tel-number ]
Parameters
Parameter Description Value
tel-number Specifies the mobile phone The value is a string of 3 to 20
number segment in the characters without spaces and can
whitelist. contain digits 0 to 9.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After devices are deployed successfully, you need to prevent device configurations
from being modified according to short messages sent from unauthorized phone
numbers. You can run the sms config caller command to configure a whitelist
that contains mobile phone number segments. Only the mobile phone numbers
that match all consecutive digits of any mobile phone number segment in the
whitelist are allowed to send short messages for service configurations.
Precautions
Currently, a whitelist can contain a maximum of eight mobile phone number
segments.
Example
# Add the mobile phone number segment 13812345678 to a whitelist to allow the
mobile phone number that matches this number segment to send short messages
for SMS-based deployment.
<Huawei> system-view
[Huawei] sms config caller 13812345678
Info: Succeed in setting whitelist.
4.6 Fast Provisioning Configuration Commands
4.6.1 Support for Fast Provisioning
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 95
NetEngine AR
Command Reference 4 Basic Configurations Commands
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.6.2 display fast provisioning record
Function
The display fast provisioning record command displays the automatic learning
record of an interface enabled with the fast provisioning function.
Format
display fast provisioning record [ interface interface-type interface-number ]
Parameters
Parameter Description Value
interface interface-type interface- Specifies the type and number of an -
number interface.
Views
All views
Default Level
2: Configuration level
Usage Guidelines
None
Example
# Display the automatic learning records of interfaces enabled with the fast
provisioning function.
<Huawei> system-view
[Huawei] display fast provisioning record
----------Fast Provisioning Record-----------
Ethernet1/0/0.1
State : successful
Vlan : 11
IP : 172.16.0.1 Mask : 8
Fast provisioning num : 1
---------------------------------------------
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 96
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-12 Description of the display fast provisioning record command output
Item Description
State State of a sub-interface. The value can be:
● successful: The sub-interface has learned and saved the
configuration successfully.
● learning: The sub-interface is learning the configuration
automatically.
Vlan/IP/Mask Configuration information learned by the sub-interface.
Fast provisioning Number of sub-interfaces that have successfully learned
num configurations.
Currently, a maximum of eight sub-interfaces are
supported.
4.6.3 display fast provisioning state
Function
The display fast provisioning state command displays the status of the fast
provisioning function on interfaces.
Format
display fast provisioning state
Parameters
None
Views
All views
Default Level
2: Configuration level
Usage Guidelines
None
Example
# Display the status of the fast provisioning function on interfaces.
<Huawei> system-view
[Huawei] display fast provisioning state
----------Fast Provisioning State-----------
GigabitEthernet0/0/1
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 97
NetEngine AR
Command Reference 4 Basic Configurations Commands
GigabitEthernet0/0/1.1
State : enable
GigabitEthernet0/0/1.2
State : disable
---------------------------------------------
Table 4-13 Description of the display fast provisioning state command output
Item Description
State Whether the fast provisioning function is enabled on a sub-
interface.
● enable: The fast provisioning function is enabled on the
sub-interface.
● disable: The fast provisioning function is disabled on the
sub-interface.
● restart: The fast provisioning function is enabled on the
sub-interface after the device restarts.
● inactive: The fast provisioning function is enabled on the
sub-interface, but the physical state of the sub-interface
is Down.
4.6.4 fast provisioning enable
Function
The fast provisioning enable command enables the fast provisioning function
globally.
The undo fast provisioning enable command disables the fast provisioning
function globally.
By default, the fast provisioning function is disabled globally.
Format
fast provisioning enable [ restart ]
undo fast provisioning enable
Parameters
Parameter Description Value
restart Indicates that the fast provisioning function is enabled -
globally after the device restarts.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 98
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
2: Configuration level
Usage Guidelines
Use Scenario
To enable the fast provisioning function, run the fast provisioning enable in the
system view.
Precautions
● After the fast provisioning function is disabled globally using the undo fast
provisioning enable command, the fast provisioning function configured on
interfaces also becomes invalid.
● After the fast provisioning function is enabled, the device starts a timer since
the first time the automatic learning function is triggered. The fast
provisioning function is automatically disabled globally and on interfaces 1
hour later. If the device restarts within 1 hour, the fast provisioning function
will not be automatically disabled 1 hour later. In this case, the fast
provisioning function can only be disabled using the undo fast provisioning
enable command.
● The configuration takes effect immediately when the fast provisioning
enable or undo fast provisioning enable command is used to enable or
disable the fast provisioning function.
● The configuration takes effect after the device restarts when the fast
provisioning enable restart command is used to enable the fast provisioning
function.
Example
# Enable the fast provisioning function globally.
<Huawei> system-view
[Huawei] fast provisioning enable
4.6.5 fast-provisioning disable (sub-interface view)
Function
The fast-provisioning disable command disables the fast provisioning function on
a sub-interface.
The undo fast-provisioning disable command enables the fast provisioning
function on a sub-interface.
By default, the fast provisioning function is disabled on a sub-interface. After the
fast provisioning function is enabled on an interface, the function is automatically
enabled on sub-interfaces of the interface.
Format
fast-provisioning disable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 99
NetEngine AR
Command Reference 4 Basic Configurations Commands
undo fast-provisioning disable
Parameters
None
Views
Ethernet sub-interface view, serial sub-interface view, ADSL sub-interface view
Default Level
2: Configuration level
Usage Guidelines
Use Scenario
When the fast provisioning function is enabled on an interface using the fast-
provisioning enable command, all sub-interfaces of the interface have the
function enabled. If the fast provisioning function only needs to be enabled on
some sub-interfaces, run the fast-provisioning disable command to disable the
fast provisioning function on specified sub-interfaces.
Prerequisite
The fast provisioning function has been enabled on the main interface using the
fast-provisioning enable command.
Example
# Disable the fast provisioning function on the sub-interface GE1/0/0.1.
<Huawei> system-view
[Huawei] fast provisioning enable
[Huawei] interface gigabitEthernet 1/0/0
[Huawei-GigabitEthernet1/0/0] fast-provisioning enable
[Huawei-GigabitEthernet1/0/0] quit
[Huawei] interface gigabitEthernet 1/0/0.1
[Huawei-GigabitEthernet1/0/0.1] fast-provisioning disable
4.6.6 fast-provisioning enable (interface view)
Function
The fast-provisioning enable command enables the fast provisioning function on
an interface.
The undo fast-provisioning enable command disables the fast provisioning
function on an interface.
By default, the fast provisioning function is disabled on an interface.
Format
fast-provisioning enable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 100
NetEngine AR
Command Reference 4 Basic Configurations Commands
undo fast-provisioning enable
Parameters
None
Views
Ethernet interface view, serial interface view, ADSL interface view
Default Level
2: Configuration level
Usage Guidelines
Use Scenario
You can run the fast-provisioning enable command to enable the fast
provisioning function on an interface. After the fast provisioning function is
enabled on an interface, sub-interfaces of the interface can automatically learn
and save information such as the VLAN, IP address, and DLCI from the peer device.
Currently, the fast provisioning function is supported by the following three kinds
of sub-interfaces:
● ADSL sub-interface: supports the fast provisioning function only when the
sub-interface is used in an IPoA scenario.
● Serial sub-interface: supports the fast provisioning function only when the
sub-interface is used in a synchronous or asynchronous sub-interface and the
sub-interface type is P2P.
● Ethernet sub-interface: supports the fast provisioning function only in a
scenario where packets carry one VLAN tag.
Currently, the fast provisioning function is supported by Ethernet sub-interfaces.
Prerequisite
The fast provisioning function has been enabled globally using the fast
provisioning enable command.
Precautions
● After enabling the fast provisioning function on an interface, create a sub-
interface for the interface. Only the sub-interface can automatically learn
information such as the VLAN, IP address, and DLCI from the peer device.
● After the fast provisioning function is enabled, the device starts a timer since
the first time the automatic learning function is triggered. The fast
provisioning function is automatically disabled globally and on interfaces 1
hour later. If the device restarts within 1 hour, the fast provisioning function
will not be automatically disabled 1 hour later. In this case, the fast
provisioning function can only be disabled using the undo fast provisioning
enable command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 101
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enable the fast provisioning function on GE1/0/0.
<Huawei> system-view
[Huawei] fast provisioning enable
[Huawei] interface gigabitEthernet 1/0/0
[Huawei-GigabitEthernet1/0/0] fast-provisioning enable
4.6.7 reset fast-provisioning
Function
The reset fast-provisioning command clears configuration information
automatically learned by an interface using the fast provisioning function.
Format
reset fast-provisioning
Parameters
None
Views
Ethernet interface view, serial interface view, ADSL interface view, serial sub-
interface view, ADSL sub-interface view
Default Level
2: Configuration level
Usage Guidelines
Use Scenario
You can run the reset fast-provisioning command to clear configuration
information automatically learned by an interface using the fast provisioning
function. Sub-interfaces then can relearn configuration information automatically.
Precautions
● In the main interface view, run the reset fast-provisioning command to clear
all the configuration information learned by sub-interfaces of the main
interface.
● In the sub-interface view, run the reset fast-provisioning command to clear
the IP address learned by the sub-interface.
● After the fast provisioning function is enabled, the device starts a timer since
the first time the automatic learning function is triggered. The fast
provisioning function is automatically disabled globally and on interfaces 1
hour later. If the device restarts within 1 hour, the fast provisioning function
will not be automatically disabled 1 hour later. In this case, the fast
provisioning function can only be disabled using the undo fast provisioning
enable command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 102
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Reset the status of the fast provisioning function on the sub-interface GE1/0/0.1.
<Huawei> system-view
[Huawei] interface gigabitEthernet 1/0/0.1
[Huawei-GigabitEthernet1/0/0.1] reset fast-provisioning
4.7 First Login Commands
4.7.1 Support for First Login
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.7.2 clock datetime
Function
The clock datetime command sets the current date and time on the device.
Format
clock datetime HH:MM:SS YYYY-MM-DD
Parameters
Parameter Description Value
HH:MM:SS Specifies the current HH specifies the hour, which is an integer
time on the device. ranging from 0 to 23. MM specifies the
minute, which is an integer ranging from 0
to 59. SS specifies the second, which is an
integer ranging from 0 to 59.
YYYY-MM-DD Specifies the current YYYY specifies the year, which is an integer
date (year, month, ranging from 2017 to 2037. MM specifies
and day) on the the month, which is an integer ranging
device. from 1 to 12. DD specifies the day, which is
an integer ranging from 1 to 31.
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 103
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
In the scenario where accurate absolute time is required, the current date and
time must be set on the device.
Prerequisite
The time zone and daylight saving time have been configured using the clock
timezone and clock daylight-saving-time commands. If the time zone and
daylight saving time are not configured, the clock datetime command sets a UTC
time.
Precautions
● The specified time must be in 24-hour format. If you do not specify MM and
SS, their values are 0. You must enter at least one digit to specify HH. For
example, when you enter 0, the time is 00:00:00.
● The specified year must be a four-digit number and the specified month and
day can be a one-digit number. For example, when you enter 2017-9-1, the
time is 2017-09-01.
● If the device is configured to restart at a specified time and if the system time
is changed to be more than 10 minutes later than the specified restart time,
the scheduled restart function will be disabled.
NOTE
The valid time range is based on the UTC, and this command sets the local time. If the
DST or time zone is specified in the current environment, the system automatically
converts the local time to the UTC.
For example, if you set the time zone to GMT+8 and the local date to 2017-1-1, the
UTC converted equals to the local date minus eight hours, which is 2016-12-31.
However, the valid date range is 2017 to 2037. As a result, the validity check fails, and
date setting fails.
Example
# Set the current time and date of the device to 0:0:0 2018-01-01.
<Huawei> clock datetime 0:0:0 2018-01-01
4.7.3 clock daylight-saving-time
Function
The clock daylight-saving-time command sets the name, start time, and end
time of the daylight saving time (DST).
The undo clock daylight-saving-time command cancels the DST settings.
By default, DST is not used.
Format
clock daylight-saving-time time-zone-name one-year start-time start-date end-
time end-date offset
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 104
NetEngine AR
Command Reference 4 Basic Configurations Commands
clock daylight-saving-time time-zone-name repeating start-time { { fifth | first |
second | third | fourth | last } weekday month | start-date1 } end-time { { first |
second | third | fourth | last } weekday month | end-date1 } offset [ start-year
[ end-year ] ]
undo clock daylight-saving-time
Parameters
Parameter Description Value
time-zone- Specifies the name The value is a string of 1 to 32 characters.
name of the DST zone.
one-year Specifies absolute -
DST.
repeating Specifies periodic -
DST.
start-time Specifies the DST The value is in 24-hour format HH:MM.
start time. HH specifies the hour, which is an integer
ranging from 0 to 23. MM specifies the
minute, which is an integer ranging from
0 to 59. If MM is not specified, DST starts
on the hour. You must enter at least one
digit to specify HH. For example, when
you enter 0, the start time is 00:00.
start-date Specifies the DST The value is in the format YYYY-MM-DD.
start date. YYYY specifies the year, which is an
integer ranging from 2017 to 2037, MM
specifies the month, which is an integer
ranging from 1 to 12, and DD specifies the
day, which is an integer ranging from 1 to
31.
end-time Specifies the DST The value is in 24-hour format HH:MM.
end time. HH specifies the hour, which is an integer
ranging from 0 to 23. MM specifies the
minute, which is an integer ranging from
0 to 59. If MM is not specified, DST starts
on the hour. You must enter at least one
digit to specify HH. For example, when
you enter 0, the start time is 00:00.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 105
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
end-date Specifies the DST The value is in the format YYYY-MM-DD.
end date. YYYY specifies the year, which is an
integer ranging from 2017 to 2037, MM
specifies the month, which is an integer
ranging from 1 to 12, and DD specifies the
day, which is an integer ranging from 1 to
31.
fifth Specifies the fifth -
week in a month.
first Specifies the first -
week in a month.
second Specifies the second -
week in a month.
third Specifies the third -
week in a month.
fourth indicates the fourth -
week in a month.
last Specifies the last -
week in a month.
weekday Specifies a day of The value is Mon, Tue, Wed, Thu, Fri, Sat,
the week. or Sun.
month Specifies a month. The value is Jan, Feb, Mar, Apr, May, Jun,
Jul, Aug, Sep, Oct, Nov, or Dec.
start-date1 Specifies the DST The value is in the format MM-DD. MM
start date. specifies the month, which is an integer
ranging from 1 to 12, and DD specifies the
day, which is an integer ranging from 1 to
31.
end-date1 Specifies the DST The value is in the format MM-DD. MM
end date. specifies the month, which is an integer
ranging from 1 to 12, and DD specifies the
day, which is an integer ranging from 1 to
31.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 106
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
offset Specifies the DST The value is in 24-hour format HH:MM.
offset. HH specifies the hour, which is an integer
ranging from 0 to 23. MM specifies the
minute, which is an integer ranging from
0 to 59. If MM is not specified, the offset
is the specified hours. You must enter at
least one digit to specify HH.
start-year Specifies the start The value is in the format YYYY and
year. ranges from 2017 to 2037.
end-year Specifies the end The value is in the format YYYY and
year. ranges from 2017 to 2037.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
DST, also referred to as summer time, is a convention intended to save resources.
In high latitude areas, sunrise time is earlier in summer than in winter. To reduce
use of incandescent lighting in the evenings and save energy, clocks are adjusted
forward one hour.
Users can customize the DST zone according to their countries' or regions'
convention. In addition, users can set how far ahead clocks are adjusted forward,
usually an hour. With DST enabled, when it is time to start DST, the system time is
adjusted according to the user-specified DST. When it is time to end DST, the
system time automatically returns to the original time.
Configuration Impact
To configure DST, note the following:
● The time in logs and debugging information uses the local time adjusted
based on the time zone and the configured DST.
● The time in the output of the display commands uses the local time adjusted
based on the time zone and the configured DST.
To remove configurations for DST, note the following:
● If DST has already taken effect when you remove the configurations, the
device will adjust its clock by subtracting the value of the offset parameter
from the current time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 107
NetEngine AR
Command Reference 4 Basic Configurations Commands
● If DST has not taken effect, removing the configurations will not affect the
system time.
Precautions
● The DST is configured in the summer. The DST duration ranges from one day
to one year.
● You can configure the start time and end time for periodic DST in one of the
following modes: date+date, week+week, date+week, and week+date.
Example
# Set periodic DST.
<Huawei> clock daylight-saving-time bj repeating 0 first sun jan 0 first sun apr 2 2018 2018
# Set periodic DST by day.
<Huawei> clock daylight-saving-time bj repeating 12:11 1-1 1:0 3-4 1
# Set absolute DST.
<Huawei> clock daylight-saving-time bj one-year 12:11 2018-10-2 1:00 2018-11-4 1
4.7.4 clock timezone
Function
The clock timezone command sets the local time zone.
The undo clock timezone command deletes the local time zone.
If you do not specify the time zone name, the system uses Default Zone Name.
Format
clock timezone time-zone-name { add | minus } offset
undo clock timezone
Parameters
Parameter Description Value
time-zone- Specifies the time zone name. The name is a string of 1 to 32
name case-sensitive characters without
spaces.
add Specifies the offset from the -
UTC for the time zone
specified by time-zone-name.
That is, the sum of the
default UTC time zone and
offset is equal to the time
zone specified by time-zone-
name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 108
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
minus Specifies the offset from the -
UTC for the time zone
specified by time-zone-name.
That is, the remainder
obtained by subtracting offset
from the default UTC time
zone is equal to the time zone
specified by time-zone-name.
offset Specifies the offset from the Format: HH:MM:SS
UTC. ● HH specifies the hour.
– If the local time is earlier
than the UTC, the value is
an integer ranging from 0 to
14.
– If the local time is later than
the UTC, the value is an
integer ranging from 0 to
12.
● MM and SS specify the minute
and second respectively, and
both range from 0 to 59.
● When HH is set to the
maximum value, the MM and
SS values must be 0.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The system clock is the time indicated by the system timestamp. Because the rules
governing local time differ in different regions, the system clock can be configured
to comply with the rules of any given region.
System clock = UTC + Time zone offset + DST offset
To ensure normal communication between devices, set an accurate system clock.
You can run the clock timezone and clock daylight-saving-time commands to
set the time zone and DST offsets.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 109
NetEngine AR
Command Reference 4 Basic Configurations Commands
● The specified time must be in 24-hour format. If you do not specify MM and
SS, their values are 0. You must enter at least one digit to specify HH. For
example, when you enter 0, the time is 00:00:00.
● After configuring the local time zone, run the display clock command to view
the configuration. The time in logs and diagnostic information uses the local
time adjusted based on the time zone and DST.
Example
# Set the local time zone name for Beijing China to BJ.
If the default UTC is London time 2018-12-01 00:00:00, Beijing time is London
time plus 08:00 because the offset from UTC is 8 hours.
<Huawei> clock datetime 0:0:0 2018-12-01
<Huawei> clock timezone BJ add 08:00:00
4.7.5 display clock
Function
The display clock command displays the current date and clock setting.
Format
display clock
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
You can run the display clock command to view the system date and clock setting
and adjust the setting if necessary.
Precautions
The system clock is set using the clock datetime, clock timezone, and clock
daylight-saving-time commands.
● If the three commands are not used, the original system clock is displayed
after you run the display clock command.
● You can use any combination of the three commands to configure the system
time. Table 4-14 lists the formats of the configured time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 110
NetEngine AR
Command Reference 4 Basic Configurations Commands
The table assumes that the original system time is 08:00:00 on January 1, 2018.
● 1: indicates that the clock datetime command is used, in which the current
time and date is date-time.
● 2: indicates that the clock timezone command is used, in which the time
zone parameter is set and the time offset is zone-offset.
● 3: indicates that the clock daylight-saving-time command is used, in which
the DST parameters are set and the time offset is offset.
● [1]: indicates that the clock datetime command is optional.
Table 4-14 System clock setting examples
Action Configured System Example
Time
1 date-time Command: clock datetime 8:0:0
2018-11-12
Configured system time:
2018-11-12 08:00:23
Monday
Time Zone(Default Zone Name) : UTC+00:00
2 Original system time Command: clock timezone BJ add 8
± zone-offset Configured system time:
2018-11-12 16:00:14
Monday
Time Zone(BJ) : UTC+08:00
1, 2 date-time ± zone- Commands: clock datetime 8:0:0
offset 2018-11-12 and clock timezone BJ add 8
Configured system time:
2018-11-12 16:00:17
Monday
Time Zone(BJ) : UTC+08:00
[1], 2, 1 date-time Commands: clock timezone NJ add 8 and
clock datetime 9:0:0 2018-11-12
Configured system time:
2018-11-12 09:00:03
Monday
Time Zone(NJ) : UTC+08:00
3 If the original system Command: clock daylight-saving-time BJ
time is not in the DST one-year 6:0 2018-8-1 6:0 2018-10-01 1
segment, the original Configured system time:
system time is 2018-01-01 09:00:51
displayed. Monday
Time Zone(Default Zone Name) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 111
NetEngine AR
Command Reference 4 Basic Configurations Commands
Action Configured System Example
Time
If the original system Command: clock daylight-saving-time BJ
time is in the DST one-year 6:0 2018-1-1 6:0 2018-9-1 2
segment, the Configured system time:
configured system 2018-01-01 10:00:08 DST
time is the original Monday
Time Zone(BJ) : UTC+00:00
system time plus Daylight saving time :
offset. Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00
1, 3 If date-time is not in Commands: clock datetime 9:0:0
the DST segment, the 2011-11-12 and clock daylight-saving-
configured system time BJ one-year 6:0 2012-8-1 6:0
time is date-time. 2012-10-01 1
Configured system time:
2011-11-12 09:00:26
Saturday
Time Zone(Default Zone Name) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2012
End year : 2012
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00
If date-time is in the Commands: clock datetime 9:0:0
DST segment, the 2011-11-12 and clock daylight-saving-
configured system time BJ one-year 9:0 2011-11-12 6:0
time is date-time 2011-12-01 2
+offset. Configured system time:
2011-11-12 11:02:21 DST
Saturday
Time Zone(BJ) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2011
End year : 2011
Start time : 11-12 09:00:00
End time : 12-01 06:00:00
Saving time : 02:00:00
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 112
NetEngine AR
Command Reference 4 Basic Configurations Commands
Action Configured System Example
Time
[1], 3, 1 If date-time is not in Commands: clock daylight-saving-time BJ
the DST segment, the one-year 6:0 2018-8-1 6:0 2018-10-01 1
configured system and clock datetime 9:0 2017-11-12
time is date-time. Configured system time:
2017-11-12 09:00:02
Sunday
Time Zone(Default Zone Name) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 08-01 06:00:00
End time : 10-01 06:00:00
Saving time : 01:00:00
If date-time is in the Commands: clock daylight-saving-time BJ
DST segment, the one-year 1:0 2018-1-1 1:0 2018-9-1 2 and
configured system clock datetime 3:0 2018-1-1
time is date-time. Configured system time:
2018-01-01 03:00:19 DST
Monday
Time Zone(BJ) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00
2, 3 or 3, If the result of Commands: clock timezone BJ add 8 and
2 original system time clock daylight-saving-time BJ one-year
± zone-offset is not in 6:0 2018-1-1 6:0 2018-9-1 2
the DST segment, the Configured system time:
configured system 2018-01-01 16:01:29
time is equal to the Monday
Time Zone(BJ) : UTC+08:00
original system time Daylight saving time :
± zone-offset. Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 113
NetEngine AR
Command Reference 4 Basic Configurations Commands
Action Configured System Example
Time
If the result of Commands: clock daylight-saving-time BJ
original system time one-year 1:0 2018-1-1 1:0 2018-9-1 2 and
± zone-offset is in the clock timezone BJ add 8
DST segment, the Configured system time:
configured system 2018-01-01 18:05:31 DST
time is equal to the Monday
Time Zone(BJ) : UTC+08:00
original system time Daylight saving time :
± zone-offset ± Name : BJ
offset. Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00
1, 2, 3 or If the value of date- Commands: clock datetime 8:0:0
1, 3, 2 time ± zone-offset is 2017-11-12, clock timezone BJ add 8, and
not in the DST clock daylight-saving-time BJ one-year
segment, the 6:0 2018-1-1 6:0 2018-9-1 2
configured system Configured system time:
time is equal to date- 2017-11-12 08:01:40
time ± zone-offset. Sunday
Time Zone(BJ) : UTC+08:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00
If the value of date- Commands: clock datetime 8:0:0
time ± zone-offset is 2018-1-1, clock daylight-saving-time BJ
in the DST segment, one-year 6:0 2018-1-1 6:0 2018-9-1 2, and
the configured clock timezone BJ add 8
system time is equal Configured system time:
to date-time ± zone- 2018-01-01 10:00:43 DST
offset + offset. Monday
Time Zone(BJ) : UTC+08:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 114
NetEngine AR
Command Reference 4 Basic Configurations Commands
Action Configured System Example
Time
[1], 2, 3, 1 If date-time is not in Commands: clock daylight-saving-time BJ
or [1], 3, the DST segment, the one-year 6:0 2018-1-1 6:0 2018-9-1 2,
2, 1 configured system clock timezone BJ add 8, and clock
time is date-time. datetime 8:0:0 2017-11-12
Configured system time:
2017-11-12 08:00:03
Sunday
Time Zone(BJ) : UTC+08:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 02:00:00
If date-time is in the Commands: clock timezone BJ add 8,
DST segment, the clock daylight-saving-time BJ one-year
configured system 1:0 2018-1-1 1:0 2018-9-1 2, and clock
time is date-time. datetime 3:0:0 2018-1-1
Configured system time:
2018-01-01 03:00:03 DST
Monday
Time Zone(BJ) : UTC+08:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 01:00:00
End time : 09-01 01:00:00
Saving time : 02:00:00
Example
# Display the current system date and time.
<Huawei> display clock
<2018-01-01 03:00:06
Monday
Time Zone(Default Zone Name) : UTC+00:00
Daylight saving time :
Name : BJ
Repeat mode : one-year
Start year : 2018
End year : 2018
Start time : 01-01 06:00:00
End time : 09-01 06:00:00
Saving time : 01:00:00
Table 4-15 Description of the display clock command output
Item Description
Time Zone Time zone.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 115
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Daylight saving time DST.
Name DST name.
Repeat mode DST mode.
● one-year: absolute DST
● repeating: periodic DST
Start year Year from which DST takes effect.
End year Year when DST becomes ineffective.
Start time Time when DST takes effect.
End time Time when DST becomes ineffective.
Saving time Storage time.
4.7.6 sysname
Function
The sysname command sets the device host name.
The undo sysname command restores the default device host name.
By default, the device host name is Huawei.
Format
sysname host-name
undo sysname
Parameters
Parameter Description Value
host-name Specifies the host The value is a string of 1 to 246 case-
name. sensitive characters with spaces, "?" not
supported.
Views
System view
Default Level
2: Configuration level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 116
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Changing the host name affects the command interface prompt. For example, if
the host name is Huawei, the user interface prompt is <Huawei>.
Example
# Set the host name to HuaweiA.
<Huawei> system-view
[Huawei] sysname HuaweiA
[HuaweiA]
4.8 UI Configuration Commands
4.8.1 Support for UI
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.8.2 acl (user interface view)
Function
The acl command uses an ACL to restrict login rights of users on a terminal.
The undo acl command cancels the configuration.
By default, login rights are not restricted.
Format
acl [ ipv6 ] acl-number { inbound | outbound }
undo acl [ ipv6 ] { inbound | outbound }
Parameters
Parameter Description Value
ipv6 Indicates an ACL6 number. -
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 117
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
acl-number Specifies the number of an ACL. The value is an integer ranging
from 2000 to 3999.
● 2000-2999: restricts the
source address using the
basic ACL.
● 3000-3999: restricts the
source and destination
addresses using the advanced
ACL.
inbound Restricts users with an address or -
within an address segment to log
in to the device.
outbound Restricts users that have logged -
in to the device from logging in
to other devices.
Views
User interface view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
This command restricts the login rights of a user interface based on the source IP
address, destination IP address, source port, or destination port. You can use this
command to permit or deny access to a destination or from a source.
Prerequisites
Before running this command, run the acl (system view) in the system view and
run the rule (basic ACL view) or rule (advanced ACL view) command to
configure an ACL.
If no rule is configured, login rights on the user interface are not restricted when
the acl command is executed.
Precautions
After the configurations of the ACL take effect, all users on the user interface are
restricted by the ACL.
You can configure all of the following ACL types: IPv4 inbound, IPv4 outbound,
IPv6 inbound, and IPv6 outbound on a user interface. Only one ACL of each type
can be configured on a user interface, and only the latest configuration of an ACL
takes effect.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 118
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Restrict the Telnet login rights on user interface VTY 0.
<Huawei> system-view
[Huawei] acl 3001
[Huawei-acl-adv-3001] rule deny tcp source any destination-port eq telnet
[Huawei-acl-adv-3001] quit
[Huawei] user-interface vty 0
[Huawei-ui-vty0] acl 3001 outbound
# Remove the restriction on the Telnet login rights on user interface VTY 0.
<Huawei> system-view
[Huawei] user-interface vty 0
[Huawei-ui-vty0] undo acl outbound
4.8.3 authentication-domain
Function
The authentication-domain command configures an authentication domain for a
type of users.
The undo authentication-domain command restores the default authentication
domain configuration.
By default, the authentication domain is default.
Format
authentication-domain domain-name
undo authentication-domain
Parameters
Parameter Description Value
domain-name Specifies the name of an The name is a string of 1
authentication domain. to 64 case-sensitive
characters without
spaces. If the string is
enclosed in double
quotation marks (" "),
the string can contain
spaces. The string cannot
contain the following
characters: * " ? - --.
NOTE
The value must be the
name of an existing
authentication domain in
AAA mode.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 119
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the authentication-domain command to change the currently used
authentication domain so that users of different access types can be authenticated
in different authentication domains.
NOTE
Currently, the device supports console and virtual type terminal (VTY) user interfaces.
Prerequisites
An authentication domain must have been created in AAA mode and the
authentication mode has been set to AAA using the authentication-mode
command.
Precautions
If you change the authentication mode to a non-AAA mode using the
authentication-mode command, the authentication domain configured using the
authentication-domain command restores to default.
Example
# Configure the authentication domain domain1 for users on the console user
interface.
<Huawei> system-view
[Huawei] aaa
[Huawei-aaa] domain domain1
[Huawei-aaa] quit
[Huawei] user-interface console 0
[Huawei-ui-console0] authentication-mode aaa
[Huawei-ui-console0] authentication-domain domain1
4.8.4 authentication-mode (user interface view)
Function
The authentication-mode command configures the authentication mode for
accessing the user interface.
The undo authentication-mode command deletes the authentication mode for
accessing the user interface.
By default, no authentication mode for accessing the user interface is configured.
For the users logging in to the interface, an authentication method must be
configured; otherwise, users cannot log in.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 120
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
authentication-mode { aaa | password }
undo authentication-mode
Parameters
Parameter Description Value
aaa Indicates the AAA authentication mode. -
password Indicates the password authentication mode. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When a user logs in to the device using the console interface for the first time, the
system prompts the user to set the login password. After the user logs in to the
device, the user can run the authentication-mode command to change the
authentication mode.
Before Telnet or SSH users log in to the device using VTY user interface, they must
run the authentication-mode command to configure the authentication mode.
Precautions
To ensure that users can log in to the device successfully, configure the
authentication mode.
● After you set the authentication mode for accessing a user interface to
password, run the set authentication password command to configure an
authentication password. Keep the password safe. You need to enter the
password when logging in to the device. The levels of commands accessible to
a user depend on the level configured for the user interface to which the user
logs in.
● When the authentication mode is set to aaa, the authentication password is
deleted at the same time. Users are required to enter the login user name and
password to log in to the device. After login, the level of the commands the
user can run depends on the level of the local user specified in AAA
configuration.
● If the current login channel has a password, enter the password when you
want to modify or delete the authentication mode of a VTY channel range
that contains the current login channel.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 121
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Configure the authentication mode for accessing the user interface.
<Huawei> system-view
[Huawei] user-interface vty 0
[Huawei-ui-vty0] authentication-mode aaa
4.8.5 auto-execute command
Function
The auto-execute command command configures auto-run commands.
The undo auto-execute command command cancels auto-run commands.
By default, the auto-run function is disabled.
Format
auto-execute command command
undo auto-execute command
Parameters
Parameter Description Value
command Specifies an auto-run command. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the auto-execute command command to make the device run a
command automatically on the corresponding interface.
You can run the auto-execute command command to enable automatic
execution for the Telnet command.
Precautions
● The auto-execute command command is applicable to the VTY user
interface.
● When you log in to the device, the device automatically runs the commands
that are configured by the auto-execute command command. The user's
terminal disconnects from the device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 122
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Before saving the configuration of the auto-execute command command,
ensure that you can log in to the device in other ways so that you can cancel
the command configuration.
● If you use the auto-execute command command, you cannot configure the
device in the user interface view. Therefore, use this command with caution.
Example
# Configure the telnet 10.110.100.1 command to automatically run after a user
logs in to the device using the VTY0 interface.
<Huawei> system-view
[Huawei] user-interface vty 0
[Huawei-ui-vty0] auto-execute command telnet 10.110.100.1
Warning: The system will not be configured through ui-vty0.Continue? [Y/N]: y
4.8.6 databits
Function
The databits command sets the number of data bits of the user interface.
The undo databits command restores the default number of data bits.
By default, the number of data bits of the user interface is 8.
Format
databits { 5 | 6 | 7 | 8 }
undo databits
Parameters
Parameter Description Value
5 Indicates that the number of data bits is 5. -
6 Indicates that the number of data bits is 6. -
7 Indicates that the number of data bits is 7. -
8 Indicates that the number of data bits is 8. -
Views
User interface view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 123
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Use this command only when necessary. If the number of data bits of a device's
user interface is changed, ensure that the same number of data bits is set on the
HyperTerminal used for login.
The setting is valid only when the serial port is configured to work in
asynchronous mode.
NOTE
The data bit of the console user interface does not support 5 and 6.
Example
# Set the number of data bits to 7.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] databits 7
4.8.7 display mib-index interface
Function
The display mib-index interface command displays the index value of an
interface in the MIB.
Format
display mib-index interface [ interface-type [ interface-number ] ]
Parameters
Parameter Description Value
interface-type Specifies the interface for which the index value is -
interface- displayed.
number ● interface-type: specifies the interface type, for
example, Ethernet.
If the interface type is not specified, the index values
of all interfaces are displayed.
● interface-number: specifies the number of an
interface. It is used with interface-type to specify an
interface.
If the interface number is not specified, the index
values of all interfaces of the type are displayed.
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 124
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
1: Monitoring level
Usage Guidelines
You can run the display mib-index interface command as an NMS user to view
the index values of interfaces.
Example
# Display indexes of all interfaces.
<Huawei> display mib-index interface
IfName IfIndex PortIndex
--------------------------------------------------
GigabitEthernet0/0/0 3 --
GigabitEthernet0/0/1 4 --
GigabitEthernet0/0/2 5 --
Table 4-16 Description of the display mib-index interface command output
Item Description
IfName Interface name.
IfIndex Index value of an interface.
PortIndex Index value of a port.
4.8.8 display user-interface
Function
The display user-interface command displays information about a user interface.
Format
display user-interface [ ui-type ui-number1 | ui-number ] [ summary ]
Parameters
Parameter Description Value
ui-type Displays information about a The value can be Console, VTY, TTY
specified user interface. or Web.
ui-number1 Displays information about a The minimum value is 0. The
user interface with a specified maximum value is smaller by 1
relative number. than the number of user interfaces
the system supports.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 125
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
ui-number Displays information about a The value is an integer ranging
user interface with a specified from 0 to 177. The value varies
absolute number. according to the device type.
summary Displays the summary of a -
user interface.
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Using the display user-interface command, you can view detailed configuration
information about all user interfaces or a specified user interface.
Example
# Display detailed information about the user interface with the absolute number
0.
<Huawei> display user-interface 0
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
0 CON 0 9600 - 3 - P -
+ : Current UI is active.
F : Current UI is active and work in async mode.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Auth : The authentication mode of UIs.
A : Authenticate use AAA. N : Current UI need not authentication. P : Authenticate use current
UI's password.
Int : The physical location of UIs.
# Display detailed information about all user interfaces.
<Huawei> display user-interface
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
0 CON 0 9600 - 3 - P -
+ 129 VTY 0 - 3 3 A -
+ 130 VTY 1 - 1 2 A -
+ 131 VTY 2 - 3 2 A -
132 VTY 3 - 1 - P -
133 VTY 4 - 1 - A -
...
UI(s) not in async mode -or- with no hardware support:
1-128
+ : Current UI is active.
F : Current UI is active and work in async mode.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 126
NetEngine AR
Command Reference 4 Basic Configurations Commands
Auth : The authentication mode of UIs.
A : Authenticate use AAA. N : Current UI need not authentication. P : Authenticate use current
UI's password.
Int : The physical location of UIs.
Table 4-17 Description of the display user-interface command output
Parameter Description
+ Active user interface.
F Active user interface in asynchronous mode.
Idx Absolute number of a user interface.
Type Type and relative number of a user interface.
User Interface type.
● CON: Users who log in through the console port
● VTY: Users who log in using VTY
● TTY: Users who log in using TTY
● Web: Users who log in through Web system
Tx/Rx Data transfer rate of the user interface.
Modem Type of the modem.
Privi Authority configured on a user interface.
ActualPrivi Actual permission of a user interface. In the case of
the AAA authentication mode, the level of a local
user in AAA configuration is the actual permission.
Auth Authentication mode on a user interface.
Int User interface.
A AAA authentication.
N No authentication on the current user interface.
P Password authentication.
4.8.9 display user-interface maximum-vty
Function
The display user-interface maximum-vty command displays the maximum
number of VTY users.
Format
display user-interface maximum-vty
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 127
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
You can run the display user-interface maximum-vty command to view the
maximum number of users who connect to the device using Telnet or SSH. By
default, the total number of Telnet users and SSH users is five maximum.
Example
# Display the maximum number of VTY users.
<Huawei> display user-interface maximum-vty
Maximum of VTY user : 5
Table 4-18 Description of the display user-interface maximum-vty command
output
Parameter Description
Maximum of VTY user Maximum number of VTY users.
The maximum number of VTY users can be
configured using the user-interface maximum-
vty command.
4.8.10 display users
Function
The display users command displays login information for each user interface.
Format
display users [ all ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 128
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
all Displays information about all users who log in to the device -
through user interfaces, including information about user
interfaces that are not used. If the all parameter is not used,
the command displays only information about user interfaces
that have been connected.
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run this command to view information about users who are connected to
the device. The information includes the user name, IP address, and authentication
and authorization information.
Example
# Run the display users command to view information about users who log in to
the device through the user interface.
<Huawei> display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
129 VTY 0 00:00:00 TEL 10.164.6.10 pass
Username : user1
+ 130 VTY 1 00:00:00 TEL 10.164.6.15 pass
Username : user2
Table 4-19 Description of the display users command output
Item Description
+ Terminal line in use.
User-Intf The number in the first column indicates the absolute
number of the user interface, and the number in the second
column indicates the relative number of the user interface.
User interface type.
● CON: User who logs in through the console port
● VTY: User who logs in using VTY
● TTY: User who logs in using TTY
● Web: User who log in through the web NMS
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 129
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Delay Interval from the user's latest input to the current time, in
seconds.
Type Connection type.
● CON: Console type
● TEL: Telnet type
● SSH: SSH type
● WEB: Web type
Network IP address of the login user.
Address
Username User name for logging in to the device. If the user name is
not specified, Unspecified is displayed.
AuthenStatus Whether the authentication succeeds.
AuthorcmdFlag Command line authorization status.
4.8.11 display vty mode
Function
The display vty mode command displays the current VTY mode.
Format
display vty mode
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
VTY modes are classified into the man-to-machine mode and machine-to-machine
mode.
Example
# Display the VTY mode.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 130
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> display vty mode
current VTY mode is Human-Machine interface
4.8.12 display vty lines
Function
The display vty lines command lists the number of rows displayed on the VTY
screen.
Format
display vty lines
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
None
Example
# List the number of lines displayed on the VTY screen.
<Huawei> display vty lines
Current VTY lines is 24.
4.8.13 flow-control
Function
The flow-control command configures the flow control mode.
The undo flow-control command restores the default flow control mode.
The default flow control mode is none, that is, flow control is disabled.
NOTE
Only the AR611-S, AR611W-S, AR611, AR611W, AR611W-LTE4CN, AR617VW, AR617VW-
LTE4, and AR617VW-LTE4EA do not support this command.
Only the AR303, AR303W do not support this command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 131
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
flow-control { hardware | none }
undo flow-control
Parameters
Parameter Description Value
hardware Specifies that the flow control mode is hardware flow -
control, and it applies only to the console port.
none Specifies that the flow control mode is no flow control. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
The configuration is effective only when the serial interface works in asynchronous
interaction mode.
Example
# Set the flow control mode to hardware flow control in the user view.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] flow-control hardware
4.8.14 free user-interface
Function
The free user-interface command disconnects the device from a specified user
interface.
Format
free user-interface { ui-number | ui-type ui-number1 }
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 132
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
ui-number Specifies the absolute The value is an integer ranging from 0
number of a user interface. to 177. The value varies according to
the device type.
ui-type Specifies the type of a user The value can be TTY, Console, VTY or
interface. Web.
ui-number1 Specifies the relative The minimum value is 0. The
number of a user interface. maximum value is smaller by 1 than
the number of user interfaces the
system supports.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If a user logs in to the device and does not perform an operation or you want to
forbid a user from performing operations on the device, you can run the free
user-interface command to disconnect a specified user's terminal from the device.
After the command is executed, the device logs out the user.
Precautions
The free user-interface command cannot be executed on the current user
interface. For example, if the current user interface is VTY 2, the free user-
interface vty 2 command fails to be executed on VTY 2 and an error message is
displayed.
Example
# Disconnect the device from user-interface 0.
<Huawei> free user-interface 0
Warning: User interface Console1 will be freed. Continue? [Y/N]:y
4.8.15 history-command max-size
Function
The history-command max-size command sets the size of the historical
command buffer.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 133
NetEngine AR
Command Reference 4 Basic Configurations Commands
The undo history-command max-size command restores the default size of the
historical command buffer.
By default, a maximum of 10 previously-used commands can be saved in the
buffer.
Format
history-command max-size size-value
undo history-command max-size
Parameters
Parameter Description Value
size-value Specifies the size of the historical The value is an integer ranging
command buffer. from 0 to 256.
Views
User interface view
Default Level
2: Configuration level
Usage Guidelines
The CLI can automatically save the historical commands that you enter. This
function is similar to that of Doskey. You can invoke and run the historical
commands at any time.
Example
# Set the size of the historical command buffer to 20.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] history-command max-size 20
4.8.16 idle-timeout
Function
The idle-timeout command sets the timeout duration for disconnection from a
user interface.
The undo idle-timeout command restores the default timeout duration.
By default, the timeout duration is 5 minutes.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 134
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
idle-timeout minutes [ seconds ]
undo idle-timeout
Parameters
Parameter Description Value
minutes Specifies the idle timeout The value is an integer ranging from
duration, in minutes. 0 to 35791, in minutes.
seconds Specifies the idle timeout The value is an integer ranging from
duration, in seconds. 0 to 59, in seconds.
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If a user logs in to the device and does not perform an operation, the user
interface is occupied unnecessarily. You can run the idle-timeout command to
disconnect the user's terminal from the device.
Precautions
● If you set the time to zero, then the line connection remains alive until you
close it.
● If the user interface disconnection function is not configured, other users may
fail to log in to the device.
● If the idle timeout interval is set to 0 or a large value, the terminal will remain
in the login state, resulting in security risks. You are advised to run the lock
command to lock the current connection.
● You are advised to set the timeout duration to 10-15 minutes.
NOTE
If AAA authentication is required for login users, the timeout duration configured by the
local-user idle-timeout command takes effect. If no timeout duration is configured or the
undo local-user idle-timeout command is executed in the AAA view, the timeout duration
configured by the idle-timeout command on the user interface takes effect.
Example
# Set the timeout duration to 1 minute and 30 seconds.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 135
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] idle-timeout 1 30
4.8.17 parity
Function
The parity command sets the parity bit of a user interface.
The undo parity command disables the parity check.
By default, no parity check is configured.
Format
parity { even | none | odd }
undo parity
Parameters
Parameter Description Value
even Specifies even parity check. -
none Specifies no parity check. -
odd Specifies odd parity check. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
The setting is valid only when the serial port is configured to work in
asynchronous mode.
Example
# Set the transmission parity bit on the console interface to odd parity.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] parity odd
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 136
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.8.18 protocol inbound
Function
The protocol inbound command specifies the protocols that the VTY user
interface supports.
By default, the system supports SSH and Telnet.
Format
protocol inbound { all | ssh | telnet }
Parameters
Parameter Description Value
all Indicates that all protocols including SSH and Telnet are -
supported.
ssh Indicates that only SSH is supported. -
telnet Indicates that only Telnet is supported. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To manage and monitor login users, configure the VTY user interface for login
users and run the protocol inbound command to configure the protocols that the
VTY user interface supports.
Prerequisites
If SSH is configured for the user interface using the protocol inbound command,
you must configure the authentication-mode aaa authentication mode to ensure
successful logins. If the password authentication mode is configured, the protocol
inbound ssh command cannot be executed.
Precautions
● The configuration takes effect at the next login.
● When SSH is specified for the VTY user interface, the SSH server function is
enabled, and the RSA key is not configured, a user cannot log in to the SSH
server using SSH.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 137
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Telnet is an insecure protocol. Using SSH is recommended.
Example
# Configure SSH for user interfaces VTY0 to VTY4.
<Huawei> system-view
[Huawei] user-interface vty 0 4
[Huawei-ui-vty0-4] authentication-mode aaa
[Huawei-ui-vty0-4] protocol inbound ssh
4.8.19 screen-length
Function
The screen-length command sets the number of lines on each terminal screen
after you run a command.
The undo screen-length command restores the default configuration.
By default, the number of lines to be displayed on a terminal screen is 24.
Format
In the user interface view:
screen-length screen-length [ temporary ]
undo screen-length [ temporary ]
In the user view:
screen-length screen-length temporary
undo screen-length temporary
Parameters
Parameter Description Value
screen-length Specifies the number of lines The value is an integer that
displayed on a terminal screen. ranges from 0 to 512. The value
0 indicates that all command
output is displayed on one
screen.
temporary Specifies the number of lines -
temporarily displayed on a
terminal screen.
Views
User interface view, user view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 138
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
If you run a command and its output is displayed in more lines than you can see
on one screen, you can reduce the number of lines displayed on each screen.
In general, you do not need to change the number of lines displayed on each
screen. Setting the number of lines to 0 is not recommended. The configuration
takes effect after you log in to the system again.
NOTE
In the user view, the temporary parameter is mandatory and this command is at the
Monitoring level. The configured value takes effect only on the current VTY user interface
but does not take effect on the next login on the same user interface or login on other VTY
user interfaces.
Example
# Set the number of lines on each screen of the terminal to 30.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] screen-length 30
4.8.20 screen-width
Function
The screen-width command sets the number of columns displayed on a terminal
screen.
The undo screen-width command restores the default configuration.
By default, 80 columns are displayed on a terminal screen.
Format
screen-width screen-width
undo screen-width
Parameters
Parameter Description Value
screen-width Specifies the width of a The value is an integer ranging
terminal screen. from 60 to 512.
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 139
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When you log in to the device from a console interface and run the display
interface description [ interface-type [ interface-number ] ] command to view
the interface information, output information does not automatically change to
another line, resulting in wrong format of the output information.
To resolve this problem, run the screen-width command to adjust the information
format. In general, you do not need to adjust the number of columns displayed on
the terminal screen. Setting the number of columns displayed on a screen is not
recommended.
Precautions
The number of columns set using the screen-width command is valid only for the
current interface. The setting is not saved after you log out. When you log in to
the device from the console interface and configure this command, the number of
columns displayed on the terminal screen is valid only for the current console
interface, which has no impact on other users who log in to the device from the
VTY interface or other interfaces. If you log out of the console interface and log in
to the device again, the default width is used for the terminal screen.
This command is valid only for information displayed by the display interface
description [ interface-type [ interface-number ] ] command.
Example
# Set the screen width to 100.
<Huawei> screen-width 100
Warning: This command will change the default screen width. Continue? [Y/N]:y
Info: Succeeded in setting the screen width to 100.
4.8.21 set authentication password
Function
The set authentication password command configures a local authentication
password.
By default, the local authentication password is not configured for the device.
Format
set authentication password cipher
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 140
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
cipher Indicates a password in cipher text. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If password authentication is configured for users, you can run the set
authentication password command to change the password or set a password in
cipher text.
Pre-configuration Tasks
Before running the set authentication password command, ensure that password
authentication has been configured for the user interface.
Precautions
● The passwords must meet the following requirements:
– The password is a string of 8 to 128 case-sensitive characters.
NOTE
After user run the set password min-length command, the minimum length of
the password is the password length set using the set password min-length
command.
– The password must contain at least two of the following characters:
upper-case character, lower-case character, digit, and special character.
The special characters include spaces and the following:
`~!@#$%^&*()-_=+\|[{}];:'",<.>/?
● Password entered in interactive mode is not displayed on the screen.
● Users can press CTRL_C to cancel password modification in the interaction
mode.
● If the current login channel has a password, enter the password when you
want to set an authentication password for a VTY channel range that contains
the current login channel.
● If the password authentication is configured but the password is not
configured for the user interface, the user cannot log in to the device.
● If the set authentication password command is executed multiple times, the
latest configuration overrides the previous ones. You can run the set
authentication password command to change the local authentication
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 141
NetEngine AR
Command Reference 4 Basic Configurations Commands
password. After the password is changed, a user who wants to log in to the
device must enter the latest password for identity authentication.
Example
# Set the local authentication password for the user interfaces VTY 0-4.
<Huawei> system-view
[Huawei] user-interface vty 0 4
[Huawei-ui-vty0-4] set authentication password cipher
Enter Password(<8-128>):
Confirm Password:
[Huawei-ui-vty0-4]
4.8.22 set password min-length
Function
The set password min-length command configures the minimum password
length.
The undo set password min-length command cancels the minimum password
length configuration.
Format
set password min-length min-length
undo set password min-length
Parameters
Parameter Description Value
min-length Specifies the minimum The value is an integer in the range
password length. from 8 to 16.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To set the minimum password length, run the set password min-length
command. Then the entered password on the device cannot be less than the
configured minimum length.
If the minimum password length does not need to be limited, run the undo set
password min-length command to cancel the minimum password length
configuration.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 142
NetEngine AR
Command Reference 4 Basic Configurations Commands
Precautions
This command limits the minimum length of only the password configured using
the following commands:
● 4.9.18 lock
● 21.1.63 local-user change-password
● set authentication password
● 5.4.8 ntp-service authentication-keyid
● 5.4.8 ntp-service authentication-keyid
● 23.5.3 cwmp acs password
● 23.5.12 cwmp cpe password
● 4.4.8 set usb autoupdate password
● 4.9.49 super password
● 23.1.18 snmp-agent community
● 21.1.60 local-user
Example
# Set the minimum password length to 10.
<Huawei> system-view
[Huawei] set password min-length 10
4.8.23 shell
Function
The shell command enables terminal services on a user interface.
The undo shell command disables terminal services on a user interface.
By default, terminal services are enabled on Console user interface and a VTY user
interface and disabled on a TTY user interface.
Format
shell
undo shell
Parameters
None
Views
User interface view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 143
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
You can use the shell command on a user interface to enable terminal services.
This command enables users to enter commands through this interface to query
device information and configure the device.
You can use the undo shell command on the user interface to disable terminal
services. This command does not allow users to perform any operations through
this interface. After the undo shell command is configured on the console user
interface view, the user interface does not provide access through the console
interface and MiniUSB interface. After using the undo shell command in the VTY
view and TTY view, this user interface does not provide Telnet, STelnet, and SFTP
access.
Example
# Disable terminal services on VTY 0 to VTY 4.
<Huawei> system-view
[Huawei] user-interface vty 0 4
[Huawei-ui-vty0-4] undo shell
4.8.24 speed (user interface view)
Function
The speed command sets the data transfer rate of a user interface.
The undo speed command restores the default data transfer rate of a user
interface.
By default, the data transfer rate is 9600 bit/s.
Format
speed speed-value
undo speed
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 144
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
speed-value Specifies the data The value is expressed in bit/s.
transfer rate of a
user interface. The asynchronous serial interface supports the
following data transfer rates:
● 600 bit/s
● 1200 bit/s
● 4800 bit/s
● 9600 bit/s
● 19200 bit/s
● 38400 bit/s
● 57600 bit/s
● 115200 bit/s
NOTE
The console user interface does not support 600 bit/s
and 1200 bit/s.
Views
User interface view
Default Level
3: Management level
Usage Guidelines
The setting is valid only when the serial port is configured to work in
asynchronous mode.
Example
# Set the data transfer rate of a user interface to 115200 bit/s.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] speed 115200
4.8.25 stopbits
Function
The stopbits command sets the stop bit of a user interface.
The undo stopbits command restores the default stop bit of a user interface.
By default, the stop bit is 1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 145
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
stopbits { 1.5 | 1 | 2 }
undo stopbits
Parameters
Parameter Description Value
1.5 Sets the stop bit to 1.5. -
1 Sets the stop bit to 1. -
2 Sets the stop bit to 2. -
Views
User interface view
Default Level
3: Management level
Usage Guidelines
If the stop bit is 1, the corresponding data bit is 7 or 8.
If the stop bit is 1.5, the corresponding data bit is 5.
If the stop bit is 2, the corresponding data bit is 6, 7, or 8.
The setting is valid only when the serial port is configured to work in
asynchronous mode.
NOTE
On the console user interface, the stop bit 1.5 is not supported.
Example
# Set the stop bit of a user interface to 2.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0] stopbits 2
4.8.26 user privilege
Function
The user privilege command configures the user level.
The undo user privilege command restores the default user level.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 146
NetEngine AR
Command Reference 4 Basic Configurations Commands
By default, users who log in to the device using the console interface are at level
15 and other users are at level 0.
Format
user privilege level level
undo user privilege level
Parameters
Parameter Description Value
level level Specifies the user level. The value is an integer
ranging from 0 to 15.
NOTE
The larger the value, the higher the
priority.
Views
User interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The system manages users at levels to control their access permissions. Users who
log in to the device can use only commands at the same or lower level than their
own levels.
Commands are classified into the visit level, monitoring level, configuration level,
and management level that map levels 0, 1, 2, and 3, as listed in Table 4-20.
Table 4-20 Introduction to command levels
User Comm Name Description
Level and
Level
0 0 Visit Commands at this level are diagnosis commands
such as ping and tracert commands and
commands that are used to access a remote
device such as Telnet clients.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 147
NetEngine AR
Command Reference 4 Basic Configurations Commands
User Comm Name Description
Level and
Level
1 0 and 1 Monitor Commands at this level are system maintenance
ing commands such as display commands.
NOTE
Some display commands are not at this level. For
example, the display current-configuration and
display saved-configuration commands are at level 3.
2 0, 1, Configu Commands at this level are service configuration
and 2 ration commands.
3-15 0, 1, 2, Manage Commands at this level are system basic
and 3 ment operation commands that support services,
including file system, FTP, TFTP, user management
commands, command level configuration
commands, and debugging commands.
Precautions
If refined right management is required, run the command-privilege level
command to upgrade command levels.
Example
# Set the user level on the VTY0 user interface to 2.
<Huawei> system-view
[Huawei] user-interface vty 0
[Huawei-ui-vty0] user privilege level 2
# Log in to the device using Telnet and view detailed information about the VTY0
user interface.
<Huawei> display user-interface vty 0
Idx Type Tx/Rx Modem Privi ActualPrivi Auth Int
+ 129 VTY 0 - 2 15 N -
+ : Current UI is active.
F : Current UI is active and work in async mode.
Idx : Absolute index of UIs.
Type : Type and relative index of UIs.
Privi: The privilege of UIs.
ActualPrivi: The actual privilege of user-interface.
Auth : The authentication mode of UIs.
A: Authenticate use AAA.
N: Current UI need not authentication.
P: Authenticate use current UI's password.
Int : The physical location of UIs.
Table 4-21 Description of the user privilege level command output.
Item Description
+ Current user interface is active.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 148
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
F Current user interface is active and work is in asynchronous
mode.
Idx Absolute index of user interface.
Type Type and relative index of user interface.
Privi The privilege of user interface.
ActualPrivi The actual privilege of user interface.
Auth The authentication mode of user interface.
Int The physical location of UIs.
A Authenticate use AAA.
N The current user interface need not be authenticated.
P Authenticates the user using the password configured on
the current user interface.
4.8.27 user-interface
Function
The user-interface command displays one or multiple user interface views.
Format
user-interface [ ui-type ] first-ui-number [ last-ui-number ]
Parameters
Parameter Description Value
ui-type Specifies the type of a user The value can be console, tty, vty
interface. or web.
● If the user interface is
specified, the relative
number is used.
● If the user interface is not
specified, the absolute
number is used.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 149
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
first-ui- Specifies the number of the ● If ui-type is set to console, the
number first user interface. first-ui-number value is 0.
● If ui-type is set to vty, the
first-ui-number value ranges
from 0 to the maximum
number of VTY user
interfaces.
● If ui-type is set to tty, the
first-ui-number value ranges
from 1 to the maximum
number of TTY user interfaces.
● If ui-type is set to web, the
first-ui-number value ranges
from 0 to the maximum
number of Web user
interfaces.
last-ui- Specifies the number of the -
number last user interface. When you
select this parameter, you
enter multiple user interface
views at the same time.
This parameter is valid only
when ui-type is set to VTY,
web, or TTY. The last-ui-
number value must be larger
than the first-ui-number
number.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When the network administrator logs in to the device using the console interface,
asynchronous serial interface, Telnet, web, or SSH, the system manages and
monitors the session between the user and the device on the corresponding user
interface. Each user interface corresponds a user interface view. The network
administrator can set parameters such as authentication and user level to manage
sessions in a unified manner.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 150
NetEngine AR
Command Reference 4 Basic Configurations Commands
Only users at level 15 can use this command.
The user interface varies according to the login mode. The user interface views can
be numbered using absolute numbers or relative numbers. Table 4-22 describes
absolute and relative numbers of user interfaces.
NOTE
● The relative numbering uniquely specifies a user interface or a group of user interfaces
of the same type.
● The absolute numbering specifies a user interface or a group of user interfaces.
Table 4-22 Absolute and relative numbers of user interfaces
User Description Absolute Relative Number
Interface Number
Console Manages and controls 0 0
user users that log in to the
interface device using the console
interface.
TTY user Manages and controls 1 to 128 The first one is TTY 1,
interface users that log in to the the second one is TTY
device using the 2, and so forth.
asynchronous serial Absolute numbers 1 to
interface. 128 map relative
numbers TTY 1 to TTY
128.
VTY user Manages and controls 129 to 143 The first one is VTY 0,
interface users that log in to the the second one is VTY
device using Telnet or 1, and so forth.
SSH. Absolute numbers 129
to 143 map relative
numbers VTY 0 to VTY
14.
Web user Manages and monitors 149 to 153 The first web user
interface users who log in through interface is Web 0, the
the web system. second web user
interface is Web 1, and
so on. By default, Web
0 to Web 4 are
available.
Absolute numbers 149
to 153 map relative
numbers Web 0 to
Web 4.
After you log in to the device, you can run the display user-interface command
to view the supported user interfaces and the corresponding relative and absolute
numbers.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 151
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enter the Console 0 user interface.
<Huawei> system-view
[Huawei] user-interface console 0
[Huawei-ui-console0]
# Enter the VTY 1 user interface.
<Huawei> system-view
[Huawei] user-interface vty 1
[Huawei-ui-vty1]
# Enter the VTY 1 to VTY 3 user interfaces.
<Huawei> system-view
[Huawei] user-interface vty 1 3
[Huawei-ui-vty1-3]
4.8.28 user-interface current
Function
The user-interface current command displays the current user interface view.
Format
user-interface current
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To enter the current user interface view, run the display user-interface command
without the user interface number.
Precautions
Only users at level 15 can use this command.
The user interface varies according to the login mode. The user interface views can
be numbered using absolute numbers or relative numbers. Table 4-22 describes
absolute and relative numbers of user interfaces.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 152
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
● The relative numbering uniquely specifies a user interface or a group of user interfaces
of the same type.
● The absolute numbering specifies a user interface or a group of user interfaces.
Example
# Enter the current user view.
<Huawei> system-view
[Huawei] user-interface current
[Huawei-ui-vty1]
4.8.29 user-interface maximum-vty
Function
The user-interface maximum-vty command configures the maximum number of
login users.
The undo user-interface maximum-vty command restores the default maximum
number of login users.
By default, the maximum number of Telnet and SSH users is 5.
Format
user-interface maximum-vty number
undo user-interface maximum-vty
Parameters
Parameter Description Value
number Specifies the The value is an integer ranging from 0 to 15
maximum number or 16 to 20.
of Telnet and SSH
NOTE
users.
The value range 16 to 20 is supported only after the
maximum number of users is set to 15. In addition,
the value range 16 to 20 is used only for emergent
user escape.
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 153
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
The user-interface maximum-vty command configures the maximum number of
login users.
Precautions
● If the maximum number that you set is smaller than the number of current
online users, the system displays a configuration failure message.
● The maximum number of login users set by the user-interface maximum-vty
command is the total number of Telnet and SSH users.
● If the maximum number of login users is set to 0, no user is allowed to log in
to the device using Telnet or SSH.
Example
# Set the maximum number of Telnet users to 7.
<Huawei> system-view
[Huawei] user-interface maximum-vty 7
4.9 User Login Configuration Commands
4.9.1 Support for User Login
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.9.2 connect
Function
The connect command establishes a control connection between a dumb terminal
and a remote server.
The undo connect command closes a control connection between a dumb
terminal and a remote server.
By default, a dumb terminal and a remote server do not establish a control
connection.
Format
connect host [ port-number ] [ -a source-ip-address | -i interface-type interface-
number ] [ -t interval ]
undo connect
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 154
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
host Specifies the IP address or The value is a string of 1 to
host name of the remote 255 case-insensitive
server. characters without spaces.
port-number Specifies the port number of a The value is an integer that
remote server. ranges from 1 to 55535. The
default value 23 is the
standard Telnet server port
number.
-a source-ip- Specifies the source IP address The value is in dotted
address of the local router. decimal notation.
-i interface-type Specifies the outbound -
interface-number interface of the local router.
-t interval Specifies the interval at which The value is an integer that
the local router automatically ranges from 5 to 60, in
establishes a connection to seconds.
the remote server.
Views
TTY user interface view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If a dumb terminal that has no IP address configured initiates a control connection
setup request to a remote server through the router, run the connect command
on the router to establish a control connection between the dumb terminal and
remote server.
Precautions
The dumb terminal must connect to the asynchronous serial interface of the
router.
If -t interval is not specified, the local router does not automatically establish a
control connection to the remoter server.
Example
# Establish a control connection between the dumb terminal and remote server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 155
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] user-interface tty 41
[Huawei-ui-tty41] undo shell
[Huawei-ui-tty41] connect 1.1.1.2 1025 -a 1.1.1.1
4.9.3 config lock
Function
The config lock command locks the system configuration.
The undo config lock command unlocks the system configuration.
By default, the system configuration is unlocked.
Format
config lock
undo config lock
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
To prevent other users from modifying or deleting configured data, you can run
the config lock command to lock the configuration management plane before
data configuration. After completing data configuration, run the undo config lock
command to unlock the configuration management plan so that other users can
perform data configuration.
Precautions
The locked system configuration can be unlocked by only the user who locks it,
the super administrator (run the user privilege command to set the user level to
15), or the network management system (NMS) user.
Example
# Lock the system configuration.
<Huawei> system-view
Enter system view, return user view with Ctrl+Z.
[Huawei] config lock
Info: The system config is locked
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 156
NetEngine AR
Command Reference 4 Basic Configurations Commands
# Unlock the system configuration.
<Huawei> system-view
Enter system view, return user view with Ctrl+Z.
[Huawei] undo config lock
Info: The system config is unlocked
4.9.4 config unlock interval
Function
The config unlock interval command configures the interval for unlocking a
device.
The default interval is 5 minutes.
Format
config unlock interval time
Parameters
Parameter Description Value
time Specifies the interval for The value is an integer ranging from
unlocking a device. 1 to 255, in minutes.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If the device configuration is clocked by the config lock command, other users
cannot modify the configuration. In this case, the config unlock interval
command can be used to configure the unlock interval, after which the device
configuration is unlocked automatically.
Precautions
This command can be used by only the super administrator (run the user
privilege command to set the user level to 15) and NMS user.
If you run the command multiple times, only the latest configuration takes effect.
The unlocking interval starts from the last time the current user configures the
system.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 157
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Set the unlock interval to 2 minutes.
<Huawei> system-view
[Huawei] config unlock interval 2
# The following message is displayed when the configured unlock interval arrives.
[Huawei]
Info: The system config is unlocked
4.9.5 display config lock
Function
The display config lock command displays lock information about the system
configuration.
Format
display config lock
Parameters
None
Views
All views
Default Level
2: Configuration level
Usage Guidelines
The information includes whether the system configuration is locked and the lock
duration If you cannot configure the Router after login, run this command. The
command output helps you locate faults. If the system configuration is locked, the
command output includes the following: type, name, and IP address of the user
who locks the configuration. If no IP address is available, locked user IP address
is blank.
If the current system configuration is locks by a user (user A), only users at the
same level as or higher level than user A can query user A information. If users at
a lower level queries user A information, the system displays a message indicating
that the system configuration is locked by a user with a higher level.
Example
# Display lock information about the system configuration (when configuration is
not locked).
<Huawei> display config lock
------------------------------------------------------------------------------
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 158
NetEngine AR
Command Reference 4 Basic Configurations Commands
automatically unlocked interval(minute): 5
locked state: unlocked
------------------------------------------------------------------------------
Table 4-23 Description of the display config lock command output
Item Description
automatically unlocked Interval after which the system
interval(minute) automatically unlocks the
configuration, in minutes.
locked state Whether the system configuration is
locked. The values are as follows:
● locked: indicates that the system
configuration is locked.
● unlocked: indicates that the system
configuration is not locked.
# Display lock information about the system configuration (when configuration is
locked).
<Huawei> display config lock
------------------------------------------------------------------------------
automatically unlocked interval(minute): 5
locked state: locked
locked user type: telnet
locked user name: huawei
locked user IP address: 192.168.0.1
------------------------------------------------------------------------------
Table 4-24 Description of the display config lock command output
Item Description
automatically unlocked Interval after which the system
interval(minute) automatically unlocks the
configuration, in minutes.
locked state Whether the system configuration is
locked. The values are as follows:
● locked: indicates that the system
configuration is locked.
● unlocked: indicates that the system
configuration is not locked.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 159
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
locked user type Type of the user who locks the system
configuration. The user can be any of
the following types:
● CON: Console type
● TEL: Telnet type
● SSH: SSH type
● WEB: Web type
locked user name Name of the user who locks the system
configuration.
locked user IP address IP address of the user who locks the
system configuration. If no IP address is
available, locked user IP address is
blank.
4.9.6 display ecc local-key-pair public
Function
The display ecc local-key-pair public command displays information about the
public key in the local Elliptic Curves Cryptography (ECC) key pair.
Format
display ecc local-key-pair public
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the display ecc local-key-pair public command to check information
about the public key in the local ECC key pair on a client and then copy the public
key to the server. The public key enables a server to authenticate users and
ensures the login of authorized users.
Pre-configuration Tasks
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 160
NetEngine AR
Command Reference 4 Basic Configurations Commands
You must run the ecc local-key-pair create command to generate a local ECC
host key pair before using the command.
Example
# Display information about the public key in the local ECC key pair on a client.
<Huawei> display ecc local-key-pair public
=====================================================
Time of Key pair created:2016-06-10 04:45:43+00:00
Key name : localhost_Host_ECC
Key modulus : 256
Key type : ECC encryption Key
Key fingerprint:
=====================================================
Key code:
04B8EC97 382591C6 BE764727 0B06F673 4E3FF3C9 C10F98F9 4D7D9B09 593DF604
D1465979 107F638D 59771BD1 C1C2D325 B7C3A331 9646B76F A9BACA98 4C0F19D2
BC
Host public key for PEM format code:
---- BEGIN SSH2 PUBLIC KEY ----
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLjslzglkca+
dkcnCwb2c04/88nBD5j5TX2bCVk99gTRRll5EH9jjVl3G9HBwtMlt8OjMZZGt2+p
usqYTA8Z0rw=
---- END SSH2 PUBLIC KEY ----
Public key code for pasting into OpenSSH authorized_keys file :
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLjslzglkca
+dkcnCwb2c04/88nBD5j5TX2bCVk99gTRRll5EH9jjVl3G9HB
wtMlt8OjMZZGt2+pusqYTA8Z0rw= ecdsa-key
Table 4-25 Description of the display ecc local-key-pair public command output
Item Description
Time of Key pair created Time when the public key in the local
ECC key pair is generated, in the format
of YYYY-MM-DD HH:MM:SS.
Key Name Name of the public key in the local ECC
key pair.
Key modulus Length of the public key in the local ECC
key pair.
Key Type Type of the public key in the local ECC
key pair.
Key Code Code of the public key in the local ECC
key pair configured using the ecc local-
key-pair command.
Host public key for PEM format PEM code of the public key in the local
code ECC key pair.
Public key code for pasting into Public key in the local ECC key pair used
OpenSSH authorized_keys file for OpenSSH authentication. Copy the
public key to the authorized_keys file of
OpenSSH to make the key effective.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 161
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.7 display ecc peer-public-key
Function
The display ecc peer-public-key command displays information about the ECC
public key configured on the remote end.
Format
display ecc peer-public-key [ brief | name key-name ]
Parameters
Parameter Description Value
brief Displays brief information about -
the ECC public key configured on
the remote end.
name key-name Displays the ECC public key with The value is a string of 1
the specified name. to 30 case-sensitive
characters without spaces.
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the display ecc peer-public-key command on a client to check
information about the public key configured on the remote end. The public key
enables a server to authenticate users and ensures the login of authorized users.
Example
# Display brief information about all the ECC public keys.
<Huawei> display ecc peer-public-key brief
------------------------------------------
Bits Name
------------------------------------------
256 testecc
------------------------------------------
# Display detailed information about the ECC public key named testecc.
<Huawei> display ecc peer-public-key name testecc
=====================================
Key name: testecc
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 162
NetEngine AR
Command Reference 4 Basic Configurations Commands
Encoding type: OPENSSH
=====================================
Key Code:
ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYuJAsMAHPFT53pXNlXAE1YjXvjhdultL
zcDcrzJLqvPxhKALn1WXGPaNfQ
sAFQnsHzUYgICcBz/Cpxb5atVeg= ecdsa-key
Table 4-26 Description of the display ecc peer-public-key command output
Item Description
Bits Length of the ECC public key configured
on the remote end.
Name Name of the ECC public key configured
on the remote end.
Key name Name of the ECC public key configured
on the remote end.
Encoding type Encoding format of the ECC public key
configured on the remote end.
● OPENSSH
If OpenSSH is specified, data is Base64
encoded.
OpenSSH is derived from PEM.
● PEM
If PEM is specified, data is Base64
encoded.
● DER
If DER is specified, data is Base16
encoded.
Key Code Code of the public key in the local ECC
key pair configured using the ecc local-
key-pair command.
4.9.8 display rsa local-key-pair public
Function
The display rsa local-key-pair public command displays the public key in the
local key pair.
Format
display rsa local-key-pair public
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 163
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
You can run this command on the client and configure the client public key in the
command output to the SSH server, which ensures that the SSH client validity
check by the SSH server is successful and enables the secure data exchange
between the SSH server and client.
Example
# Display the public key in the local key pair.
<Huawei> display rsa local-key-pair public
=====================================================
Time of Key pair created: 2011-10-06 16:26:37+00:00
Key name: Host
Key type: RSA encryption Key
=====================================================
Key code:
3047
0240
D538B7FC 3AFE1F5B F6C921F9 3D8C5322
905F623A
F0123161 3DA61EEB F5E897CF DC126060
546CC84E
B2AB7424 3EFF5D71 D84C5FE2 3E2BF5B3
D82DD979
A22E4AA1
0203
010001
=====================================================
Time of Key pair created: 2011-10-06 16:26:53+00:00
Key name: Server
Key type: RSA encryption Key
=====================================================
Key code:
3067
0260
C51C2C01 56B06E6C EBF9055C F7AD9781
46B41A31
5FC87282 E53CFE30 8E6321D3 AC74E948
0A010339
E67C290E 2E0E8E40 BF5E1C97 F9C856EF
568DC159
1A6D28ED AFFB474B 43EFB632 CFB0875F
85420EEA
1919095B A5BC38D0 5FFF169E
0BDB3DC3
0203
010001
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 164
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-27 Description of the display rsa local-key-pair public command output
Item Description
Time of Key pair created Time and date when the public key is
created.
Key Name The value can be the host or server public
key. The server public key is saved only
when the key type is RSA.
Key Type Type of the public key.
Key Code Code of the public key.
4.9.9 display rsa peer-public-key
Function
The display rsa peer-public-key command displays the peer public key saved on
the local host. If no parameter is specified, the command displays detailed
information about all peer public keys.
Format
display rsa peer-public-key [ brief | name key-name ]
Parameters
Parameter Description Value
brief Displays the brief information -
about all peer public keys.
name key-name Specifies the key name. The value is a string of 1 to 30
case-insensitive characters
without spaces.
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 165
NetEngine AR
Command Reference 4 Basic Configurations Commands
You can run this command to check detailed information about the RSA public key
and whether the local and peer public keys are the same.
Precautions
You must complete the RSA public key configuration before running this
command.
Example
# Display the brief information about all RSA public keys.
<Huawei> display rsa peer-public-key brief
Name Bits
-------------------------------------
rsakey001 780
Table 4-28 Description of the display rsa peer-public-key brief command output
Item Description
Bits Bits in the public key.
Name Name of the public key.
# Display the detailed information about the RSA public key named rsakey001.
<Huawei> display rsa peer-public-key name rsakey001
=====================================
Key name: rsakey001
=====================================
Key Code:
3067
0260
A3158E6C F252C039 135FFC45 F1E4BA9B 4AED2D88 D99B2463 3E42E13A 92A95A37
45CDF037 1AF1A910 AAE3601C 2EB70589 91AF1BB5 BD66E31A A9150911 859CAB0E
1E10548C D70D000C 55A1A217 F4EA2F06 E44BD438 DA472F14 3FB7087B 45E77C05
0203
010001
Table 4-29 Description of the display rsa peer-public-key name command output
Item Description
Key name Name of the public key.
Key Code Code of the public key.
4.9.10 display ssh server
Function
The display ssh server command displays the SSH server information.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 166
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
display ssh server { status | session }
Parameters
Parameter Description Value
status Displays the global configuration on the SSH server. -
session Displays the current session connection information on the -
SSH server.
Views
All views
Default Level
3: Management level
Usage Guidelines
After configuring the SSH attributes, you can run this command to view the
configuration or session connection information on the SSH server to verify that
the SSH connection has been established.
Example
# Display the global configuration on the SSH server.
<Huawei> display ssh server status
SSH version :1.99
SSH connection timeout :120 seconds
SSH server key generating interval :0 hours
SSH Authentication retries :3 times
SFTP Server :Enable
Stelnet server :Enable
Scp server :Disable
SSH server ciper :aes128-ctr aes192-ctr aes256-ctr
SSH server mac :hmac-sha2-256
SSH server key :diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-
group-exchange-sha1
Table 4-30 Description of the display ssh server status command output
Item Description
SSH version SSH protocol version. The value can be 1.99 or 2.0.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 167
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
SSH connection timeout SSH connection timeout interval. The value ranges
from 60 to 120, in seconds. The default value is
60.
Run the ssh server timeout command to set this
item.
SSH server key generating Key updating period of the SSH server. The default
interval value is 0, in hours.
Run the ssh server rekey-interval command to
set this item.
SSH authentication retries Number of times for retrying SSH authentication.
The default value is 3.
Run the ssh server authentication-retries
command to set this item.
SFTP Server Status of the SFTP server. By default, it is disabled.
Run the sftp server enable command to set this
item.
Stelnet server Status of the STelnet server. By default, it is
disabled.
Run the stelnet server enable command to set
this item.
Scp server Status of the SCP sever. By default, it is disabled.
Run the scp server enable command to set this
item.
NOTE
This field is supported in V300R021C10 and later
versions.
SSH server ciper Encryption algorithm supported by the SSH server.
The default encryption algorithm is aes128-ctr
aes192-ctr aes256-ctr.
Run the ssh server cipher command to set this
item.
SSH server mac HMAC algorithm supported by the SSH server. The
default HMAC algorithm is hmac-sha2-256.
Run the ssh server hmac command to set this
item.
SSH server key Key exchange algorithm supported by the SSH
server. The default key exchange algorithm is
dh_group_exchange_sha1, dh_group14_sha1,
dh_group14_sha256, and dh_group15_sha512.
Run the ssh server key-exchange command to
set this item.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 168
NetEngine AR
Command Reference 4 Basic Configurations Commands
# Display the current session connection information on the SSH server.
<Huawei> display ssh server session
--------------------------------------------------------------------
Conn Ver Encry State Auth-type Username
--------------------------------------------------------------------
VTY 0 2 AES run password john
--------------------------------------------------------------------
Table 4-31 Description of the display ssh server session command output
Item Description
Conn VTY connection.
Ver Version number.
Encry Encryption mode.
State Session status on the SSH server.
Auth-type Authentication mode for an SSH user.
The options are as follows:
● password
● rsa
● password-rsa (password and RSA)
● all (password or RSA)
Run the ssh user authentication-type
command to set this item.
Username User name for SSH server
authentication.
4.9.11 display ssh user-information
Function
The display ssh user-information command displays the configuration of all SSH
users.
Format
display ssh user-information [ username ]
Parameters
Parameter Description Value
username Displays the SSH user The value is a string of 1 to 64 case-
name. insensitive characters without spaces.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 169
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
This command displays the SSH user name, bound RSA public key name, and
service type.
Example
# Display the configuration of all SSH users.
<Huawei> display ssh user-information
-------------------------------------------------------------------------------
Username Auth-type User-public-key-name
-------------------------------------------------------------------------------
a password null
-------------------------------------------------------------------------------
Table 4-32 Description of the display ssh user-information command output
Item Description
Username SSH user name.
Auth-type Authentication mode for an SSH user. The options
are as follows:
● password
● rsa
● password-rsa (password and RSA)
● all (password or RSA)
Run the ssh user authentication-type command
to set this item.
User-public-key-name Peer RSA public key assigned to an SSH user.
Run the rsa peer-public-key command to set this
item.
4.9.12 display telnet server status
Function
The display telnet server status command displays the status and configuration
of the Telnet server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 170
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
display telnet server status
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
● You can run this command to check whether the device functions as a Telnet
server.
● You can run this command to check the listening port number of the Telnet
server if you have set the port number by running the telnet server port
port-number command.
Example
# Display the status and configuration of the Telnet server.
<Huawei> display telnet server status
TELNET IPv4 server :Enable
TELNET IPv6 server :Enable
TELNET server port :23
Table 4-33 Description of the display telnet server status command output
Item Description
TELNET IPv4 server IPv4 Telnet server.
TELNET IPv6 server IPv6 Telnet server.
TELNET server port Listening port number of the Telnet
server.
4.9.13 display telnet-client
Function
The display telnet-client command displays the source parameters when the
device works as a Telnet client.
Format
display telnet-client
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 171
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
After setting source parameters of the Telnet client, you can run this command to
check the setting result. If you have not set telnet client-source, the default
source IP address is 0.0.0.0.
Example
# Display the source parameters for the device that works as a Telnet client.
<Huawei> display telnet-client
The source address of telnet client is 10.1.1.1
Table 4-34 Description of the display telnet-client command output
Item Description
The source address of telnet client is The source IP address of the Telnet
10.1.1.1 client is 10.1.1.1.
4.9.14 ecc local-key-pair
Function
The ecc local-key-pair create command generates a local ECC host key pair.
The ecc local-key-pair destroy command deletes the local ECC key pair.
Format
ecc local-key-pair create
ecc local-key-pair destroy
Parameters
None
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 172
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
A local key pair is a prerequisite to a successful SSH login. Compared with the RSA
algorithm used by the rsa local-key-pair create command, the ECC algorithm
shortens the key length, accelerates the encryption, and improves security. The
length of the ECC host key pair can be 256 bits, 384 bits and 521 bits. By default,
the length of the ECC host key pair is 256 bits.
If you no longer need the local ECC key pair, run the ecc local-key-pair destroy
command to delete it.
Configuration Impact
The ecc local-key-pair destroy command deletes the local ECC host key pair, from
the files on the master and slave main control boards. Exercise caution when you
run this command.
Precautions
● The generated ECC host key pair is named in the format of hostkey_ECC.
● The ecc local-key-pair create and ecc local-key-pair destroy commands are
not saved in the configuration file. They only need to be run once and take
effect even after the Router restarts.
● Do not delete the ECC key file from the Router. If the ECC key file is deleted,
the ECC key pair cannot be restored after the Router is restarted.
Example
# Generate a local ECC host key pair
<Huawei> system-view
[Huawei] ecc local-key-pair create
Info: The key name will be: hostkey_ECC.
Info: The ECC host key named hostkey_ECC already exists.
Warning: Do you want to replace it ? [Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=256]:256
Info: Generating keys...
Info: Succeeded in creating the ECC host keys.
# Delete the local ECC host key pair.
<Huawei> system-view
[Huawei] ecc local-key-pair destroy
Info: The name of the key which will be destroyed is hostkey_ECC.
Warning: These keys will be destroyed. Continue? [Y/N]:Y
Info: Succeeded in destroying the ECC host keys.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 173
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.15 ecc peer-public-key
Function
The ecc peer-public-key command generates an ECC public key and enters the
ECC public key view.
The undo ecc peer-public-key command deletes the ECC public key.
By default, no ECC public key is generated.
Format
ecc peer-public-key key-name encoding-type { der | openssh | pem }
undo ecc peer-public-key key-name
Parameters
Parameter Description Value
key-name Specifies the ECC public key name. The value is a
string of 1 to 30
case-sensitive
characters without
spaces.
encoding-type Specifies the encoding format of the ECC -
public key.
der Sets the encoding format of the ECC public -
key to DER.
DER uses hexadecimal notation to encode
data.
openssh Sets the encoding format of the ECC public -
key to OpenSSH.
OpenSSH uses base64 notation to encode
data.
OpenSSH is revised from PEM.
pem Sets the encoding format of the ECC public -
key to PEM.
PEM uses base64 notation to encode data.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 174
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When you use an ECC public key for authentication, specify the public key on the
server for the client of SSH users. When the client logs in to the server, the server
uses the specified public key to authenticate the client.
After you enter the ECC public key view, run the public-key-code begin
command, and copy the ECC public key to the server.
The public key on the client is randomly generated by the client software.
If an ECC public key has been assigned to an SSH user, delete the mapping
between the ECC public key and the SSH user. If you do not delete the mapping,
the undo ecc peer-public-key command cannot delete the ECC public key.
Follow-up Procedure
After you copy the ECC public key generated on the client to the server, perform
the following operations to exit the ECC public key view:
1. Run the public-key-code end command to return to the ECC public key view.
2. Run the peer-public-key end command to exit the ECC public key view and
return to the system view.
Precautions
A maximum of 20 ECC public keys can be configured.
The peer public key supports only PKCS#1. Other PKCS versions are not supported.
Example
# Create an ECC public key and enter the ECC public key view.
<Huawei> system-view
[Huawei] ecc peer-public-key ecc-peer-key encoding-type pem
Info: Enter "ECC public key" view, return system view with "peer-public-key end".
[Huawei-ecc-public-key] public-key-code begin
Info: Enter "ECC key code" view, return the last view with "public-key-code end".
[Huawei-ecc-key-code] ---- BEGIN SSH2 PUBLIC KEY ----
[Huawei-ecc-key-code] AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACDBL5J4v3pqi5S
[Huawei-ecc-key-code] ALI9lvLw4cdvtpD2AC6sEJXg9GDCD5vGBnkXlKmnOy6d1TyrXx57ZPNnrSdqVkHC
[Huawei-ecc-key-code] sMBa63vSwg1XsVW2qZgx8H57+FJiTPY61b1Vfst9GUif1ymfpB7XrbdYZDownoh0
[Huawei-ecc-key-code] FZNadZtIf2CRc0OeiKXbCSPP25dfoT/DTcc=
[Huawei-ecc-key-code] ---- END SSH2 PUBLIC KEY ----
[Huawei-ecc-key-code] public-key-code end
[Huawei-ecc-public-key] peer-public-key end
# Delete an ECC public key.
<Huawei> system-view
[Huawei] undo ecc peer-public-key ecc-peer-key
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 175
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.16 exline-breaker
Function
The exline-breaker enable command enables the function of adding a line break.
The exline-breaker disable command disables the function of adding a line
break.
By default, the function of adding a line break is disabled.
Format
exline-breaker { enable | disable }
Parameters
Parameter Description Value
enable Enables the function of adding a line break. -
disable Disables the function of adding a line break. -
Views
TTY user interface view
Default Level
3: Management level
Usage Guidelines
The device functions as a calling end to send a line break \r\n. When receiving the
line break, the called end discards \n in the line break. As a result, data of the
calling end differs from that of the called end. In this case, you can run the exline-
breaker enable command to enable the function of adding a line break. After the
function is enabled, the calling end adds a line break \n to \r\n when sending it.
When the called end receives the data, it removes only one \n from the line break.
Example
# Enable the function of adding a line break.
<Huawei> system-view
[Huawei] user-interface tty 41
[Huawei-ui-tty41] undo shell
[Huawei-ui-tty41] exline-breaker enable
4.9.17 language character-set
Function
The language character-set command configures the character set in the system.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 176
NetEngine AR
Command Reference 4 Basic Configurations Commands
The default character set in the system is ISO8859-1, that is, the system only
supports English input.
Format
language character-set character
Parameters
Parameter Description Value
character Specifies the character set in Currently, the system supports the
the system. following character sets: GBK, UTF-8,
and ISO8859-1.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can configure the character set so that the system just supports Chinese or
supports Chinese and English input. The character set facilitates device
identification and management, for example, Chinese interface description can be
configured.
Currently, the system supports the following character sets: GBK, UTF-8, and
ISO8859-1. GBK and UTF-8 support both English and Chinese input, whereas
ISO8859-1 supports only English input. GBK is a Chinese character set and UTF-8
is an international character set. To enter Chinese characters on the device,
configure GBK or UTF-8 according to the character set supported on the terminal
login software.
Precaution
The character set supported by the terminal login software affects the display of
Chinese characters. If the character sets in the system and on the terminal login
software are different, Chinese characters may be displayed as garbled characters.
After the character set function is configured, the device cannot work together
with eSight or iManager U2000. The web system only displays the UTF-8 character
set and does not support Chinese input.
Example
# Configure GBK as the character set in the system.
<Huawei> system-view
[Huawei] language character-set GBK
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 177
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.18 lock
Function
The lock command locks the current user interface to prevent unauthorized users
from operating the interface.
By default, the system does not automatically lock the current user interface.
Format
lock
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Lock the current user interface using this command to prevent other users from
operating the interface. The user interfaces consist of console ports, and Virtual
Type Terminals (VTYs).
After using the lock command, you are prompted to input the password twice. If
you input the correct password for twice, the user interface is locked.
Precautions
● The passwords must meet the following requirements:
– The password is a string of 8 to 128 case-sensitive characters.
NOTE
After user run the set password min-length command, the minimum length of
the password is the password length set using the set password min-length
command.
– The password must contain at least two of the following characters:
upper-case character, lower-case character, digit, and special character.
The special characters include spaces and the following:
`~!@#$%^&*()-_=+\|[{}];:'",<.>/?
● Password entered in interactive mode is not displayed on the screen.
● When you run the lock command to lock the user interface and set a locking
password, you can press CTRL_C to cancel the operation.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 178
NetEngine AR
Command Reference 4 Basic Configurations Commands
● To unlock the user interface, press Enter, and then input the correct password
as prompted by the system.
Example
# Lock the current user interface after logging in through the console port.
<Huawei> lock
Enter Password(<8-128>):
Confirm Password:
Info: The terminal is locked.
# To log in to the system after the system is locked, you must press Enter. The
following information is displayed:
Enter Password:
# Enter the correct password and return to the user view.
<Huawei>
4.9.19 matched upper-view
Function
The matched upper-view command allows the system to search for the undo
command in the upper view, and returns to the upper view.
The undo matched upper-view command prohibits the system from searching for
the undo command in the upper view.
By default, the system does not search for the undo command in the upper view.
Format
matched upper-view
undo matched upper-view
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
When you run the undo command in a view, which is not registered in the current
view, the system searches for the command in the upper view if the system is
allowed to search for the undo command in the upper view. If the system finds
the same undo command, the system executes this command in the upper view. If
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 179
NetEngine AR
Command Reference 4 Basic Configurations Commands
the system does not find the same undo command in the upper view, the system
continues to search for this command in other upper views till the system view.
Running this command brings security risks. For example, if you run the undo ftp
server command in the interface view, while this command is not registered in the
interface view, the system automatically searches for it in the upper view, that is,
the system view. In this manner, the system disables the FTP function.
The matched upper-view command is valid only for current login users who run
this command.
Example
# Allow the undo command to be searched for in the upper view.
<Huawei> system-view
[] matched upper-view
[] interface gigabitethernet1/0/1
[-GigabitEthernet1/0/1] undo ftp server
Info: Succeeded in closing the FTP server.
[]
# Prohibit the undo command from being searched for in the upper view.
<Huawei> system-view
[Huawei] undo matched upper-view
[Huawei] interface gigabitethernet1/0/1
[Huawei-GigabitEthernet1/0/1] undo ftp server
^
Error: Unrecognized command found at '^' position.
[Huawei-GigabitEthernet1/0/1]
4.9.20 peer-public-key end
Function
The peer-public-key end command returns to the system view from the public
key view and saves the configured public keys.
Format
peer-public-key end
Parameters
None
Views
Public key view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 180
NetEngine AR
Command Reference 4 Basic Configurations Commands
You must save the public key generated on the remote host to the local host,
which ensures that the validity check on the remote end is successful. After editing
a public key in the public key view, you can run this command to return to the
system view.
Prerequisites
Before you run this command, the rsa peer-public-key command has been run to
enter the RSA public key view or the ecc peer-public-key command has been run
to enter the ECC public key view.
Example
# Return to the system view from the public key view.
<Huawei> system-view
[Huawei] rsa peer-public-key rsakey001
[Huawei-rsa-public-key] public-key-code begin
[Huawei-rsa-key-code] 308188
[Huawei-rsa-key-code] 028180
[Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[Huawei-rsa-key-code] 171896FB 1FFC38CD
[Huawei-rsa-key-code] 0203
[Huawei-rsa-key-code] 010001
[Huawei-rsa-key-code] public-key-code end
[Huawei-rsa-public-key] peer-public-key end
[Huawei]
4.9.21 public-key-code begin
Function
The public-key-code begin command displays the public key editing view.
Format
public-key-code begin
Parameters
None
Views
Public key view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 181
NetEngine AR
Command Reference 4 Basic Configurations Commands
You must save the public key generated on the remote host to the local host,
which ensures that the validity check on the remote end is successful. Run the
public-key-code begin command to display the public key editing view, and enter
the key data. The key characters can contain spaces. You can press Enter to enter
data in another line.
Prerequisite
A key name has been specified by running the rsa peer-public-key, or ecc peer-
public-key command.
Precautions
● The public key must be a hexadecimal character string in the public key
encoding format, and generated by the client or server that supports SSH.
● The public keys displayed by running the display rsa local-key-pair public, or
display ecc local-key-pair public command can be used as the key data to
enter.
● You can successfully edit the public key in a public key pair by entering the
public key in the server key pair or client key pair. In SSH application, only the
public key in the client key pair can be entered as key data. If you enter the
public key in the server key pair, authentication fails during SSH login.
Example
# Display the public key editing view and enter the key data.
<Huawei> system-view
[Huawei] rsa peer-public-key rsakey001
[Huawei-rsa-public-key] public-key-code begin
[Huawei-rsa-key-code] 308188
[Huawei-rsa-key-code] 028180
[Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[Huawei-rsa-key-code] 171896FB 1FFC38CD
[Huawei-rsa-key-code] 0203
[Huawei-rsa-key-code] 010001
[Huawei-rsa-key-code] public-key-code end
[Huawei-rsa-public-key] peer-public-key end
[Huawei]
4.9.22 public-key-code end
Function
The public-key-code end command returns to the public key view from the public
key editing view and saves the configured public keys.
Format
public-key-code end
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 182
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
Public key editing view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After this command is run, the process of editing the public key ends. Before
saving the public key, the system will check the validity of the key.
● If there are illegal characters in the public key character string configured by
the user, the system will display a relevant error prompt. The public key
previously configured by the user is discarded, thus the configuration fails.
● If the public key configured is valid, it is saved in the public key chain table of
the client.
Prerequisites
Before you run this command, the public-key-code begin command has been run
to enter the public key edit view.
Precautions
● Generally, in the public key view, only the public-key-code end command can
be used to exit. Thus, in this instance the quit command cannot be used.
● If the legal key coding is not input, the key cannot be generated after the
public-key-code end command is used. The system prompts that generating
the incorrect key fails.
● If the key is deleted in another window, the system prompts that the key does
not exist and returns to the system view directly after you run the public-key-
code end command.
Example
# Exit from the RSA public key editing view and saves the RSA key configuration.
<Huawei> system-view
[Huawei] rsa peer-public-key rsakey001
[Huawei-rsa-public-key] public-key-code begin
[Huawei-rsa-key-code] 308188
[Huawei-rsa-key-code] 028180
[Huawei-rsa-key-code] B21315DD 859AD7E4 A6D0D9B8 121F23F0 006BB1BB
[Huawei-rsa-key-code] A443130F 7CDB95D8 4A4AE2F3 D94A73D7 36FDFD5F
[Huawei-rsa-key-code] 411B8B73 3CDD494A 236F35AB 9BBFE19A 7336150B
[Huawei-rsa-key-code] 40A35DE6 2C6A82D7 5C5F2C36 67FBC275 2DF7E4C5
[Huawei-rsa-key-code] 1987178B 8C364D57 DD0AA24A A0C2F87F 474C7931
[Huawei-rsa-key-code] A9F7E8FE E0D5A1B5 092F7112 660BD153 7FB7D5B2
[Huawei-rsa-key-code] 171896FB 1FFC38CD
[Huawei-rsa-key-code] 0203
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 183
NetEngine AR
Command Reference 4 Basic Configurations Commands
[Huawei-rsa-key-code] 010001
[Huawei-rsa-key-code] public-key-code end
[Huawei-rsa-public-key] peer-public-key end
[Huawei]
4.9.23 redirect binding vpn-instance
Function
The redirect binding vpn-instance command associates the redirection function
with a VPN instance.
The undo redirect binding vpn-instance command cancels the association
between the redirection function and a VPN instance.
By default, the redirection function is not associated with any VPN instance.
Format
redirect binding vpn-instance vpn-instance-name
undo redirect binding vpn-instance
Parameters
Parameter Description Value
vpn-instance-name Specifies the name of a VPN The value is a string
instance. of 1 to 31 case-
sensitive characters,
spaces not supported.
When double
quotation marks are
used around the
string, spaces are
allowed in the string.
Views
User interface view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
By default, all users on public and private networks can log in to remote devices
after the redirection function is enabled. To allow only users in a VPN to log in to
a remote device, associate the redirection function with the VPN instance on the
device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 184
NetEngine AR
Command Reference 4 Basic Configurations Commands
Prerequisite
A VPN instance has been created on the router, and the user-side interface of the
router has been bound to the VPN instance.
The redirection function has been enabled by using the redirect enable command.
Precautions
After the redirection function is associated with a VPN instance, only users in the
VPN instance can use the redirection function to log in to the device remotely.
Users on the public network or other private networks connected to the router are
prevented from logging in to the device remotely.
Example
# Associate the redirection function with the VPN instance vpna.
<Huawei> system-view
[Huawei] user-interface tty 1
[Huawei-ui-tty1] undo shell
[Huawei-ui-tty1] redirect enable
[Huawei-ui-tty1] redirect binding vpn-instance vpna
4.9.24 redirect enable
Function
The redirect enable command enables the redirection function on a TTY user
interface.
The undo redirect enable command disables the redirection function on a TTY
user interface.
By default, the redirection function is disabled.
Format
redirect [ ssh ] enable
undo redirect [ ssh ] enable
Parameters
Parameter Description Value
ssh Enables the SSH-based redirection function on a serial port. -
Views
User interface view
Default Level
2: Configuration level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 185
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
The redirection function is used in the following scenarios:
● An electricity system or finance system usually uses serial port terminals to
collect data. These terminals are connected to asynchronous serial ports of a
device. The device receives data flows from the terminals and encapsulates
received data into Ethernet frames to transmit the data on an Ethernet
network. With the redirection function, users can manage and maintain the
terminals remotely.
● Some devices can be managed only through their console ports. In this
scenario, connect their console ports to asynchronous serial ports of a device.
The device can function as a serial port server to manage these devices.
Prerequisite
● There are reachable routes between the operation terminal and the device
that provides the redirection function.
● The 8AS board on the device has registered successfully and asynchronous
serial port corresponding to the TTY user interface on the board is in Up state.
● The asynchronous serial port corresponding to the TTY user interface has
been configured to work in flow mode using the async mode flow command.
Precautions
If the modem function is enabled on a TTY user interface, the redirection function
does not take effect.
Example
# Enable the redirection function on a TTY user interface.
<Huawei> system-view
[Huawei] user-interface tty 9
[Huawei-ui-tty9] undo shell
[Huawei-ui-tty9] redirect enable
4.9.25 redirect listen-port
Function
The redirect listen-port command sets a port number for the redirection function
on a TTY user interface.
The undo redirect listen-port command restores the default port number for the
redirection function.
By default, the port number for the redirection function is 2000 plus the TTY user
interface number.
Format
redirect [ ssh ] listen-port port-number
undo redirect [ ssh ] listen-port
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 186
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
ssh Enables the SSH-based -
redirection function on a serial
port.
port-number Specifies the port number for the The value is an
redirection function. integer that ranges
from 2129 to 3999.
Views
User interface view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
If the default port number for the redirection function is used by another service,
run the redirect listen-port command to set a new port number.
Prerequisite
The redirection function has been enabled using the redirect enable command.
Example
# Set the port number for the redirection function to 2500.
<Huawei> system-view
[Huawei] user-interface tty 1
[Huawei-ui-tty1] undo shell
[Huawei-ui-tty1] redirect enable
[Huawei-ui-tty1] redirect listen-port 2500
4.9.26 rsa local-key-pair create
Function
The rsa local-key-pair create command generates the local RSA host and server
key pairs.
By default, the local RSA host and server key pairs are not configured.
Format
rsa local-key-pair create
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 187
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
To implement secure data exchange between the server and client, run this
command to generate a local key pair.
Precautions
If the RSA key pair exists, the system prompts you to confirm whether to replace
the original key pair.
After you run this command, the system prompts you to enter the number of bits
in the host key. The difference between the bits in the server and host key pairs
must be at least 128 bits.
NOTE
Because a longer key pair provides higher security, you are advised to use key pairs of the
largest length.
After you run this command, the generated key pair is saved in the device and will
not be lost after the device restarts.
This command is not saved in a configuration file.
Example
# Generate the local RSA host and server key pairs.
<Huawei> system-view
[Huawei] rsa local-key-pair create
The key name will be: Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is less than 2048,
It will introduce potential security risks.
Input the bits in the modulus[default = 2048]:2048
Generating keys...
......................................................................................+++
....+++
.......................................++++++++
..............++++++++
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 188
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.27 rsa local-key-pair destroy
Function
The rsa local-key-pair destroy command deletes all local RSA host and server key
pairs.
Format
rsa local-key-pair destroy
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
To delete the local key pair, run rsa local-key-pair destroy command. If the host
key pair and the service key pair of an SSH server are deleted, run the rsa local-
key-pair create command to create the new host key pair and service key pair for
the SSH server.
After you run this command, verify that all local RSA keys are deleted. This
command is not saved in a configuration file.
Prerequisite
The local RSA keys that can be deleted exist.
Example
# Delete all RSA server keys.
<Huawei> system-view
[Huawei] rsa local-key-pair destroy
The name for the keys which will be destroyed is Host.
Warning: Confirm to destroy these keys! Continue? [Y/N]y
4.9.28 rsa peer-public-key
Function
The rsa peer-public-key command configures an encoding format for an RSA
public key and displays the RSA public key view.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 189
NetEngine AR
Command Reference 4 Basic Configurations Commands
The undo rsa peer-public-key command deletes a public key.
By default, the encoding format is distinguished encoding rules (DER) for an RSA
public key.
Format
rsa peer-public-key key-name [ encoding-type { der | openssh | pem } ]
undo rsa peer-public-key key-name
Parameters
Parameter Description Value
key-name Specifies the rsa public key name. The value is a string of
1 to 30 case-insensitive
characters without
spaces.
NOTE
When double quotation
marks are used around
the string, spaces are
allowed in the string.
encoding-type Specifies an encoding format for an -
RSA public key.
der Specifies the DER format for an RSA -
public key.
DER encodes data in hexadecimal
format.
openssh Specifies the OpenSSH format for an -
RSA public key.
OpenSSH encodes data in base-64
format.
OpenSSH is an encoding format based
on PEM.
pem Specifies the PEM format for an RSA -
public key.
PEM encodes data in base-64 format.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 190
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
When you use an RSA public key for authentication, you must specify the public
key of the corresponding client for an SSH user on the server. When the client logs
in to the server, the server uses the specified public key to authenticate the client.
You can also save the public key generated on the server to the client. Then the
client can be successfully authenticated by the server when it logs in to the server
for the first time.
Huawei data communications devices support the DER, OpenSSH and PEM
formats for RSA keys. If you use an RSA key in non-DER/OpenSSH/PEM format,
use a third-party tool to convert the key into a key in DER, OpenSSH or PEM
format.
Because a third-party tool is not released with Huawei system software, RSA
usability is unsatisfactory. In addition to DER, RSA keys need to support the
privacy-enhanced mail (PEM) and OpenSSH formats to improve RSA usability.
Third-party software, such as PuTTY, OpenSSH, and OpenSSL, can be used to
generate RSA keys in different formats. The details are as follows:
● The PuTTY generates RSA keys in PEM format.
● The OpenSSH generates RSA keys in OpenSSH format.
● The OpenSSL generates RSA keys in DER format.
OpenSSL is an open source software. You can download related documents at
http://www.openssl.org/.
After you configure an encoding format for an RSA public key, Huawei data
communications device automatically generates an RSA public key in the
configured encoding format and enters the RSA public key view. Then you can run
the public-key-code begin command and manually copy the RSA public key
generated on the peer device to the local device.
Prerequisite
The public key on the remote host has been obtained and recorded.
Follow-up Procedure
After you copy the RSA public key generated on the peer device to the local
device, perform the following operations to exit the RSA public key view:
1. Run the public-key-code end command to return to the RSA public key view.
2. Run the peer-public-key end command to exit the RSA public key view and
return to the system view.
Precautions
The public key on the client is randomly generated by the client software.
If an RSA public key has assigned to an SSH client, release the binding relationship
between the public key and the SSH client. If you do not release the binding
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 191
NetEngine AR
Command Reference 4 Basic Configurations Commands
relationship between them, the undo rsa peer-public-key command will fail to
delete the RSA public key.
The peer public key supports only PKCS#1. Other PKCS versions are not supported.
Example
# Configure the encoding format for an RSA public key and displays the RSA
public key view.
<Huawei> system-view
[Huawei] rsa peer-public-key rsakey001
Enter "RSA public key" view, return system view with "peer-public-key end".
NOTE: The number of the bits of public key must be between 769 and 2048.
[Huawei-rsa-public-key]
4.9.29 send
Function
The send command sends messages to all user interfaces.
Format
send { all | ui-number | ui-type ui-number1 }
Parameters
Parameter Description Value
all Specifies that the system sends -
messages to all user interfaces.
ui-number Specifies the absolute number of The minimum value is 0. The
the user interface. maximum value is smaller by
1 than the number of the
user interfaces that the
system supports.
ui-type Specifies the type of the user -
interface.
ui-number1 Specifies the relative number of the -
user interface.
Views
User view
Default Level
1: Monitoring level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 192
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
After you run the send command, the system prompts you to enter the message
to send. After you confirm to send this message, the user who logs in to the
system from the specified user interface can receive this message.
Example
# Send a message to the user interface VTY 0.
<Huawei> send vty 0
Enter message, end with CTRL+Z or Enter; abort with CTRL+C:Hello, good morning!^Z
Warning: Send the message? [Y/N]: y
# After you confirm to send the message, the user who logs in to the Huawei
from VTY 0 can receive this message.
<Huawei>
Info: Receive a message from VTY2:Hello, good morning!
4.9.30 set insecure-protocol enable
Function
The set insecure-protocol enable command allows the usage of insecure
management protocols HTTP and Telnet.
The set insecure-protocol disable command forbids the usage of insecure
management protocols HTTP and Telnet.
By default, insecure management protocols HTTP and Telnet can be used.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
set insecure-protocol enable
set insecure-protocol disable
Parameters
None
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 193
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can log in to a device using HTTPS, Telnet, and STelnet, and HTTP and Telnet
belong to insecure management protocols. For security purposes, you can run the
set insecure-protocol disable command to forbid the usage of insecure
management protocols HTTP and Telnet.
Precautions
Before running the set insecure-protocol disable command, you need to check
whether the Telnet and HTTP service functions are enabled using the display
telnet server status and display http server commands, respectively. If the Telnet
and HTTP service functions are enabled, run the undo telnet server enable and
undo http server enable commands to disable the two functions. The set
insecure-protocol disable command then can be successfully run. If the Telnet
and HTTP service functions are disabled, directly run the set insecure-protocol
disable command to forbid the usage of insecure management protocols HTTP
and Telnet.
After the set insecure-protocol disable command is run, you can only run the set
insecure-protocol enable command to allow the usage of insecure management
protocols HTTP and Telnet.
Example
# Forbid the usage of insecure management protocols HTTP and Telnet.
<Huawei> system-view
[Huawei] display telnet server status
TELNET IPV4 server :Disable
TELNET IPV6 server :Disable
TELNET server port :23
Error: insecure-protocol is disabled.
[Huawei] display http server
HTTP server status : Disabled (default: disable)
HTTP server port : 80 (default: 80)
HTTP timeout interval : 10 (default: 10 minutes)
Current online users :0
Maximum users allowed :5
HTTPS server status : Enabled (default: disable)
HTTPS server port : 443 (default: 443)
HTTPS server manager port :
HTTPS SSL Policy :
[Huawei] set insecure-protocol disable
4.9.31 ssh client assign
Function
The ssh client assign command specifies the host public key of the SSH server to
connect on the SSH client.
The undo ssh client assign command cancels the specified host public key of the
SSH server to connect on the SSH client.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 194
NetEngine AR
Command Reference 4 Basic Configurations Commands
By default, the host public key of the server to connect is not specified on the
client.
Format
ssh client servername assign { rsa-key | ecc-key } keyname
undo ssh client servername assign { rsa-key | ecc-key }
Parameters
Parameter Description Value
servername Specifies the host name or IP The value is a string of 1 to
address of the SSH server. 64 characters without spaces.
rsa-key Specifies the RSA public key. -
ecc-key Specifies the ECC public key. -
keyname Specifies the SSH server public key The value is a string of 1 to
name that has been configured on 64 case-insensitive characters
the SSH client. without spaces.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If the SSH client connects to the SSH server for the first time and the first
authentication is not enabled on the SSH client using the ssh client first-time
enable command, the SSH client rejects the access from unauthorized SSH
servers. You need to specify the host public key of the SSH server and the
mapping between the key and SSH server on the SSH client. After that, the client
will determine whether the server is reliable using the correct public key based on
the mapping.
Precautions
The RSA or ECC public key to be assigned to the SSH server must have been
configured on the SSH client using the rsa peer-public-key or ecc peer-public-
key command. If the key has not been configured, the verification for the RSA or
ECC public key of the SSH server on the SSH client fails.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 195
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Assign the RSA public key to the SSH server.
<Huawei> system-view
[Huawei] ssh client 10.164.39.120 assign rsa-key sshrsakey01
# Delete the RSA public key of the SSH server.
<Huawei> system-view
[Huawei] undo ssh client 10.164.39.120 assign rsa-key
4.9.32 ssh client first-time enable
Function
The ssh client first-time enable command enables the first authentication on the
SSH client.
The undo ssh client first-time enable command disables the first authentication
on the SSH client.
By default, first authentication is disabled on the SSH client.
Format
ssh client first-time enable
undo ssh client first-time enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When the SSH client accesses the SSH server for the first time and the public key
of the SSH server is not configured on the SSH client, you can enable the first
authentication for the SSH client to access the SSH server and save the public key
on the SSH client. When the SSH client accesses the SSH server next time, the
saved public key is used to authenticate the SSH server.
Precautions
You can run the ssh client assign command to pre-assign a public key to the SSH
server. In this manner, you can log in to the SSH server successfully at the first
time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 196
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enable the first authentication on the SSH client.
<Huawei> system-view
[Huawei] ssh client first-time enable
4.9.33 ssh server authentication-retries
Function
The ssh server authentication-retries command sets the maximum number of
authentication retries for an SSH connection.
The undo ssh server authentication-retries command restores the default
maximum number of authentication retries for an SSH connection.
The default maximum number of authentication retries for an SSH connection is
3.
Format
ssh server authentication-retries times
undo ssh server authentication-retries
Parameters
Parameter Description Value
times Specifies the maximum number of The value is an integer that
authentication retries for an SSH ranges from 1 to 5.
connection.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run this command to configure the maximum number of authentication
retries for an SSH connection, which prevents server overload due to malicious
access.
Precautions
The configured number of retries takes effect upon the next login.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 197
NetEngine AR
Command Reference 4 Basic Configurations Commands
The total number of RSA and password authentication retries on the SSH client
cannot exceed the maximum number that is set using this command.
Example
# Set the maximum number of times for retrying login authentication to 4.
<Huawei> system-view
[Huawei] ssh server authentication-retries 4
4.9.34 ssh server compatible-ssh1x enable
Function
The ssh server compatible-ssh1x enable command enables the SSH server's
compatibility with earlier versions.
The undo ssh server compatible-ssh1x enable command disables the SSH
server's compatibility with earlier versions.
By default, the SSH server's compatibility with earlier versions is disabled.
NOTE
This function is not supported in V300R021C10SPC100 and later versions.
Format
ssh server compatible-ssh1x enable
undo ssh server compatible-ssh1x enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The SSH server's compatibility with earlier versions applies to the protocol version
negotiation between the client and server. After a TCP connection is set up
between the client and server, the client negotiates with the server on a version
that both the client and server support.
The server compares its own version with that sent by the client and determines
whether it can work with the client.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 198
NetEngine AR
Command Reference 4 Basic Configurations Commands
● If the protocol version on the client is earlier than 1.3 or later than 2.0,
version negotiation fails and the server disconnects from the client.
● If the protocol version on the client is equal to or later than 1.3 and earlier
than 1.99, the SSH1.5 server module is invoked and the SSH1.X process is
performed when the SSH1.X-compatible mode is configured. When the
SSH1.X-incompatible mode is configured, version negotiation fails and the
server disconnects from the client.
● If the protocol version on the client is 1.99 or 2.0, the SSH2.0 server module is
invoked and the SSH2.0 process is performed.
Precautions
● The configuration takes effect upon the next login.
● SSH2.0 has an extended structure and supports more authentication modes
and key exchange methods than SSH1.X. SSH 2.0 can eliminate the security
risks that SSH 1.X has. SSH 2.0 is more secure and therefore is recommended.
Example
# Enable an SSH server to be compatible with earlier SSH versions.
<Huawei> system-view
[Huawei] ssh server compatible-ssh1x enable
4.9.35 ssh server cipher
Function
The ssh server cipher command configures an encryption algorithm list for an
SSH server.
The undo ssh server cipher command restores the default encryption algorithm.
By default, an SSH server supports the following encryption algorithms:
aes128_ctr, aes192_ctr, and aes256_ctr.
Format
ssh server cipher { 3des_cbc | aes128_cbc | aes128_ctr | aes192_ctr | aes256_ctr
| blowfish_cbc | des_cbc } *
undo ssh server cipher
Parameters
Parameter Description Value
3des_cbc Adds the 3DES-CBC encryption algorithm to an encryption -
algorithm list on an SSH server.
aes128_cbc Adds the AES128-CBC encryption algorithm to an -
encryption algorithm list on an SSH server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 199
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
aes128_ctr Adds the AES128-CTR encryption algorithm to an -
encryption algorithm list on an SSH server.
aes192_ctr Adds the AES192-CTR encryption algorithm to an -
encryption algorithm list on an SSH server.
aes256_ctr Adds the AES256-CTR encryption algorithm to an -
encryption algorithm list on an SSH server.
blowfish_cbc Adds the BLOWFISH-CBC encryption algorithm to an -
encryption algorithm list on an SSH server.
NOTE
This parameter is not supported in V300R021C10SPC100 and later
versions.
des_cbc Adds the DES-CBC encryption algorithm to an encryption -
algorithm list on an SSH server.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
An SSH server and a client need to negotiate an encryption algorithm for the
packets transmitted between them. You can run the ssh server cipher command
to configure an encryption algorithm list for the SSH server. The server compares
the encryption algorithm list sent by the client with its own encryption algorithm
list, and selects the first encryption algorithm on the client's list that matches an
encryption algorithm on its own list as the encryption algorithm for packet
transmission. If no algorithm on the client's list matches an algorithm on the
server's list, the negotiation fails.
For example, for security purposes, you can run the ssh server cipher
{ aes256_ctr | aes192_ctr | aes128_ctr } * command to configure an encryption
algorithm list containing aes256_ctr, aes192_ctr, and aes128_ctr encryption
algorithms with high security for an SSH server.
Precautions
3des_cbc, aes128_cbc, blowfish_cbc, and des_cbc are weak encryption
algorithms. Therefore, it is recommended that you not add them to the encryption
algorithm list of the SSH server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 200
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Configure an encryption algorithm negotiation list containing aes256_ctr for an
SSH server.
<Huawei> system-view
[Huawei] ssh server cipher aes256_ctr
4.9.36 ssh server hmac
Function
The ssh server hmac command configures the check algorithm list of the SSH
server.
The undo ssh server hmac command restores default check algorithms of the
SSH server.
By default, an SSH server supports the sha2-256 encryption algorithms only.
Format
ssh server hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 } *
undo ssh server hmac
Parameters
Parameter Description Value
md5 Adds the MD5 check algorithm to the HMAC check -
algorithm list of the SSH server.
md5_96 Adds the MD5_96 check algorithm to the HMAC check -
algorithm list of the SSH server.
sha1 Adds the SHA1 check algorithm to the HMAC check -
algorithm list of the SSH server.
sha1_96 Adds the SHA1_96 check algorithm to the HMAC check -
algorithm list of the SSH server.
sha2_256 Adds the SHA2_256 check algorithm to the HMAC check -
algorithm list of the SSH server.
sha2_256_96 Adds the SHA2_256_96 check algorithm to the HMAC -
check algorithm list of the SSH server.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 201
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The server and client negotiate the algorithm for checking packets transmitted
between them. You can run the ssh server hmac command to configure the check
algorithm list of the SSH server. The server compares the check algorithm list sent
from the client with its own check algorithm list, and selects the first matched
check algorithm for checking transmitted packets. If the check algorithm lists of
the server and client have no common check algorithm, the check algorithm
negotiation fails.
For example, run the ssh server hmac sha2_256 command to add the high-
security sha2_256 check algorithm to the HMAC check algorithm list of the SSH
server, improving device security.
Precautions
The following check algorithms has priorities in descending order: sha2_256,
sha2_256_96, sha1, sha1_96, md5, and md5_96.
You are advised not to add the following HMAC check algorithms to the HMAC
check algorithm list of the SSH server because they provide low security:
sha2_256_96, sha1, sha1_96, md5, and md5_96.
Example
# Add sha2_256 to the check algorithm list of the SSH server.
<Huawei> system-view
[Huawei] ssh server hmac sha2_256
4.9.37 ssh server key-exchange
Function
The ssh server key-exchange command configures a key exchange algorithm list
for an SSH server.
The undo ssh server key-exchange command restores the default setting.
By default, an SSH server supports dh_group_exchange_sha1, dh_group14_sha1,
dh_group14_sha256, and dh_group15_sha512 key exchange algorithms.
Format
ssh server key-exchange { dh_group_exchange_sha1 | dh_group1_sha1 |
dh_group14_sha1 | dh_group14_sha256 | dh_group15_sha512 } *
undo ssh server key-exchange
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 202
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
dh_group_exchange_sha1 Adds the Diffie-hellman-group-exchange- -
sha1 algorithm to the key exchange
algorithm list of the SSH server.
The length of the Diffie-hellman-group-
exchange key exchange algorithm is
dynamically negotiated and ranges from
1024 bits to 8192 bits.
dh_group1_sha1 Adds the Diffie-hellman-group1-sha1 -
algorithm to the key exchange algorithm list
of the SSH server.
The length of the Diffie-hellman-group1 key
exchange algorithm is 768 bits.
dh_group14_sha1 Adds the Diffie-hellman-group14-sha1 kex -
algorithm to the key exchange algorithm list
of the SSH server.
The length of the Diffie-hellman-group14 key
exchange algorithm is 2048 bits.
dh_group14_sha256 Adds the Diffie-hellman-group14-sha256 kex -
algorithm to the key exchange algorithm list
of the SSH server.
The length of the Diffie-hellman-group14 key
exchange algorithm is 2048 bits.
dh_group15_sha512 Adds the Diffie-hellman-group15-sha512 kex -
algorithm to the key exchange algorithm list
of the SSH server.
The length of the Diffie-hellman-group15 key
exchange algorithm is 3072 bits.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 203
NetEngine AR
Command Reference 4 Basic Configurations Commands
An SSH user and a client need to negotiate a key exchange algorithm for the
packets exchanged between them. You can run the ssh server key-exchange
command to configure a key exchange algorithm list for the SSH server. After the
server receives a packet from the client, the server matches the key exchange
algorithm list of the client against its local list and selects the first matched key
exchange algorithm. If no key exchange algorithm is matched, the negotiation
fails.
Precautions
The key exchange algorithms are listed as follows in descending order of security
levels: dh_group15_sha512, dh_group14_sha256, dh_group_exchange_sha1,
dh_group14_sha1, and dh_group1_sha1. The dh_group14_sha256 algorithm is
recommended.
You are advised not to add the dh_group1_sha1 algorithm to the key exchange
algorithm list of the SSH server because it provides low security.
Example
# Configure a key exchange algorithm list containing dh_group_exchange_sha1
for the SSH server.
<Huawei> system-view
[Huawei] ssh server key-exchange dh_group_exchange_sha1
4.9.38 ssh server permit interface
Function
The ssh server permit interface command specifies interfaces on the SSH server
to which clients can connect.
The undo ssh server permit interface command deletes the specified interfaces
and allows clients to connect to all interfaces on the SSH server.
By default, clients can connect to all interfaces on the SSH server.
Format
ssh server permit interface { interface-type interface-number } &<1-5>
ssh server permit interface all
undo ssh server permit interface
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 204
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
interface-type Specifies interfaces on the SSH server to which clients -
interface- can connect.
number
interface-type specifies the interface type.
interface-number specifies the interface number.
interface-number and interface-type together specify an
interface.
NOTE
You can access the web system only through a physical
interface in versions earlier than V300R021C10SPC100.
all Allows clients to connect to all interfaces on the SSH -
server.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To prevent clients from connecting to the SSH server through unauthorized
interfaces, you can run the ssh server permit interface command to specify
interfaces on the SSH server to which clients can connect.
Precautions
● This command does not take effect on the MEth management interface. The
SSH server always allows clients to connect to it through the MEth
management interface.
● By default, clients can connect to all interfaces on the SSH server. Once a
specific interface is specified using this command, a client cannot connect to
the SSH server through any other interface.
● A maximum of five interfaces can be specified using the ssh server permit
interface { interface-type interface-number } &<1-5> command. The latest
configuration overrides the previous one. For example, before you run this
command, clients can connect to three interfaces GigabitEthernet 1/0/0,
GigabitEthernet 2/0/0, and GigabitEthernet 3/0/0 on the SSH server. After you
run the command to specify the interface GigabitEthernet 1/0/0, clients can
only connect to the interface GigabitEthernet 1/0/0.
● If no interface is specified on the SSH server to allow clients to connect to the
server, the SSH service cannot be enabled.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 205
NetEngine AR
Command Reference 4 Basic Configurations Commands
● The undo ssh server permit interface command can be executed only after
the SSH service is disabled.
Example
# Allow clients to connect to all interfaces on the SSH server.
<Huawei> system-view
[Huawei] ssh server permit interface all
Warning: Allowing access from all interfaces is insecure.
# Specify interfaces on the SSH server to which clients can connect.
<Huawei> system-view
[Huawei] ssh server permit interface gigabitethernet 1/0/0 gigabitethernet 2/0/0
Info: Succeeded in setting ssh permit interface.
# Delete the specified interfaces and allow clients to connect to all interfaces on
the SSH server.
<Huawei> system-view
[Huawei] undo ssh server permit interface
4.9.39 ssh server port
Function
The ssh server port command changes the listening port number of the SSH
server.
The undo ssh server port command restores the default listening port number of
the SSH server.
The default listening port number of the SSH server is 22.
Format
ssh server port port-number
undo ssh server port
Parameters
Parameter Description Value
port-number Specifies the listening port The value is 22 or an integer
number of the SSH server. ranging from 1025 to 55535.
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 206
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
Configure the listening port number of the SSH server to prevent from malicious
access to the SSH service standard port and ensure security.
Precautions
The SSH client can log in successfully with no port specified only when the server
is listening on port 22. If the server is listening on another port, the port number
must be specified upon login.
Before changing the current port number, disconnect all devices from the port.
After the port number is changed, the server starts to listen on the new port.
Example
# Set the listening port number of the SSH server is 1025.
<Huawei> system-view
[Huawei] ssh server port 1025
4.9.40 ssh server rekey-interval
Function
The ssh server rekey-interval command sets the interval for updating the SSH
server key pair.
The undo ssh server rekey-interval command restores the default interval for
updating the SSH server key pair.
The default interval for updating the SSH server key pair is 0, indicating that the
key pair is never updated.
Format
ssh server rekey-interval hours
undo ssh server rekey-interval
Parameters
Parameter Description Value
hours Specifies the interval for The value is an integer that ranges
updating the server key pair. from 1 to 24, in hours.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 207
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If the server key pair is not updated for a long time, the key is easy to decrypt and
the server is insecure. After the interval for updating the SSH server key pair is set
using this command, the system will automatically update the key pair at
intervals.
Precautions
If the client is connected to the server, the server public key on the client is not
updated immediately. This key is updated only when the client is reconnected to
the server.
Example
# Set the interval for updating the SSH server key pair to 2 hours.
<Huawei> system-view
[Huawei] ssh server rekey-interval 2
4.9.41 ssh server timeout
Function
The ssh server timeout command sets the timeout interval for SSH connection
authentication.
The undo ssh server timeout restores the default timeout interval for SSH
connection authentication.
The default timeout interval for SSH connection authentication is 60 seconds.
Format
ssh server timeout seconds
undo ssh server timeout
Parameters
Parameter Description Value
seconds Specifies the timeout interval for The value is an integer ranging
SSH connection authentication. from 60 to 120, in seconds.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 208
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If you have not logged in successfully at the timeout interval for SSH connection
authentication, the current connection is terminated to ensure security. You can
run the display ssh server command to query the current timeout interval.
Precautions
The setting for the timeout interval takes effect upon next login.
Example
# Set the SSH connection authentication timeout interval to 90 seconds.
<Huawei> system-view
[Huawei] ssh server timeout 90
4.9.42 ssh server-source
Function
The ssh server-source command specifies a source IP address for an SSH server.
The undo ssh server-source command deletes the source IP address of an SSH
server.
By default, the source IP address of an SSH server is not specified.
Format
ssh server-source { -a [ ipv6 ] source-ip-address | -i [ ipv6 ] interface-type
interface-number }
undo ssh [ ipv6 ] server-source
Parameters
Parameter Description Value
ipv6 Configures the SSH server to support an IPv6 -
source address.
-a source-ip-address Specifies the source IP address for the SSH server. -
The loopback IP address is recommended.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 209
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-i interface-type Specifies the loopback interface of the SSH server -
interface-number as the source interface.
If no loopback interface is configured or no IP
address is configured for the source interface, the
command fails to be executed.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the SSH server uses the source IP address
specified by routes to send and receive packets. The source IP address must be
configured for an interface with stable performance, such as the loopback
interface. Using the loopback interface as the source IP address simplifies the ACL
rule and security policy configuration. This shields the IP address differences and
interface status impact, filters incoming and outgoing packets, and implements
security authentication.
Precautions
● After the source IP address is specified for the SSH server, you must use the
specified IP address to log in to the SSH server.
● If the configured source IP address does not exist on the SSH server, configure
this IP address on the device and then restart the SSH service. Then you can
log in to the device.
● If the SSH service has been enabled, the SSH service restarts after the ssh
server-source command is executed.
● If the specified source interface has been bound to a VPN instance, the SSH
server is automatically bound to the same VPN instance.
Example
# Set the source IP address of the SSH server to LoopBack0.
<Huawei> system-view
[Huawei] ssh server-source -i loopback 0
Warning: To make the server source configuration take effect, the ssh will be restarted. Continue? (y/n):y
Info: Succeeded in closing the STELNET server.
Info: Succeeded in setting the source interface of the ssh server to LoopBack0
Info: Succeeded in starting the STELNET server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 210
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.9.43 ssh user assign
Function
The ssh user assign command assigns an existing public key to a user.
The undo ssh user assign command deletes the mapping between the user and
public key.
By default, no public key is assigned to a user.
Format
ssh user user-name assign { rsa-key | ecc-key } key-name
undo ssh user user-name assign { rsa-key | ecc-key }
Parameters
Parameter Description Value
user-name Specifies the SSH user name. The value is a string of 1 to 64 case-
insensitive characters without
spaces.
rsa-key Specifies the RSA public key. -
ecc-key Specifies the ECC public key. -
key-name Specifies the client public key The name is a string of 1 to 30 case-
name. insensitive characters without a
blank space.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When an SSH client needs to log in to the SSH server in RSA or ECC mode, run
this command to assign a public key to the client. If the client has been assigned
keys, the latest assigned key takes effect.
Precautions
The newly configured public key takes effect upon next login.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 211
NetEngine AR
Command Reference 4 Basic Configurations Commands
If the user named user-name to whom a public key is assigned does not exist, the
system automatically creates an SSH user named user-name and performs the
configured authentication for the SSH user.
Example
# Assign key1 to a user named John.
<Huawei> system-view
[Huawei] ssh user john assign rsa-key key1
4.9.44 ssh user authentication-type
Function
The ssh user authentication-type command configures the authentication mode
for an SSH user.
The undo ssh user authentication-type command restores the default
authentication mode for an SSH user.
By default, the password authentication mode is configured for an SSH user.
Format
ssh user [ user-name ] authentication-type { password | rsa | password-rsa |
ecc | password-ecc | all }
undo ssh user user-name authentication-type
Parameters
Parameter Description Value
user-name Specifies the SSH user name. The value is a
string of 1 to 64
case-insensitive
characters
without spaces.
password Specifies the password authentication mode. -
rsa Specifies the RSA authentication mode. -
password-rsa Specifies the password and RSA authentication -
mode.
ecc Specifies the ECC authentication mode. -
password-ecc Specifies the password and ECC authentication -
mode.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 212
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
all Specifies the password, RSA or ECC -
authentication mode.
NOTE
In all authentication mode, the user priority depends
on the authentication mode selected.
● If password authentication is selected, the user
priority is the same as that specified on the AAA
module.
● If RSA/ECC authentication is selected, the user
priority depends on the priority of the VTY
window used during user access.
If all authentication is selected and an AAA user
with the same name as the SSH user exists, user
priorities may be different in password
authentication and RSA/ECC authentication modes.
Set relevant parameters as needed.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Table 4-35 describes the usage scenarios for different authentication modes.
Table 4-35 Usage scenarios for authentication modes
Authentication Mode Usage Scenario
RSA It is a public key encryption
architecture and an asymmetric
encryption algorithm. Based on the
problem of factoring large numbers,
RSA is mainly used to transmit the
keys of the symmetric encryption
algorithm, which can improve
encryption efficiency and simplify key
management. The server checks
whether the SSH user, public key, and
digital user signature are valid. If all of
them are valid, the user is permitted to
access the server. If any of them is
invalid, the authentication fails and
the user is denied to access the server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 213
NetEngine AR
Command Reference 4 Basic Configurations Commands
Authentication Mode Usage Scenario
ECC Like RSA authentication, the server
first checks the validity of the SSH user
and whether the public key and the
numeric signature are valid. If all of
them are consistent with those
configured on the server, user
authentication succeeds. If any of the
three cannot pass authentication, the
user access is denied. Compared with
the RSA algorithm, the ECC
authentication has the following
advantages:
● Provides the same security with
shorter key length.
● Features a shorter computing
process and higher processing
speed.
● Requires less storage space.
● Requires lower bandwidth.
password On the server, the AAA module assigns
each authorized user a password for
login. The server has the mapping
between user names and passwords.
When a user requests to access the
server, the server authenticates the
user name and password. If either of
them fails to be authenticated, the
access request of the user is denied.
The account information of users who
are configured with the password
authentication mode can be
configured on devices or remote
authentication servers (for example,
RADIUS servers).
password-rsa, or password-ecc The SSH server authenticates a client
by checking both the public key and
password. The client can be
authenticated only when both the
public key and password meet the
requirement.
all In this authentication mode, the SSH
server authenticates a client by
checking the public key or password.
The client can be authenticated when
either the public key or password
meets the requirement.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 214
NetEngine AR
Command Reference 4 Basic Configurations Commands
Precautions
A new SSH user cannot log in to the SSH server unless being configured with an
authentication mode. The newly configured authentication mode takes effect
upon next login.
Example
# Configure the password authentication mode for an SSH user John.
<Huawei> system-view
[Huawei] ssh user john authentication-type password
4.9.45 ssh user default-authentication-type
Function
The ssh user default-authentication-type command sets the default
authentication mode for SSH users.
By default, the default authentication mode for SSH users is RSA authentication.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
ssh user default-authentication-type { password | rsa }
Parameters
Parameter Description Value
password Sets the default authentication mode for SSH users to -
password authentication.
rsa Sets the default authentication mode for SSH users to RSA -
authentication.
Views
System view
Default Level
2: Configuration level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 215
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
To change the default authentication mode for SSH users, run this command.
Example
# Set the default authentication mode for SSH users to RSA authentication.
<Huawei> system-view
[Huawei] ssh user default-authentication-type rsa
4.9.46 stelnet
Function
The stelnet command enables you to use the STelnet protocol to log in to another
device from the current device.
Format
# IPv4 address
stelnet [ -a source-address ] host-ip [ port-number ] [ [ -vpn-instance vpn-
instance-name ] | [ identity-key { rsa | ecc } ] | [ user-identity-key { rsa | ecc } ] |
[ prefer_kex { dh_group15_sha512 | dh_group14_sha256 | dh_group14_sha1 |
dh_group1 | dh_exchange_group } ] | [ prefer_ctos_cipher { 3des | aes128 |
aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_stoc_cipher { 3des | aes128 |
aes128-ctr | aes192-ctr | aes256-ctr } ] | [ prefer_ctos_hmac { sha1 | sha1_96 |
md5 | md5_96 | sha2_256 | sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 |
sha1_96 | md5 | md5_96 | sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc
alivecountmax ] ]
# IPv6 address
stelnet ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interface-
number ] [ port-number ] [ [ -vpn6-instance vpn-instance-name ] | [ identity-
key { rsa | ecc } ] | [ user-identity-key { rsa | ecc } ] | [ prefer_kex
{ dh_group15_sha512 | dh_group14_sha256 | dh_group14_sha1 | dh_group1 |
dh_exchange_group } ] | [ prefer_ctos_cipher { 3des | aes128 | aes128-ctr |
aes192-ctr | aes256-ctr } ] | [ prefer_stoc_cipher { 3des | aes128 | aes128-ctr |
aes192-ctr | aes256-ctr } ] | [ prefer_ctos_hmac { sha1 | sha1_96 | md5 |
md5_96 | sha2_256 | sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 |
md5 | md5_96 | sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc
alivecountmax ] ]
Parameters
Parameter Description Value
ipv6 Specifies an IPv6 -
address.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 216
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-a source-address Specifies the STelnet -
source IP address.
host-ip Specifies the IP The value is a string of 1 to 255
address or host name case-insensitive characters without
of the remote IPv4 spaces. When double quotation
STelnet server. marks are used around the string,
spaces are allowed in the string.
host-ipv6 Specifies the IPv6 The value is a string of 1 to 255
address or host name case-insensitive characters without
of the remote IPv6 spaces. When double quotation
STelnet server. marks are used around the string,
spaces are allowed in the string.
-oi interface-type Specifies the If the IPv6 address of the remote
interface-number outbound interface host is linked to a local address,
on the local device. the outbound interface must be
specified.
port-number Specifies the port The value is an integer that ranges
number that the SSH from 1 to 65535. The default value
server is listening on. 22 is the standard port number.
identity-key Specifies the public The public key algorithm include
key for server RSA and ECC.
authentication.
user-identity-key Specifies the public The public key algorithm include
key algorithm for the RSA and ECC.
client authentication.
NOTE
If the user-identity-key parameter is
not used, RSA authentication is used
by default. You can specify ECC
authentication using the user-
identity-key parameter.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 217
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
prefer_kex Specifies the The dh_group15_sha512,
preferred key dh_group14_sha256,
exchange algorithm. dh_group14_sha1, dh_group1, and
dh_exchange_group algorithms
are supported.
The default key exchange
algorithm is dh_group14_sha256.
NOTE
The length of the Diffie-hellman-
group-exchange key exchange
algorithm is dynamically negotiated
and ranges from 1024 bits to 8192
bits.
The length of the Diffie-hellman-
group1 key exchange algorithm is 768
bits.
The length of the Diffie-hellman-
group14 key exchange algorithm is
2048 bits.
The length of the Diffie-hellman-
group15 key exchange algorithm is
3072 bits.
prefer_ctos_cipher Specifies the Encryption algorithms 3des,
preferred encryption aes128, aes128-ctr, aes192-ctr, and
algorithm from the aes256-ctr are supported.
client to the server.
The default algorithm are aes128-
ctr, aes192-ctr, and aes256-ctr.
prefer_stoc_cipher Specifies the Encryption algorithms 3des,
preferred encryption aes128, aes128-ctr, aes192-ctr, and
algorithm from the aes256-ctr are supported.
server to the client.
The default algorithm are aes128-
ctr, aes192-ctr, and aes256-ctr.
prefer_ctos_hmac Specifies the The sha2_256, sha2_256_96, sha1,
preferred HMAC sha1_96, md5, and md5_96
algorithm from the algorithms are supported.
client to the server.
The default algorithm is sha2_256.
prefer_stoc_hmac Specifies the The sha2_256, sha2_256_96, sha1,
preferred HMAC sha1_96, md5, and md5_96
algorithm from the algorithms are supported.
server to the client.
The default algorithm is sha2_256.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 218
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-vpn-instance vpn- Specifies the name of The value is a string of 1 to 31
instance-name the VPN instance to case-sensitive characters, spaces
which the IPv4 server not supported. When double
belongs. quotation marks are used around
the string, spaces are allowed in
the string.
-vpn6-instance vpn- Specifies the name of The value is a string of 1 to 31
instance-name the VPN instance to case-sensitive characters, spaces
which the IPv6 server not supported. When double
belongs. quotation marks are used around
the string, spaces are allowed in
the string.
-ki aliveinterval Specifies the interval The value is an integer that ranges
for sending keepalive from 1 to 3600, in seconds.
packets when no
packet is received.
-kc alivecountmax Specifies the number The value is an integer that ranges
of times for no reply from 3 to 10. The default value is
of keepalive packets. 5.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Logins through Telnet bring security risks because Telnet does not provide any
authentication mechanism and data is transmitted using TCP in plain text.
Compared with Telnet, SSH guarantees secure file transfer on a traditional
insecure network by authenticating clients and encrypting data in bidirectional
mode. The SSH protocol supports STelnet. You can run this command to use
STelnet to log in to another device from the current device.
STelnet is a secure Telnet service. SSH users can use the STelnet service in the
same way as the Telnet service.
When a fault occurs in the connection between the client and server, the client
needs to detect the fault in real time and proactively release the connection. You
need to set the interval for sending keepalive packets and the maximum number
of times on the client that logs in to the server through STelnet.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 219
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Interval for sending keepalive packets: If a client does not receive any packet
within the specified interval, the client sends a keepalive packet to the server.
● Maximum number of times the server has no response: If the number of
times that the server does not respond exceeds the specified value, the client
proactively releases the connection.
Precautions
● Enable the STelnet service on the SSH server by stelnet server enable
command, before connecting the SSH server by using the STelnet command.
● The SSH client can log in to the SSH server with no port specified only when
the server is listening on port 22. If the server is listening on another port, the
port number must be specified upon login.
● For security purposes, you are advised to use the AES128, AES128-CTR,
AES192-CTR, AES256-CTR or SHA2_256 encryption algorithms instead.
Example
# Set keepalive parameters when the client logs in to the server through STelnet.
<Huawei> system-view
[Huawei] stelnet 10.164.39.209 -ki 10 -kc 4
# Remotely connect to the STelnet server that uses an IPv6 address.
<Huawei> system-view
[Huawei] stelnet ipv6 fc00:2001:db8::1 prefer_ctos_cipher aes128
4.9.47 stelnet server enable
Function
The stelnet server enable command enables the STelnet service on the SSH
server.
The undo stelnet server enable command disables the STelnet service on the
SSH server.
By default, the STelnet service is disabled on the SSH server.
Format
stelnet server enable
undo stelnet server enable
Parameters
None
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 220
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
To connect a client to the SSH server through STelnet, you must enable the
STelnet service on the SSH server.
Prerequisites
The interfaces on the SSH server to which clients can connect have been specified
by running the ssh server permit interface { { interface-type interface-number }
&<1-5> | all } command. If no interface is specified, the STelnet service cannot be
enabled.
Precautions
After you disable the STelnet service on the SSH server, all clients that have logged
in through STelnet are disconnected.
Example
# Enable the STelnet service.
<Huawei> system-view
[Huawei] ssh server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] stelnet server enable
Info: Succeeded in starting the STELNET server.
4.9.48 super
Function
The super command switches a user from the current level to a specified level.
Format
super [ level ]
Parameters
Parameter Description Value
level Specifies the target The value is an integer that ranges from 0
user level. to 15. By default, a user is switched to level
3.
Views
User view
Default Level
0: Visit level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 221
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
Users are assigned one of 16 levels, and these levels correspond to command
levels. After logging in to the device, users can use only the commands whose
levels are equal to or lower than their user levels.
When a user is switched from a lower level to a higher level, the device requires
the user to enter the authentication password for the higher user level to
authenticate the user identity, preventing unauthorized users from logging in to
the device. You can run the super password command to set an authentication
password used to switch a user from a lower level to a higher level.
If the entered target user level is lower than or equal to the current user level, the
system directly sets the entered user level as the target user level, and displays a
message. If the target level is higher than the current user level, the system asks
the user to enter the authentication password.
The password entered by a user is not displayed on the screen. If the user enters
the correct password within three times, the system switches the user to the
higher user level; otherwise, the user level remains unchanged.
Precautions
● The configured target level takes effect only for the current user. The user
level restores to the original level the next time the user logs in.
● The password is a string of 8 to 16 characters.
● The password must be a combination of at least two of the following:
uppercase letters, lowercase letters, digits, and special characters.
Special characters include ` ~ ! @ # $ % ^ & * ( ) - _ = + \ | [ { } ] ; : ' " , < .
> / ? spaces.
● The password must be the same as the password set using the super
password command.
Example
# Switch a user to level 10.
<Huawei> super 10
Password:
Now user privilege is level 10, and only those commands whose level is
equal to or less than this level can be used.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE
4.9.49 super password
Function
The super password command sets an authentication password used to switch a
user from a lower level to a higher level.
The undo super password command deletes an authentication password used to
switch a user from a lower level to a higher level.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 222
NetEngine AR
Command Reference 4 Basic Configurations Commands
By default, no switching password is configured. You must set the authentication
password before switching a user from a lower level to a higher level; otherwise,
the switching fails.
Format
super password [ level user-level ] cipher
undo super password [ level user-level ]
Parameters
Parameter Description Value
level user-level Specifies the target The value is an integer that ranges from
user level. 1 to 15. The target user level must be
lower than or equal to the current user
level. By default, the authentication
password is set to switch a user to level
3.
cipher Indicates that the -
configured password is
displayed in cipher
text.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If rights are reconfigured, you need to run the super command to switch a user
from a lower level to a higher level. When a user is switched from a lower level to
a higher level, the device authenticates the user identity to prevent unauthorized
users from logging in to the device. Users at a higher level can run the super
password command to set an authentication password used to switch a user from
a lower level to a higher level, so that the device can authenticate the user
identity.
Precautions
● The target user level must be lower than or equal to the current user level.
● The entered authentication password must meet the following requirements:
– It is a string of 8 to 16 characters entered only in plain text.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 223
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
After user run the set password min-length command, the minimum length of
the password is the password length set using the set password min-length
command.
– It must be a combination of at least two of the following: uppercase
letters, lowercase letters, digits, and special characters.
Special characters include ` ~ ! @ # $ % ^ & * ( ) - _ = + \ | [ { } ] ; : ' " ,
< . > / ? spaces.
● The password entered in interactive mode is not displayed on the screen.
● When setting the password in interactive mode, you can press CTRL+C to
cancel the password setting.
● If this command is run, passwords entered by users will be saved in cipher
text in the configuration file. Therefore, a configured password cannot be
retrieved from the system. Keep the password safe.
Example
# Set an authentication password used to switch a user from a lower level to level
5.
<Huawei> system-view
[Huawei] super password level 5 cipher
Enter Password(<8-16>):
Confirm password:
4.9.50 telnet
Function
The telnet command enables you to use the Telnet protocol to log in to another
device from the current device.
Format
# Log in to another device through Telnet based on IPv4.
telnet [ vpn-instance vpn-instance-name ] [ -a source-ip-address ] host-ip [ port-
number ]
# Log in to another device through Telnet based on IPv6.
telnet ipv6 [ -a source-ip-address ] [ vpn6-instance vpn6-instance-name ] host-
ipv6 [ -oi interface-type interface-number ] [ port-number ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 224
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
vpn-instance Specifies the VPN4 instance The value is a string of 1 to
vpn-instance- name of the device to log in 31 case-sensitive characters,
name through Telnet. spaces not supported. When
double quotation marks are
used around the string,
spaces are allowed in the
string.
-a source-ip- By specifying a source IP -
address address, you can use this
address to communicate with
the server for high network
security. If no source address is
specified, the system will use
the IP address of the local
outbound interface to initiate a
Telnet connection.
vpn6-instance Specifies the VPN6 instance The value is a string of 1 to
vpn6-instance- name of the device to log in 31 case-sensitive characters,
name through Telnet. spaces not supported. When
double quotation marks are
used around the string,
spaces are allowed in the
string.
host-ip Specifies the IPv4 address or The value is a string of 1 to
host name of the remote 255 case-insensitive
device. characters without spaces.
host-ipv6 Specifies the IPv6 address or The value is a string of 1 to
host name of the remote 255 case-insensitive
device. characters without spaces.
-oi interface- Specifies the outbound If the IPv6 address of the
type interface- interface on the local device. remote host is linked to a
number local address, the outbound
interface must be specified.
port-number Specifies the number of the The value is an integer that
TCP port that is used by the ranges from 1 to 65535. The
remote device to provide the default value is 23.
Telnet service.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 225
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
0: Visit level
Usage Guidelines
Usage Scenario
If one or multiple devices on the network need to be configured and managed,
you do not need to connect each device to your terminal for local maintenance. If
you have learned the IP address of the device, you can run this command to log in
to the device from your terminal for remote device configuration. By doing this,
you can use one terminal to maintain multiple devices on the network.
You can press Ctrl_] to terminate an active connection between the local and
remote devices.
Precautions
● Before you run the telnet command to connect to the Telnet server, the
Telnet client and server must be able to communicate through Layer 3 and
the Telnet service must be enabled on the Telnet server.
● Logins through Telnet bring security risks because Telnet does not provide any
authentication mechanism and data is transmitted using TCP in plain text.
The STelnet mode is recommended for the network that has the high security
requirement.
Example
# Connect to a remote device through Telnet.
<Huawei> telnet 192.168.1.6
# Use the IPv6 address to connect to a remote device through Telnet.
<Huawei> telnet ipv6 fc00:0:0:11::158
4.9.51 telnet client-source
Function
The telnet client-source command specifies the source IP address and interface
for a Telnet client.
The undo telnet client-source command restores the default settings.
The default source IP address of the Telnet client is 0.0.0.0.
Format
telnet client-source { -a source-ip-address | -i interface-type interface-number }
undo telnet client-source
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 226
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
-a source-ip-address Specifies the IPv4 address of the local -
router.
-i interface-type interface- Specifies the outbound interface of -
number the local router.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If the source IP address and interface are not specified in the telnet command,
use the default settings specified by telnet client-source. If the source IP address
and interface are specified in the telnet command, use the specified settings.
Check the current Telnet connection on the server. The IP address displayed is the
specified source IP address or the primary IP address of the specified interface.
Precautions
If the specified source interface has been bound to a VPN instance, the client is
automatically bound to the same VPN instance.
Example
# Set the source IP address of the Telnet client to 10.1.1.1.
<Huawei> system-view
[Huawei] telnet client-source -a 10.1.1.1
4.9.52 telnet server-source
Function
The telnet server-source command specifies a source IP address for a Telnet
server.
The undo telnet server-source command deletes the source IP address of a Telnet
server.
By default, the source interface of a Telnet server is not specified.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 227
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
telnet server-source { -a [ ipv6 ] source-ip-address | -i [ ipv6 ] interface-type
interface-number }
undo telnet [ ipv6 ] server-source
Parameters
Parameter Description Value
ipv6 Configures the Telnet server to support an IPv6 -
source address.
-a source-ip-address Specifies the source IP address for the Telnet -
server. The loopback IP address is recommended.
-i interface-type Specifies the loopback interface of the Telnet -
interface-number server as the source interface.
If no loopback interface is configured or no IP
address is configured for the source interface, the
command fails to be executed.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the Telnet server uses the source IP address
specified by routes to send packets. The source IP address must be configured for
an interface with stable performance, such as the loopback interface. Using the
loopback interface as the source IP address simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, filters incoming and outgoing packets, and implements security
authentication.
Precautions
● After the source IP address is specified for the Telnet server, you must use the
specified IP address to log in to the Telnet server.
● If the Telnet service has been enabled, the Telnet service restarts after the
telnet server-source command is executed.
● If the specified source interface has been bound to a VPN instance, the server
is automatically bound to the same VPN instance.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 228
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Set the source IP address of the Telnet server to LoopBack0.
<Huawei> system-view
[Huawei] telnet server-source -i loopback 0
Warning: To make the server source configuration take effect, the telnet server will be restarted. Continue?
[Y/N]: y
Info: Succeeded in setting the source interface of the telnet server to LoopBack0
Info: Telnet is insecure, recommended to use stelnet with encryption features.
4.9.53 telnet server permit interface
Function
The telnet server permit interface command specifies interfaces on the Telnet
server to which clients can connect.
The undo telnet server permit interface command deletes the specified
interfaces and allows clients to connect to all interfaces on the Telnet server.
By default, clients can connect to all the interfaces on the Telnet server.
Format
telnet server permit interface { interface-type interface-number } &<1-5>
telnet server permit interface all
undo telnet server permit interface
Parameters
Parameter Description Value
interface-type Specifies an interface to which clients can connect on -
interface- the Telnet server.
number
interface-type specifies the interface type.
interface-number specifies the interface number.
interface-number and interface-type together specify an
interface.
NOTE
You can access the web system only through a physical
interface in versions earlier than V300R021C10SPC100.
all Allows clients to connect to all interfaces on the Telnet -
server.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 229
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To prevent clients from connecting to the Telnet server through unauthorized
interfaces, you can run the telnet server permit interface command to specify
interfaces on the Telnet server to which clients can connect.
Precautions
● This command does not take effect on the MEth management interface. The
Telnet server always allows clients to connect to it through the MEth
management interface.
● By default, clients can connect to all interfaces on the Telnet server. Once a
specific interface is specified using this command, a client cannot connect to
the Telnet server through any other interface.
● A maximum of five interfaces can be specified using the telnet server permit
interface { interface-type interface-number } &<1-5> command. The latest
configuration overrides the previous one. For example, before you run this
command, clients can connect to three interfaces GigabitEthernet 1/0/0,
GigabitEthernet 2/0/0, and GigabitEthernet 3/0/0 on the Telnet server. After
you run the command to specify the interface GigabitEthernet 1/0/0, clients
can only connect to the interface GigabitEthernet 1/0/0.
● If no interface is specified on the Telnet server to allow clients to connect to
the server, the Telnet service cannot be enabled.
● The undo telnet server permit interface command can be executed only
after the Telnet service is disabled.
Example
# Allow clients to connect to all interfaces on the Telnet server.
<Huawei> system-view
[Huawei] telnet server permit interface all
Warning: Allowing access from all interfaces is insecure.
# Specify interfaces on the Telnet server to which clients can connect.
<Huawei> system-view
[Huawei] telnet server permit interface gigabitethernet 1/0/0 gigabitethernet 2/0/0
Info: Succeeded in setting telnet permit interface.
# Delete the specified interfaces and allow clients to connect to all interfaces on
the Telnet server.
<Huawei> system-view
[Huawei] undo telnet server permit interface
4.9.54 telnet server enable
Function
The telnet server enable command enables the Telnet server function.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 230
NetEngine AR
Command Reference 4 Basic Configurations Commands
The undo telnet server enable command disables the Telnet server function.
By default, the Telnet server function is disabled.
Format
telnet [ ipv6 ] server enable
undo telnet [ ipv6 ] server enable
Parameters
Parameter Description Value
ipv6 Specifies a Telnet IPv6 server. -
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run this command to enable and disable the Telnet server function. A
Telnet server can be connected only when the Telnet server function is enabled.
When the undo telnet [ ipv6 ] server enable command is executed to disable the
Telnet server function, an online Telnet user goes offline because the Telnet
service is disabled.
When the Telnet server function is disabled, you can log in to the device only
through the console port or SSH.
NOTICE
STelnet V2 is more secure than Telnet, and is therefore recommended.
Prerequisites
The interfaces on the Telnet server to which clients can connect have been
specified by running the telnet server permit interface { { interface-type
interface-number } &<1-5> | all } command. If no interface is specified, the Telnet
service cannot be enabled.
Example
# Enable the Telnet server function.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 231
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] telnet server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] telnet server enable
# Disable the Telnet server function.
<Huawei> system-view
[Huawei] undo telnet server enable
# Enable the IPv6 Telnet server function.
<Huawei> system-view
[Huawei] telnet server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] telnet ipv6 server enable
4.9.55 telnet server port
Function
The telnet server port command configures the listening port number of a Telnet
server.
The default listening port of a Telnet server is 23.
Format
telnet server port port-number
Parameters
Parameter Description Value
port-number Specifies the listening The value is an integer that is 23 or
port number of a ranges from 1025 to 1999 or ranges from
Telnet server. 5001 to 55535. The default value 23 is
the standard Telnet server port number.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To protect the Telnet standard port against attacks and ensure network security,
configure the listening port number of the Telnet server.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 232
NetEngine AR
Command Reference 4 Basic Configurations Commands
A Telnet client can log in to the server with no port specified only when the server
is listening on port 23. If the server is listening on another port, the port number
must be specified upon login.
Before changing the current port number, disconnect all devices from the port.
After the port number is changed, the server starts to listen on the new port.
Example
# Configure the listening port number to 1026.
<Huawei> system-view
[Huawei] telnet server port 1026
4.9.56 transparent-mode enable
Function
The transparent-mode enable command enables the transparent transmission
mode for redirection on a serial port.
The undo transparent-mode enable command disables the transparent
transmission mode for redirection on a serial port.
By default, the transparent transmission mode for redirection on a serial port is
disabled.
Format
transparent-mode enable
undo transparent-mode enable
Parameters
None
Views
TTY user interface view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
By default, the device checks data redirected by a serial port and discards
unidentifiable data, damaging the original data. You can run the transparent-
mode enable command to ensure the original data integrity. The device will
transparently transmit data without checking it.
Prerequisites
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 233
NetEngine AR
Command Reference 4 Basic Configurations Commands
The redirection function has been enabled using the redirect enable command.
Example
# Enable the transparent transmission mode for redirection on a serial port.
<Huawei> system-view
[Huawei] user-interface tty 44
[Huawei-ui-tty44] redirect enable
[Huawei-ui-tty44] transparent-mode enable
4.9.57 system lock type
Function
The system lock type command sets the type of a locked object.
By default, the system locks an IP address. That is, when a user uses SFTP, STelnet,
Telnet, or FTP to log in to the device, the system locks the IP address of the user if
the number of login failures reaches the specified value.
Format
system lock type { ip | none }
Parameters
Parameter Description Value
ip Enables the device to lock the IP addresses of users who fail -
authentication.
none Disables the device from locking the IP addresses of users -
who fail authentication.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
To ensure service security, the device locks the IP addresses of users who fail to log
in to the device using SFTP, STelnet, Telnet, or FTP.
If a user enters an incorrect user name or password, the device adds the IP address
of the user to the blacklist and locks the user for 2 seconds upon the first login
failure, 4 seconds upon the second login failure, and 8 seconds upon the third
login failure. If the user enters incorrect user names or passwords for five
consecutive times, the device locks the user for 300 seconds upon the sixth login
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 234
NetEngine AR
Command Reference 4 Basic Configurations Commands
failures. When a user account is locked, the user's IP address cannot be used to set
up a connection in a new window because it is in the blacklist. If the user enters
the correct user name and password and logs in to the device successfully after
the locking duration expires, the user's IP address will be removed from the
blacklist and a recovery log is generated. If the login fails again, the user account
will be locked for 300 seconds. A maximum of 32 IP addresses can be locked at
the same time. If more than 32 IP addresses are added to the blacklist, a new IP
address will overwrite the earliest one.
By default, the device locks a user's IP address after the user fails authentication. If
you do not need to lock the IP address of a user after the user fails authentication,
run the system lock type none command and delete the IP address from the
blacklist as prompted. After the IP address locking function is disabled, if a user
enters an incorrect user name and password when logging in to the device
through Telnet, STelnet, FTP, or SFTP, the IP address of the user will not be added
to the blacklist. That is, the IP address will not be locked.
Example
# Enable the device to lock the IP addresses of users who fail authentication.
<Huawei> system-view
[Huawei] system lock type ip
# Disable the device from locking the IP addresses of users who fail
authentication.
<Huawei> system-view
[Huawei] system lock type none
Info:All ip lock records logged in via telnet, stelnet, ftp and sftp will be del
eted. Continue? [Y/N]:y
4.10 HTTP Server Commands
4.10.1 Support for HTTP Server
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.10.2 display http server
Function
The display http server command displays information about the current HTTP
server.
Format
display http server
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 235
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can view the HTTP server information, including the status of common and
security HTTP services, port number, maximum number of users allowed to access
the HTTP server, and number of current online users.
Example
# Display information about the current HTTP server.
<Huawei> display http server
HTTP server status : Enabled (default: disable)
HTTP server port : 80 (default: 80)
HTTP timeout interval :3 (default: 10 minutes)
Current online users :0
Maximum users allowed :5
HTTPS server status : Enabled (default: enable)
HTTPS server port : 443 (default: 443)
HTTPS server manager port :
HTTPS SSL Policy : default_policy
Table 4-36 Description of the display http server command output
Item Description
HTTP server status Status of the common HTTP server.
● Enabled: The HTTP service is enabled.
● Disabled: The HTTP service is disabled.
You can configure the common HTTP
server status by running the http server
enable command.
HTTP server port Number of the listening port on the HTTP
server. The default port number is 80.
You can configure the HTTP server port
number by running the http server port
command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 236
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
HTTP timeout interval Idle timeout duration of the HTTP server.
The default value is 10 minutes.
You can configure the idle timeout
duration by running the http timeout
command.
Current online users Number of current online users.
Maximum users allowed Maximum number of users allowed to
access the HTTP server.
You can configure the maximum number
of users by running the http server max-
online-users command.
HTTPS server status Status of the security HTTP server.
● Enabled: The security HTTP service is
enabled.
● Disabled: The security HTTP service is
disabled.
You can configure the security HTTP server
status by running the http secure-server
enable command.
HTTPS server port Port number of the security HTTP server.
The default value is 443.
You can configure the security HTTP server
port number by running the http secure-
server port command.
HTTPS server manager port Management port number of the HTTPS
server.
You can configure the security HTTPS
server manager port by running the http
secure-server manager-port command.
HTTPS SSL Policy Security HTTP SSL policy.
You can configure the security HTTP SSL
policy by running the ssl policy command.
4.10.3 display http user
Function
The display http user command displays information about current online users.
Format
display http user [ username username ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 237
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
username Specifies the name The value is a string of 1 to 64 case-
username of the current online insensitive characters, with no space or
user. wildcard. When double quotation marks
are used around the string, spaces are
allowed in the string.
Views
All views
Default Level
3: Management level
Usage Guidelines
If username is not specified, this command displays summary information about
all online users.
If username is specified, this command displays detailed information about the
specified online user.
Example
# Display general information about the current online user.
<Huawei> display http user
---------------------------------------------------------------------------
User Name IP Address Login Date
---------------------------------------------------------------------------
admin 192.168.0.1 2011-10-13 11:11:12+00:00
---------------------------------------------------------------------------
Total online users is 1
# Display detailed information about the current online user admin.
<Huawei> display http user username admin
Client IP Address : 192.168.0.1
Login Date : 2011-10-13 11:11:12+00:00
User timeouts : 3 minutes
Table 4-37 Description of the display http user command output
Item Description
User Name User name.
Client IP Address IP address of the HTTP client.
Login Date Login date and time.
User timeouts Idle timeout duration of online users.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 238
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.10.4 display fast-configuration state
Function
The display fast-configuration state command displays the state of the Internet
access wizard popup notification of the web system of the EasyOperation edition.
NOTE
Only the models that support the web system of the EasyOperation edition support this
function. For details, see EasyOperation Edition.
Format
display fast-configuration state
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To check the state of the Internet access wizard popup notification of the web
system of the EasyOperation edition, run this command.
Precautions
The models must support the web system of the EasyOperation edition.
Example
# Display the state of the Internet access wizard popup notification of the web
system of the EasyOperation edition.
<Huawei> display fast-configuration state
Fast-configuration is enabled
4.10.5 http acl
Function
The http acl command configures an ACL on the HTTP server.
The undo http acl command deletes the ACL on the HTTP server.
By default, no ACL is configured on the HTTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 239
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
http acl acl-number
undo http acl
Parameters
Parameter Description Value
acl-number Specifies the ACL number. The value is an integer that ranges from
2000 to 2999.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To ensure the security of an HTTP server, you need to configure an ACL for it to
specify clients that can log in to the current HTTP server.
Precautions
● The HTTP supports the ACL whose number ranges from 2000 to 2999.
● The http acl command takes effect only after you run the rule command to
configure the ACL rule and Indicate the source IP address of packets that
match an ACL rule.
● After an ACL rule is modified, the HTTP server does not forcibly log out an
online user who matches the ACL rule until the user sends the next login
request.
● If the http acl command is configured several times, only the latest
configuration takes effect.
Example
# Set the ACL number to 2000 for the HTTP server.
<Huawei> system-view
[Huawei] acl 2000
[Huawei-acl-basic-2000] rule 1 permit source any
[Huawei-acl-basic-2000] quit
[Huawei] http acl 2000
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 240
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.10.6 http client disable
Function
The http client disable command disabled the HTTP client function.
The undo http client disable command enables the HTTP client function.
By default, the HTTP client function is enabled.
Format
http client disable
undo http client disable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
As the HTTP client, the device can upload and download files to the server
through HTTP by default. After you run the http client disable command to
disable the HTTP client function, you cannot upload or download files to the
server through HTTP.
Example
# Disable the HTTP client.
<Huawei> system-view
[Huawei] http client disable
Warning: The operation will stop HTTP client. Continue? [Y/N]:y
4.10.7 http get
Function
The http get command detects whether the URL server is reachable.
Format
http get [ -a source-ip-address | -c count | -t timeout | -v http-version ] * url url
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 241
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address of The value is in dotted
address outgoing HTTP request packets. decimal notation.
If this parameter is not specified, the
IP address of the outbound interface is
used as the source IP address of
outgoing HTTP request packets.
-c count Specifies the transmission count of The value is an integer
HTTP request packets. ranging from 1 to 100.
The default value is 5.
If the network works unstably, increase
the transmission count to detect
network quality based on the packet
loss ratio.
-t timeout Specifies the timeout interval for an The value is an integer
HTTP response packet. that ranges from 1 to
65535, in milliseconds.
The http get command sends an The default value is
HTTP request packet to an address 5000 ms.
and waits for a response. If the
response is received within the timeout
interval, the destination is reachable. If
no response is received within the
timeout interval, the sender displays a
message indicating that the request
packet times out.
A response is received within 1 to 10
seconds after an HTTP request packet
is sent. If the transmission speed is
low, properly prolong the timeout
interval.
-v http-version Specifies the HTTP version number. The HTTP version
number is 1.0 or 1.1.
The default value is 1.0.
url url Specifies the destination URL. The value is a string of
1 to 256 characters.
Views
System view
Default Level
1: Monitoring level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 242
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
The http get command detects whether the URL server is reachable. You can use
HTTP request packets to detect the following items:
● Whether the HTTP service is enabled on the URL server
● Round-trip delay in communication
● Packet loss
Example
# Check whether the HTTP service is enabled on the URL server with the URL of
http://www.example.com, and set the source IP address of outgoing HTTP packets
to 10.137.147.142, the transmission count to 5, the period for waiting for a
response packet to 100 ms, and the HTTP version number to 1.1.
<Huawei> system-view
[Huawei] http get -a 10.137.147.142 -c 5 -t 100 -v 1.1 url http://www.example.com
Http getting http://www.example.com[10.82.55.199]:
1:packets interaction time 90 ms,the link reachable
2:packets interaction time 100 ms,the link reachable
3:packets interaction time 100 ms,the link reachable
4:packets interaction time 100 ms,the link reachable
5:packets interaction time 90 ms,the link reachable
--http get result statistics--
Http Get 5 time(s),succeed 5 time(s),failed 0 time(s).
round-trip min/avg/max = 90/96/100 ms
Table 4-38 Description of the http get command output
Item Description
Http getting x.x.x URL and IP address of the URL server.
x:packets interaction Response to each HTTP packet.
time x ms,the link ● Round-trip delay in communication
reachable
● Link reachability
If no response packet is received after the timeout
period, the message "Connect times out" is displayed.
http get result HTTP test statistics:
statistics ● Http Get x time(s): number of outgoing HTTP packets
● succeed x time(s): number of HTTP request packets of
which corresponding HTTP response packets are
received
● failed x time(s): number of HTTP request packets of
which corresponding HTTP response packets fail to be
received
● round-trip min/avg/max: minimum, average, and
maximum round-trip delay
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 243
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.10.8 http server enable
Function
The http server enable command enables the HTTP server function.
The undo http server enable command disables the HTTP server function.
By default, the HTTP server function is disabled.
Format
http server enable
undo http server enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After running the http server enable command to enable the HTTP server, you
can use the browser to access the web NMS to manage devices.
If the web page to load does not exist, the HTTP service cannot be enabled.
Prerequisites
Before running this command, you must run the http server permit interface
{ { interface-type interface-number } &<1-5> | all } command to configure
interfaces through which users can access the web platform. Otherwise, the HTTP
server cannot be enabled.
Example
# Enable the HTTP server.
<Huawei> system-view
[Huawei] http server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] http server enable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 244
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.10.9 http server load
Function
The http server load command loads a web page file.
The undo http server load command cancels loading of a specified web page file.
By default, the system loads the default web page file contained in the system
software when the HTTP or HTTPS service is enabled.
Format
http server load file-name
undo http server load
Parameters
Parameter Description Settings
file-name Specifies the name of The value is a string of 5
the web page file to to 64 characters without
load. spaces. The file name is
in the *.sfs format or has
no file name extension.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If you need to manage and maintain devices on the graphical user interface (GUI),
configure the Web network management function. When you need to update web
page file when using the Web network management function, run this command
to load web page file.
Prerequisites
Before loading the web page file using the http server load command, ensure
that the web page file has been stored to the device; otherwise, file loading will
fail.
Example
# Load the web page file web_1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 245
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] http server load web_1
4.10.10 http server max-online-users
Function
The http server max-online-users command sets the maximum number of
concurrent online users allowed by the web NMS.
The undo http server max-online-users command restores the number of
concurrent online users allowed by the web NMS to the default value.
By default, the maximum number of concurrent online users allowed by the web
NMS is 5.
Format
http server max-online-users max-online-users
undo http server max-online-users
Parameters
Parameter Description Value
max-online-users Specifies the maximum The value is an integer that
number of concurrent online ranges from 1 to 5. The
users allowed by the web default value is 5.
NMS.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run this command to set the maximum number of concurrent online
users allowed by the web NMS. By doing so, the number of users allowed to
simultaneously access the web NMS is limited.
Precautions
When the number of users that have logged in is larger than the value specified
by this command, extra users will not be forced to go offline. For example, five
users have logged in to the web NMS. If you run this command to set the
maximum number of concurrent online users allowed by the web NMS to 3, two
extra users will not be forced to go offline.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 246
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Set the maximum number of concurrent online users allowed by the web NMS
to 3.
<Huawei> system-view
[Huawei] http server max-online-users 3
4.10.11 http server permit interface
Function
The http server permit interface command configures the interfaces through
which users can access the web system.
The undo http server permit interface command deletes configured interfaces so
that users can access the web system through all interfaces on the device.
By default, users can access the web system only through the management
interface on a device.
Format
http server permit interface { interface-type interface-number } &<1-5>
http server permit interface all
undo http server permit interface
Parameters
Parameter Description Value
interface-type interface-type specifies the interface type. -
interface-
number interface-number: specifies the interface number.
interface-number and interface-type together specify
an interface.
NOTE
You can access the web system only through a physical
interface in versions earlier than V300R021C10SPC100.
all Allows users to access the web system through all -
interfaces on the device.
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 247
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
To prevent unauthorized users from accessing the web system through interfaces
on the device, run the http server permit interface command to configure the
interfaces through which users can access the web system.
Precautions
● This command does not take effect on the MEth management interface. The
device always allows users to access the web system through the MEth
management interface. In the factory default settings of the device, users are
allowed to access the web system through the WLAN-radio interface and
management interface of the device.
● A maximum of five interfaces can be configured using the http server permit
interface { interface-type interface-number } &<1-5> command. If you run
this command multiple times, only the latest configuration takes effect. For
example, if GigabitEthernet 1/0/0, GigabitEthernet 2/0/0, and GigabitEthernet
3/0/0 have been configured using this command and then GigabitEthernet
1/0/0 is configured, users can access the web platform only through
GigabitEthernet 1/0/0.
● If the interfaces through which users can access to the web system are not
configured, the HTTP/HTTPS service cannot be enabled.
● The undo http server permit interface command can be executed only when
the HTTP/HTTPS service function is disabled.
Example
# Allow users to access the web system through all interfaces on the device.
<Huawei> system-view
[Huawei] http server permit interface all
Warning: Allowing access from all interfaces is insecure.
# Configure the interfaces through which users can access the web system.
<Huawei> system-view
[Huawei] http server permit interface GigabitEthernet 1/0/0 GigabitEthernet 2/0/0
Info: Successed in setting web permit interface.
# Delete the configured interfaces so that users can access the web system
through all interfaces on the device.
<Huawei> system-view
[Huawei] undo http server permit interface
4.10.12 http server port
Function
The http server port command sets the listening port number of the HTTP server.
The undo http server port command restores the default listening port number
of the HTTP server.
By default, the listening port number of the HTTP server is 80.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 248
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
http server port port-number
undo http server port
Parameters
Parameter Description Value
port-number Specifies the listening port The value is 80, or an integer that
number of the HTTP server. ranges from 1025 to 51200. The
default value is 80.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
By default, the listening port number of the security HTTP server is 80. Attackers
may frequently access the default listening port, which wastes bandwidth,
deteriorates server performance, and prevents authorized users from accessing the
HTTP server through the listening port. You can run the http server port
command to specify another listening port number to prevent attackers from
accessing the listening port.
Precautions
If the http server port command is configured several times, only the latest
configuration takes effect.
Example
# Set the listening port number of the HTTP server to 1025.
<Huawei> system-view
[Huawei] http server port 1025
4.10.13 http server-source
Function
The http server-source command specifies a source IP address for an HTTP server.
The undo http server-source command deletes the source IP address of an HTTP
server.
By default, the source IP address of an HTTP server is not specified.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 249
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
http server-source { -a source-ip-address | -i interface-type interface-number }
undo http server-source
Parameters
Parameter Description Value
-a source-ip-address Specifies the source IP address for the HTTP -
server. The loopback IP address is recommended.
-i interface-type Specifies the loopback interface of the HTTP -
interface-number server as the source interface.
If no loopback interface is configured or no IP
address is configured for the source interface, the
command fails to be executed.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the HTTP server uses the source IP address
specified by routes to send and receive packets. The source IP address must be
configured for an interface with stable performance, such as the loopback
interface. Using the loopback interface as the source IP address simplifies the ACL
rule and security policy configuration. This shields the IP address differences and
interface status impact, filters incoming and outgoing packets, and implements
security authentication.
Precautions
● After the source IP address is specified for the HTTP server, you must use the
specified IP address to log in to the HTTP server.
● If the HTTP service has been enabled, the HTTP service restarts after the http
server-source command is executed.
Example
# Set the source IP address of the HTTP server to LoopBack0.
<Huawei> system-view
[Huawei] http server-source -i loopback 0
Warning: To make the server source configuration take effect, the HTTP server will be restarted. Continue?
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 250
NetEngine AR
Command Reference 4 Basic Configurations Commands
(y/n)[n]:y
Info: Succeeded in setting the source IP or interface of the HTTP server
4.10.14 http timeout
Function
The http timeout command sets the idle timeout duration of the web server.
The undo http timeout command restores the default idle timeout duration of
the webHTTP server.
By default, the idle timeout duration of the web server is 10 minutes.
Format
http timeout timeout
undo http timeout
Parameters
Parameter Description Value
timeout Specifies the idle timeout duration The value is an integer that
of the web server for online users. ranges from 1 to 35791, in
minutes.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
A maximum of five web users are supported at present. When the fifth web user
logs in to the web server, any other user cannot log in to the web server even if
any of the five users does not perform operations for a long time. The idle timeout
duration is configured to release web resources in time. To occupy web channels
for a long time, you must set the idle timeout duration to the maximum value.
Precautions
● After you run the http timeout command, the idle timeout durations are the
same for all web users who log in to the web server. If the idle timeout
duration expires, a user is disconnected from the web server.
● If the http timeout command is configured several times, only the latest
configuration takes effect.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 251
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Set the idle timeout duration of the webHTTP server to 6 minutes.
<Huawei> system-view
[Huawei] http timeout 6
4.10.15 set logo-path
Function
The set logo-path command sets the storage directory of the logo image on the
web page.
The undo set logo-path command cancels the configured storage directory of the
logo image on the web page.
By default, the storage directory of the Huawei logo image is used.
Format
set logo-path subpathname
undo set logo-path
Parameters
Parameter Description Value
subpathname Specifies the name of The value is a string of 1
the subdirectory for to 31 characters without
storing the logo image. spaces.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
The device supports customization of the logo image on the web page. You can
create a subdirectory for storing the logo image under the directory logo-path of
the default working directory on the device, and store the logo image to be
displayed in the subdirectory. You can run the set logo-path command to
configure the subdirectory as the storage directory of the logo image on the web
page. The required logo image then can be displayed on the web page.
By default, the current working directory is flash:.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 252
NetEngine AR
Command Reference 4 Basic Configurations Commands
Prerequisites
When setting the storage directory of the logo image on the web page using the
set logo-path command, ensure that a subdirectory for storing the logo image
has been created using the mkdir command under the directory logo-path of the
default working directory.
Precautions
● Store the logo image using the required file name and size in the created
subdirectory. After the storage directory of the logo image on the web page is
set using the set logo-path command, the device automatically reads the file
under the directory and changes the logo image on the web page.
● Store three files with different pixel sizes of the required logo image in the
created subdirectory, and name them as required. Name the image with the
pixel size 16x16 logo1.png, the image with the pixel size 21x22 logo2.png,
and the image with the pixel size 44x44 logo3.png.
Configuration Impact
After the storage directory of the logo image on the web page is set using the set
logo-path command, the logo image on the web page varies depending on the
configuration.
Example
# Set the storage directory of the logo image on the web page to the directory
example_path.
<Huawei> system-view
[Huawei] set logo-path example_path
Info: Set the vendor picture directory: " example_path " successfully.
4.11 File Management Commands
4.11.1 Support for File Management
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.11.2 ascii
Function
The ascii command sets the file transfer mode to ASCII on an FTP client.
The default file transfer mode is ASCII.
Format
ascii
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 253
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Files can be transferred in ASCII or binary mode.
ASCII mode is used to transfer plain text files, and binary mode is used to transfer
application files, such as system software, images, video files, compressed files,
and database files.
Example
# Set the file transfer mode to ASCII.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] ascii
200 Type set to A.
4.11.3 binary
Function
The binary command sets the file transmission mode to binary on an FTP client.
The default file transfer mode is ASCII.
Format
binary
Parameters
None
Views
FTP client view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 254
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Files can be transferred in ASCII or binary mode.
ASCII mode is used to transfer plain text files, and binary mode is used to transfer
application files, such as system software, images, video files, compressed files,
and database files.
Example
# Set the file transmission mode to binary.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] binary
200 Type set to I.
4.11.4 bye
Function
The bye command terminates the connection with the remote FTP server and
enters the user view.
Format
bye
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
This command is equivalent to the quit command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 255
NetEngine AR
Command Reference 4 Basic Configurations Commands
You can use the close and disconnect commands to terminate the connection
with the remote FTP server and retain the FTP client view.
Example
# Terminate the connection with the remote FTP server and enter the user view.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] bye
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye.
<Huawei>
4.11.5 cd (FTP client view)
Function
The cd command changes the working directory of the FTP server.
Format
cd remote-directory
Parameters
Parameter Description Value
remote-directory Specifies the name of a The value is a string of 1 to 64
working directory on the FTP case-insensitive characters
server. without spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
The FTP server authorizes users to access files in certain directories and their
subdirectories.
Example
# Change the working directory to d:/temp.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 256
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] cd d:/temp
250 "D:/temp" is current directory.
4.11.6 cd (SFTP client view)
Function
The cd command changes the working directory of the SFTP server.
Format
cd [ remote-directory ]
Parameters
Parameter Description Value
remote-directory Specifies the name of a The value is a string of 1 to 64
directory on the SFTP server. case-insensitive characters
without spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
● The SFTP server authorizes users to access files in certain directories and their
subdirectories.
● The specified working directory must exist on the SFTP server. If the remote-
directory parameter is not included in the cd command, only the current
working directory of an SSH user is displayed as the command output.
Example
# Change the current working directory of the SFTP server to /bill.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 257
NetEngine AR
Command Reference 4 Basic Configurations Commands
Enter password:
sftp-client> cd bill
Current directory is:
/bill
4.11.7 cd (user view)
Function
The cd command changes the current working directory of a user.
By default, the current working directory is flash:.
Format
cd directory
Parameters
Parameter Description Value
directory Specifies the The value is a string of case-insensitive characters
current working without spaces in the [ drive ] path format. The
directory of a absolute path length ranges from 1 to 64, while
user. the directory name length ranges from 1 to 15.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the storage
device name and directory. Characters ~, *, /, \, :, ',
", ?, <, > cannot be used in the directory name.
For example, a directory name is flash:/selftest/
test/.
Views
User view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 258
NetEngine AR
Command Reference 4 Basic Configurations Commands
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
The directory specified in the cd command must exist; otherwise, the error
messages will be displayed:
You can perform the following operations to rectify faults:
1. Run the pwd command to view the current working directory.
2. Run the dir command to view the current working directory and verify that
the directory specified in the cd command exists.
Example
# Change the current working directory from flash:/temp to flash:.
<Huawei> pwd
flash:/temp
<Huawei> cd flash:
<Huawei> pwd
flash:
# Change the current working directory from flash: to flash:/t1/t2.
<Huawei> pwd
flash:
<Huawei> cd flash:/t1/t2
<Huawei> pwd
flash:/t1/t2
# Change the current working directory from flash:/selftest to flash:/logfile.
<Huawei> pwd
flash:/selftest
<Huawei> cd /logfile/
<Huawei> pwd
flash:/logfile
# Change the current working directory from flash:/selftest to flash:/selftest/test.
<Huawei> pwd
flash:/selftest
<Huawei> cd test/
<Huawei> pwd
flash:/selftest/test
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 259
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.8 cdup (SFTP client view)
Function
The cdup command changes the current working directory of an SSH user to its
parent directory.
Format
cdup
Parameters
None
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the cdup command to change the current working directory to its
parent directory.
Precautions
If the current working directory is the SFTP authorization directory, the command
cannot change the current working directory.
Example
# Change the current working directory to its parent directory.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> cd dhcp
Current directory is:
/dhcp
sftp-client> cdup
Current directory is:
/
sftp-client> cdup Error: Failed to change the current directory.
sftp-client>
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 260
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.9 cdup (FTP client view)
Function
The cdup command enables you to return to the upper-level directory.
Format
cdup
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To exit from the current directory and return to the upper-level directory, run the
cdup command.
Precautions
The directories accessible to an FTP user are restricted by the authorized
directories configured for the user.
Example
# Exit from the current directory and return to the upper-level directory.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] cd security
250 CWD command successful.
[Huawei-ftp] cdup
250 "C:/" is current directory .
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 261
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.10 close
Function
The close command terminates the connection with the remote FTP server and
retains the FTP client view.
Format
close
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
This command is equivalent to the disconnect command.
You can run the bye and quit commands to terminate the connection with the
remote FTP server and enter the user view.
Precautions
To enter the user view from the FTP client view, you can run the bye or quit
command.
Example
# Terminate the connection with the remote FTP server and enter the FTP client
view.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] close
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye.
[Huawei-ftp]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 262
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.11 copy
Function
The copy command copies a file.
Format
copy source-filename destination-filename
Parameters
Parameter Description Settings
source-filename Specifies the path and The value is a string of 1
the name of a source to 64 case-insensitive
file. characters without
spaces in the [ drive ]
[ path ] file name
format. When quotation
marks are used around
the string, spaces are
allowed in the string.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 263
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Settings
destination-filename Specifies the path and The value is a string of 1
the name of a to 64 case-insensitive
destination file. characters without
spaces in the [ drive ]
[ path ] file name
format. When quotation
marks are used around
the string, spaces are
allowed in the string.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 264
NetEngine AR
Command Reference 4 Basic Configurations Commands
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● If the destination file name is not specified, the designation file and the
source file have the same name. If the source file and the destination file are
in the same directory, you must specify the destination file name. If the
destination file name is not specified, you cannot copy the source file.
● If the destination file name is the same as that of an existing file, the system
prompts you whether to overwrite the existing file. The system prompt is
displayed only when file prompt is set to alert.
● When you use a USB drive, do not remove it during data transmission.
Example
# Copy the file config.cfg from the root directory of the flash memory to flash:/
temp. The destination file name is temp.cfg.
<Huawei> copy flash:/config.cfg flash:/temp/temp.cfg
Info: Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done
# If the current directory is the root directory of the flash memory, you can
perform the preceding configuration using the relative path.
<Huawei> pwd
flash:
<Huawei> dir
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 6,721,804 Mar 19 2012 12:31:58 devicesoft.cc
1 -rw- 910 Mar 19 2012 12:32:58 config.cfg
2 drw- - Mar 05 2012 09:54:34 temp
...
468,560 KB total (197,728 KB free)
<Huawei> copy config.cfg temp/temp.cfg
Info: Copy flash:/config.cfg to flash:/temp/temp.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/temp.cfg...Done
# Copy the file config.cfg from the root directory of the flash memory to flash:/
temp. The destination file name is config.cfg.
<Huawei> pwd
flash:
<Huawei> dir
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 6,721,804 Mar 19 2012 12:31:58 devicesoft.cc
1 -rw- 910 Mar 19 2012 12:32:58 config.cfg
2 drw- - Mar 05 2012 09:54:34 temp
...
468,560 KB total (197,728 KB free)
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 265
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> copy config.cfg temp
Info: Copy flash:/config.cfg to flash:/temp/config.cfg?(y/n)[n]:y
100% complete
Info: Copied file flash:/config.cfg to flash:/temp/config.cfg...Done
# Copy the file backup.zip to backup1.zip in the test directory from the current
working directory flash:/test/.
<Huawei> pwd
flash:/test
<Huawei> copy backup.zip backup1.zip
Info: Copy flash:/test/backup.zip to flash:/test/backup1.zip?(y/n)[n]:y
100% complete
Info: Copied file flash:/test/backup.zip to flash:/test/backup1.zip...Done
4.11.12 delete (FTP client view)
Function
The delete command deletes a file from the FTP server.
Format
delete remote-filename
Parameters
Parameter Description Value
remote-filename Specifies the name of a file The value is a string of 1 to 64
to be deleted. case-insensitive characters
without spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
A file deleted in the FTP client view cannot be restored.
Example
# Delete the file temp.c.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 266
NetEngine AR
Command Reference 4 Basic Configurations Commands
Enter password:
230 User huawei logged in.
[Huawei-ftp] delete temp.c
Warning: The contents of file temp.c cannot be recycled. Continue? (y/n)[n]:y
250 File deleted from remote host.
4.11.13 delete (user view)
Function
The delete command deletes a specified file in the storage device.
Format
delete [ /unreserved ] [ /force ] { filename | devicename }
Parameters
Parameter Description Value
/unreserved Deletes a specified file. -
The deleted file cannot
be restored.
/force Deletes a file directly -
without any
confirmation.
filename Specifies the name of a The value is a string of 1 to 64 case-
file to be deleted. insensitive characters without spaces in
the [ drive ] [ path ] file name format.
When quotation marks are used around
the string, spaces are allowed in the
string.
In the preceding parameter, drive
specifies the storage device name, and
path specifies the directory and
subdirectory.
You are advised to add : and / between
the storage device name and directory.
Characters ~, *, /, \, :, ', ", ?, <, > cannot
be used in the directory name.
devicename Deletes all the files in -
the storage device.
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 267
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Like devicename, drive specifies the storage device name.
Precautions
● The wildcard (*) character can be used in the delete command.
● If the parameter /unreserved is not included, the file is stored in the recycle
bin. To display all files including deleted files that are displayed in square
brackets ([ ]), run the dir /all command. To restore these files that are
displayed in square brackets ([ ]), run the undelete command. To clear these
files from the recycle bin, run the reset recycle-bin command.
NOTICE
If you delete a file using the /unreserved parameter, the file cannot be
restored.
● If you delete a specified storage device, all files are deleted from the root
directory of the storage device.
● If you delete two files with the same name from different directories, the last
file deleted is kept in the recycle bin.
● If you attempt to delete a protected file, such as a configuration file, or patch
file, a system prompt is displayed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 268
NetEngine AR
Command Reference 4 Basic Configurations Commands
● You cannot delete a directory by running the delete command. To delete a
directory, run the rmdir (user view) command.
● This command cannot delete the log files in the logfile directory of the device.
If too many compressed log packages cause insufficient Flash space, you can
run the info-center max-logfile-number command in the system view to
reduce the number of user logs, diagnostic logs, and compressed log
packages (the default number of logs is 50), and then run the save logfile
command to delete redundant logs.
Example
# Delete the file test.txt from the flash:/test/ directory.
<Huawei> delete flash:/test/test.txt
Info: Delete flash:/test/test.txt? (y/n)[n]:y
# Delete the file test.txt from the current working directory flash:/selftest.
<Huawei> delete test.txt
Info: Delete flash:/selftest/test.txt? (y/n)[n]:y
4.11.14 dir (user view)
Function
The dir command displays information about files and directories in the storage
medium.
Format
dir [ /all ] [ filename | directory ]
Parameters
Parameter Description Value
/all Displays information -
about all files and
directories in the current
directory, including files
and directories moved to
the recycle bin from the
current directory.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 269
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
filename Specifies the file name. The value is a string of 1
to 64 case-insensitive
characters without
spaces in the [ drive ]
[ path ] file name
format. When quotation
marks are used around
the string, spaces are
allowed in the string.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
directory Specifies the file The value is a string of
directory. case-insensitive
characters without
spaces in the [ drive ]
path format. The
absolute path length
ranges from 1 to 64,
while the directory name
length ranges from 1 to
15.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 270
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The wildcard character (*) can be used in this command. If no parameter is
specified, this command displays information about files and directories in the
current directory.
The following describes the drive name:
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The default directories and files contained in the storage are as follows:
Table 4-39 Default directories and files in the flash memory
Directory or File Function
shelldir Directory for storing command logs after a user accesses
the shell.
dhcp Directory for storing DHCP address pool data. After the
DHCP data restoration function is configured, the system
stores the lease.txt and conflict.txt files in the dhcp
folder. The lease.txt file stores the lease information of
allocated IP addresses, and the conflict.txt file stores the
address conflict information of allocated IP addresses.
The two files are overwritten periodically; therefore, you
are advised to back up them to other locations.
slog Directory for storing security logs, including information
about user account management, protocols, attack
defense, and status.
default_ca.cer CA certificate file preconfigured on the device before
delivery.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 271
NetEngine AR
Command Reference 4 Basic Configurations Commands
Directory or File Function
hostkey_ECC Host key file.
logopath Directory for storing logo images on the web page.
houp.huawei.com_lo Local certificate file of the HOUP platform, which can be
cal.cer used for the online upgrade of the system software or
patches.
systemsoftware.cc System software package file with the file name
extension .cc.
default_local.cer Local certificate file preconfigured on the device before
delivery.
logfile Directory for storing user and diagnostic logs, which help
you check the device running status, analyze network
health, and locate faults to provide reference information
for system diagnosis and maintenance.
$_user Default directory for storing preconfigured Python scripts.
brdxpon_snmp_cfg.e SNMP configuration file of xPON boards.
fs
crash Directory for storing program crash files.
sqlitedb Directory for storing SQLite data.
Actalis_CA.cer CA certificate file of the HOUP platform, which can be
used for the online upgrade of the system software or
patches.
local.cer Local certificate file, which is issued by the CA to an
applicant.
localuser Directory for storing local user information.
ca.cer CA certificate file. An applicant trusts a CA by verifying its
digital signature. Any applicant can obtain the CA
certificate (including a public key) to verify the local
certificate issued by the CA.
default-sdb Default signature databases, including the intrusion
prevention signature database and service awareness
signature database.
update Upgraded signature databases, including the intrusion
prevention signature database and service awareness
signature database.
startcap CAP startup log file.
libnetconf Directory for storing NETCONF connection and running
logs.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 272
NetEngine AR
Command Reference 4 Basic Configurations Commands
Directory or File Function
ca_config.ini Certificate configuration file. The device saves the
certificate file imported to the memory to the
ca_config.ini file. After the device restarts, the certificate
file recorded in the file is automatically loaded.
NOTE
Device identifier check can be performed on the certificate
configuration file to verify the PKey, preventing the flash file
from being copied to clone CPEs. This function is available only
on the AR651U-A4, AR651F-Lite, AR651C, AR651, AR651W-8P,
AR651W, AR6518P, AR657W, AR651K, AR700 series, AR6000
series, and AR6000-S series routers.
Table 4-40 Default directories and files in the hard disk
Directory or File Function
logfile Directory for storing logs.
virtual-environment Directory for storing virtual images. Because the directory
name is too long, the device cannot directly access the
directory. The virtual-env directory is soft linked to the
virtual-environment directory. You can access the
directory through the virtual-env directory.
virtual-env Soft linked to the virtual-environment directory.
There is a backup directory on the device. To view files in the backup directory, run
the dir backup: command. You can only view files in the backup directory and
cannot perform other operations on the backup directory.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
You can run the dir /all command to view information about all files and
directories of the storage medium, including those moved to the recycle bin. The
name of a file in the recycle bin is placed in square brackets ([]), for example,
[test.txt].
Precautions
The device can display information about a maximum of 2,000 files and
directories.
Example
# Display information about all files and directories in the current directory.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 273
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> dir /all
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 889 Feb 25 2012 10:00:58 private-data.txt
1 -rw- 6,311 Feb 17 2012 14:05:04 backup.cfg
2 -rw- 836 Jan 01 2012 18:06:20 rr.dat
3 drw- - Jan 01 2012 18:08:20 syslogfile
4 -rw- 836 Jan 01 2012 18:06:20 rr.bak
5 drw- - Feb 27 2012 00:00:54 security
6 -rw- 523,240 Mar 16 2011 11:21:36 bootrom_53hib66.bin
7 -rw- 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg
8 -rw- 812 Dec 12 2011 15:43:10 hostkey
9 drw- - Jan 01 2012 18:05:48 compatible
10 -rw- 25,841,428 Nov 17 2011 09:48:10 basicsoft.cc
11 -rw- 540 Dec 12 2011 15:43:12 serverkey
12 -rw- 26,101,692 Dec 21 2011 11:44:52 devicesoft.cc
13 -rw- 6,292 Feb 14 2012 11:14:32 1.cfg
14 -rw- 6,311 Feb 17 2012 10:22:56 1234.cfg
15 -rw- 6,311 Feb 25 2012 17:22:30 [11.cfg]
1,927,220 KB total (1,130,464 KB free)
# Display information about the file vrpcfg.cfg in the current directory.
<Huawei> dir vrpcfg.cfg
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 2,290 Feb 25 2012 16:46:06 vrpcfg.cfg
1,927,220 KB total (1,130,464 KB free)
# Display information about all .txt files in the current directory.
<Huawei> dir *.txt
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 889 Feb 25 2012 10:00:58 private-data.txt
1,927,220 KB total (1,130,464 KB free)
Table 4-41 Description of the dir command output
Item Description
d Directory. If this item is not displayed, the corresponding
FileName field displays a file. For example, devicesoft.cc is a file
and security is a directory.
r The file or directory is readable.
w The file or directory is writable.
[] A file moved to the recycle bin.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 274
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
FileName ● private-data.txt: The file saves service initialization data.
Initialization data of some tasks is irrelevant to the
configuration and is not recorded in the configuration file. The
private-data.txt file records initialization data of these tasks,
for example, the number of times the device restarts.
● vrpcfg.cfg: configuration file. The file name extension of the
configuration file must be .cfg or .zip.
● basicsoft.cc: system software. The file name extension of the
system software must be .cc.
Some software sub-systems store necessary data in other files in
the file system when the device is running properly.
4.11.15 dir/ls (FTP client view)
Function
The dir and ls commands display all files or specified files that are stored on the
FTP server, and save them to a local disk.
Format
dir [ remote-filename [ local-filename ] ]
ls [ remote-filename [ local-filename ] ]
Parameters
Parameter Description Value
remote- Specifies the name and The value is a string of 1 to 64
filename directory of a file stored on the case-insensitive characters
FTP server. without spaces.
local-filename Specifies the name of the local The value is a string of 1 to 64
file that saves the FTP server case-insensitive characters
file information. without spaces.
Views
FTP client view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 275
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
The following describes differences between the dir and ls commands.
● When you run the dir command, detailed file information is displayed,
including the file size, date when the file was created, whether the file is a
directory, and whether the file can be modified. When you run the ls
command, only the file name is displayed.
● The dir command is used to save detailed file information, while the ls
command is used to save only the file name even if the file is specified and
saved in a local directory.
Precautions
The wildcard (*) character can be used in commands dir and ls.
Example
# Display the name or detailed information about a file that is saved in the test
directory.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] cd test
250 CWD command successfully.
[Huawei-ftp] dir
200 Port command okay.
150 Opening ASCII mode data connection for *.
drwxrwxrwx 1 noone nogroup 0 Mar 24 10:48 .
drwxrwxrwx 1 noone nogroup 0 Mar 26 15:52 ..
drwxrwxrwx 1 noone nogroup 0 Mar 23 16:04 yourtest
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 10:38 backup.txt
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 10:38 backup1.txt
226 Transfer complete.
[Huawei-ftp] ls
200 Port command okay.
150 Opening ASCII mode data connection for *.
. ..
yourtest
backup.txt
backup1.txt
226 Transfer complete.
# Display the detailed information for the file temp.c, and save the displayed
information in file temp1.
[Huawei-ftp] dir temp.c temp1
200 Port command okay.
150 Opening ASCII mode data connection for temp.c.
226 Transfer complete.
[Huawei-ftp] quit
221 Server closing.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 276
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> more temp1
-rwxrwxrwx 1 noone nogroup 3929 Apr 27 18:13 temp.c
# Display the name of file test.bat, and save the displayed information in file test.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] ls test.bat test
200 Port command okay.
150 Opening ASCII mode data connection for test.bat.
226 Transfer complete.
[Huawei-ftp] quit
221 Server closing.
<Huawei> more test
test.bat
Table 4-42 Description of the dir/Is command output
Item Description
d Indicates a directory. If this parameter is not present, the
command output indicates a file.
r Indicates that the file or directory can be read.
w Indicates that the file or directory can be modified.
4.11.16 dir/ls (SFTP client view)
Function
The dir and ls commands display a list of specified files that are stored on the
SFTP server.
Format
dir [ -l | -a ] [ remote-directory ]
ls [ -l | -a ] [ remote-directory ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 277
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
-l Displays detailed information about -
all files and directories in a specified
directory.
-a Displays names of all files and -
directories in a specified directory.
remote-directory Specifies the name of a directory on The value is a string of 1
the SFTP server. to 64 case-insensitive
characters without
spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
The dir and ls commands are equivalent.
● If -l and -a parameters are not specified, detailed information about all files
and directories in a specified directory is displayed when you run the dir or ls
command. The effect is the same as the dir -l command output.
● By default, if the remote-directory parameter is not specified, the list of
current directory files is displayed when you run the dir or ls command.
Example
# Display a list of files in the test directory of the SFTP server.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> dir test
drwxrwxrwx 1 noone nogroup 0 Mar 24 18:48 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 14:52 ..
-rwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 yourtest
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup1.txt
sftp-client> dir -a test
. ..
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 278
NetEngine AR
Command Reference 4 Basic Configurations Commands
yourtest
backup.txt
backup1.txt
sftp-client> ls test
drwxrwxrwx 1 noone nogroup 0 Mar 24 18:48 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 14:52 ..
-rwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 yourtest
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup1.txt
sftp-client> ls -a test
. ..
yourtest
backup.txt
backup1.txt
4.11.17 disconnect
Function
The disconnect command terminates the connection with the remote FTP server
and displays the FTP client view.
Format
disconnect
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
This command is equivalent to the close command.
You can run the bye and quit commands to terminate the connection with the
remote FTP server and enter the user view.
To enter the user view from the FTP client view, you can run the bye or quit
command.
Example
# Terminate the connection with the remote FTP server and enter the FTP client
view.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 279
NetEngine AR
Command Reference 4 Basic Configurations Commands
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] disconnect
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye.
[Huawei-ftp]
4.11.18 display ftp-client
Function
The display ftp-client command displays the source IP address configured for the
FTP client.
Format
display ftp-client
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
The default source IP address 0.0.0.0 is used if ftp client-source is not configured.
Example
# Display the source IP address of the FTP client.
<Huawei> display ftp-client
Info: The source address of the FTP client is 10.1.1.1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 280
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-43 Description of the display ftp-client command output
Item Description
Info: The source address of the FTP 10.1.1.1 is the source IP address of the
client is 10.1.1.1. FTP client.
You can run the ftp client-source
command to configure the source IP
address.
If a source IP address has been
configured by using the ftp client-
source command, the message "The
source interface of the FTP client is
LoopBack0" is displayed.
4.11.19 display ftp-server
Function
The display ftp-server command displays FTP server parameter settings.
Format
display [ ipv6 ] ftp-server
Parameters
Parameter Description Value
ipv6 Specifies the IPv6 FTP server. -
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run this command to display FTP server parameter settings.
Example
# Display FTP server parameter settings.
<Huawei> display ftp-server
FTP server is running
Max user number 5
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 281
NetEngine AR
Command Reference 4 Basic Configurations Commands
User count 1
Timeout value(in minute) 30
Listening port 21
Acl number 2010
FTP server's source address 10.1.1.1
Table 4-44 Description of the display ftp-server command output
Item Description
FTP server is running The FTP server starts.
You can run the ftp [ ipv6 ] server
enable command to start the FTP
server.
Max user number Maximum number of users who can
access the FTP server.
User count Number of users who are accessing
the FTP server.
Timeout value(in minute) Idle timeout duration of FTP users.
You can run the ftp [ ipv6 ] timeout
command to set the idle timeout
duration of FTP users.
Listening port Number of the listening port on the
FTP server. The default value is 21.
If the value is not 21, you can run the
ftp [ ipv6 ] server port command to
configure the listening port number.
Acl number Number of the ACL of the FTP server.
The default value is 0. You can run the
ftp [ ipv6 ] acl command to change
the ACL number.
FTP server's source address Source IP address for the FTP server to
send packets. The default value is
0.0.0.0.
You can run the ftp server-source
command to configure the source IP
address for the FTP server. Here, the
source IP address 10.1.1.1 is displayed.
If a source interface is configured, this
field displays "FTP server's source
interface LoopBack0."
NOTE
If you run the display ipv6 ftp-server
command, FTP server's source interface
LoopBack0 is not displayed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 282
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.20 display ftp-users
Function
The display ftp-users command displays FTP user parameters on the FTP server.
Format
display ftp-users
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can check FTP user parameters on the FTP server, such as the FTP user name,
IP address of the client host, port number, idle duration, and the authorized
directories.
Example
# Display FTP user parameters.
<Huawei> display ftp-users
username host port idle topdir
user 10.138.77.41 4028 0 flash:/test
huawei 10.137.217.159 51156 0 flash:
The preceding information indicates that two users are connected to the FTP
server.
Table 4-45 Description of the display ftp-users command output
Item Description
username FTP user name.
host IP address of the client host.
port Port number of the client host.
idle Idle duration.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 283
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
topdir Authorized directory of a user.
You can run the local-user ftp-directory command to
configure the authorized directory.
4.11.21 display sftp-client
Function
The display sftp-client command displays the source IP address configured for
the SFTP client.
Format
display sftp-client
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run the display sftp-client command to display the source IP address of
the SFTP client. The default source IP address 0.0.0.0 is used if sftp client-source
is not configured.
Example
# Display the source IP address configured for the SFTP client.
<Huawei> display sftp-client
Info: The source address of SFTP client is 10.1.1.1
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 284
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-46 Description of the display sftp-client command output
Item Description
Info: The source address of SFTP client 10.1.1.1 is the source IP address of the
is 10.1.1.1 SFTP client.
You can run the sftp client-source
command to configure the source IP
address for the SFTP client.
If an IP address has been configured
for the source port, the message "The
source interface of the SFTP client is
LoopBack0" is displayed.
4.11.22 display tftp-client
Function
The display tftp-client command displays the source IP address configured for
the TFTP client.
Format
display tftp-client
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run the display tftp client command to query source IP address of the
TFTP client. The default source IP address is 0.0.0.0 if tftp client-source is not
configured.
Example
# Display the source IP address configured for the TFTP client.
<Huawei> display tftp-client
Info: The source address of TFTP client is 10.1.1.1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 285
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-47 Description of the display tftp-client command output
Parameter Description
Info: The source address of TFTP client 10.1.1.1 is the source IP address of the
is 10.1.1.1. TFTP client.
You can run the tftp client-source
command to configure the source IP
address for the TFTP client.
If the IP address is configured for the
source port, the message "The source
interface of TFTP client is LoopBack0"
is displayed.
4.11.23 display tftp-server status
Function
The display tftp-server status command displays the TFTP server information.
Format
display tftp-server status
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run this command to check the TFTP server configuration and
connections with the current TFTP clients.
Example
# Display the TFTP server information.
<Huawei> display tftp-server status
TFTP Server is enabled
Listening port 69
Timeout value(in second) 10
TFTP server's root path flash:
There are 1 clients connected
[1]: ip 10.137.217.163, port 23, op READ
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 286
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-48 Description of the display tftp-server status command output
Item Description
TFTP Server is Status of the TFTP server.
● disabled
● enabled
To enable or disable the TFTP server
function, run the tftp server enable
command.
Listening port Port number of the TFTP server.
To configure a port number for the
TFTP server, run the tftp server port
command.
Timeout value(in second) Packet timeout period of the TFTP
server, in seconds.
To configure a packet timeout period
for the TFTP server, run the tftp server
timeout command.
TFTP server's root path Working directory of the TFTP server.
To configure a working directory for
the TFTP server, run the set default
tftp-directory command.
There are 1 clients connected One client has connected to the TFTP
server.
[1]: ip 10.137.217.163, port 23, op Client information. The client sequence
READ number is 1; IP address is
10.137.217.163; port number is 23; and
operation type is Read.
4.11.24 execute
Function
The execute command executes a specified batch file.
Format
execute batch-filename
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 287
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
batch-filename Specifies the name of a The value is a string of 5 to 64 case-
batch file. insensitive characters without spaces.
The file name extension is .bat.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If a series of commands are frequently executed, write these commands in a batch
file, and store this file in system. In this way, you can only execute this command
to run multiple commands which were manually entered before. This command
improves maintenance and management efficiency.
NOTE
● The batch file is edited in .txt format. When editing the file, ensure that one command
occupies one line. After editing the file, save the file and change the file name extension
to .bat.
● Transfer the batch file in file transmission mode to the device.
Prerequisites
Before running the execute command, ensure that the batch file to be processed
is in the current directory; otherwise, the system cannot find the batch file.
Precautions
● The commands in a batch file are run one by one. A batch file cannot contain
invisible characters (control characters or escape characters, such as \r, \n, and
\b). If any invisible character is detected, the execute command exits from the
current process and no rollback is performed.
● The execute command does not ensure that all commands can be run. If the
system runs a wrong or immature command, it displays the error and goes to
next command. The execute command does not perform the hot backup
operation, and the command format or content is not restricted.
● In case of interactive commands, batch file execution waits the device to
interact with users before continuing.
Example
# Execute the test.bat file in the directory flash:/. The test.bat file contains three
commands: system-view, aaa, and local-user huawei access-limit max-number.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 288
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] execute test.bat
[Huawei] system-view
^
Error: Unrecognized command found at '^' position.
[Huawei] aaa
[Huawei-aaa] local-user huawei access-limit 100
[Huawei-aaa]
When the system runs the first command system-view in current system view, it
displays an error and continues to run the following commands.
The system displays the execution of a batch file in AAA view.
[Huawei-aaa] display this
local-user huawei access-limit 100
4.11.25 file prompt
Function
The file prompt command changes the prompt mode when you perform
operations on files.
The default prompt mode is alert.
Format
file prompt { alert | quiet }
Parameters
Parameter Description Value
alert Display a prompt message before users perform an -
operation.
quiet Do not display a prompt message before users perform an -
operation.
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 289
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
NOTICE
If the prompt mode is set to quiet, the system does not provide prompt messages
when operations leading to data loss are executed, such as deleting or overwriting
files. Therefore, this prompt mode should be used with caution.
Example
# Set the prompt mode to quiet. When you rename a copied file test.txt using an
existing file name test1.txt, no prompt message is displayed.
<Huawei> system-view
[Huawei] file prompt quiet
[Huawei] quit
<Huawei> copy test.txt test1.txt
100% complete
Info: Copied file flash:/test.txt to flash:/test1.txt...Done.
# Set the prompt mode to alert.
<Huawei> system-view
[Huawei] file prompt alert
[Huawei] quit
<Huawei> copy test.txt test1.txt
Copy flash:/test.txt to flash:/test1.txt?[Y/N]:y
The file flash:/test1.txt exists. Overwrite it?[Y/N]:y
100% complete
Info: Copied file flash:/test.txt to flash:/test1.txt...Done.
4.11.26 format
Function
The format command formats a storage device.
Format
format drive
Parameters
Parameter Description Value
drive Specifies the name of the storage device to format. -
If a storage device contains the system software package, the
storage device cannot be formatted using the format
command. To format the storage device, perform the
operation in the BootROM or BootLoader menu.
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 290
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the storage device name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
AR routers excluding AR1600 series routers support automatic backup of the
current system software and configuration to the backup partition of the flash
memory. If the primary partition of the flash memory is damaged, the device can
start using the system software and configuration in the backup partition. You can
run the format flash:/ command to try to restore the primary partition of the
flash memory.
When the file system fault cannot be rectified or the data on the storage device is
unnecessary, the storage device can be formatted. When you run the format
command, all files and directories are cleared from the storage device.
Configuration Impact
NOTICE
After a storage device is formatted, the data it saves is deleted. If the
configuration file for the next startup is saved on the storage device,
configurations are lost after the device is restarted. If the software package for the
next startup is saved on the storage device, device restart is affected.
Precautions
NOTICE
After the format command is run, files and directories are cleared from the
specified storage device and cannot be restored. Therefore, this command should
be used with caution.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 291
NetEngine AR
Command Reference 4 Basic Configurations Commands
If the storage device is still unavailable after the format command is run, a
physical exception may have occurred.
Example
# Format the storage device.
<Huawei> format flash:
All data(include configuration and system startup file) on flash: will be lost , proceed with format? (y/n)
[n]:y
Info: Format flash: completed, restart the device to make the modification take effect.
4.11.27 ftp
Function
The ftp command connects the FTP client to the FTP server and enters the FTP
client view.
Format
# Connect the FTP client to the FTP server based on the IPv4 address.
ftp [ [ -a source-ip-address | -i interface-type interface-number ] host-ip [ port-
number ] [ public-net | vpn-instance vpn-instance-name ] ]
# Connect the FTP client to the FTP server based on the IPv6 address.
ftp ipv6 host-ipv6 [ vpn6-instance vpn6-instance-name ] [ port-number ]
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address The value is in dotted
address for connecting to the FTP client. decimal notation.
You are advised to use the
loopback interface IP address.
-i interface-type Specifies the source interface -
interface- type and ID. You are advised to
number use the loopback interface.
The IP address configured for
this interface is the source IP
address for sending packets. If
no IP address is configured for
the source interface, the FTP
connection cannot be set up.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 292
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
host-ip Specifies the IP address or host The value is a string of 1 to
name of the remote IPv4 FTP 255 case-insensitive
server. characters without spaces.
When quotation marks are
used around the string,
spaces are allowed in the
string.
port-number Specifies the port number of the The value is an integer that
FTP server. ranges from 1 to 65535. The
default value is the standard
port number 21.
public-net Specifies the FTP server on the -
public network.
You must set the public-net
parameter when the FTP server
IP address is a public network IP
address.
vpn-instance Specifies the name of the VPN The value is a string of 1 to
vpn-instance- instance where the IPv4 FTP 31 case-sensitive characters,
name server is located. spaces not supported. When
double quotation marks are
used around the string,
spaces are allowed in the
string.
vpn6-instance Specifies the name of the VPN The value is a string of 1 to
vpn6-instance- instance where the IPv6 FTP 31 case-sensitive characters,
name server is located. spaces not supported. When
double quotation marks are
used around the string,
spaces are allowed in the
string.
host-ipv6 Specifies the IP address or host The value is a string of 1 to
name of the remote IPv6 FTP 255 case-insensitive
server. characters without spaces.
When quotation marks are
used around the string,
spaces are allowed in the
string.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 293
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Before accessing the FTP server on the FTP client, you must first run the ftp
command to connect the FTP client to the FTP server.
Precautions
● You can set the source IP address to the source or destination IP address in
the ACL rule when the -a or -i parameter is specified on the IPv4 network.
This shields the IP address differences and interface status impact, filters
incoming and outgoing packets, and implements security authentication.
● You can run the set net-manager vpn-instance command to configure the
NMS management VPN instance before running the open command to
connect the FTP client and server.
– If public-net or vpn-instance is not specified, the FTP client accesses the
FTP server in the VPN instance managed by the NMS.
– If public-net is specified, the FTP client accesses the FTP server on the
public network.
– If vpn-instance vpn-instance-name is specified, the FTP client accesses
the FTP server in a specified VPN instance.
● If no parameter is set in the ftp command, only the FTP view is displayed, and
no connection is set up between the FTP server and client.
● If the port number that the FTP server uses is non-standard, you must specify
a standard port number; otherwise, the FTP server and client cannot be
connected.
● When you run the ftp command, the system prompts you to enter the user
name and password for logging in to the FTP server. You can log in to the FTP
server if the user name and password are correct.
● If the number of login users exceeds the maximum value that the FTP server
allows, other authorized users cannot log in to the FTP server. To allow news
authorized users to log in to the FTP server, users who have performed FTP
services must disconnect their clients from the FTP server. You can run the bye
or quit command to disconnect the FTP client from the FTP server and return
to the user view, or run the close or disconnect command to disconnect the
FTP client from the FTP server and retain in the FTP client view.
● On an IPv6 network, the IP address of an IPv6 FTP server cannot be set to a
local port address or loopback address (::1).
NOTE
FTP is an insecure protocol. If you have high network security requirements, you are advised
to use SFTP.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 294
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Connect to the FTP server whose IP address is 10.137.217.201.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp]
# Connect to the remote IPv6 FTP server whose address is fc00:2001:db8::1.
<Huawei> ftp ipv6 fc00:2001:db8::1
Trying fc00:2001:db8::1
Press CTRL+K to abort
Connected to ftp fc00:2001:db8::1.
220 FTP service ready.
User(fc00:2001:db8::1:(none)):huawei
331 Password required for huawei
Enter Password:
230 User logged in.
[Huawei-ftp]
4.11.28 ftp acl
Function
The ftp acl command specifies an ACL number for the current FTP server so that
the FTP client with the same ACL number can access the FTP server.
The undo ftp acl command deletes an ACL number of the current FTP server.
By default, no ACL is configured for FTP server.
Format
ftp [ ipv6 ] acl acl-number
undo ftp [ ipv6 ] acl
Parameters
Parameter Description Value
ipv6 Specifies the IPv6 FTP server. -
acl-number Specifies the number of the The value is an integer that
ACL. ranges from 2000 to 2999.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 295
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To ensure the security of an FTP server, you need to configure an ACL for it to
specify FTP clients that can access the current FTP server.
Precautions
● The ftp acl command takes effect only after you run the rule command to
configure the ACL rule.
● The FTP only supports the basic ACL whose number ranges from 2000 to
2999.
Example
# Allow the client whose ACL number is 2000 to log in to the FTP server.
<Huawei> system-view
[Huawei] acl 2000
[Huawei-acl-basic-2000] rule permit source 10.10.10.1 0
[Huawei-acl-basic-2000] quit
[Huawei] ftp acl 2000
4.11.29 ftp client-source
Function
The ftp client-source command specifies the source IP address for the FTP client
to send packets.
The undo ftp client-source command restores the default source IP address for
the FTP client to send packets.
The default source IP address for the FTP client to send packets is 0.0.0.0.
Format
ftp client-source { -a source-ip-address | -i interface-type interface-number }
undo ftp client-source
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address. You are The value is in
address advised to use the loopback interface IP dotted
address. decimal
notation.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 296
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-i interface-type Specifies the source interface. You are -
interface-number advised to use the loopback interface.
The IP address configured for the source
interface is the source IP address for
sending packets. If no IP address is
configured for the source interface, the FTP
connection cannot be set up.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the client uses the source IP address that the
router specifies to send packets. The source IP address must be configured for an
interface with stable performance. The loopback interface is recommended. Using
the loopback interface as the source interface simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, filters incoming and outgoing packets, and implements security
authentication.
Precautions
● You can also run the ftp command to configure the source IP address whose
priority is higher than that of the source IP address specified by the ftp client-
source command. If you specify the source IP addresses by running the ftp
client-source and ftp commands, the source IP address specified by the ftp
command is used for data communication and is available only for the
current FTP connection, while the source IP address specified by the ftp
client-source command is available for all FTP connections.
● The IP address that a user displays on the FTP server is the specified source IP
address or source interface IP address.
● If the specified source interface has been bound to a VPN instance, the client
is automatically bound to the same VPN instance.
Example
# Set the source IP address of the FTP client to 10.1.1.1.
<Huawei> system-view
[Huawei] ftp client-source -a 10.1.1.1
Info: Succeeded in setting the source address of the FTP client to 10.1.1.1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 297
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.30 ftp server enable
Function
The ftp server enable command enables the FTP server function to allow FTP
users to log in to the FTP server.
The undo ftp server command disables the FTP server function so that FTP users
cannot log in to the FTP server.
By default, the FTP server function is disabled.
Format
ftp [ ipv6 ] server enable
undo ftp [ ipv6 ] server
Parameters
Parameter Description Value
ipv6 Specifies the IPv6 FTP server. -
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To remotely manage files on the device through FTP, run this command to enable
the FTP server function to allow FTP users to log in to the device.
Prerequisites
The interfaces on the FTP server to which clients can connect have been specified
by running the ftp server permit interface { { interface-type interface-number }
&<1-5> | all } command. If no interface is specified, the FTP server function cannot
be enabled.
Precautions
If the FTP server function is disabled, no user can log in to the FTP server, and
users who have logged in to the FTP server cannot perform any operation except
logout.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 298
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTICE
SFTP V2 or SCP is more secure than FTP, and is therefore recommended.
SCP is supported in V300R021C10 and later versions.
Example
# Enable the FTP server function.
<Huawei> system-view
[Huawei] ftp server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] ftp server enable
Info: Succeeded in starting the FTP server.
Info: FTP is insecure, recommended to use SFTP with encryption features.
4.11.31 ftp server permit interface
Function
The ftp server permit interface command specifies interfaces on the FTP server
to which clients can connect.
The undo ftp server permit interface command deletes the specified interfaces
and allows clients to connect to all interfaces on the FTP server.
By default, clients can connect to all interfaces on the FTP server.
Format
ftp server permit interface { interface-type interface-number } &<1-5>
ftp server permit interface all
undo ftp server permit interface
Parameters
Parameter Description Value
interface-type Allows clients to connect to all authorized interfaces on -
interface- the FTP server.
number
interface-type specifies the interface type.
interface-number specifies the interface number.
interface-number and interface-type together specify an
interface.
NOTE
You can access the web system only through a physical
interface in versions earlier than V300R021C10SPC100.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 299
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
all Allows clients to connect to all interfaces on the FTP -
server.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To prevent clients from connecting to the FTP server through unauthorized
interfaces, you can run the ftp server permit interface command to specify
interfaces on the FTP server to which clients can connect.
Precautions
● This command does not take effect on the MEth management interface. The
FTP server always allows clients to connect to it through the MEth
management interface.
● By default, clients can connect to all interfaces on the FTP server. Once a
specific interface is specified using this command, a client cannot connect to
the FTP server through any other interface.
● A maximum of five interfaces can be specified using the ftp server permit
interface { interface-type interface-number } &<1-5> command. The latest
configuration overrides the previous one. For example, before you run this
command, clients can connect to three interfaces GigabitEthernet 1/0/0,
GigabitEthernet 2/0/0, and GigabitEthernet 3/0/0 on the FTP server. After you
run the command to specify the interface GigabitEthernet 1/0/0, clients can
only connect to the interface GigabitEthernet 1/0/0.
Example
# Allow clients to connect to all interfaces on the FTP server.
<Huawei> system-view
[Huawei] ftp server permit interface all
Warning: Allowing access from all interfaces is insecure.
# Specify interfaces on the FTP server to which clients can connect.
<Huawei> system-view
[Huawei] ftp server permit interface gigabitethernet 1/0/0 gigabitethernet 2/0/0
Info: Succeeded in setting ftp permit interface.
# Delete the specified interfaces and allow clients to connect to all interfaces on
the FTP server.
<Huawei> system-view
[Huawei] undo ftp server permit interface
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 300
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.32 ftp server port
Function
The ftp server port command specifies the listening port number of the FTP
server.
The default value is 21.
Format
ftp [ ipv6 ] server port port-number
Parameters
Parameter Description Value
ipv6 Specifies the IPv6 FTP server. -
port port-number Specifies the listening port The value is 21 or an
number of the FTP server. integer that ranges from
1025 to 55535.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
By default, the listening port number of the FTP server is 21. Attackers may
frequently access the default listening port, which wastes bandwidth, deteriorates
server performance, and prevents authorized users from accessing the FTP server
through the listening port. You can run the ftp server port command to specify
another listening port number to prevent attackers from accessing the listening
port.
Prerequisites
Before running the ftp server port command to specify the listening port number,
you must first run the undo ftp server command to disable FTP services.
Precautions
● After the ftp server port command is executed, the FTP server disconnects all
FTP connections and uses the new listening port.
● If the current listening port number is 21, FTP client users do not need to
specify the port number for logging in to the FTP server. If the current
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 301
NetEngine AR
Command Reference 4 Basic Configurations Commands
listening port number is not 21, FTP client users must use the FTP server's
listening port number to log in to the FTP server.
● After the listening port number is changed, you must run the ftp server
enable command to enable FTP services to make the configuration take
effect.
Example
# Change the port number of the FTP server to 1028.
<Huawei> system-view
[Huawei] undo ftp server
[Huawei] ftp server port 1028
4.11.33 ftp server-source
Function
The ftp server-source command specifies the source IP address for an FTP server
to send packets.
The undo ftp server-source command restores the default source IP address for
an FTP server to send packets.
The default source IP address for the FTP server to send packets is 0.0.0.0.
Format
ftp server-source { -a [ ipv6 ] source-ip-address | -i [ ipv6 ] interface-type
interface-number }
undo ftp [ ipv6 ] server-source
Parameters
Parameter Description Value
ipv6 Configures the FTP server to support an IPv6 -
source address.
-a source-ip-address Specifies the source IP address for the FTP server -
to send packets. The loopback IP address is
recommended.
-i interface-type Specifies the loopback interface of the FTP server -
interface-number as the source interface.
If no loopback interface is configured or no IP
address is configured for the source interface, the
command fails to be executed.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 302
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the FTP server uses the source IP address
specified by routes to send packets. The source IP address must be configured for
an interface with stable performance, such as the loopback interface. Using the
loopback interface as the source IP address simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, filters incoming and outgoing packets, and implements security
authentication.
Precautions
● After the source IP address is specified for the FTP server, you must use the
specified IP address to log in to the FTP server.
● If the FTP service has been enabled, the FTP service restarts after the ftp
server-source command is executed.
● If the specified source interface has been bound to a VPN instance, the server
is automatically bound to the same VPN instance.
Example
# Set the source IP address of the FTP server to LoopBack0.
<Huawei> system-view
[Huawei] ftp server-source -i loopback 0
Warning: To make the server source configuration take effect, the FTP server will be restarted. Continue? [Y/
N]: y
Info: Succeeded in setting the source interface of the FTP server to LoopBack0.
Info: Succeeded in starting the FTP server.
Info: FTP is insecure, recommended to use SFTP with encryption features.
4.11.34 ftp timeout
Function
The ftp timeout command configures the idle timeout duration of the FTP server.
The undo ftp timeout command restores the default idle timeout duration.
By default, the idle timeout duration of the FTP server is 30 minutes.
Format
ftp [ ipv6 ] timeout minutes
undo ftp [ ipv6 ] timeout
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 303
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
ipv6 Specifies the IPv6 FTP -
server.
minutes Specifies idle timeout The value is an integer that ranges from
duration. 1 to 35791, in minutes. By default, the
idle timeout duration is 30 minutes.
Views
System view
Default Level
3: Management level
Usage Guidelines
After a user logs in to the FTP server, a connection is set up between the FTP
server and the user's client. The idle timeout duration is configured to release the
connection when the connection is interrupted or when the user performs no
operation for a specified time.
Example
# Set the idle timeout duration to 36 minutes.
<Huawei> system-view
[Huawei] ftp timeout 36
4.11.35 get (SFTP client view)
Function
The get command downloads a file from the SFTP server and saves the file to the
local device.
Format
get remote-filename [ local-filename ]
Parameters
Parameter Description Value
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be downloaded from the case-insensitive characters
SFTP server. without spaces.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 304
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
local-filename Specifies the name of a The value is a string of 1 to 64
downloaded file to be saved to case-insensitive characters
the local device. without spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the get command to download files from the FTP server to upgrade
devices.
Precautions
● If local-filename is not specified on the local device, the original file name is
used.
● If the name of the downloaded file is the same as that of an existing local
file, the system prompts you whether to overwrite the existing file.
Example
# Download a file from the SFTP server.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> get test.txt
Remote file: / test.txt ---> Local file: test.txt
Info: Downloading file successfully ended.
4.11.36 get (FTP client view)
Function
The get command downloads a file from the FTP server and saves the file to the
local device.
Format
get remote-filename [ local-filename ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 305
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be downloaded from the case-insensitive characters
FTP server. without spaces.
local-filename Specifies the name of a The value is a string of 1 to 64
downloaded file to be saved to case-insensitive characters
the local device. without spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the get command to download system software, backup
configuration files, and patch files from the FTP server to upgrade devices.
Precautions
● If the downloaded file name is not specified on the local device, the original
file name is used.
● If the name of the downloaded file is the same as that of an existing local
file, the system prompts you whether to overwrite the existing file.
Example
# Download the system software devicesoft.cc from the FTP server.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] get devicesoft.cc
200 Port command successful.
150 Opening data connection for devicesoft.cc.
226 File sent ok
FTP: 6482944 byte(s) received in 54.500 second(s) 1117.40byte(s)/sec.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 306
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.37 help (SFTP client view)
Function
The help command displays the help information in the SFTP client view.
Format
help [ all | command-name ]
Parameters
Parameter Description Value
all Displays all commands in the SFTP client view. -
command-name Displays the format and parameters of a specified -
command in the SFTP client view.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
In the SFTP view, you can only enter the question mark (?) to obtain all
commands in the SFTP client view. If you enter a command keyword and the
question mark (?) to query command parameters, an error message is displayed,
as shown in the following:
sftp-client> dir ?
Error: Failed to list files.
You can run the help command to obtain the help information and display all
commands or a command format in the SFTP client view.
Precautions
If you specify no parameter when running the help command, all commands in
the SFTP client view are displayed. This has the same effect as the help all
command or directly entering the question mark (?) in the SFTP client view.
Example
# Display the format of the command get.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 307
NetEngine AR
Command Reference 4 Basic Configurations Commands
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> help get
get Remote file name STRING<1-64> [Local file name STRING<1-64>] Download file
Default local file name is the same with remote file.
# Display all commands in the SFTP client view.
sftp-client> help all
cd
cdup
dir
get
help
ls
mkdir
put
pwd
quit
rename
remove
rmdir
4.11.38 lcd
Function
The lcd command displays and changes the local working directory of the FTP
client in the FTP client view.
Format
lcd [ local-directory ]
Parameters
Parameter Description Value
local-directory Specifies the local working The value is a string of 1 to 64
directory of the FTP client. case-insensitive characters without
spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 308
NetEngine AR
Command Reference 4 Basic Configurations Commands
You can run the lcd command to display the local working directory of the FTP
client when uploading or downloading files, and set the upload or download path
to the path of the local working directory.
Precautions
The lcd command displays the local working directory of the FTP client, while the
pwd command displays the working directory of the FTP server. If you specify the
parameter local-directory in the lcd command, you can directly change the local
working directory in the FTP client view.
Example
# Change the local working directory to flash:/test.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] lcd
The current local directory is flash:.
[Huawei-ftp] lcd flash:/test
The current local directory is flash:/test.
4.11.39 mkdir (FTP client view)
Function
The mkdir command creates a directory on the remote FTP server.
Format
mkdir remote-directory
Parameters
Parameter Description Value
remote- Specifies the The value is a string of case-insensitive
directory directory to be characters without spaces. The absolute
created. path length ranges from 1 to 64, while
the directory name length ranges from 1
to 15.
Views
FTP client view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 309
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
● You can run the mkdir command to create a subdirectory in a specified
directory, and the subdirectory name must be unique.
● If no path is specified when you create a subdirectory, the subdirectory is
created in the current directory.
● The created directory is stored on the FTP server.
Example
# Create a directory test on the remote FTP server.
<Huawei> ftp 172.16.104.110
Trying 172.16.104.110 ...
Press CTRL+K to abort
Connected to 172.16.104.110.
220 FTP service ready.
User(172.16.104.110:(none)):huawei
331 Password required for huawei
Enter password:
230 User logged in.
[Huawei-ftp] mkdir test
257 "test" new directory created.
4.11.40 mkdir (SFTP client view)
Function
The mkdir command creates a directory on the remote SFTP server.
Format
mkdir remote-directory
Parameters
Parameter Description Value
remote- Specifies the The value is a string of case-insensitive
directory directory to be characters without spaces. The absolute
created. path length ranges from 1 to 64, while
the directory name length ranges from 1
to 15.
Views
SFTP client view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 310
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
● You can run the mkdir command to create a subdirectory in a specified
directory, and the subdirectory name must be unique.
● If no path is specified when you create a subdirectory, the subdirectory is
created in the current directory.
● The created directory is stored on the SFTP server.
● After a directory is created, you can run the dir/ls (SFTP client view)
command to view the directory.
Example
# Create a directory on the SFTP server.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> mkdir ssh
Info: Succeeded in creating a directory.
4.11.41 mkdir (user view)
Function
The mkdir command creates a directory in the current storage device.
Format
mkdir directory
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 311
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Settings
directory Specifies a directory or The value is a string of
directory and its path. case-insensitive
characters in the
[ drive ] [ path ]
directory format. The
absolute path length
ranges from 1 to 64,
while the directory name
length ranges from 1 to
15.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
Characters such as ~, *, /,
\, :, ', " cannot be used in
the directory name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 312
NetEngine AR
Command Reference 4 Basic Configurations Commands
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
If you only the subdirectory name is specified, a subdirectory is created in the
current working directory. You can run the pwd command to query the current
working directory. If the subdirectory name and directory path are specified, the
subdirectory is created in the specified directory.
Precautions
The subdirectory name must be unique in a directory; otherwise, the message
"Error: Directory already exists" is displayed.
Example
# Create the subdirectory new in the flash memory.
<Huawei> mkdir flash:/new
Info: Create directory flashsd1:/new......Done
4.11.42 more
Function
The more command displays the content of a specified file.
Format
more [ /binary ] filename [ offset ] [ all ]
Parameters
Parameter Description Value
/binary Displays the file -
content in binary
mode.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 313
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
filename Specifies the file The value is a string of 1 to 64 case-
name. insensitive characters without spaces in the
[ drive ] [ path ] file name format. When
quotation marks are used around the string,
spaces are allowed in the string.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be used in the
directory name.
offset Specifies the file The value is an integer that ranges from 0 to
offset. 2147483647, in bytes.
all Displays all the file -
content on one
screen.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the more command to display the file content directly on a device.
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 314
NetEngine AR
Command Reference 4 Basic Configurations Commands
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● You are not advised to use this command to display non-text files; otherwise,
the terminal is shut down or displays garbled characters, which is harmless to
the system.
● Files are displayed in text format.
● You can display the file content flexibly by specifying parameters before
running the more command:
– You can run the more filename command to view a specified text file.
The content of the specified text file is displayed on multiple screens. You
can press the spacebar consecutively on the current session GUI to
display all content of the file.
To display the file content on multiple screens, you must ensure that:
▪ The number of lines that can be displayed on a terminal screen is
greater than 0. (The number of lines that can be displayed on a
terminal screen is set by running the screen-length command.)
▪ The total number of file lines is greater than the number of lines
that can be displayed on a terminal screen. (The number of lines that
can be displayed on a terminal screen is set by running the screen-
length command.)
– You can run the more filename offset command to view a specified file.
The content of the specified text file starting from offset is displayed on
multiple screens. You can press the spacebar consecutively on the current
session GUI to display all content of the file.
To display the file content on multiple screens, you must ensure that:
▪ The number of lines that can be displayed on a terminal screen is
greater than 0. (The number of lines that can be displayed on a
terminal screen is set by running the screen-length command.)
▪ The number of lines starting from offset in the file is greater than
the number of lines that can be displayed on a terminal screen. (The
number of lines that can be displayed on a terminal screen is set by
running the screen-length command.)
– You can run the more file-name all command to view a specified file.
The file content is displayed on one screen.
Example
# Display the content of the file test.bat.
<Huawei> more test.bat
rsa local-key-pair create
user-interface vty 12 14
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 315
NetEngine AR
Command Reference 4 Basic Configurations Commands
authentication-mode aaa
protocol inbound ssh
user privilege level 5
quit
ssh user sftpuser authentication-type password
sftp server enable
# Display the content of the file log.txt and set the offset to 100.
<Huawei> more log.txt 100
: CHINA HUAWEI TECHNOLOGY LIMITTED CO.,LTD
# FILE NAME: Product Adapter File(PAF)
# PURPOSE: MAKE VRPV5 SUITABLE FOR DIFFERENT PRODUCT IN LIB
# SOFTWARE PLATFORM: V6R2C00
# DETAIL VERSION: B283
# DEVELOPING GROUP: 8090 SYSTEM MAINTAIN GROUP
# HARDWARE PLATFORM: 8090 (512M Memory)
# CREATED DATE: 2003/05/10
# AUTH: RAINBOW
# Updation History: Kelvin dengqiulin update for 8090(2004.08.18)
# lmg update for R3(2006.11.7)
# fsr update for R5 (2008.1.18)
# qj update for R6 (2008.08.08)
# COPYRIGHT: 2003---2008
#----------------------------------------------------------------------------------
#BEGIN FOR RESOURCE DEFINATION
[RESOURCE]
FORMAT: SPECS RESOURCE NAME STRING = CONTROLLABLE(1 : ABLE , 0: NOT ABLE),DEFAUL
T VALUE , MAX VALUE , MIN VALUE
#BEGIN SPECS RESOURCE FOR TE tunnel Nto1 PS MODULE
PAF_LCS_TUNNEL_SPECS_TE_PS_MAX_PROTECT_NUM = 1, 8, 16, 1
PAF_LCS_TUNNEL_SPECS_TE_PS_REBOOT_TIME = 1, 180000, 3600000, 60000
---- More ----
# Display the content of the file paf.txt.
<Huawei> more paf.txt all
PAF_LCS_588_IFC_FIFO_DEPTH_ASE = 222
#IFC_FIFO_DEPTH_ASE EXPLAIN (222: NORMAL, 102: DEEP)
PAF_LCS_588_IPE_FIFO_DEPTH_TCM = 659206
#IPE_FIFO_DEPTH_TCM EXPLAIN (659206: NORMAL, 655360: DEEP)
PAF_LCS_588_IFC_FIFO_DEPTH_TCM = 222
#IFC_FIFO_DEPTH_TCM EXPLAIN (222: NORMAL, 102: DEEP)
#END OF SPECS RESOURCE FOR 588 MODULE
#BEGIN 8090 MEM GATE AND ISSU MEM GATE
PAF_LCS_8090_BOARD_RESET_MEMORY_GATE = 90
PAF_LCS_8090_512BOARD_RESET_MEMORY_GATE = 85
PAF_LCS_8090_BOARD_RESET_MEMORY_GATE_ISSU = 95
PAF_LCS_ISSU_CHECK_MEMORY_GATE = 40
#END 8090 MEM GATE AND ISSU MEM GATE
[END CONFIGURE]
4.11.43 move(user view)
Function
The move command moves the source file from a specified directory to a
destination directory.
Format
move source-filename destination-filename
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 316
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Settings
source-filename Specifies the directory The value is a string of 1
and name of a source to 64 case-insensitive
file. characters without
spaces in the [ drive ]
[ path ] file name
format. When quotation
marks are used around
the string, spaces are
allowed in the string.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
destination-filename Specifies the directory The value is a string of 1
and name of a to 64 case-insensitive
destination file. characters without
spaces in the [ drive ]
[ path ] file name
format. When quotation
marks are used around
the string, spaces are
allowed in the string.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 317
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● If the destination file has the same name as an existing file, the system
prompts you whether to overwrite the existing file. The system prompt is
displayed only when file prompt is set to alert.
● This command cannot be used to move files between storage devices.
● The move and copy commands have different effects:
– The move command moves the source file to the destination directory.
– The copy command copies the source file to the destination directory.
Example
# Move a file from flash:/test/sample.txt to flash:/sample.txt.
<Huawei> move flash:/test/sample.txt flash:/sample.txt
Info: Move flash:/test/sample.txt to flash:/sample.txt ?(y/n)[n]: y
Info: Moved file flash:/test/sample.txt to flash:/sample.txt.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 318
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.44 open
Function
The open command connects the FTP client and server.
Format
# Connect the FTP client to the FTP server based on the IPv4 address.
open [ -a source-ip-address | -i interface-type interface-number ] host-ip [ port-
number ] [ public-net | vpn-instance vpn-instance-name ]
# Connect the FTP client to the FTP server based on the IPv6 address.
open ipv6 host-ipv6 [ port-number ]
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address for -
address connecting to the FTP client. You
are advised to use the loopback
interface IP address.
-i interface-type Specifies the source interface type -
interface- and ID. You are advised to use the
number loopback interface.
The IP address configured for this
interface is the source IP address
for sending packets. If no IP
address is configured for the
source interface, the FTP
connection cannot be set up.
host-ip Specifies the IP address or host The value is a string of 1 to
name of the remote IPv4 FTP 255 case-insensitive
server. characters without spaces.
When quotation marks are
used around the string,
spaces are allowed in the
string.
port-number Specifies the port number of the The value is an integer that
FTP server. ranges from 1 to 65535, or
21. The default value is the
standard port number 21.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 319
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
public-net Specifies the FTP server on the -
public network.
You must set the public-net
parameter when the FTP server IP
address is a public network IP
address.
vpn-instance Specifies the name of the VPN The value is a string of 1 to
vpn-instance- instance where the FTP server is 31 case-sensitive characters,
name located. spaces not supported.
When double quotation
marks are used around the
string, spaces are allowed
in the string.
host-ipv6 Specifies the IP address or host The value is a string of 1 to
name of the remote IPv6 FTP 255 case-insensitive
server. characters without spaces.
When quotation marks are
used around the string,
spaces are allowed in the
string.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the open command in the FTP client view to connect the FTP client to
the server to transmit files and manage files and directories of the FTP server.
Precautions
● You can run the ftp command in the user view to connect the FTP client and
server and enter the FTP client view.
● You can set the source IP address to the source or destination IP address in
the ACL rule when the -a or -i parameter is specified on the IPv4 network.
This shields the IP address differences and interface status impact, filters
incoming and outgoing packets, and implements security authentication.
● You can run the set net-manager vpn-instance command to configure the
NMS management VPN instance before running the open command to
connect the FTP client and server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 320
NetEngine AR
Command Reference 4 Basic Configurations Commands
– If public-net or vpn-instance is not specified, the FTP client accesses the
FTP server in the VPN instance managed by the NMS.
– If public-net is specified, the FTP client accesses the FTP server on the
public network.
– If vpn-instance vpn-instance-name is specified, the FTP client accesses
the FTP server in a specified VPN instance.
● If the port number that the FTP server uses is non-standard, you must specify
a standard port number; otherwise, the FTP server and client cannot be
connected.
● When you run the open command, the system prompts you to enter the user
name and password for logging in to the FTP server. You can log in to the FTP
client and enter the FTP client view if the user name and password are
correct.
Example
# Connect the FTP client with the FTP server whose IP address is 10.137.217.204.
<Huawei> ftp
[Huawei-ftp] open 10.137.217.204
Trying 10.137.217.204 ...
Press CTRL+K to abort
Connected to 10.137.217.204.
220 FTP service ready.
User(10.137.217.204:(none)):huawei
331 Password required for huawei.
Enter password:
230 User logged in.
[Huawei-ftp]
# Connect the FTP client with the FTP server whose IP address is fc00:2001:db8::1.
<Huawei> ftp
[Huawei-ftp] open ipv6 fc00:2001:db8::1
Trying fc00:2001:db8::1 ...
Press CTRL+K to abort
Connected to fc00:2001:db8::1
220 FTP service ready.
User(fc00:2001:db8::1:(none)):huawei
331 Password required for huawei
Enter Password:
230 User logged in.
[Huawei-ftp]
4.11.45 partition
Function
The partition command partitions the external storage medium of the device.
Format
partition device-name
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 321
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
device-name Specifies the name of the The value is a string of 1 to 64
external storage medium to be case-insensitive characters
partitioned. without spaces.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Partitioning the external storage medium of a device facilitates file differentiation
and management. If the external storage medium is partitioned and a partition is
faulty, data saved in other partitions is not affected.
Precautions
NOTICE
After this command is run, all files and directories are cleared from the specified
external storage medium of the device and cannot be restored. Therefore, exercise
caution when running this command.
If the external storage medium is still unavailable after this command is run, a
physical exception may have occurred.
Example
# Partition the external storage medium of a device.
<Huawei> partition hdd0:
All data(include configuration and system startup file) on hdd0: will be lost ,
proceed with partition? [Y/N]:y
Info: Partition hdd0: completed.
4.11.46 passive
Function
The passive command sets the data transmission mode to passive.
The undo passive command sets the data transmission mode to active.
By default, the data transmission mode is active.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 322
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
passive
undo passive
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
The device supports the active and passive data transmission modes. In active
mode, the server initiates a connection request, and the client and server need to
enable and monitor a port to establish a connection. In passive mode, the client
initiates a connection request, and only the server needs to monitor the
corresponding port. This command is used together with the firewall function.
When the client is configured with the firewall function, FTP connections are
restricted between internal clients and external FTP servers if the FTP transmission
mode is active. If the FTP transmission mode is passive, FTP connections between
internal clients and external FTP servers are not restricted.
Example
# Set the data transmission mode to passive.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] passive
Info: Succeeded in switching passive on.
4.11.47 put (FTP client view)
Function
The put command uploads a local file to the remote FTP server.
Format
put local-filename [ remote-filename ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 323
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
local-filename Specifies the local file name The value is a string of 1 to 64
of the FTP client. case-insensitive characters
without spaces.
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be uploaded to the remote case-insensitive characters
FTP server. without spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the put command to upload a local file to the remote FTP server for
further check and backup. For example, you can upload the local log file to the
FTP server for other users to check, and upload the configuration file to the FTP
server as a backup before upgrading the device.
Precautions
● If the file name is not specified on the remote FTP server, the local file name
is used.
● If the name of the uploaded file is the same as that of an existing file on the
FTP server, the system overwrites the existing file.
Example
# Upload the configuration file vrpcfg.zip to the remote FTP server as a backup,
and save it as backup.zip.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] put vrpcfg.zip backup.zip
200 Port command successful.
150 Opening BINARY mode data connection for file transfer.
226 Transfer complete
FTP: 1098 byte(s) sent in 0.131 second(s) 8.38Kbyte(s)/sec.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 324
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.48 put (SFTP client view)
Function
The put command uploads a local file to a remote SFTP server.
Format
put local-filename [ remote-filename ]
Parameters
Parameter Description Value
local-filename Specifies a local file The value is a case-insensitive
name on the SFTP client. character string without spaces. The
file name (including the absolute
path) contains 1 to 64 characters.
remote- Specifies the name of the The value is a case-insensitive
filename file uploaded to the character string without spaces. The
remote SFTP server. file name (including the absolute
path) contains 1 to 64 characters.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
This command enables you to upload files from the local device to a remote SFTP
server to view the file contents or back up the files. For example, you can upload
log files of a device to an SFTP server and view the logs in the server. During an
upgrade, you can upload the configuration file of the device to the SFTP server for
backup.
Precautions
● If remote-filename is not specified, the uploaded file is saved on the remote
SFTP server with the original file name.
● If the specified remote-filename is the same as an existing file name on the
SFTP server, the uploaded file overwrites the existing file on the server.
Example
# Upload a file to the SFTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 325
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> put wm.cfg
local file: wm.cfg ---> Remote file: /wm.cfg
Info: Uploading file successfully ended.
4.11.49 pwd (FTP client view)
Function
The pwd command displays the FTP client's working directory on the remote FTP
server.
Format
pwd
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
After logging in to the FTP server, you can run the pwd command to display the
FTP client's working directory on the remote FTP server.
If the displayed working directory is incorrect, you can run the cd command to
change the FTP client's working directory on the remote FTP server.
Example
# Display the FTP client's working directory on the remote FTP server.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 326
NetEngine AR
Command Reference 4 Basic Configurations Commands
[Huawei-ftp] pwd
257 "/" is current directory.
4.11.50 pwd (SFTP client view)
Function
The pwd command displays the SFTP client's working directory on the remote FTP
server.
Format
pwd
Parameters
None
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
After logging in to the SFTP server, you can run the pwd command to display the
SFTP client's working directory on the remote SFTP server.
If the displayed working directory is incorrect, you can run the cd command to
change the SFTP client's working directory on the remote SFTP server.
Example
# Display the SFTP client's working directory on the remote SFTP server.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> pwd
/
sftp-client> cd test
Current directory is:
/test
sftp-client> pwd
/test
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 327
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.51 pwd (user view)
Function
The pwd command displays the current working directory.
Format
pwd
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
You can run the pwd command in any directory to display the current working
directory. To change the current working directory, you can run the cd command.
Example
# Display the current working directory.
<Huawei> pwd
flash:/test
4.11.52 remotehelp
Function
The remotehelp command displays the help information about an FTP command
when the FTP client and server are connected.
Format
remotehelp [ command ]
Parameters
Parameter Description Value
command Specifies the FTP The value is a string of 1 to 16
command. characters.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 328
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
You can run the remotehelp command to display the help information about an
FTP command.
● The help information is provided by the remote server. Different remote
servers may provide different help information for an FTP command.
● The help information can be displayed for FTP commands user, pass, cwd,
cdup, quit, port, pasv, type, retr, stor, dele, rmd, mkd, pwd, list, nlst, syst,
help, xcup, xcwd, xmkd, xpwd, and xrmd.
Example
# Display the syntax of the command cdup.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] remotehelp
214-The following commands are recognized (* =>'s unimplemented).
USER PORT STOR MSAM* RNTO NLST MKD CDUP
PASS PASV APPE MRSQ* ABOR SITE* XMKD XCUP
ACCT TYPE MLFL* MRCP* DELE SYST RMD STOU
SMNT* STRU MAIL* ALLO* CWD STAT XRMD SIZE*
REIN MODE MSND* REST* XCWD HELP PWD MDTM*
QUIT RETR MSOM* RNFR LIST NOOP XPWD
214 Direct comments about WFTPD to [email protected].
[Huawei-ftp] remotehelp cdup
214 Syntax: CDUP <change to parent directory>.
4.11.53 remove (SFTP client view)
Function
The remove command deletes specified files from the remote SFTP server.
Format
remove remote-filename &<1-10>
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 329
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
remote- Specifies the name of the file The value is a string of 1 to 64
filename to be deleted from the remote case-insensitive characters
SFTP server. without spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
● You can configure a maximum of 10 file names in the command and separate
them using spaces and delete them at one time.
● If the file to be deleted is not in the current directory, you must specify the file
path.
Example
# Delete the file 3.txt from the server and backup1.txt from the test directory.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> remove 3.txt test/backup1.txt
Warning: Make sure to remove these files? [y/n][n]:y
Info: Succeeded in removing the file /3.txt.
Info: Succeeded in removing the file /test/backup1.txt.
4.11.54 remove (user view)
Function
The remove command removes a storage device safely.
Format
remove drive
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 330
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
drive Specifies the name of the storage The value can be usb0:,
device to be removed. usbotg:, or usb1:.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the remove command to safely remove a USB flash drive from the
device to prevent files in the device from being damaged.
Precautions
To safely remove a USB flash drive from the device, run the remove command. If
a USB flash drive is removed and inserted quickly, the device cannot read data
from the USB flash drive. In this case, you need to remove the USB flash drive and
insert it again after several seconds.
Example
# Remove the storage device USB0.
<Huawei> remove usb0:
…
Info: remove device usb0: successfully
4.11.55 rename (SFTP client view)
Function
The rename command renames a file or directory stored on the SFTP server.
Format
rename old-name new-name
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 331
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
old-name Specifies the name of a file The value is a string of 1 to 64 case-
or directory. insensitive characters without spaces.
new-name Specifies the new name of The value is a string of 1 to 64 case-
the file or directory. insensitive characters without spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
You can run the rename command to rename a file or directory.
Example
# Rename the directory yourtest in the authorized directory test on the SFTP
server.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> rename test/yourtest test/test
Warning: Rename /test/yourtest to /test/test? [y/n][n]:y
Info: Succeeded in renaming file.
sftp-client> cd test
Current directory is:
/test
sftp-client> dir
drwxrwxrwx 1 noone nogroup 0 Mar 29 22:44 .
drwxrwxrwx 1 noone nogroup 0 Mar 29 22:39 ..
drwxrwxrwx 1 noone nogroup 0 Mar 24 00:04 test
-rwxrwxrwx 1 noone nogroup 5736 Mar 24 18:38 backup.txt
4.11.56 rename (user view)
Function
The rename command renames a file or folder.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 332
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
rename old-name new-name
Parameters
Parameter Description Settings
old-name Specifies the name of a The value is a string of 1
file or folder. to 64 case-insensitive
characters without
spaces in the [ drive ]
[ path ] filename
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
new-name Specifies the new name The value is a string of 1
of the file or directory. to 64 case-insensitive
characters without
spaces in the [ drive ]
[ path ] filename
format.
In the preceding
parameter, drive
specifies the storage
device name, and path
specifies the directory
and subdirectory.
You are advised to add :
and / between the
storage device name and
directory. Characters ~,
*, /, \, :, ', ", ?, <, > cannot
be used in the directory
name.
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 333
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● You must rename a file or directory in its source directory.
● If the renamed file or directory has the same name as an existing file or
directory, an error message is displayed.
● If you specify old-name or new-name without specifying the file path, the file
must be saved in your current working directory.
Example
# Rename the directory mytest to yourtest in the directory flash:/test/.
<Huawei> pwd
flash:/test
<Huawei> rename mytest yourtest
Info: Rename flash:/test/mytest to flash:/test/yourtest ?(y/n)[n]:y
Info: Rename file flash:/test/mytest to flash:/test/yourtest ......Done
# Rename the file sample.txt to sample.bak.
<Huawei> rename sample.txt sample.bak
Info: Rename flash:/sample.txt to flash:/sample.bak ?(y/n)[n] :y
Info: Rename file flash:/sample.txt to flash:/sample.bak .......Done
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 334
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.57 reset recycle-bin
Function
The reset recycle-bin command permanently deletes files from the recycle bin.
Format
reset recycle-bin [ filename | devicename ]
Parameters
Parameter Description Value
filename Specifies the The value is a string of 1 to 64 case-insensitive
name of a file to characters without spaces in the [ drive ]
be deleted. [ path ] file name format. When quotation
marks are used around the string, spaces are
allowed in the string.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be used in the
directory name.
The wildcard (*) character is supported.
devicename Specifies the -
storage device
name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If you run the delete command without specifying the /unreserved parameter,
the file is moved to the recycle bin and still occupies the memory. To free up the
space, you can run the reset recycle-bin command to permanently delete the file
from the recycle bin.
The following describes the drive name.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 335
NetEngine AR
Command Reference 4 Basic Configurations Commands
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Like devicename, drive specifies the storage device name.
Precautions
● You can run the dir /all command to display all files that are moved to the
recycle bin from the current directory, and file names are displayed in square
brackets ([ ]).
● If you delete a specified storage device, all files in the root directory of the
storage device are deleted.
● If you run the reset recycle-bin command directly, all files that are moved to
the recycle bin from the current directory are permanently deleted.
Example
# Delete the file test.txt that is moved to the recycle bin from the directory test in
the root directory of flash:.
<Huawei> reset recycle-bin flash:/test/test.txt
Info: Squeeze flash:/test/test.txt?(y/n)[n]:y
Info: Cleared file flash:/test/test.txt.
# Delete files that are moved to the recycle bin from the current directory.
<Huawei> pwd
flash:/test
<Huawei> reset recycle-bin
Info: Squeeze flash:/test/backup.zip?(y/n)[n]:y
Info: Cleared file flash:/test/backup.zip.
Info: Squeeze flash:/test/backup1.zip?(y/n)[n]:y
Info: Cleared file flash:/test/backup1.zip.
4.11.58 rmdir (FTP client view)
Function
The rmdir command deletes a specified directory from the remote FTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 336
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
rmdir remote-directory
Parameters
Parameter Description Value
remote-directory Specifies a directory or The value is a string of 1 to 64
path on the FTP server. case-insensitive characters
without spaces.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the rmdir command to delete a specified directory from the remote
FTP server.
Precautions
● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● If no path is specified when you delete a subdirectory, the subdirectory is
deleted from the current directory.
● The directory is deleted from the FTP server rather than the FTP client.
Example
# Delete the directory d:/temp1 from the remote FTP server.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] rmdir d:/temp1
250 'D:\temp1': directory removed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 337
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.59 rmdir (user view)
Function
The rmdir command deletes a specified directory from the storage device.
Format
rmdir directory
Parameters
Parameter Description Value
directory Specifies a The value is a string of case-insensitive characters
directory or in the [ drive ] [ path ] directory format. The
directory and its absolute path length ranges from 1 to 64, while
path. the directory name length ranges from 1 to 15.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
Characters such as ~, *, /, \, :, ', " cannot be used
in the directory name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 338
NetEngine AR
Command Reference 4 Basic Configurations Commands
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● A deleted directory and its files cannot be restored from the recycle bin.
Example
# Delete the directory test from the current directory.
<Huawei> rmdir test
Remove directory flash:/test?(y/n)[n]:y
Info: Removing directory flash:/test....Done!
4.11.60 rmdir (SFTP client view)
Function
The rmdir command deletes a specified directory from the remote SFTP server.
Format
rmdir remote-directory &<1-10>
Parameters
Parameter Description Value
remote-directory Specifies the name of a file The value is a string of 1 to 64
on the SFTP server. case-insensitive characters
without spaces.
Views
SFTP client view
Default Level
3: Management level
Usage Guidelines
● You can configure a maximum of 10 file names in the command and separate
them using spaces and delete them at one time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 339
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Before running the rmdir command to delete a directory, you must delete all
files and subdirectories from the directory.
● If the directory to be deleted is not in the current directory, you must specify
the file path.
Example
# Delete the directory 1 from the current directory, and the directory 2 from the
test directory.
<Huawei> system-view
[Huawei] sftp 10.137.217.201
Please input the username:admin
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201 ...
Enter password:
sftp-client> cd bill
Current directory is:
/bill
sftp-client> rmdir 1 test/2
Warning: Make sure to remove these directories? [Y/N]:y
Info: Succeeded in removing the directory /test/1.
Info: Succeeded in removing the directory /test/test/2.
4.11.61 set default ftp-directory
Function
The set default ftp-directory command configures the default FTP working
directory.
The undo set default ftp-directory command disables the default FTP working
directory.
By default, no default FTP working directory is configured.
Format
set default ftp-directory directory
undo set default ftp-directory
Parameters
Parameter Description Value
directory Specify the default FTP The value is a string of 1 to 64 case-
working directory. insensitive characters without spaces.
Views
System view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 340
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the set default ftp-directory command to configure a default FTP
working directory for all FTP users at one time.
Precautions
● The set default ftp-directory command takes effect only when the device
functions as an FTP server and the user function as an FTP client.
● You can run the local-user ftp-directory command to configure an
authorized working directory for a local user.
● If you have configured the FTP working directory by running the local-user
ftp-directory command, you must use this FTP working directory.
● You can run the lcd command to view the working directory of FTP users.
● If no FTP working directory is specified on the device, FTP users cannot log in
to the device.
Example
# Set the default FTP working directory to flash:/.
<Huawei> system-view
[Huawei] set default ftp-directory flash:/
4.11.62 set default tftp-directory
Function
The set default tftp-directory command configures a working directory for the
TFTP server.
The undo set default tftp-directory command deletes the working directory of
the TFTP server.
By default, no working directory is configured for the TFTP server.
Format
set default tftp-directory directory
undo set default tftp-directory
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 341
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
directory Specifies the working The value is a string of 1 to 64 case-
directory for the TFTP server. insensitive characters without spaces.
Views
System view
Default Level
3: Management level
Usage Guidelines
You need to configure a working directory for the TFTP server on the device. After
that, TFTP clients can obtain files from the specified working directory.
Example
# Set the working directory of the TFTP server to flash:.
<Huawei> system-view
[Huawei] set default tftp-directory flash:
4.11.63 set net-manager vpn-instance
Function
The set net-manager vpn-instance command configures the default VPN
instance that the NMS uses on the device.
The undo set net-manager vpn-instance command deletes the default VPN
instance from the device.
By default, no VPN instance is configured on the device.
Format
set net-manager vpn-instance vpn-instance-name
undo set net-manager vpn-instance
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 342
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
vpn-instance- Specifies the name of The value is a string of 1 to 31 case-
name the default VPN sensitive characters, spaces not
instance. supported. When double quotation
marks are used around the string,
spaces are allowed in the string.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If the NMS manages devices on the VPN network, you need to send the device
information to the NMS using the VPN instance.
You can run the set net-manager vpn-instance command to configure the
default VPN instance for the NMS to manage the device so that the device can
use this VPN instance to communicate with the NMS.
Precautions
● The VPN instance must have been created on the device before this command
is run.
● After this command is run successfully, the configured file transfer commands
based on FTP, SCP, or SFTP take effect only in the default VPN instance.
● If the host has been configured as a log host, the NMS can receive device logs
from the default VPN instance.
Example
# Set the default VPN instance to VPN instance v1.
<Huawei> system-view
[Huawei] set net-manager vpn-instance v1
4.11.64 sftp
Function
The sftp command connects the device to the SSH server so that you can manage
files that are stored on the SFTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 343
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
# Connect the SFTP client to the SFTP server based on IPv4.
sftp [ -a source-address | -i interface-type interface-number ] host-ip [ port ]
[ [ public-net | -vpn-instance vpn-instance-name ] | [ identity-key { rsa | ecc } ] |
[ user-identity-key { rsa | ecc } ] | [ prefer_kex { dh_group15_sha512 |
dh_group14_sha256 | dh_group14_sha1 | dh_group1 | dh_exchange_group } ] |
[ prefer_ctos_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] |
[ prefer_stoc_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] |
[ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 |
sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 |
sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]
# Connect the SFTP client to the SFTP server based on IPv6.
sftp ipv6 [ -a source-address ] host-ipv6 [ -oi interface-type interface-number ]
[ port ] [ [ -vpn6-instance vpn-instance-name ] | [ identity-key { rsa | ecc } ] |
[ user-identity-key { rsa | ecc } ] | [ prefer_kex { dh_group15_sha512 |
dh_group14_sha256 | dh_group14_sha1 | dh_group1 | dh_exchange_group } ] |
[ prefer_ctos_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] |
[ prefer_stoc_cipher { 3des | aes128 | aes128-ctr | aes192-ctr | aes256-ctr } ] |
[ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 | sha2_256 |
sha2_256_96 } ] | [ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 |
sha2_256 | sha2_256_96 } ] ] * [ -ki aliveinterval [ -kc alivecountmax ] ]
Parameters
Parameter Description Value
ipv6 Specifies an IPv6 -
address.
-a source-address Specifies the source IP -
address for connecting
to the SFTP client. You
are advised to use the
loopback interface IP
address.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 344
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-i interface-type Specifies the source -
interface-number interface type and ID.
You are advised to use
the loopback interface.
The IP address
configured for this
interface is the source IP
address for sending
packets. If no IP address
is configured for the
source interface, the
SFTP connection cannot
be set up.
host-ip Specifies the IP address The value is a string of 1 to 255
or host name of the case-insensitive characters
remote IPv4 SFTP server. without spaces. When quotation
marks are used around the
string, spaces are allowed in the
string.
host-ipv6 Specifies the IPv6 The value is a string of 1 to 255
address or host name of case-insensitive characters
the remote IPv6 SFTP without spaces. When quotation
server. marks are used around the
string, spaces are allowed in the
string.
-oi interface-type Specifies an outbound -
interface-number interface on the local
device.
If the remote host uses
an IPv6 address, you
must specify the
outbound interface on
the local device.
port Specifies the port The value is an integer that
number of the SSH ranges from 1 to 65535. The
server. default port number is 22.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 345
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
public-net Specifies the SFTP -
server on the public
network.
You must set the
public-net parameter
when the SFTP server IP
address is a public
network IP address.
-vpn-instance vpn- Name of the VPN The value is a string of 1 to 31
instance-name instance where the IPv4 case-sensitive characters, spaces
SFTP server is located. not supported. When double
quotation marks are used
around the string, spaces are
allowed in the string.
-vpn6-instance vpn- Name of the VPN The value is a string of 1 to 31
instance-name instance where the IPv6 case-sensitive characters, spaces
SFTP server is located. not supported. When double
quotation marks are used
around the string, spaces are
allowed in the string.
identity-key Specifies the public key The public key algorithm
for server include RSA and ECC.
authentication.
user-identity-key Specifies the public key The public key algorithm
algorithm for the client include RSA and ECC.
authentication.
NOTE
If the user-identity-key parameter
is not used, RSA authentication is
used by default. You can specify
ECC authentication using the user-
identity-key parameter.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 346
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
prefer_kex Specifies the preferred The dh_group15_sha512,
key exchange algorithm. dh_group14_sha256,
dh_group14_sha1, dh_group1,
and dh_exchange_group
algorithms are supported.
The default key exchange
algorithm is
dh_group14_sha256.
NOTE
The length of the Diffie-hellman-
group-exchange key exchange
algorithm is dynamically
negotiated and ranges from 1024
bits to 8192 bits.
The length of the Diffie-hellman-
group1 key exchange algorithm is
768 bits.
The length of the Diffie-hellman-
group14 key exchange algorithm is
2048 bits.
The length of the Diffie-hellman-
group15 key exchange algorithm is
3072 bits.
prefer_ctos_cipher Specify an encryption Encryption algorithms 3des,
algorithm for aes128, aes128-ctr, aes192-ctr,
transmitting data from and aes256-ctr are supported.
the client to the server.
The default algorithm are
aes128-ctr, aes192-ctr, and
aes256-ctr.
prefer_stoc_cipher Specify an encryption Encryption algorithms 3des,
algorithm for aes128, aes128-ctr, aes192-ctr,
transmitting data from and aes256-ctr are supported.
the server to the client.
The default algorithm are
aes128-ctr, aes192-ctr, and
aes256-ctr.
prefer_ctos_hmac Specify an HMAC HMAC algorithms sha1,
algorithm for sha1_96, md5, sha2_256,
transmitting data from sha2_256_96, and md5_96 are
the client to the server. supported.
The default HMAC algorithm is
sha2_256.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 347
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
prefer_stoc_hmac Specify an HMAC HMAC algorithms sha1,
algorithm for sha1_96, md5, sha2_256,
transmitting data from sha2_256_96, and md5_96 are
the server to the client. supported.
The default HMAC algorithm is
sha2_256.
-ki aliveinterval Specifies the interval for The value is an integer that
sending keepalive ranges from 1 to 3600, in
packets when no packet seconds.
is received in reply.
-kc alivecountmax Specifies the times for The value is an integer that
sending keepalive ranges from 3 to 10. The
packets when no packet default value is 5.
is received in reply.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
SFTP is short for SSH FTP that is a secure FTP protocol. SFTP is on the basis of
SSH. It ensures that users can log in to a remote device securely for file
management and transmission, and enhances the security in data transmission. In
addition, you can log in to a remote SSH server from the device that functions as
an SFTP client.
When the connection between the SFTP server and client fails, the SFTP client
must detect the fault in time and disconnect from the SFTP server. To ensure this,
before being connected to the server in SFTP mode, the client must be configured
with the interval and times for sending the keepalive packet when no packet is
received in reply. If the client receives no packet in reply within the specified
interval, the client sends the keepalive packet to the server again. If the maximum
number of times that the client sends keepalive packets exceeds the specified
value, the client releases the connection. By default, when no packet is received,
the function for sending keepalive packets is not enabled.
Precautions
● You can set the source IP address to the source or destination IP address in
the ACL rule when the -a or -i parameter is specified. This shields the IP
address differences and interface status impact, filters incoming and outgoing
packets, and implements security authentication.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 348
NetEngine AR
Command Reference 4 Basic Configurations Commands
● The SSH client can log in to the SSH server with no port number specified
only when the port number of the SSH server is 22. If the SSH server uses
another port, the port number must be specified when SSH clients log in to
the SSH server.
● You can run the set net-manager vpn-instance command to configure the
NMS management VPN instance before running the open command to
connect the FTP client and server.
– If public-net or vpn-instance is not specified, the FTP client accesses the
FTP server in the VPN instance managed by the NMS.
– If public-net is specified, the FTP client accesses the FTP server on the
public network.
– If vpn-instance vpn-instance-name is specified, the FTP client accesses
the FTP server in a specified VPN instance.
● If you cannot run the sftp command successfully when you configured the
ACL on the SFTP client, or when the TCP connection fails, an error message is
displayed indicating that the SFTP client cannot be connected to the server.
● For security purposes, you are advised to use the AES128, AES128-CTR,
AES192-CTR, AES256-CTR or SHA2_256 encryption algorithms instead.
Example
# Set the current listening port number of the SSH server to 1025, and specify the
SFTP client on the public network and the SSH server on the private network.
<Huawei> system-view
[Huawei] sftp 10.164.39.223 1025 -vpn-instance ssh
Please input the username: client001
Trying 10.164.39.223 ...
Press CTRL+K to abort
Enter password:
sftp-client>
# Set keepalive parameters when the client is connected to the server in SFTP
mode.
<Huawei> system-view
[Huawei] sftp 10.164.39.223 -ki 10 -kc 4
Please input the username: client001
Trying 10.164.39.223 ...
Press CTRL+K to abort
Enter password:
sftp-client>
4.11.65 sftp client-source
Function
The sftp client-source command specifies the source IP address for the SFTP
client to send packets.
The undo sftp client-source command restores the default source IP address for
the SFTP client to send packets.
The default source IP address for the SFTP client to send packets is 0.0.0.0.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 349
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
sftp client-source { -a source-ip-address | -i interface-type interface-number }
undo sftp client-source
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address. You are The value is in
address advised to use the loopback interface IP dotted
address. decimal
notation.
-i interface-type Specifies the source interface. You are -
interface-number advised to use the loopback interface.
The IP address configured for the source
interface is the source IP address for
sending packets. If no IP address is
configured for the source interface, the FTP
connection cannot be set up.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the client uses the source IP address that the
router specifies to send packets. The source IP address must be configured for an
interface with stable performance. The loopback interface is recommended. Using
the loopback interface as the source interface simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, filters incoming and outgoing packets, and implements security
authentication.
Precautions
● You can query the source IP address or primary IP address of the source
interface for the SFTP connection on the SFTP server.
● The sftp command also configures the source IP address whose priority is
higher than that of the source IP address specified in the sftp client-source
command. If you specify source addresses in the sftp client-source and sftp
commands, the source IP address specified in the sftp command is used for
data communication. The source address specified in the sftp client-source
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 350
NetEngine AR
Command Reference 4 Basic Configurations Commands
command applies to all SFTP connections. The source address specified in the
sftp command applies only to the current SFTP connection.
● If the specified source interface has been bound to a VPN instance, the client
is automatically bound to the same VPN instance.
Example
# Set the source IP address of the SFTP client to 10.1.1.1.
<Huawei> system-view
[Huawei] sftp client-source -a 10.1.1.1
Info: Succeeded in setting the source address of the SFTP client to 10.1.1.1.
4.11.66 sftp server enable
Function
The sftp server enable command enables the SFTP service on the SSH server.
The undo sftp server enable command disables the SFTP service on the SSH
server.
By default, the SFTP service is disabled.
Format
sftp server enable
undo sftp server enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
To connect the client to the SSH server to transfer files in SFTP mode, you must
first enable the SFTP server on the SSH server.
Example
# Enable the SFTP service.
<Huawei> system-view
[Huawei] ssh server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] sftp server enable
Info: Succeeded in starting the SFTP server.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 351
NetEngine AR
Command Reference 4 Basic Configurations Commands
# Disable the SFTP service.
<Huawei> system-view
[Huawei] undo sftp server enable
Info: Succeeded in closing the SFTP server.
4.11.67 tftp
Function
The tftp command uploads a file to the TFTP server or downloads a file to the
local device.
Format
# Upload a file to the TFTP server or download a file to the local device based on
the IPv4 address
tftp [ -a source-ip-address | -i interface-type interface-number ] tftp-server
[ public-net | vpn-instance vpn-instance-name ] { get | put } source-filename
[ destination-filename ]
# Upload a file to the TFTP server or download a file to the local device based on
the IPv6 address
tftp ipv6 [ -a source-ip-address ] tftp-server-ipv6 [ -oi interface-type interface-
number ] [ vpn6-instance vpn6-instance-name ] { get | put } source-filename
[ destination-filename ]
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP -
address address for connecting to the
TFTP client. You are advised
to use the loopback interface
IP address.
-i interface-type Specifies the source interface -
interface- used by the TFTP client to set
number up connections. It consists of
the interface type and
number. It is recommended
that you specify a loopback
interface.
The IP address configured for
this interface is the source IP
address for sending packets.
If no IP address is configured
for the source interface, the
TFTP connection cannot be
set up.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 352
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-oi interface- Specifies an outbound If the remote host uses an IPv6
type interface- interface on the local device. address, you must specify the
number outbound interface on the local
device.
tftp-server Specifies the IPv4 address or The value is a string of 1 to 255
host name for the TFTP case-insensitive characters
server. without spaces.
tftp-server-ipv6 Specifies the IPv6 address of The value is a string of 1 to 255
the IPv6 TFTP server. case-insensitive characters
without spaces.
public-net Specifies the TFTP server on -
the public network.
vpn-instance Name of the VPN instance The value is a string of 1 to 31
vpn-instance- where the IPv4 TFTP server is case-sensitive characters,
name located. spaces not supported. When
double quotation marks are
used around the string, spaces
are allowed in the string.
vpn6-instance Name of the VPN instance The value is a string of 1 to 31
vpn6-instance- where the IPv6 TFTP server is case-sensitive characters,
name located. spaces not supported. When
double quotation marks are
used around the string, spaces
are allowed in the string.
get Download a file. -
put Upload a file. -
source-filename Specifies the source file The value is a string of 1 to 64
name. case-insensitive characters
without spaces.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 353
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
destination- Specifies the directory and The value is a string of 1 to 64
filename name of a destination file. case-insensitive characters
without spaces in the [ drive ]
[ path ] file name format.
When quotation marks are
used around the string, spaces
are allowed in the string.
In the preceding parameter,
drive specifies the storage
device name, and path
specifies the directory and
subdirectory.
You are advised to add : and /
between the storage device
name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be
used in the directory name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When upgrading the system, you can run the tftp command to upload an
important file to the TFTP server or download a system software to the local
device.
Precautions
● When you run the tftp command to upload a file to the TFTP server in TFTP
mode, files are transferred in binary mode by default. The tftp does not
support the ASCII mode for file transfer.
● After specifying a source IP address, you can use this IP address to
communicate with the server and implement packet filtering to ensure data
security.
● You can run the set net-manager vpn-instance command to configure the
NMS management VPN instance before running the open command to
connect the FTP client and server.
– If public-net or vpn-instance is not specified, the FTP client accesses the
FTP server in the VPN instance managed by the NMS.
– If public-net is specified, the FTP client accesses the FTP server on the
public network.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 354
NetEngine AR
Command Reference 4 Basic Configurations Commands
– If vpn-instance vpn-instance-name is specified, the FTP client accesses
the FTP server in a specified VPN instance.
Example
# Download file vrpcfg.txt from the root directory of the TFTP server to the local
device. The IP address of the TFTP server is 10.1.1.1. Save the downloaded file to
the local device as file vrpcfg.bak.
<Huawei> tftp 10.1.1.1 get vrpcfg.txt flash:/vrpcfg.bak
# Upload file vrpcfg.txt from the root directory of the storage device to the
default directory of the TFTP server. The IP address of the TFTP server is 10.1.1.1.
Save file vrpcfg.txt on the TFTP server as file vrpcfg.bak.
<Huawei> tftp 10.1.1.1 put flash:/vrpcfg.txt vrpcfg.bak
# Obtain the link local IP address and interface name from the TFTP server.
<Huawei> tftp ipv6 fc00::1 -oi gigabitethernet 1/0/0 get file1 file2
4.11.68 tftp client-source
Function
The tftp client-source command specifies the source IP address for the TFTP
client to send packets.
The undo tftp client-source command restores the default source IP address for
the TFTP client to send packets.
The default source IP address for the TFTP client to send packets is 0.0.0.0.
Format
tftp client-source { -a source-ip-address | -i interface-type interface-number }
undo tftp client-source
Parameters
Parameter Description Value
-a source-ip- Specifies the source IP address of the TFTP The value is in
address client. You are advised to use the loopback dotted
interface IP address. decimal
notation.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 355
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-i interface-type Source interface type and ID. You are -
interface-number advised to use the loopback interface.
The IP address configured for this interface
is the source IP address for sending packets.
If no IP address is configured for the source
interface, the TFTP connection cannot be set
up.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source IP address is specified, the client uses the source IP address that the
router specifies to send packets. The source IP address must be configured for an
interface with stable performance. The loopback interface is recommended. Using
the loopback interface as the source interface simplifies the ACL rule and security
policy configuration. This shields the IP address differences and interface status
impact, filters incoming and outgoing packets, and implements security
authentication.
Precautions
● The tftp command also configures the source IP address whose priority is
higher than that of the source IP address specified in the tftp client-source
command. If you specify source addresses in the tftp client-source and tftp
commands, the source IP address specified in the tftp command is used for
data communication. The source address specified in the tftp client-source
command applies to all TFTP connections. The source address specified in the
tftp command applies only to the current TFTP connection.
● You can query the source IP address or source interface IP address specified in
the TFTP connection on the TFTP server.
● If the specified source interface has been bound to a VPN instance, the client
is automatically bound to the same VPN instance.
Example
# Set the source IP address of the TFTP client to 10.1.1.1.
<Huawei> system-view
[Huawei] tftp client-source -a 10.1.1.1
Info: Succeeded in setting the source address of the TFTP client to 10.1.1.1.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 356
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.69 tftp-server acl
Function
The tftp-server acl command specifies the ACL number for the local device so
that the device can access TFTP servers with the same ACL number.
The undo tftp-server acl command deletes the ACL number from the local device.
By default, no ACL number is specified on the local client.
Format
tftp-server acl acl-number
undo tftp-server acl
Parameters
Parameter Description Value
acl-number Specifies the number of the The value is an integer that ranges
basic ACL. from 2000 to 2999.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To ensure the security of the local device, you need to run the tftp-server acl
command to specify an ACL to specify TFTP servers that the local device can
access.
Precautions
● The tftp-server acl command takes effect only after you run the rule
command to configure the ACL rule. If no ACL rule is configured, the local
device can access a specified TFTP server in TFTP mode.
● The TFTP supports only the basic ACL whose number ranges from 2000 to
2999.
Example
# Allow the local device to the access the TFTP server whose ACL number is 2000.
<Huawei> system-view
[Huawei] acl 2000
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 357
NetEngine AR
Command Reference 4 Basic Configurations Commands
[Huawei-acl-basic-2000] rule permit source 10.10.10.1 0
[Huawei-acl-basic-2000] quit
[Huawei] tftp-server acl 2000
4.11.70 tftp server enable
Function
The tftp server enable command enables the TFTP server function on the device.
The undo tftp server enable command disables the TFTP server function on the
device.
By default, the TFTP server function is disabled.
Format
tftp server enable
undo tftp server enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To allow a local client to remotely manage files on the device using TFTP, you
must run this command to enable the TFTP server function on the device.
NOTE
SFTP V2 or SCP is more secure than TFTP, and is therefore recommended.
SCP is supported in V300R021C10 and later versions.
Prerequisite
● The TFTP working directory has been configured by running the set default
tftp-directory directory command.
● The interfaces on the TFTP server to which clients can connect have been
specified by running the tftp server permit interface { { interface-type
interface-number } &<1-5> | all } command. If no interface is specified, the
TFTP server function cannot be enabled.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 358
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enable the TFTP server function.
<Huawei> system-view
[Huawei] set default tftp-directory flash:
[Huawei] tftp server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] tftp server enable
Info: Succeeded in starting the TFTP server.
Info: TFTP is insecure, recommended to use SFTP with encryption features.
4.11.71 tftp server permit interface
Function
The tftp server permit interface command specifies interfaces on the TFTP server
to which clients can connect
The undo tftp server permit interface command deletes the specified interfaces
and allows clients to connect to all interfaces on the TFTP server.
By default, clients can connect to all the interfaces on the TFTP server.
Format
tftp server permit interface { { interface-type interface-number } &<1-5> | all }
undo tftp server permit interface
Parameters
Parameter Description Value
interface-type Allows clients to connect to all authorized interfaces -
interface-number on the TFTP server.
interface-type specifies the interface type.
interface-number specifies the interface number.
interface-number and interface-type together specify
an interface.
all Allows clients to connect to all interfaces on the TFTP -
server.
Views
System view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 359
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
To prevent clients from connecting to the TFTP server through unauthorized
interfaces, you can run the tftp server permit interface command to specify the
interfaces on the TFTP server to which clients can connect.
Precautions
● This command does not take effect on the MEth management interface. The
TFTP server always allows clients to connect to it through the MEth
management interface.
● By default, clients can connect to all the interfaces on the TFTP server. Once a
specific interface is specified using this command, a client cannot connect to
the TFTP server through any other interface.
● A maximum of five interfaces can be specified using the tftp server permit
interface { interface-type interface-number } &<1-5> command. The latest
configuration overrides the previous one. For example, before you run this
command, clients can connect to three interfaces GigabitEthernet 1/0/0,
GigabitEthernet 2/0/0, and GigabitEthernet 3/0/0 on the TFTP server. After
you run the command to specify the interface GigabitEthernet 1/0/0, clients
can only connect to the interface GigabitEthernet 1/0/0.
● If no interface is specified on the TFTP server to allow clients to connect to
the server, the TFTP service cannot be enabled.
● The undo tftp server permit interface command can be executed only after
the TFTP service is disabled.
Example
# Allow clients to connect to all interfaces on the TFTP server.
<Huawei> system-view
[Huawei] tftp server permit interface all
Warning: Allowing access from all interfaces is insecure.
# Specify interfaces on the TFTP server to which clients can connect.
<Huawei> system-view
[Huawei] tftp server permit interface gigabitethernet 1/0/0 gigabitethernet 2/0/0
Info: Succeeded in setting tftp permit interface.
# Delete the specified interfaces and allow clients to connect to all interfaces on
the TFTP server.
<Huawei> system-view
[Huawei] undo tftp server permit interface
4.11.72 tftp server port
Function
The tftp server port command configures the port number of the TFTP server.
The undo tftp server port command restores the default port number of the TFTP
server.
By default, the port number of the TFTP server is 69.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 360
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
tftp server port port-number
undo tftp server port
Parameters
Parameter Description Value
port-number Specifies the port number The value is an integer that ranges
of the TFTP server. from 69 or 1025 to 55535. The
default value is 69.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
By default, the port number of the TFTP server is 69. Users can directly log in to
the device using the default port number. Attackers may access the default port,
consuming bandwidth, deteriorating server performance, and causing authorized
users unable to access the server. You can run this command to configure another
port number for the TFTP server. This can prevent attacks to the TFTP server
because attackers cannot obtain the newly configured port number.
Prerequisite
The TFTP service has been disabled by running the undo tftp server enable
command.
Precautions
● When the port number of the TFTP server is 69, a TFTP client can connect to
the TFTP server without the need to specify a port number. When the port
number of the TFTP server is not 69, you need to specify a port number for
the TFTP client before it can connect to the TFTP server, and the specified
client port number must be the same as the server port number.
● After running this command to configure a new port number, you must run
the tftp server enable command to enable the TFTP server before the
modified port number takes effect.
Example
# Set the port number of the TFTP server to 1028.
<Huawei> system-view
[Huawei] tftp server port 1028
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 361
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.73 tftp server timeout
Function
The tftp server timeout command configures a packet timeout period for a TFTP
server.
The undo tftp server timeout command restores the default packet timeout
period for a TFTP server.
By default, the packet timeout period of a TFTP server is 5 seconds.
Format
tftp server timeout timeout-second
undo tftp server timeout
Parameters
Parameter Description Value
timeout-second Specifies the packet The value an integer that ranges
timeout period of a TFTP from 1 to 300, in seconds. The
server. default value is 5s.
Views
System view
Default Level
3: Management level
Usage Guidelines
If the server does not receive any response within 5 seconds after sending a packet
to a client, it considers that the packet times out. The TFTP server will resend a
packet twice. If the packet times out three times, the TFTP server disconnects the
TFTP connection.
Example
# Set the packet timeout period of a TFTP server to 10s.
<Huawei> system-view
[Huawei] tftp server timeout 10
4.11.74 undelete
Function
The undelete command restores a file that has been temporally deleted and
moved to the recycle bin.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 362
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
undelete { filename | devicename }
Parameters
Parameter Description Value
filename Specifies the name The value is a string of 1 to 64 case-insensitive
of a file to be characters without spaces in the [ drive ]
restored. [ path ] file name format. When quotation
marks are used around the string, spaces are
allowed in the string.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be used in the
directory name.
devicename Specifies the -
storage device
name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the undelete command to restore a file that has been temporally
deleted and moved to the recycle bin. However, files that are permanently deleted
by running the delete or reset recycle-bin command with the /unreserved
parameter cannot be restored.
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 363
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Like devicename, drive specifies the storage device name.
Precautions
● To display information about a temporally deleted file, run the dir /all
command. The file name is displayed in square brackets ([ ]).
● If the name of a file is the same as an existing directory, the file cannot be
restored. If the destination file has the same name as an existing file, the
system prompts you whether to overwrite the existing file. The system prompt
is displayed only when file prompt is set to alert.
Example
# Restore file sample.bak from the recycle bin.
<Huawei> undelete sample.bak
Info: Undelete flash:/sample.bak ?(y/n)[n]:y
Info: Undeleted file flash:/sample.bak.
# Restore a file that has been moved from the root directory to the recycle bin.
<Huawei> undelete flash:
Info: Undelete flash:/test.txt?(y/n)[n]:y
Info: Undeleted file flash:/test.txt.
Info: Undelete flash:/rr.bak?(y/n)[n]:y
Info: Undeleted file flash:/rr.bak.
4.11.75 unzip
Function
The unzip command decompresses a file.
Format
unzip source-filename destination-filename
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 364
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
source- Specifies the name The value is a string of 1 to 64 case-
filename of a source file to insensitive characters without spaces in the
be decompressed. [ drive ] [ path ] file name format. When
quotation marks are used around the string,
spaces are allowed in the string.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory.
Characters ~, *, /, \, :, ', ", ?, <, > cannot be
used in the directory name.
destination- Specifies the name The value is a string of 1 to 64 case-
filename of a destination insensitive characters without spaces in the
file that is [ drive ] [ path ] file name format. When
decompressed. quotation marks are used around the string,
spaces are allowed in the string.
In the preceding parameter, drive specifies
the storage device name, and path specifies
the directory and subdirectory.
You are advised to add : and / between the
storage device name and directory.
Characters ~, *, /, \, :, ', ", ?, <, > cannot be
used in the directory name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can decompress files, especially log files that are stored on the storage device
and run the more command to query the file.
The following describes the drive name.
drive is the storage device and is named as follows:
● flash: root directory of the flash memory on the active SRU.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 365
NetEngine AR
Command Reference 4 Basic Configurations Commands
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● If the destination file path is specified while the file name is not specified, the
designation file name is the same as the source file name.
● The source file persists after being decompressed.
● The compressed file must be a .zip file. If a file to be decompressed is not a
zip file, the system displays an error message during decompression.
● The source file must be a single file. If you attempt to decompress a directory
or multiple files, the decompression cannot succeed.
Example
# Decompress log file syslogfile-2012-02-27-17-47-50.zip that are stored in the
syslogfile directory and save it to the root directory as file log.txt.
<Huawei> pwd
flash:/syslogfile
<Huawei> unzip syslogfile-2012-02-27-17-47-50.zip flash:/log.txt
Info: Extract flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip to flash:/log.txt?(y/n)[n]:y
100% complete
Info: Decompressed file flash:/syslogfile/syslogfile-2012-02-27-17-47-50.zip flash:/log.txt.
4.11.76 user
Function
The user command changes the current FTP user when the local device is
connected to the FTP server.
Format
user user-name [ password ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 366
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
user-name Specifies the name of a The value is a string of 1 to 64 case-
login user. insensitive characters without space.
password Specifies the login The value is a string of 1 to 16 case-
password. sensitive characters without space, single
quotation mark, or question mark.
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the user command to change the current user on the FTP server.
Precautions
After you run the user command to change the current user, a new FTP
connection is set up, which is the same as that you specify in the ftp command.
Example
# Log in to the FTP server using the user name tom.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] user tom
331 Password required for tom.
Enter password:
230 User logged in.
4.11.77 verbose
Function
The verbose command enables the verbose function on the FTP client.
The undo verbose command disables the verbose function.
By default, the verbose function is enabled.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 367
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
verbose
undo verbose
Parameters
None
Views
FTP client view
Default Level
3: Management level
Usage Guidelines
After the verbose function is enabled, all FTP response messages are displayed on
the FTP client.
Example
# Enable the verbose function.
<Huawei> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User huawei logged in.
[Huawei-ftp] verbose
Info: Succeeded in switching verbose on.
[Huawei-ftp] get h1.txt
200 Port command okay.
150 Opening ASCII mode data connection for h1.txt.
226 Transfer complete.
FTP: 69 byte(s) received in 0.160 second(s) 431.25byte(s)/sec.
# Disable the verbose function.
[Huawei-ftp] undo verbose
Info: Succeeded in switching verbose off.
[Huawei-ftp] get h1.txt
FTP: 69 byte(s) received in 0.150 second(s) 460.00byte(s)/sec.
4.11.78 zip
Function
The zip command compresses a file.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 368
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
zip source-filename destination-filename
Parameters
Parameter Description Value
source- Specifies the The value is a string of 1 to 64 case-insensitive
filename name of a characters without spaces in the [ drive ]
source file to be [ path ] file name format. When quotation
compressed. marks are used around the string, spaces are
allowed in the string.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be used in the
directory name.
destination- Specifies the The value is a string of 1 to 64 case-insensitive
filename name of a characters without spaces in the [ drive ]
destination file [ path ] file name format. When quotation
that is marks are used around the string, spaces are
compressed. allowed in the string.
In the preceding parameter, drive specifies the
storage device name, and path specifies the
directory and subdirectory.
You are advised to add : and / between the
storage device name and directory. Characters
~, *, /, \, :, ', ", ?, <, > cannot be used in the
directory name.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The following describes the drive name.
drive is the storage device and is named as follows:
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 369
NetEngine AR
Command Reference 4 Basic Configurations Commands
● flash: root directory of the flash memory on the active SRU.
● slave#flash: root directory of the flash memory on the standby SRU. If the
device has no standby SRU, this drive is unavailable.
● Vhdd0: root directory of the built-in hard disk.
NOTE
For the storage device type and specifications supported by the device, see "Technical
Specifications" in the Hardware Description.
Only the AR6300 and AR6300K supports dual SRUs.
Only the AR6300-S supports dual SRUs.
The path can be an absolute path or relative path.
● flash:/my/test/ is an absolute path.
● /selftest/ is a path relative to the root directory and indicates the selftest
directory in the root directory.
● selftest/ is a path relative to the current working directory and indicates the
selftest directory in the current working directory.
Precautions
● If the destination file path is specified while the file name is not specified, the
designation file name is the same as the source file name.
● The source file persists after being compressed.
● Directories cannot be compressed.
Example
# Compress file log.txt that is stored in the root directory and save it to the test
directory as file log.zip.
<Huawei> dir
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 155 Dec 02 2011 01:28:48 log.txt
1 -rw- 9,870 Oct 01 2011 00:22:46 patch.pat
2 drw- - Mar 22 2012 00:00:48 test
3 -rw- 836 Dec 22 2011 16:55:46 rr.dat
...
1,927,220 KB total (1,130,464 KB free)
<Huawei> zip log.txt flash:/test/log.zip
Info: Zip flash:/log.txt flash:/test/log.zip? (y/n)[n]:y
100% complete
Info: Compressed file flash:/log.txt flash:/test/log.zip.
<Huawei> cd test
<Huawei> dir
Directory of flash:/test/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 -rw- 836 Mar 20 2012 19:49:14 test
1 -rw- 239 Mar 22 2012 20:57:38 test.txt
2 -rw- 1,056 Dec 02 2011 01:28:48 log.txt
3 -rw- 240 Mar 22 2012 21:23:46 log.zip
1,927,220 KB total (1,130,463 KB free)
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 370
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.79 scp
Function
The scp command uploads files to or downloads files from a remote SCP server.
NOTE
This function is supported in V300R021C10 and later versions.
Format
# Transfer files between the local client and the remote SCP server based on IPv4.
scp [ -port port-number | { public-net | vpn-instance vpn-instance-name } |
identity-key { rsa | ecc } | user-identity-key { rsa | ecc } | { -a source-address | -i
interface-type interface-number } | -r | -cipher -cipher | -c ] * sourcefile
destinationfile
# Transfer files between the local client and the remote SCP server based on IPv6.
scp ipv6 [ -port port-number | { public-net | vpn-instance vpn-instance-name } |
identity-key { rsa | ecc } | user-identity-key { rsa | ecc } | -a source-address | -r | -
cipher -cipher | -c ] * sourcefile destinationfile [ -oi interface-type interface-
number ]
Parameters
Parameter Description Value
-port port- Specifies the port number The value is an integer in the
number of the SCP server. range from 1 to 65535. The
default port number is 22.
public-net Indicates that the SCP -
server is connected to the
public network.
vpn-instance Specifies the name of the The value is a string of 1 to 31
vpn-instance- VPN instance where the case-sensitive characters
name SCP server is located. without spaces. The value must
be the name of an existing VPN
instance.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 371
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
identity-key Specifies public key Currently, RSA and ECC are
algorithms for server supported. By default, the ECC
authentication. public key is used for server
authentication.
NOTE
For security purposes, RSA is not
recommended as the public key
algorithm.
user-identity-key Specifies the public key Public key algorithms include
algorithm for client RSA and ECC. By default, RSA is
authentication. used for client authentication.
NOTE
For security purposes, RSA is not
recommended as the public key
algorithm.
-a source-address Specifies the source -
address for connecting to
the SCP client. You are
advised to use a loopback
address as the source
address.
-i interface-type Specifies the source -
interface-number interface type and number
for connecting to the SCP
client. You are advised to
use a loopback interface as
the source interface. The IP
address configured for the
interface is the source IP
address for sending
packets. If no IP address is
configured for the source
interface, the SCP
connection cannot be set
up.
-r Uploads or downloads files -
in batches.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 372
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-cipher -cipher Specifies an encryption Encryption algorithms des,
algorithm for file upload or 3des, aes192_ctr, aes128_ctr,
download. aes256_ctr, and aes128 are
supported. The default
algorithm is aes256_ctr.
For security purposes, you are
advised to use more secure
algorithms aes128_ctr and
aes256_ctr.
-c Enables file compression -
during file upload or
download.
sourcefile Specifies a source file for The source file format is
file upload or download. username@hostname:[path]
[filename] during file download.
destinationfile Specifies a destination file The destination file format is
for file upload or username@hostname:[path]
download. [filename] during file upload.
ipv6 Indicates IPv6 SCP. -
-oi interface-type Specifies an outbound -
interface-number interface on the local
device.
If the IPv6 address of a
remote host is a link-local
address, you must specify
the outbound interface on
the local device.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
SCP is an SSH2.0-based secure file transfer protocol. Compared with SFTP, SCP
allows you to upload or download files when a connection is set up.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 373
NetEngine AR
Command Reference 4 Basic Configurations Commands
● For security purposes, you are advised to set the source address to a loopback
address using -a or set the outbound interface to a loopback interface using -
i.
● If -r is specified, you can use the wildcard (*) to upload or download files in
batches by entering *.txt or huawei.* for example.
● If -c is specified, files are compressed before being transmitted. File
compression takes a long time and delays file transfer; therefore, you are
advised not to use the file compression function.
Prerequisites
The VPN instance to be specified in the command has been configured.
The SCP server function has been enabled using the scp server enable command.
Precautions
● The format of files uploaded to or downloaded from the SCP server is
username@hostname:[path][filename]. In the preceding file format,
username specifies the user name for logging in to the SCP server, hostname
specifies the SCP server name or IP address, path specifies the user's working
directory on the SCP server, and filename specifies the file name. The
following example describes how to upload files to the remote SCP server:
– If filename and path are not specified, the system uploads files to the
root directory of the user's working directory.
– If path is specified but filename is not, the system uploads files to the
specified path.
– If filename is specified, the system uploads the specified file to the SCP
server and names the file as filename on the server.
– If hostname specifies an IPv6 address, the IPv6 address must be enclosed
in square brackets ([ ]), for example, zhangsan@[FC00::/7]:.
● If the destination file name is an existing directory name, the source file is
copied to that directory and the name of the new file is the name of the
source file. If the destination file name is an existing file name, the system
prompts you whether to overwrite the existing file.
● If an SCP user is using the public key authentication method (RSA, DSA, or
ECC key) to authenticate the server on the client, the user is prompted to
select the key pair for identity authentication.
● If the set net-manager vpn-instance command is run to configure the NMS
to manage network elements through a VPN instance:
– When public-net or vpn-instance is not specified, the device accesses the
server in the VPN instance managed by the NMS.
– When public-net is specified, the device accesses the server on the public
network.
– When vpn-instance vpn-instance-name is specified, the device accesses
the server in the specified VPN instance.
NOTE
The number of files in the root directory is limited in the file system. Therefore, if there are
more than 50 files in the root directory, creating new files in this directory may fail.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 374
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Log in through ECC authentication and copy the xxxx.txt file to the flash
memory of the remote SCP server at 10.10.0.114.
<Huawei> system-view
[Huawei] scp identity-key ecc flash:/xxxx.txt [email protected]:flash:/xxxx.txt
Trying 10.10.0.114 ...
Press CTRL+K to abort
Connected to 10.10.0.114 ...
The server's public key does not match the one catched before.
The server is not authenticated.
Continue to access it? [Y/N]:y
Update the server's public key now? [Y/N]: y
Enter password:
flash:/xxxx.txt 100% 12Bytes 1KByte(s)/sec
4.11.80 scp client-source
Function
The scp client-source command specifies the source address used by the SCP
client to send packets.
The undo scp client-source command restores the default source address used by
the SCP client to send packets.
By default, the source address used by the SCP client to send packets is 0.0.0.0.
NOTE
This function is supported in V300R021C10 and later versions.
Format
scp client-source { -a source-ip-address | -i interface-type interface-number }
undo scp client-source
Parameters
Parameter Description Value
-a source-ip- Specifies the source address used by the SCP The value is
address client to send packets. You are advised to use in dotted
a loopback interface address as the source decimal
address. notation.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 375
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
-i interface-type Specifies the source interface type and -
interface-number number. You are advised to use a loopback
interface as the source interface.
The primary IP address configured for this
interface is the source address for sending
packets. If no IP address is configured for the
source interface, the connection cannot be
set up.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If no source address is not specified, the device selects a source address according
to routing entries to send packets. The source address to be configured must be
the address of a stable interface. This configuration makes it easier to configure
ACL rules and security policies. You simply need to specify the source or
destination address in an ACL rule as the source address, thereby allowing the
device to filter incoming and outgoing packets for security authentication.
Prerequisites
The loopback source interface specified using this command must exist and have
an IP address configured.
Precautions
The scp command can also configure the source address, which has a higher
priority than the source address specified in the scp client-source command. If
you specify the source address in both the scp client-source and scp commands,
the source address specified in the scp command is used. The source address
specified in the scp client-source command applies to all SCP connections,
whereas the source address specified in the scp command applies only to the
current SCP connection.
Example
# Set the source address used by the SCP client to send packets to 10.1.1.1.
<Huawei> system-view
[Huawei] scp client-source -a 10.1.1.1
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 376
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.81 scp server enable
Function
The scp server enable command enables the SCP service for the SSH server.
The undo scp server enable command disables the SCP service for the SSH server.
By default, the SCP service is disabled for the SSH server.
NOTE
This function is supported in V300R021C10 and later versions.
Format
scp server enable
undo scp server enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Before using SCP to transfer files to a remote server, enable the SCP service for the
server. The client can establish an SCP connection with the SSH server only after
the SCP service has been enabled for the SSH server.
Prerequisites
● Before running this command, run the ssh server permit interface
{ { interface-type interface-number } &<1-5> | all } command to configure the
interfaces to which the client can connect. Otherwise, the SSH server function
cannot be enabled.
Example
# Enable the SCP service for the server.
<Huawei> system-view
[Huawei] ssh server permit interface all
Warning: Allowing access from all interfaces is insecure.
[Huawei] scp server enable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 377
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.11.82 display scp-client
Function
The display scp-client command displays the configuration of the current SCP
client.
NOTE
This function is supported in V300R021C10 and later versions.
Format
display scp-client
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
You can run this command to check the source parameters of the SCP client.
If the scp client-source { -a source-ip-address | -i interface-type interface-
number } command is not run, the system does not display source information.
Example
# Display the source address configured for the SFTP client.
<Huawei> display scp-client
The source of SCP ipv4 client: 10.1.1.1
4.12 Configuring System Startup Commands
4.12.1 Support for Configuring System Startup
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 378
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.2 autosave interval
Function
The autosave interval command sets the interval for automatically saving system
configuration data.
Format
autosave interval { value | time | configuration time }
Parameters
Parameter Description Value
value Configures the automatic save The value is an
function. The automatic save function enumerated value
is classified into two types: saving that can be on or off.
configuration data automatically and The default value is
saving modified data automatically. off.
When the value is on, the two save
functions are enabled. When the value
is off, the two save functions are
disabled and the data needs to be
saved manually.
time Indicates the interval for automatically The value is an integer
saving the configuration data. If an that ranges from 10 to
interval is configured, the 10080.
configuration data is saved regardless The unit is minute.
of whether it is modified.
The default value is
1440 minutes.
configuration Indicates the interval for automatically The value is an integer
time saving the modified data. When the that ranges from 2 to
configuration data is modified, it is 1440.
saved at the preset interval. The unit is minute.
The default value is 30
minutes.
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 379
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
Run this command to set configuration data at preset intervals. When the interval
is set, the system automatically saves the configuration data without requiring the
command delivered by the network management system. The modified data can
be saved in the storage device in real time and cannot be lost after system restart.
Precautions
● When the automatic save function is enabled, you can also run the save
command to save the system configuration data manually. When the
automatic save function is disabled, the system does not save data
automatically and you need to run the save command to save the configured
data.
● The automatic save function is disabled by default.
● After you run the autosave interval command, the frequent data save
operation affects system performance. Do not set the automatic save interval
to less than 1 hour. The automatic save interval of 24 hours or greater is
recommended.
● The automatic save function specified by the autosave interval command
cannot be enabled together with that specified by the autosave time
command.
Example
# Enable the automatic save function.
<Huawei> autosave interval on
System autosave interval switch: on
Autosave interval: 1440 minutes
Autosave type: configuration file
System autosave modified configuration switch: on
Autosave interval: 30 minutes
Autosave type: configuration file
# Set the automatic save interval to 120 minutes.
<Huawei> autosave interval 120
System autosave interval switch: on
Autosave interval: 120 minutes
Autosave type: configuration file
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 380
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-49 Description of the autosave interval command output
Item Description
System autosave interval switch Whether the device is enabled to
automatically save system
configuration data at the specified
interval:
● on: The device is enabled to
automatically save system
configuration data at the specified
interval.
● off: The device is disabled from
automatically saving system
configuration data at the specified
interval.
Autosave interval Specifies the interval for automatically
saving configuration data. If an
interval is configured, the
configuration data is saved at intervals
regardless of whether the data is
changed.
Autosave type Indicates that the type of file saved
automatically is configuration file.
System autosave modified Indicates that the change to the
configuration switch configuration data is automatically
saved. When the value is on, the
function is enabled. When the value is
off, the function is disabled.
4.12.3 autosave time
Function
The autosave time command sets the automatic save time.
Format
autosave time { value | time-value }
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 381
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
value Configures the device to save configuration Enumerated
data at a preset time. value. The
options are as
follows:
● on: The
device is
enabled to
automatica
lly save
system
configurati
on data at
a preset
time.
● off: The
device is
disabled
from
automatica
lly saving
system
configurati
on data at
a preset
time.
The default
value is off.
time-value Indicates the automatic save time after the The value
device is enabled to automatically save system ranges from
configuration data. After this parameter is 00:00:00 to
configured, the system automatically saves the 23:59:59.
configuration data at intervals of the The default
automatic save time. value is
00:00:00.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 382
NetEngine AR
Command Reference 4 Basic Configurations Commands
The system can save configuration data at preset intervals or at the preset time.
Run this command to set the automatic save time. When the time is set, the
system automatically saves the configuration data without requiring the
command delivered by the network management system. The modified data can
be saved in the storage device in real time and cannot be lost after system restart.
Precautions
● When the device is enabled to automatically save system configuration data,
the modified configuration is saved at the preset time. When the device is
disabled from automatically saving system configuration data, the system
does not save data automatically and you need to run the save command to
save the configured data.
● The automatic save function specified by the autosave time command
cannot be used with that specified by the autosave interval command.
● If data is frequently read from or written into the storage device, the lifespan
of the storage medium is reduced. You are advised to disable the automatic
save function immediately after the modified data is saved.
Example
# Enable the device to automatically save system configuration data at intervals
of the automatic save time.
<Huawei> autosave time on
System autosave time switch: on
Autosave time: 00:00:00
Autosave type: configuration file
# Set the automatic save time to 12:20:30.
<Huawei> autosave time 12:20:30
System autosave time switch: on
Autosave time: 12:20:30
Autosave type: configuration file
Table 4-50 Description of the autosave time command output
Item Description
System autosave time switch Whether the device is enabled to
automatically save system
configuration data at the specified
time:
● on: The device is enabled to
automatically save system
configuration data at the specified
time.
● off: The device is disabled from
automatically saving system
configuration data at the specified
time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 383
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Autosave time Automatic save time. The device saves
system configuration data at intervals
of the automatic save time no matter
whether the configuration data
changes.
Autosave type Type of the file saved automatically.
4.12.4 compare configuration
Function
The compare configuration compares whether the current configurations are
identical with the next startup configuration file.
Format
compare configuration [ configuration-file [ current-line-number save-line-
number ] ]
Parameters
Parameter Description Value
configuration-file Specifies the name of the The value is a string of 5 to
configuration file to be 64 case-insensitive
compared with the current characters without spaces.
configurations.
current-line- Specifies the line number for The value is an integer that
number comparison in the current ranges from 0 to 65535.
configuration.
save-line-number Specifies the line number for The value is an integer that
comparison in the saved ranges from 0 to 65535.
configuration.
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 384
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
If current-line-number and save-line-number are not specified, the configuration
files are compared from the first lines. The two parameters can be specified to skip
the differences that are found and continue the comparison.
When the difference is found using the compare configuration command, the
different content in the current and saved configuration files is displayed. By
default, 120 characters are displayed. If the different content from the start line to
the end line contains less than 120 characters, only these characters are displayed.
Precautions
● The configuration file name extension must be .cfg or .zip.
● If configuration-file is not specified, the system compares whether the current
configurations are identical with the next startup configuration file.
● If configuration-file is specified, the system compares whether the current
configurations are identical with the specified startup configuration file.
Example
# Compare whether the current configurations are identical with the next startup
configuration file.
<Huawei> compare configuration
The current configuration is not the same as the next startup configuration file.
====== configuration line 14 ======
ftp server permit interface all
ftp server enable
#
drop illegal-mac alarm
#
vlan batch 10 to 11
#
dot1x enable
#
set transceiver-monitoring disable
====== Configuration file line 14 ======
drop illegal-mac alarm
#
vlan batch 10 to 11
#
dot1x enable
#
set transceiver-monitoring disable
4.12.5 change default-password
Function
The change default-password command enables the function of changing AAA
and Boot passwords when factory settings of a device are restored.
The undo change default-password command disables the function of changing
AAA and Boot passwords when factory settings of a device are restored.
By default, the function of changing AAA and Boot passwords when factory
settings of a device are restored is disabled. The default username and password
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 385
NetEngine AR
Command Reference 4 Basic Configurations Commands
are available in AR Router Default Usernames and Passwords (Enterprise
Network or Carrier). If you have not obtained the access permission of the
document, see Help on the website to find out how to obtain it.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
change default-password
undo change default-password
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run the change default-password command to enable the function of
changing AAA and Boot passwords when factory settings of a device are restored.
Prerequisites
The default username and password are available in AR Router Default
Usernames and Passwords (Enterprise Network or Carrier). If you have not
obtained the access permission of the document, see Help on the website to find
out how to obtain it.
Precautions
The configuration takes effect immediately after the change default-password
command is executed.
Example
# Enable the function of changing AAA and Boot passwords when factory settings
of a device are restored.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 386
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> system-view
[Huawei] change default-password
Info : The default password of boot has been changed.
Info : The default password of aaa has been changed.
Info : This operation can only be restored by command:undo change default-password.
Table 4-51 Description of the change default-password command output
Item Description
Info : The default password of boot After the command is executed, the
has been changed. Boot password is changed.
NOTE
If the Boot password of the device is not
set to the password in the prerequisite
before the change default-password
command is executed, the device does not
display this information after you run this
command.
Info : The default password of aaa has After the command is executed, the
been changed. AAA password is changed.
NOTE
If the AAA password of the device is not
set to the password in the prerequisite
before the change default-password
command is executed, the device does not
display this information after you run this
command.
Info : This operation can only be After running the change default-
restored by command:undo change password command, you can only run
default-password. the undo change default-password
command to disable the function of
changing AAA and Boot passwords
when factory settings of a device are
restored.
NOTE
After running the undo change default-
password command, you must restart the
device using either of the following
methods to make the configuration take
effect. If the device enters the Boot mode
after the undo change default-password
command is executed and the device is
restarted for the first time, the Boot
password is still the password in the
prerequisite.
● Run the factory-configuration reset
command to restore the device to
factory settings after the device is
restarted, and then restart the device
again.
● Hold down the RESET button to restart
the device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 387
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.6 diagnose verify enable
Function
The diagnose verify enable command enables the password authentication
function for users who enter the diagnostic view.
The diagnose verify disable command disables the password authentication
function for users who enter the diagnostic view.
By default, password authentication is not required for users who enter the
diagnostic view.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
diagnose verify enable
diagnose verify disable
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Password authentication is performed for users who enter the diagnostic view to
ensure security. After the diagnose verify enable command is run in the system
view, the system prompts you to enter the current Boot menu password. After the
entered password is successfully verified, the password authentication function is
successfully enabled for users who enter the diagnostic view. If password
authentication is not required for users who enter the diagnostic view, after the
diagnose verify disable command is run in the system view, the system prompts
you to enter the current Boot menu password. After the entered password is
successfully verified, the password authentication function is successfully disabled
for users who enter the diagnostic view.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 388
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Enable the password authentication function for users who enter the diagnostic
view.
<Huawei> system-view
[Huawei] diagnose verify enable
Please enter password:
Info: Set diagnose verify enable successfully.
4.12.7 display autosave configuration
Function
The display autosave configuration command displays the automatic save
parameters of the configuration data.
Format
display autosave configuration
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Run this command when you want to check whether the function for
automatically saving configuration data is enabled, enable or disable the
automatic save function, and modify the automatic save interval or time.
Precautions
● Run the autosave time command to set the time for automatically saving
system configuration data.
● Run the autosave interval command to set the interval for automatically
saving system configuration data.
● Frequent data save operations affect the lifespan of the system storage
device. Do not set the automatic save interval to less than 1 hour. The
automatic save interval of 24 hours or greater is recommended.
Example
# Display the automatic save parameters configured in the system.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 389
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> display autosave configuration
System autosave interval switch: on
Autosave interval: 120 minutes
Autosave type: configuration file
System autosave modified configuration switch: on
Autosave interval: 30 minutes
Autosave type: configuration file
System autosave time switch: off
Autosave time: 12:20:30
Autosave type: configuration file
Table 4-52 Description of the display autosave configuration command output
Item Description
System autosave interval switch State of the automatic save function.
Autosave interval Automatic save interval.
Autosave type Type of the file that is automatically
saved.
System autosave modified State of the function for automatically
configuration switch saving modified data.
System autosave time switch State of the function for saving
configuration data at the preset time.
Autosave time Automatic save time.
4.12.8 display current-configuration
Function
The display current-configuration command displays the currently running
configuration.
This command does not display parameters that use default settings.
Format
display current-configuration [ configuration [ configuration-type
[ configuration-instance ] related ] | controller [ interface-type [ interface-
number ] ] | interface [ interface-type [ interface-number ] ] ] [ feature feature-
name [ filter filter-expression ] | filter filter-expression ]
display current-configuration [ all | inactive | [ simple ] [ section section ] ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 390
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
configuration Specifies the The value is determined by
configuration-type configuration type. the current system
configurations. For example:
● system: system
configuration
● user-interface: user
interface configuration
● aaa: AAA configuration
● vpn-instance: VPN instance
configuration
● ...
configuration- Specifies a configuration The value is a string of 1 to
instance instance. 80 case-insensitive characters
without spaces.
controller [ interface- Specifies a controller -
type [ interface- interface, for example, E1
number ] ] control interface.
interface [ interface- Specifies an interface -
type [ interface- type.
number ] ]
feature feature-name Specifies the -
configuration information
about the specified
feature.
filter filter-expression Displays the The value is a string of 1 to
configuration information 255 case-insensitive
that matches a regular characters.
expression.
all Displays all the -
configuration
information.
inactive Displays the offline -
configuration
information.
simple Displays the current -
simple configuration.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 391
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
section section Specifies the The value is a string of 1 to
configurations to be 79 case-insensitive characters
obtained based on types. without spaces.
Views
All views
Default Level
3: Management level
Usage Guidelines
To check whether the configured parameters take effect, run the display current-
configuration command. The parameters that do not take effect are not
displayed.
The command output is relevant to user configuration. The command does not
display the default configuration.
You can use a regular expression to filter the command output. For the regular
expression rules, see "Filtering Command Outputs" in the NetEngine AR
Configuration Guide - Basic Configuration.
If the configuration is in the offline state, the offline configuration is marked with
* in the display current-configuration all and display current-configuration
inactive command output.
Example
# Display all configurations that include vlan.
<Huawei> display current-configuration | include vlan
vlan batch 10 77 88
port trunk allow-pass vlan 10
4.12.9 display factory-configuration
Function
The display factory-configuration command displays the factory configuration of
the device.
Format
display factory-configuration
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 392
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run this command to view the factory configuration of the device,
including the HTTP and HTTPS server status, PKI domain name, SSL policy name
and type, authorization scheme, accounting scheme, authentication mode, user
priority, and allowed access type.
You can configure required basic information as the factory configuration and do
not need to configure the basic information after restoring the factory
configuration.
NOTE
Factory settings of different devices may be different.
The default cipher suite supported by the default SSL policy does not contain
rsa_aes_128_cbc_sha.
Example
# Display the factory configuration of the Router.
<Huawei> display factory-configuration
#
vlan 1
#
dhcp enable
#
http secure-server ssl-policy default_policy
http secure-server enable
http server permit interface GigabitEthernet0/0/0 Wlan-Radio 0/0/0
#
ssl policy default_policy type server
pki-realm default
version tls1.2
ciphersuite rsa_aes_128_sha256 rsa_aes_256_sha256 rsa_aes_128_cbc_sha ecdhe_rsa_aes128_gcm_sha256
ecdhe_rsa_aes256_gcm_sha384
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
local-aaa-user password policy administrator
domain default
domain default_admin
local-user admin password irreversible-cipher $1a$l/ee<QKJ`1$aPb2.&;1m0F.R-CHp_};.,#v)1A_gH=rau~tev,#$
local-user admin privilege level 15
local-user admin service-type terminal http
#
interface Vlanif1
ip address 192.168.1.1 255.255.255.0
dhcp select interface
#
snmp-agent trap enable
#
user-interface con 0
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 393
NetEngine AR
Command Reference 4 Basic Configurations Commands
authentication-mode aaa
user privilege level 15
#
user-interface vty 0
authentication-mode aaa
user privilege level 15
#
return
4.12.10 display factory-configuration operate-mode
Function
The display factory-configuration operate-mode command displays the
operation performed when the factory configuration is restored.
Format
display factory-configuration operate-mode
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run the display factory-configuration operate-mode command to check
the operation performed when the factory configuration is restored.
Example
# Display the operation performed when the factory configuration is restored.
<Huawei> display factory-configuration operate-mode
OperaMode Reserved.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 394
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-53 Description of the display factory-configuration operate-mode
command output
Item Description
OperaMode Operation performed on the original
factory configuration when the new factory
configuration is restored.
● Delete: deletes the original factory
configuration.
● Reserved: reserves the original factory
configuration.
● Delete user config: deletes all user
configuration files including the files
that are automatically generated by the
system after the factory configuration is
restored.
4.12.11 display reset-reason
Function
The display reset-reason command displays the reset reasons of cards.
Format
display reset-reason [ slot slot-id ]
Parameters
Parameter Description Value
slot slot-id Specifies the slot ID of a The value is an integer
board. and is dependent on the
specific device.
Views
All views
Default Level
3: Management level
Usage Guidelines
You can run the display reset-reason command to view the reset reasons of cards
for fault location. When no slot ID is specified, the display reset-reason command
output displays reset reasons of all cards.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 395
NetEngine AR
Command Reference 4 Basic Configurations Commands
Precautions
Currently, the reset reasons of all LPUs are stored in the same storage space. The
storage space can store a maximum of 200 reset reasons. When the number of
reset reasons exceeds 200, new reset reasons will overwrite the earliest ones. Each
LPU can display the latest 10 reset reasons.
Example
# Display reset reasons of all cards.
<Huawei> display reset-reason
The LPU frame[0] board[1]'s reset total 10, detailed information:
-- 1. 03/10 10:58:08, Reset No.: 10
Reason: Reset by user command
-- 2. 03/10 10:31:02, Reset No.: 9
Reason: Reset by user command
-- 3. 03/08 15:27:39, Reset No.: 8
Reason: Reset by user command
-- 4. 03/07 15:43:28, Reset No.: 7
Reason: Reset by user command
-- 5. 03/06 17:11:21, Reset No.: 6
Reason: Reset by user command
-- 6. 03/06 12:04:46, Reset No.: 5
Reason: Reset by user command
-- 7. 03/06 11:25:46, Reset No.: 4
Reason: Reset by user command
-- 8. 03/05 18:49:12, Reset No.: 3
Reason: Reset by user command
-- 9. 03/05 11:31:18, Reset No.: 2
Reason: Reset by user command
-- 10. 03/04 22:09:33, Reset No.: 1
Reason: A link fault fails to be rectified.
The LPU frame[0] board[2] has no reset records.
The LPU frame[0] board[3] has no reset records.
The LPU frame[0] board[4] has no reset records.
The LPU frame[0] board[5] has no reset records
The LPU frame[0] board[6] has no reset records.
The LPU frame[0] board[7] has no reset records.
The LPU frame[0] board[8] has no reset records.
The LPU frame[0] board[9] has no reset records.
The LPU frame[0] board[10] has no reset records.
The MPU frame[0] board[13] has no reset records.
The MPU frame[0] board[14]'s reset total 10, detailed information:
-- 1. 03/10 10:58:12, Reset No.: 10
Reason: Reset by user command
-- 2. 03/10 10:31:21, Reset No.: 9
Reason: Reset by user command
-- 3. 03/08 15:28:15, Reset No.: 8
Reason: Reset by user command
-- 4. 03/07 15:43:46, Reset No.: 7
Reason: Reset by user command
-- 5. 03/06 17:11:53, Reset No.: 6
Reason: Reset by user command
-- 6. 03/06 12:05:05, Reset No.: 5
Reason: Reset by user command
-- 7. 03/06 11:25:51, Reset No.: 4
Reason: Reset by user command
-- 8. 03/05 18:49:22, Reset No.: 3
Reason: Reset by user command
-- 9. 03/05 11:31:39, Reset No.: 2
Reason: Reset by user command
-- 10. 02/29 18:33:41, Reset No.: 1
Reason: Reset by user command
# Displays the reset reason for a specific card.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 396
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> display reset-reason slot 1
The LPU frame[0] board[1]'s reset total 10, detailed information:
-- 1. 03/10 10:58:08, Reset No.: 10
Reason: Reset by user command
-- 2. 03/10 10:31:02, Reset No.: 9
Reason: Reset by user command
-- 3. 03/08 15:27:39, Reset No.: 8
Reason: Reset by user command
-- 4. 03/07 15:43:28, Reset No.: 7
Reason: Reset by user command
-- 5. 03/06 17:11:21, Reset No.: 6
Reason: Reset by user command
-- 6. 03/06 12:04:46, Reset No.: 5
Reason: Reset by user command
-- 7. 03/06 11:25:46, Reset No.: 4
Reason: Reset by user command
-- 8. 03/05 18:49:12, Reset No.: 3
Reason: Reset by user command
-- 9. 03/05 11:31:18, Reset No.: 2
Reason: Reset by user command
-- 10. 03/04 22:09:33, Reset No.: 1
Reason: A link fault fails to be rectified.
Table 4-54 Description of the display reset-reason command output
Item Description
LPU Line Processing Unit.
frame Frame ID of a card.
board Slot ID of a card.
reset total Number of times a card was reset.
detailed information Detailed information about card resets.
Reset No. Number of a reset.
Reason Reason for a reset.
MPU Main Processing Unit.
Table 4-55 lists the common reset reasons displayed in the display reset-reason
command output and troubleshooting methods.
Table 4-55 Reset reasons and troubleshooting methods
Reset Reason Solution
User operations Reset by user A user reset the Check whether
command device by pressing any user with the
the reset button, reset privilege
Power off by user using a command, reset the device.
command or through the
web system.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 397
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
VRP HA Module
reset board,
maybe use slave
restart command
Reset for master
to slave
VRP reset
selfboard because
of command
The LPU has been
removed
Reset for board
pull out
Reset board for
Peer frame is in
CSS force master
status
Reset board by
vrp cmd
Reset Slave board
by Master board
Reset by autostart
Reset by snmp
mib
Reset by MANO
inject config
Reset by app
The device may
be reset due to
power-off
Reason: Reset by
pressing the
power button for
a long while
Reset device by ac
Reset by timing
shutdown device
Reset by SMS
config
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 398
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset board by
snmp
Reset board by
vrp schedule
Reset by user
schedule
Reset selfboard by
UMS
Reset by
autoconfig
VRP reset The VRP platform Contact technical
selfboard by reset the card support.
HSB_ResetSelfBoa through
rd, no specified HSB_ResetSelfBoa
reason rd, and the reason
was not specified.
The demo time of The temporary Obtain a license
license is overtime license loaded on from Huawei.
the card expired.
System loading Reset for load During a software This is a normal
upgrade, an LPU reset and requires
was reset after no action.
the system
software was
loaded.
System initialized, All cards were
and reset all reset due to
system
initialization.
Reset for lpu The resource
resource-mode mode configured
disaccord with on the LPU did
mpu not match that of
the active MPU.
Reset board for Active and
not support standby
switchover switchovers were
not supported.
Reset OSP card The GRUB and
for upgrading its BIOS of the
boot daughter card
were upgraded.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 399
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Board reset to The card was
remount HDD reset to be
mounted to the
hard disk again.
Reboot by USB An automatic
upgrade upgrade was
performed.
Reset by SMS The device was
autodeploy reset during SMS-
based
deployment.
Press the reboot The reset button
button was pressed.
Reset for check The system Contact technical
system software software package support.
fail failed signature
verification.
Reset slave board The standby MPU Contact technical
for version match was reset for a support.
fail version match
failure.
Reset slave board The standby MPU This is a normal
for version match was reset for a reset and requires
success successful version no action.
match.
Reset board for The version failed Contact technical
synchronization to be support.
version from synchronized from
master failed the active MPU.
Reset for The status of an If the LPU
initializing the LPU was configuration was
board's status by initialized after an not restored after
IFNET active/standby a switchover, the
switchover. LPU cannot
communicate
with other cards.
It is normal if the
LPU is working
properly after an
active/standby
switchover.
Reset board by Attributes failed Contact technical
update attribute to be updated. support.
fail
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 400
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset selfboard The EM357 was This is a normal
for local card init upgraded reset and requires
upgrade success successfully. no action.
Reset selfboard The EM357 failed Contact technical
for local card init to be upgraded. support.
upgrade fail
Reset OSP card The OSP daughter This is a normal
for upgrade card was reset and requires
upgraded. no action.
Reset OSP card The file download Contact technical
because of of the OSP support.
download timeout daughter card
or CRC in file timed out or the
error recorded CRC
value was
incorrect.
Reset slave board The memory size Check the
for memsize too of the standby memory size of
little MPU is smaller the standby MPU.
than that of the If its memory size
active MPU. is smaller than
that of the active
MPU, replace the
standby MPU.
Reset board after The card was This is a normal
syn version reset after version reset and requires
synchronization. no action.
Reset for slave Only one of two Install the same
board's card MPUs had a subcard on the
statement subcard (such as other MPU or
disaccord with an FSU) installed. remove the
master's current subcard to
ensure that the
two MPUs have
the same subcard
configuration.
Reset for hsp The HSP version This is a normal
version disaccord of an LPU was reset and requires
with mpu different from the no action.
package system software
version of the
active MPU.
Reset for patch Patches failed to It is normal if
get state fail be loaded. such resets occur
one or two times
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 401
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset for patch during a system
load file fail startup.
If such resets
Reset for patch
occurred multiple
synchronize file
times, contact
fail
technical support.
Reset for patch
state compare fail
Software VRP reset An infinite loop Check alarms and
exceptions selfboard because was detected. logs to locate the
of find deadloop fault.
Reset for An unknown Contact technical
unknown switch active/standby support.
cause switchover
occurred.
VRP reset The batch backup
selfboard because was not complete,
slave didn't finish and the active
Batch MPU did not
respond.
Reset for The card was
unknown reason reset due to an
unknown reason.
VRP reset A software
selfboard because exception was
of find exception detected.
VRP reset The VRP platform
selfboard because was in an
of Unexpected unexpected state.
Stat
Reset for cap The CAP process
deadloop entered an infinite
loop.
Reset for cap The CAP buffer
bufexhaust pool was
exhausted.
Reset for cap CAP self-
resources exhaust generated entries
are exhausted.
Reset for cap pko The CAP pko was
stop blocked.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 402
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset selfboard PV mismatch
because of PV occurred.
count nomatch
Reset selfboard by The card was
soft watchdog reset by the
software
watchdog.
Reset selfboard by The card was
hard watchdog reset by the
hardware
watchdog.
Reset board for The WLAN PCI
create wlan pci device failed to be
device fail created.
Reset for kernel A kernel exception
panic occurred.
Reset for salve to The standby MPU
master fail failed to become
the active MPU.
Reset for ack The ACK message
message lost was lost.
Reset for IPC IPC
channel failed communication
failed.
Reset selfboard The shared
because of memory size was
shortage insufficient.
namedmem
Reset selfboard A deadlock was
because of find detected.
deadlock
Reset for OOM OOM reset due to
insufficient
memory.
Reset for slave The standby MPU
message full was full of
messages.
Reset selfboard The AMI detected
for ami socket a socket error.
check err.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 403
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Board reset by The card was
OSPF for aging reset by the OSPF
LSA error protocol because
the card
incorrectly
initiated the
deletion of LSPs.
Reset slave board An active/standby
for switchover switchover
mode change occurred.
Reset by hard The card was
watch dog reset by the
hardware
watchdog.
Reset for wifi The Wi-Fi
feature fail function was
abnormal.
Reset by logic A logic error
fault occurred.
Reset for ddr A DDR multi-bit
multi bit error error occurred.
Reset for board The working
workmode switch mode of the card
succeed was successfully
switched.
Reset selfboard The VRP platform
for vrp not start was not started
ok in a long time for a long time.
VRP reset The memory was Check whether
selfboard because used up. the memory
of no memory usage is high.
Reset for memory Check alarms and
use out logs to locate the
fault.
Device Reset for no An LPU did not Check whether
management receiving mpu's receive heartbeat the card reset is
heart packets from the caused by bad
active MPU within installation.
40 seconds.
VRP HA Module The standby MPU
reset slave board is reset by the HA
module.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 404
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset for no heart The MPU did not
receive heartbeat
packets from an
LPU within 30
seconds.
Reset selfboard The active MPU This is a normal
for master to became the reset and requires
slave standby MPU. no action.
Reset by main The backup MPU
board update was reset when
the active MPU
was being
deployed.
Reset for not An LPU was Inter-card
receiving register registered 20 communication
ack from mpu times but did not failed. Check
receive whether the card
registration reset is caused by
response packets bad installation.
from the active
MPU.
Reset for state not Communication
stable between the
active MPU and
an LPU was
interrupted
intermittently.
Reset selfboard MBUS
for MBUS communication
communications was abnormal.
fail
Cold reset board The card was not
for no register in registered for a
a long time long time and
was cold reset.
Warm reset board An LPU failed to
for no register in register in 30
a long time minutes.
Warm reset board The active MPU
for no receiving did not receive
message in a long any packet from
time an LPU within 10
minutes.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 405
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Cold reset board The active MPU
for no receiving did not receive
message in a long any packet from
time an LPU within 20
minutes.
Reset for lpu get An LPU failed to
version fail obtain version
information.
Reset for lpu Comparing the
compare version versions of LPUs
timeout failed.
Reset for lpu The versions of
version disaccord the active MPU
with mpu and an LPU were
inconsistent.
Reset for lpu The system MAC
system mac addresses of the
disaccord with active MPU and
mpu an LPU were
inconsistent.
Cold reset board The active MPU
for CPU is not detected that the
active CPU of an LPU
did not work.
Reset for issu fast An LPU was fast This is a normal
reset lpu reset for ISSU. reset and requires
no action.
Reset for issu An LPU was
common reset lpu commonly reset
for ISSU.
Reset for issu fast An LPU failed to Contact technical
reset lpu fail fast reset for ISSU. support.
Reset slave board The active and This is a normal
for board type standby MPUs reset and requires
match fail were of different no action.
types.
Reset by update The VLAN range
vlan rang of an LPU was
updated.
Power off the A card was The card will be
board because of powered off powered off for
reset three times because it was reset after three
continuously reset three times warm start
during a startup. failures.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 406
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset by evpn EVPN upgrade This is a normal
upgrade occurred. reset and requires
no action.
Reset for the MPU The MPU was
board is pullout removed.
Lpu can not get An LPU cannot Contact technical
system time obtain the system support.
time.
The card on mpu A subcard on the This is a normal
board pulled out MPU was reset and requires
removed. no action.
Reset for load life The lifecycle
timeout expired.
Reset selfboard NQA failed to
for NQA track 3G detect the 3G link,
failure and the device
was reset to
rectify the fault.
Reset for The MPU received Check alarms and
unregister but heartbeat packets logs to locate the
receive heartbeat from an fault.
info unregistered card.
Reset for slave to On the master This is a normal
master in master chassis, the reset and requires
frame, but self is standby MPU no action.
not register became the active
MPU and the card
was not
registered.
Reset for slave to On the backup
master in slave chassis, the
frame, but self is standby MPU
not register became the active
MPU and the card
was not
registered.
Reset board for The chassis failed Contact technical
frame register fail to be registered, support.
and the local card
was reset.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 407
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset LPU for An LPU failed to
failing to send send
capacity to MPU specifications to
in a long time the active MPU
for a long time
and was reset.
Reset for mpu The active MPU This is a normal
reset lpu by ipc delivered IPC reset and requires
msg messages to reset no action.
the LPU.
Malloc memory The memory
for POE slot fail failed to be
allocated for
saving PoE slot
power
information.
Reset for slave The active and Check the types
board class standby MPUs of the active and
disaccord with were of different standby MPUs
mpu types. and replace one
of them to ensure
that the device
uses MPUs of the
same type.
Reset for lpu or The startup If the standby
slave version version of the MPU is reset,
disaccord with card differs from check the versions
mpu that of the MPU. of the active and
standby MPUs. If
the two MPUs run
V100R002 and
V100R003
respectively, the
standby MPU will
be reset because
the two versions
do not support
automatic
synchronization.
If the reset card is
an LPU, contact
technical support.
Reset for malloc MOD allocation Contact technical
mod failed failed. support.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 408
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Check mod MOD information
information fail failed to be
checked.
Reset for one The card was not
frame register, but registered during
the board is not chassis
register registration.
Reset for no The VASP card is
receiving master reset because the
cpu's heart main core in its
CPU does not
receive heartbeat
packets from the
sub-core in 60
seconds.
Hardware Reset for selftest The card self- If the component
components fail check failed. self-check fails,
remove and insert
Reset for CPLD CPLD self-check the card or
self-test fail failed. change the slot. If
Reset selfboard The FSU failed to the fault persists,
because of be initialized. the card is faulty.
initialize fsu fail
reset for fpga FPGA load failed.
load failed
Reset for fpga in The FPGA status
abnormal state was abnormal.
Reset for An error occurred
lanswitch chip during LSW circuit
parity error parity check.
Reset for FSU card The FSU does not Replace the FSU
type mismatch match the chassis. with a matching
one. If the fault
persists, contact
technical support.
Reset for sfu type The SFU type Replace the SFU
disaccord with does not match with a matching
chassis the chassis. one. If the fault
persists, contact
technical support.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 409
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Board reset by An error occurred It is normal if
ISIS for purging during deletion of such resets occur
LSP error LSPs. one or two times
during a system
startup.
If such resets
occurred multiple
times, contact
technical support.
Reset for bsp The memory If the component
memory disaccord configured for the self-check fails,
with vfp BSP was remove and insert
inconsistent with the card or
that of the VFP. change the slot. If
the fault persists,
Reset for JTAG load the card is faulty.
upgrading board occurred.
by JTAG
Np initialize NP startup failed.
failed.
Reset selfboard A hardware
for hardware failure occurred.
failure
Startup np NP startup timed
overtime. out.
Reset for fsu state The FSU state Contact technical
change changed. support.
Reset for cfcard The CF card was
storage exception abnormal.
Reset for np pcie An NP PCIe fault
fault occurred.
NOTE
This reset cause is
supported in
V300R021C00SPC2
00 and earlier
versions.
Device self- Reset selfboard The ECM channel Contact technical
healing for ecm channel was faulty. support.
switch
Reset for normal The factory
factory setting were
configuration restored and the
EVM was reset
normally.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 410
NetEngine AR
Command Reference 4 Basic Configurations Commands
Reset Reason Solution
Reset for The card was
dangerous reset due to high
temperature temperature.
Reset for slave The secondary
core thread core thread was
exception abnormal.
Reset for high cpu The CPU usage
usage was too high.
Reset by ac The device was
disconnect disconnected from
the controller.
Reset by insert A hard disk was
harddisk inserted.
Reset for 3G/LTE The 3G or LTE
not present module was not
detected.
Reset by Configurations
configuration were damaged
damage and rolled back.
Reset by unable The device could
to register AC for not register with
a long time the controller for
a long time, and
the configurations
were rolled back.
Reset by unable The device could
to register AC not register with
maybe due to the controller
modify because the
configuration configuration was
modified.
Reset for np tm The card was
fault reset due to
hardware TM self-
healing.
NOTE
This reset reason is
supported in
V300R021C10 and
later versions.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 411
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.12 display saved-configuration
Function
The display saved-configuration command displays the configuration file to be
used for the next startup.
Format
display saved-configuration [ last | time ]
Parameters
Parameter Description Value
last Displays the system configurations saved last time. -
time Displays the recent time when the configurations are saved -
manually or automatically.
Views
All views
Default Level
3: Management level
Usage Guidelines
If the device has been started and is not working properly, run the display saved-
configuration command to check the device startup configuration in the file
specified by running the startup saved-configuration command.
Run the display saved-configuration last command to check the system
configurations saved last time in the configuration file loaded during the current
startup.
Run the display saved-configuration time command to check the last time when
the system configurations are saved.
The command output is relevant to user configuration. The command does not
display the default configuration.
Example
# Display the configuration file for the next startup.
<Huawei> display saved-configuration
[V300R021]
#
sysname Router
...
#
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 412
NetEngine AR
Command Reference 4 Basic Configurations Commands
interface GigabitEthernet0/0/0
ip address 192.168.200.182 255.255.255.0
...
#
user-interface maximum-vty 15
user-interface con 0
user-interface vty 0 14
idle-timeout 0 0
#
return
4.12.13 display schedule reboot
Function
The display schedule reboot command displays the configuration of the
scheduled restart of the device.
Format
display schedule reboot
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
After using the schedule reboot command to configure a scheduled restart, you
can use this command to view the configuration of the scheduled restart.
Example
# Display the configuration of the scheduled restart of the device.
<Huawei> display schedule reboot
Info:System will reboot at 22:00:00 2013/09/17 (in 1 hours and 43 minutes).
Table 4-56 Description of the display schedule reboot command output
Item Description
System will reboot at Specific restart time.
in hours and minutes Time span between the restart time and the current
time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 413
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.14 display snmp-agent trap feature-name configuration
all
Function
The display snmp-agent trap feature-name configuration all command displays
all trap messages of the Configuration module.
Format
display snmp-agent trap feature-name configuration all
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
After the alarm function is enabled, the display snmp-agent trap feature-name
configuration all command can be used to display the status of all alarms about
configuration management.
Example
# Display all trap messages of the configuration module.
<Huawei> display snmp-agent trap feature-name configuration all
------------------------------------------------------------------------------
Feature name: CONFIGURATION
Trap number : 1
------------------------------------------------------------------------------
Trap name Default switch status Current switch status
hwCfgManEventlog off on
Table 4-57 Description of the display snmp-agent trap feature-name
configuration all command output
Item Description
Feature name Name of the module to which a trap message
belongs.
Trap number Number of trap messages.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 414
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Trap name Name of a trap message of the Configuration module.
hwCfgManEventlog: Trap message generated when
the system configuration event is changed.
Default switch status Default status of the trap function:
● on: indicates that the trap function is enabled.
● off: indicates that the trap function is disabled.
Current switch status Current status of the trap function:
● on: indicates that the trap function is enabled.
● off: indicates that the trap function is disabled.
4.12.15 display startup
Function
The display startup command displays the system software for the current and
next startup, backup system software, configuration file, license file, and patch file,
as well as voice file.
Format
display startup
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
Usage Scenario
Before upgrading or degrading a device, run this command to check whether the
files for next startup have been loaded. If the files have been loaded, the device
can be upgraded or degraded successfully after it is restarted. You can also run the
command to view the system software and files for current startup.
Precautions
Run this command to check whether the backup system software exists. If the
backup system software and current startup system software are in the same
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 415
NetEngine AR
Command Reference 4 Basic Configurations Commands
storage device, save backup system software in another storage device to ensure
that the system can still restart when the storage device is damaged.
Example
# Display the names of system software for current and next startup.
<Huawei> display startup
MainBoard:
Startup system software: flash:/basicsoftware.cc
Next startup system software: flash:/basicsoftware.cc
Backup system software for next startup: null
Startup saved-configuration file: flash:/vrpcfg.zip
Next startup saved-configuration file: flash:/vrpcfg.zip
Startup license file: null
Next startup license file: null
Startup patch package: null
Next startup patch package: null
Startup voice-files: null
Next startup voice-files: null
Table 4-58 Description of the display startup command output
Item Description
MainBoard Master main control board.
SlaveBoard Slave main control board.
Startup system software System software that is used in the
current startup.
Next startup system software System software that is configured for
the next startup by running the startup
system-software command.
If no system software for the next
startup is configured, the system
software used in the current startup is
displayed.
Backup system software for next Backup system software that is
startup configured for the next startup by
running the startup system-software
backup command.
null indicates that no backup system
software exists on the device.
Startup saved-configuration file Configuration file that is used in the
current startup.
Next startup saved-configuration file Configuration file that is configured for
the next startup by running the startup
saved-configuration command.
If no configuration file for the next
startup is configured, the configuration
file used in the current startup is
displayed.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 416
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Startup license file License file that is used in the current
startup.
null indicates that no license file is
specified or the license file does not take
effect.
Next startup license file License file that is configured for the
next startup.
If no license file is configured, null is
displayed.
Startup patch package Patch package file that is used in the
current startup.
null indicates that no patch package file
is specified or the patch package file
does not take effect.
Next startup patch package Patch package file that is configured for
the next startup by running the startup
patch command.
If no patch package file is configured,
NULL is displayed.
Startup voice-files Voice file used in current startup.
null indicates no voice file is specified.
Next startup voice-files Voice file used in next startup.
null indicates no voice file is specified.
4.12.16 display system
Function
The display system command displays the MD5 or SHA256 value of a file.
Format
display system { file-md5 | file-sha256 } filename
Parameters
Parameter Description Value
file-md5 Specifies the MD5 encryption mode. -
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 417
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
file-sha256 Specifies the SHA256 encryption -
mode.
filename Specifies the name of the file whose The value is a string of 1 to
MD5 or SHA256 value needs to be 64 case-sensitive characters
calculated. without spaces.
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After downloading a file from the server to the device, you can check whether the
file is damaged during the download process, for example, whether the file is
completely downloaded. You can use a piece of third-party software (for example,
HashMyFiles) on the server to calculate the MD5 or SHA256 value of the file, run
the display system command on the device to calculate the MD5 or SHA256
value of the downloaded file, and compare the two values calculated on the
server and device. If the two values are the same, the file is not damaged. If the
two values are different, the file is damaged, and you need to download the file
again.
Precautions
If the size of a file exceeds 200 MB, the device displays the output of the display
system command after a period of time. Wait until the command output is
displayed.
Example
# Display the MD5 value of the file arxx00.cc
<Huawei> system-view
[Huawei] display system file-md5 arxx00.cc
File Name:
arxx00.cc
MD5:
06d12eb350e428605e062a4392455dec
# Display the SHA256 value of the file arxx00.cc
<Huawei> system-view
[Huawei] display system file-sha256 arxx00.cc
File Name:
arxx00.cc
SHA256:
f6910519ab03ef1ecddd7db42784a28c8f32325f98866689df5431f94519165e
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 418
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-59 Description of the display system command output
Item Description
File Name Name of the file whose MD5 or
SHA256 value needs to be calculated.
MD5 MD5 value of the file.
SHA256 SHA256 value of the file.
4.12.17 factory-configuration prohibit
Function
The factory-configuration prohibit command disables the function of restoring
the factory settings of a device by holding down reset.
The undo factory-configuration prohibit command enables the function of
restoring the factory settings of a device by holding down reset.
By default, you can hold down reset to restore the factory configuration.
Format
factory-configuration prohibit
undo factory-configuration prohibit
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
If you hold down reset on a device for more than 5 seconds, the device restarts
with the factory settings and all user-defined configurations are lost after the
restart. To retain user-defined configurations after you hold down reset, run the
factory-configuration prohibit command to disable this function.
If you want to restore the factory settings of a device by holding down reset, run
the undo factory-configuration prohibit command to enable this function.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 419
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Disable the function of restoring the factory configuration of a device by
holding down reset.
<Huawei> system-view
[Huawei] factory-configuration prohibit
4.12.18 factory-configuration reset
Function
The factory-configuration reset command configures the device to restore
factory settings after restart.
Format
factory-configuration reset
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If incorrect configurations cause exceptions of functions, run the factory-
configuration reset command to configure the device to restore factory settings
after restart.
Precautions
If the configuration file is not specified for factory settings, the device uses default
configuration parameters for initialization after the factory-configuration reset
command is executed.
Example
# Configure the device to restore factory settings after restart.
<Huawei> factory-configuration reset
Warning: It will clean the configuration which you have saved. If you have set the factory-configuration by
hand, it will start from the modified factory-configuration, else it will start from the original one, when you
restart the device.
Continue? [y/n]:y
Info: Successfully set factory config!
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 420
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.19 reboot
Function
The reboot command restarts the device.
Format
reboot [ fast ]
Parameters
Parameter Description Value
fast Fast restarts the device. In fast restart mode, the -
configuration file is not saved.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
This command functions in the same way as a power recycle operation (power off
and then restart the device). The command enables you to restart the device
remotely.
● After the reboot command is run, the system displays a message asking you
whether to save the configuration before restarting
● When the reboot fast command is run, the system restart quickly without
displaying any message and the configuration is lost.
Precautions
● If you do not respond to the displayed message within the timeout period
after running this command, the system will return to the user view and the
device will not be restarted.
● This command interrupts services on the entire device. Therefore, do not use
this command when the device is running properly.
● Before restarting the device, ensure that the configuration file has been saved.
Example
# Restart the device.
<Huawei> reboot
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 421
NetEngine AR
Command Reference 4 Basic Configurations Commands
# Restart the device quickly.
<Huawei> reboot fast
4.12.20 reset saved-configuration
Function
The reset saved-configuration command clears the next startup configuration
file and cancels the configuration file used for next startup.
Format
reset saved-configuration
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
● If the configuration file on the device is incompatible with the upgraded
software, run the reset saved-configuration command to clear the
configuration file and run the startup saved-configuration command to
specify a new configuration file.
● If the device in use is applied to another scenario and the original
configuration file of the device does not meet requirements in the scenario,
run the reset saved-configuration command to clear the existing
configuration file and restart the device to restore its factory configurations.
Precautions
● After you run the reset saved-configuration command, the next startup
configuration file is cleared and the file is not used for next startup. If the
current startup configuration file is the same as the next startup configuration
file, the current startup configuration file is also cleared.
● If you do not use the startup saved-configuration command to specify a
new configuration file containing correct configurations or do not save the
configuration file after running the reset saved-configuration command, the
device uses factory configurations for startup. If the device does not have
factory configurations, it uses default configurations for startup.
● If the next startup configuration file is empty, the device displays a message
indicating that the file does not exist.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 422
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Exercise caution when you run the reset saved-configuration command.
● When the device is connected to the controller and the controller delivers
configurations to the device, the device saves the configurations in the file
startup.rdb. After the device is powered off and restarted, you can restore the
configurations delivered by the controller using the file startup.rdb. After the
reset saved-configuration command is executed, the device clears the saved
startup.rdb file after the next restart. If the device is offline after the restart,
the service configurations delivered by the controller cannot be restored. You
need to register the device with the controller again and deliver the
configurations through the controller. If the device can be connected to the
controller, you can deliver service configurations to the device through the
controller. Use this command with caution.
Example
# Clear the next startup configuration file in the storage device and cancel the
configuration file used for next startup.
<Huawei> reset saved-configuration
This will delete the configuration in the flash memory.
The device configurations will be erased to reconfigure.
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.
4.12.21 save
Function
The save command saves the configurations to the default directory.
Format
save [ all ] [ configuration-file ]
Parameters
Parameter Description Value
all Indicates that all configurations -
are saved, including the
configurations of the boards that
are not running.
configuration-file Specifies the name of a The value is a string of 5
configuration file. to 64 case-insensitive
characters without
spaces.
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 423
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
You can run commands to modify the current configuration of the device, but the
modified configuration will be lost after the device restarts. To enable the new
configuration to take effect after a restart, save the current configuration in the
configuration file before restarting the device.
When a series of configurations are complete and take effect, you must save the
current configuration file to the storage device.
The save configuration-file command saves the current configuration to a specific
file on the storage device. Generally, running the save configuration-file command
does not affect the current startup configuration file. If the configuration file
specified by configuration-file has the same name with the current configuration
file and the default directory is used, running the save configuration-file
command is equivalent to running the save command.
Run the save all command to save all the current configurations, including the
configurations of the boards that are not running, to the default directory.
The save all configuration-file command saves the current configuration to a
specific file on the storage device. Generally, running the save all configuration-
file command does not affect the current startup configuration file. If the
configuration file specified by configuration-file has the same name with the
current configuration file and the default directory is used, running the save all
configuration-file command is equivalent to running the save all command.
If you do not specify configuration-file when saving the configuration file for the
first time, the system asks you whether to save the configuration file as
vrpcfg.zip.
Precautions
● If the configuration file to be saved using this command has the same name
with the existing configuration file, the existing configuration file is rewritten.
● If the current configuration is saved to the default directory, the maximum
length of the relative path of the configuration-file is 64 bytes. If the
configuration file is used as the factory configuration file or the configuration
file for the next startup, the maximum length of the relative path of the
configuration-file is 64 bytes minus the length of the default storage name.
● The configuration file name extension must be .zip or .cfg.
– .cfg: The file is saved in plain text mode. After the file is specified as the
configuration file, all commands in the file are recovered one by one
during startup.
– .zip: The .cfg file is compressed to a .zip file that occupies less space. After
being specified as the configuration file, the .zip file is decompressed to
the .cfg file and all commands in the .cfg file are recovered one by one
during startup.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 424
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Exercise caution when you run the save command if a device is connected to
the Agile Controller. Once the save command conflicts with the configuration
of the Agile Controller, the configuration of the Agile Controller becomes
invalid.
Example
# Save the current configuration file to the default directory.
<Huawei> save
Warning: The current configuration will be written to the device.
Are you sure to continue? (y/n):y
It will take several minutes to save configuration file, please wait........
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
4.12.22 schedule reboot
Function
The schedule reboot command configures the scheduled restart of a device and
set the specific time when the device restarts or the delay time before the device
restarts.
The undo schedule reboot command disables the scheduled restart function.
By default, the scheduled restart is disabled.
Format
schedule reboot { at time | delay interval }
undo schedule reboot
Parameters
Parameter Description Value
at time Specifies the The format of time is hh:mm YYYY-MM-DD. The
device restart restart time must be later than the current
time. device time by less than 720 hours. YYYY-MM-
DD indicates year, month, and date and is
optional.
● hh indicates hour and the value ranges from 0
to 23.
● mm indicates minute and the value ranges
from 0 to 59.
● YYYY indicates year and the value ranges from
2000 to 2099.
● MM indicates month and the value ranges
from 1 to 12.
● DD indicates date and the value ranges from
1 to 31.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 425
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
delay Specifies the The format of interval is hh:mm or mm. The
interval delay time delay time must be no more than 720 hours.
before the
device restarts. ● In hh:mm, hh indicates hour and the value
ranges from 0 to 720 and mm indicates
minute and the value ranges from 0 to 59.
● mm indicates minute and the value ranges
from 0 to 43200.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When upgrading or restarting the device, you can configure the device to restart
at time when few services are running to minimize the impact on services.
Precautions
● If a specific date is set in the schedule reboot command and the date is a
future date, the device will be restarted at the specified time and there may
be a time difference within 1 minute. If no date is set, two situations may
occur: If the specified time is later than the current time, the device is
restarted at the specified time of the day. If the specified time is earlier than
the current time, the device is restarted at the specified time of the next day.
● When at time or delay interval is used, the time difference between the
specified date and the current date cannot be greater than 720 hours. If the
scheduled restart has been configured, the latest configuration overrides the
previous one.
● The scheduled restart function becomes invalid when you use the clock
datetime command to set the system time to over 10 minutes later than the
restart time set by the schedule reboot command. If the time difference is
equal to or less than ten minutes, the device immediately restarts and does
not save the configuration.
● This command restarts the device at the specified time, interrupting all
services on the device. Therefore, do not use this command when the device is
running properly.
● Before restarting the device, ensure that the configuration file has been saved.
Example
# Configure the device to restart at 22:00.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 426
NetEngine AR
Command Reference 4 Basic Configurations Commands
<Huawei> schedule reboot at 22:00
Info:Reboot system at 22:00:00 2012/07/25(in 10 hours and 10 minutes) confirm?[Y
/N]:y
4.12.23 set factory-configuration
Function
The set factory-configuration command configures the current configuration,
existing configuration file, or default factory settings as the factory configuration.
Format
set factory-configuration from { current-configuration | filename | default }
Parameters
Parameter Description Value
current- Specifies the current -
configuration configuration.
filename Specifies a configuration file The value is a string
name. of 5 to 64 case-
NOTE insensitive characters
Local configuration files with file without spaces, in the
name extension .cfg and .zip are format of [ drive-
supported. name ] [ file-name ].
If drive-name is not
specified, the value is
the default storage
medium name. The
maximum length of
the entered file-name
is 64 minus the
default storage
medium name.
NOTE
If the length of the
entered filename is
greater than 64, the
system displays the
following information:
Error: The file name
length is too long!
default Specifies default factory settings. -
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 427
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If you need to change the factory configuration based on requirements, an
unknown problem occurs on the device, or the device operations are slow or
unstable after the device has been running for a long time, you can run the set
factory-configuration command to specify a new factory configuration.
Follow-up Procedure
After running the set factory-configuration command to specify a new factory
configuration, you can hold down the Reset button at least 5s to restore the
factory configuration.
Precautions
The new configuration file is not greater than 100 KB. If the file is over 100 KB,
the system fails to specify new factory configuration and displays the following
information:
Error: Local file is too large!
After the set factory-configuration command is used, new factory configuration
overrides the previous one.
Use the function that restores the factory configuration with caution. The user-
defined configuration will be lost when you restore factory configuration.
NOTICE
Hold down the RESET button for more than 5s to restart the device. The device
will use the new factory configuration after it restarts.
Press the RESET button to restart the device. The configuration is the latest one.
Example
# Override the factory configuration with the current configuration.
<Huawei> set factory-configuration from current-configuration
Warning: The current factory configuration will be replaced, and it's irreversible. Are you sure to set the
factory configuration?[Y/N]:y
Info: Successfully set factory config!
# Override the factory configuration overrides the specified configuration.
<Huawei> set factory-configuration from factory.cfg
Warning: The current factory configuration will be replaced, and it's irreversible. Are you sure to set the
factory configuration?[Y/N]:y
Info: Successfully set factory config!
# Override the factory configuration with default factory settings.
<Huawei> set factory-configuration from default
Warning: The current factory configuration will be replaced, and it's irreversible. Are you sure to set the
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 428
NetEngine AR
Command Reference 4 Basic Configurations Commands
factory configuration?[Y/N]:y
Info: Successfully set factory config!
4.12.24 set factory-configuration operate-mode
Function
The set factory-configuration operate-mode command sets the method for
restoring the factory configuration.
By default, the system reserves the previous configuration file when restoring the
factory configuration.
Format
set factory-configuration operate-mode { reserve-configuration | delete-
configuration | delete-user-configuration }
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support the delete-
user-configuration parameter.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121E-S, AR6121-S, AR6121EC-S, and
AR6121C-S support the delete-user-configuration parameter.
Only the AR-10 supports the delete-user-configuration parameter.
Parameters
Parameter Description Value
reserve- Reserves current configuration -
configuration file after factory settings are
restored.
delete- Deletes current configuration file -
configuration after factory settings are
restored.
delete-user- Delete all user configuration files -
configuration including the files that are
automatically generated by the
system after the factory
configuration is restored.
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 429
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
When you use the set factory-configuration command to specify factory settings,
run the set factory-configuration operate-mode delete-configuration
command to specify the operation as delete-configuration for restoring factory
settings. This prevents user information leak when the device is lost.
Follow-up Procedure
Run the set factory-configuration operate-mode delete-user-configuration
command to delete all user configuration files and restart the device for restoring
the factory configuration.
● Run the undo bootloader startup menu enable command to hide the Boot
main menu and restart the device. Press Ctrl+B to enter the Boot main menu
as prompted, select Password Manager to enter the password management
page. Enter Y as prompted, and then restart the device. All user configuration
files are deleted and the default factory configuration is restored during the
device startup.
● You can also press and hold down the RESET button for more than 5 seconds.
When the device restarts, all files configured by the users are deleted and the
device restores to the factory defaults.
● You can also restart the device and press Ctrl+B as prompted to enter the
BootLoader main menu. On the displayed page, select 6 to enter the
Password manager subnet menu, and select 4 to enter the Factory config
recovery menu to restore the factory defaults. When the device restarts, all
files configured by the users are deleted and the device restores to the factory
defaults.
● You can also run the factory-configuration reset command to restore the
factory settings after the device restarts. Then all user configuration files will
be deleted and the default factory settings will be restored during the device
restart.
Example
# Set the mode of restoring the factory configuration to delete.
<Huawei> set factory-configuration operate-mode delete-configuration
Warning: It may delete your configuration file when execuating factory configuration,are you sure to set
the operation mode?(Y/N)y
Successfully set factory operation mode
4.12.25 snmp-agent trap enable feature-name configuration
Function
The snmp-agent trap enable feature-name configuration command enables the
trap function for the Configuration module.
The undo snmp-agent trap enable feature-name configuration command
disables the trap function for the Configuration module.
For details about whether the trap function for the Configuration module is
enabled or disabled by default, see display snmp-agent trap feature-name
configuration all.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 430
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
snmp-agent trap enable feature-name configuration [ trap-name
hwcfgmaneventlog ]
undo snmp-agent trap enable feature-name configuration [ trap-name
hwcfgmaneventlog ]
Parameters
Parameter Description Value
trap-name Enables the traps of -
Configuration events of specified
types.
hwcfgmaneventlo Enables the device to send a trap -
g when the system event is
changed.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
The Configuration module is not configured with the function of excessive traps.
To enable the trap function of one or more events, you can specify trap-name.
You can run the display snmp-agent trap feature-name configuration all
command to check the configuration result.
Example
# Enables the device to send a trap when the system event is changed.
<Huawei> system-view
[Huawei] snmp-agent trap enable feature-name configuration trap-name hwcfgmaneventlog
4.12.26 startup saved-configuration
Function
The startup saved-configuration command specifies the system configuration file
for next startup.
Format
startup saved-configuration configuration-file [ slave-board | all ]
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 431
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
Only the AR6300 and AR6300K support the slave-board and all parameters.
Only the AR6300-S support the slave-board and all parameters.
Parameters
Parameter Description Value
configuration- Specifies the name of The value is a string of 1 to 64 case-
file a configuration file. sensitive characters in the format of
Make sure that the [ drive-name ] [ file-name ]. It can
file exists. contain the following special characters:
[ ] @ ! # $ % ^ - = _ + { } , . : /. A string
containing digits, letters, and
underscores (_) is recommended. If
drive-name is not specified, the value is
the default storage medium name. The
maximum length of the entered file-
name is 64 minus the default storage
medium name.
NOTE
If the length of the entered configuration-
file is greater than 64, the system displays
the following information:
Error: The file name length is too long!
slave-board Specifies the -
configuration file for
next startup on the
slave SRU.
all Specifies the -
configuration file for
next startup on all
SRUs.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When the original configuration file cannot be used due to the software upgrade,
run the startup saved-configuration command to specify another configuration
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 432
NetEngine AR
Command Reference 4 Basic Configurations Commands
file for next startup. The startup configuration file must be saved in the root
directory of the storage device.
Follow-up Procedure
Run the reboot or the schedule reboot command to restart the device.
Precautions
● The configuration file specified for the next startup must exist.
● The configuration file specified for the next startup cannot be too large.
Otherwise, some configurations are likely to be lost after the device is
restarted.
● The configuration file name extension must be .zip or .cfg.
– A configuration file with the file name extension .cfg is a text file, and
you can view the file content in the text file. After the file is specified as
the configuration file for next startup, the system restores all commands
in the file one by one during a startup.
– A .cfg file is compressed to a .zip file that occupies less space. After being
specified as the configuration file, the .zip file is decompressed to the .cfg
file and the system restores all commands in the .cfg file one by one
during startup.
Example
# Specify the system configuration file for the next startup.
<Huawei> startup saved-configuration vrpcfg.cfg
4.12.27 startup system-software
Function
The startup system-software command specifies the system software for next
startup.
Format
startup system-software system-file [ slave-board | all ] [ verify | signature
sign-filename ]
NOTE
Only the AR6300 and AR6300K support the slave-board and all parameters.
Only the AR6300-S support the slave-board and all parameters.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 433
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
system-file Specifies the name The value is a string of 1 to 64 case-
of the system sensitive characters in the format of
software file. [ drive-name ][ file-name ]. The value can
contain the following special characters: [ ]
@ ! # $ % ^ - = _ + { } , . : /. It is
recommended that the value be a
combination of digits, letters, and
underscores (_). If drive-name is not
specified, the default storage name is used.
In this case, the maximum length of the
system-file parameter value is 64 minus
the length of the default storage name.
NOTE
If the length of the configuration-file parameter
value is greater than 64, the system displays the
following message:
Error: The file name length is too long!
slave-board Specifies the system -
software for the next
startup of the slave
MPU.
all Specifies the system -
software for the next
startup of all MPUs.
verify Checks the validity -
of the system
software.
signature Checks the validity The value of sign-filename is a string of
sign-filename of the digital characters in the format of [ drive-name ]
signature file of the [ file-name ]. If drive-name is not specified,
system software. the default storage name is used. The
value is a string of 1 to 64 case-insensitive
characters. It cannot contain spaces. The
file name extension must be .asc.
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 434
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
Usage Scenario
During a system software upgrade or downgrade, you can run this command to
specify the system software for the next startup.
Follow-up Procedure
Run the reboot command or the schedule reboot command to restart the device.
Precautions
● The digital signature file of the system software must use .asc as the file
name extension and be saved to the root directory of the storage device.
● If the system software for the next startup of the slave MPU has been
specified using slave-board or the system software for the next startup of all
MPUs has been specified using all, the device automatically copies the system
software from the master MPU to the slave MPU, removing the need to run
the copy source-filename destination-filename command. If the specified
system software exists on the slave MPU, the system displays a message
asking you whether to use the system software of the slave MPU. If the
system software of the slave MPU will not be used, the system displays a
message asking you whether to overwrite the existing system software.
However, the system software specified for the next startup cannot be
overwritten. The device will not automatically copy the system software.
● When you run the startup system-software command to specify the system
software for the next startup of the slave MPU, the device displays a failure
message if the storage space of the slave MPU is insufficient.
● If the device has dual MPUs, specify the system software for next startup on
both the master and slave MPUs.
● The system software package cannot be started using an external hard disk.
● If the storage device of the system software is a USB flash drive, do not
remove the USB flash drive or power off the device during the upgrade.
Otherwise, the USB flash drive may be damaged. You are advised to copy the
system software to the default storage device and configure the system to
start from the default storage device.
● When configuring the system software for next startup, do not remove or
restart the slave MPU.
Example
# Specify the system software for next startup.
<Huawei> startup system-software basicsoft.cc
4.12.28 startup system-software backup
Function
The startup system-software backup command specifies the backup system
software for system startup.
By default, the device has no backup system software.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 435
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
startup system-software filename backup
Parameters
Parameter Description Value
filename Specifies the name of the The value is a string of 1 to 64
backup system file. case-sensitive characters in
the format of [ drive-name ]
[ file-name ]. It can contain
the following special
characters: [ ] @ ! # $ % ^ - =
_ + { } , . : /. A string
containing digits, letters, and
underscores (_) is
recommended. The
recommended format is drive
name:/file name. For
example, flash:/software.cc. If
drive-name is not specified,
the value is the default
storage medium name. The
maximum length of the
entered system-file is 64
minus that of the default
storage medium name.
NOTE
If the length of the entered
configuration-file is greater than
64, the system displays the
following information:
Error: The file name length is too
long!
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When the specified startup software package is damaged, the system uses the
backup software package to start.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 436
NetEngine AR
Command Reference 4 Basic Configurations Commands
● The file name extension of the system software package must be .cc and the
package must be stored in the root directory.
● The backup startup software package can be the same as or different from
the current startup software package, but it must ensure a successful system
start.
Example
# Specify the backup system startup software for the system.
<Huawei> startup system-software basicsoft.cc backup
This operation will take several minutes, please wait........
Info: Succeeded in setting the backup file for booting system
4.12.29 startup patch
Function
The startup patch command specifies the patch file for next startup.
Format
startup patch patch-name [ slave-board | all ]
NOTE
Only the AR6300 and AR6300K support the slave-board and all parameters.
Only the AR6300-S support the slave-board and all parameters.
Parameters
Parameter Description Value
patch-name Specifies the name The value is a string of 1 to 64 case-sensitive
of the patch file for characters in the format of [ drive-name ]
next startup. [ file-name ]. It can contain the following
special characters: [ ] @ ! # $ % ^ - = _ +
{ } , . : /. A string containing digits, letters,
and underscores (_) is recommended. If
drive-name is not specified, the value is the
default storage medium name. The
maximum length of the entered patch-name
is 64 minus that of the default storage
medium name.
NOTE
If the length of the entered patch-name is greater
than or equal to 58, patches will fail to be loaded
and the system displays the following
information:
Error: The length of the filename is too long
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 437
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameter Description Value
slave-board Specifies the patch -
file for next startup
on the slave SRU.
all Specifies the patch -
file for next startup
on all SRU.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To make the patch file take effect after the device restarts, run this command to
specify the patch file for next startup.
Follow-up Procedure
Run the reboot or the schedule reboot command to restart the device.
Precautions
● A patch file uses .pat as the file name extension and must be saved in the
root directory.
● If you use this command to specify another patch for next startup, the
previous patch will be overridden.
● After the patch file is specified for next startup, run the display patch-
information command to view the patch file.
– If the patch file for next startup is not empty, the device load the patch
automatically after next startup.
– If the patch file for next startup is empty, the device cannot load the
patch after next startup.
● After the device restarts, the system loads and runs the patch. If you do not
want the system to load the patch file after startup, use the patch delete all
command to delete the patch file.
Example
# Specify the patch file for next startup.
<Huawei> startup patch patch.pat
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 438
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.12.30 bootloader startup menu enable
Function
The bootloader startup menu enable command displays the Boot menu.
The undo bootloader startup menu enable command hides the Boot menu.
By default, the device displays the Boot menu.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
bootloader startup menu enable
undo bootloader startup menu enable
Parameters
None
Views
System view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
You can run the bootloader startup menu enable command to display the Boot
menu on the device.
Example
# Display the Boot menu.
<Huawei> system-view
[Huawei] bootloader startup menu enable
Warning: The operation will save all configuration to the next startup configuration.
And the WorkMode Change will be activated after board reboot. Continue? [y/n]:y
It will take several minutes to save configuration file, please wait..........
...
Jun 14 2018 08:43:17+09:00 Huawei %%01LOAD/4/ENT_CONFIG_SET(l)[0]:Succeeded in setting
flash:/vrpcfg.zip for config file by device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 439
NetEngine AR
Command Reference 4 Basic Configurations Commands
[Huawei]......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
4.12.31 display bootloader startup menu
Function
The display bootloader startup menu command displays whether the Boot menu
is hidden.
NOTE
Only the AR651K, AR651, AR651-X8, AR651C, AR651F-Lite, AR651U-A4, AR651W-X4,
AR651W-8P, AR651W, AR657W, AR720, AR730, AR6120, AR6121K, AR6121E, AR6121,
AR6120-VW, AR6140K-9G-2AC, AR6140E-9G-2AC, and AR6140-9G-2AC support this
function.
Only the AR6120-S, AR6140E-S, AR6140-S, AR6121-S, AR6121E-S, AR6121EC-S, and
AR6121C-S support this function.
Only the AR-10 supports this function.
Format
display bootloader startup menu
Parameters
None
Views
All views
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
You can run the display bootloader startup menu command to check whether
the Boot menu is hidden.
Example
# Display whether the Boot menu is hidden.
<Huawei> system-view
[Huawei] display bootloader startup menu
BootLoader Startup Menu Config = Disable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 440
NetEngine AR
Command Reference 4 Basic Configurations Commands
Table 4-60 Description of the display bootloader startup menu command
output
Item Description
BootLoader Startup Menu Config Whether the Boot menu is hidden.
● Disable: hides the Boot menu.
● Enable: displays the Boot menu.
4.13 Upgrade Commands
4.13.1 Support for Upgrade
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.13.2 display license
Function
The display license command displays information about the license file in the
system.
Format
display license
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
A license file dynamically controls the availability of some features. Only one
license file is active in the system. Run this command to view detailed information
about the active license in the system, including license file name, version, validity
period, and control item. Based on the information, you can determine whether to
upgrade the system version to support more features.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 441
NetEngine AR
Command Reference 4 Basic Configurations Commands
NOTE
In current version, the encoding format in displaying license information is the same as that
of the license file used by the device. If different terminals are used for login, adjust the
encoding formats of the terminals according to that of the license file to prevent garbled
characters.
Example
# Display information about the active license file of the SRU.
<Huawei> display license
Active License on master board: flash:/LICAR6200_all_202005113KSE50.dat
Active license : flash:/LICAR6200_all_202005113KSE50.dat
License state : Normal
Revoke ticket : No ticket
Product name : AR
Product version : all
License file ESN : 2102115641DMKC000909
License Serial No : LIC202005113KSE50
Creator : Huawei Technologies Co., Ltd.
Created Time : 2020-05-11 17:09:47
Country : China
Custom : No relevant customer information
Office : UNKNOWN
Feature name : ARLIC
Authorize type : COMM
Expired date : 2020-10-11
Trial days : 60
Item name : LAR0DATAE11
Item type : Function
Control value :1
Used value :1
Item state : Normal
Item expired date : 2020-10-11
Item trial days : 60
Description : Data Package
Item name : LAR0SECE11
Item type : Function
Control value :1
Used value :1
Item state : Normal
Item expired date : 2020-10-11
Item trial days : 60
Description : Security Package
Item name : LAR0AC11
Item type : Function
Control value :1
Used value :1
Item state : Normal
Item expired date : 2020-10-11
Item trial days : 60
Description : AC Controller
Feature name : ARLICIPS
Authorize type : COMM
Expired date : 2020-10-11
Trial days : 60
Item name : LAR0IPS00
Item type : Resource
Control value : 36
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 442
NetEngine AR
Command Reference 4 Basic Configurations Commands
Used value :0
Item state : Normal
Item expired date : 2020-10-11
Item trial days : 60
Description : IPS Upgrade Controller
Table 4-61 Description of the display license command output
Item Description
Active License on master board Name and path of the active license
file on the MPU.
Active license Name and path of the active license
file.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 443
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
License state Status of a license file:
● Normal
This state value indicates that a
license file is working properly. If
the status of the license file on the
live network is not Normal, check
the license file.
● Trial
– A license file enters the Trial
state if the ESN does not match
the device. A license file in Trial
state can be used only for 60
days.
To continue to use a license file
after the Trial state, apply for a
new license file using the correct
ESN.
– A temporary license file expires
and enters the Trial state.
To continue to use a license file
after the Trial state, apply for a
new license file and activate it.
– A license file is revoked and
enters the Trial state.
To continue to use a license file
after the Trial state, apply for a
new license file based on the
revocation code and activate it.
– If you replace the master main
control board but the new ESN
does not match the license file,
the license file enters the Trial
state.
To continue to use a license file
after the Trial state, apply for a
new license file matching the
new ESN and activate it.
● Demo
When you activate a temporary
license file, it enters the Demo
state. The Demo state exists only
for a demo license file used for test
and deployment.
A license file in Demo state allows
you to use normal functions within
a specified period. Before the
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 444
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
expiration of the license file in
Demo state, replace it with a
commercial license file.
● Emergency
A license file enters the Emergency
state when a disaster occurs
(commercial scenario).
In emergency conditions like
earthquake, volcano explosion, and
tsunami, you can run the license
emergency command to trigger a
license file to enter the Emergency
state. The Emergency state stays for
seven days, and a license file can
enter the Emergency state three
times.
● Default: No license file is activated
or a license file expires.
If a license file enters the Default
state, services may be interrupted.
If you want to use services after a
license file expires or becomes
invalid, apply for a new license file
and activate it.
Revoke ticket License revocation code.
Product name Name of the product that runs the
license.
Product version Product version.
License file ESN ESN in the license file.
License Serial No Serial number of license file.
Creator Creator of the file.
Created Time Time when the file was created.
Country Country of the authorized customer.
Custom Authorized customer.
Office Office of the authorized customer.
Feature name Feature name.
Authorize type Authorization type.
● demo: trial authorization.
● comm: commercial authorization.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 445
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Expired date License expiration date. PERMANENT
indicates that the license is
permanently valid.
Trial days Trial period.
Item name Name of a control item.
Item type Type of a control item.
Control value Authorized count of a control item.
Used value Used count of a control item.
Item state Status of a control item.
Item expired date Expiration date of a control item.
Item trial days Trial period of a control item.
Description Description of a control item.
4.13.3 display license accept agreement
Function
The display license accept agreement command displays information about
functions activated through commands, including the functions that have been
activated and time functions were used.
Format
display license accept agreement [ history ]
Parameters
Parameter Description Value
history Displays details of each -
control item including
the maximum activation
count of a resource item,
regardless of whether
the ETU license is
enabled.
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 446
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
After the display license accept agreement history command is executed, either
of the following situations occurs:
● If function licenses are activated, the display license accept agreement
history command output is the same as the display license accept
agreement command output.
● If resource licenses are activated, the message "Maximum control value"
indicating the maximum activation count of a resource item is displayed.
If the control item is in Enable state, the function has been activated. The control
item name corresponding to the same function on different product models may
be different.
Example
# Display information about functions activated through commands.
<Huawei> display license accept agreement history
Active license Accept Agreement: yes
Item name : LAR0DATAE04
Item type : Function
Item state : Disable, -
Item left time :-
Item used time :-
Description : Data GTLV2
Item name : LAR0SECE04
Item type : Function
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0SECE04
Item name : LAR0AC04
Item type : Function
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0AC04
Item name : LAR0SSLVPN00
Item type : Resource
Control value :0
Maximum control value : 0
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0SSLVPN00
Item name : LAR0DSVPN04
Item type : Function
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0DSVPN04
Item name : LAR0IVR00
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 447
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item type : Resource
Control value :0
Maximum control value : 0
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0IVR00
Item name : LAR0CT00
Item type : Resource
Control value :0
Maximum control value : 0
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0CT00
Item name : LAR0CM00
Item type : Resource
Control value :0
Maximum control value : 0
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0CM00
Item name : LAR0VOICEE04
Item type : Function
Item state : Disable, -
Item left time :-
Item used time :-
Description : LAR0VOICEE04
Table 4-62 Description of the display license accept agreement history command
output
Item Description
Active license Accept Agreement ETU license status:
● yes: The ETU license is activated.
● no: The ETU license is not activated.
Item name Name of the control item.
Item type Type of the control item:
● Function
● Resource
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 448
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Item state Status of the control item:
● Enable, Evaluate: This control item is
activated and is in trial period.
● Enable, Permanent: This control item
is activated and the trial period is
reached.
● Disable, Evaluate: This control item is
not activated and is in trial period.
● Disable, Permanent: This control item
is not activated and the trial period is
reached.
● Disable, -: This control item is not
activated.
Item left time Remaining time of the trial period after
the control item is activated.
Item used time Time elapsed since the control item has
been used after the control item is
activated.
Description Description of the control item.
Control value Value of the activated resource item.
Maximum control value Maximum activation count of the
resource item.
4.13.4 display license esn
Function
The display license esn command displays the equipment serial number (ESN)
used for applying a license.
Format
display license esn
Parameters
None
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 449
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
When you need to use licensed resource items or function items, apply to Huawei
for a license file. When applying for a license, you need to provide the device ESN.
ESN is the only identifier of device components (such as MPU and interface
board), run the display license esn command to display the ESN of the current
device, and then use the ESN to apply a license file for the device.
The ESN of the chassis must be the same as the ESN in the license to be activated.
If they are different, the license file cannot be activated.
Example
# Display the ESN used for applying a license.
<Huawei> display license esn
Master ESN is: 2102113374P0B4000046.
Table 4-63 Description of the display license esn command output
Item Description
Master ESN is ESN of the device.
4.13.5 display license resource usage
Function
The display license resource usage command displays the usage of the resource
items defined in a license file.
Format
display license resource usage
Parameters
None
Views
All views
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 450
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
You can use the display license resource usage command to check the usage of
the resource items defined in the license file.
Resource usage refers to the percentage of resources used out of resources defined
by the license file.
Example
# Display the usage of licensed resources.
<Huawei> display license resource usage
Activated License: flash:/LIC_ON179007_A1BB9D41960_all.dat
FeatureName | ConfigureItemName | ServiceExpireTime
CRFEA1 LAR0IPS00 2022-02-19
FeatureName | ConfigureItemName | ResourceUsage
CRFEA1 LAR0CM00 0/1
Table 4-64 Description of the display license resource usage command output
Item Description
Activated License File name and path of an active
license name.
FeatureName Name of the feature controlled by the
license.
ConfigureItemName Name of a resource item.
ServiceExpireTime Expire time of a resource item.
ResourceUsage Percentage of used resources.
4.13.6 display license revoke-ticket
Function
The display license revoke-ticket command displays the revocation code of the
current license file of the device.
Format
display license revoke-ticket
Parameters
None
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 451
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The display license revoke-ticket command enables you to check the revocation
code of a license file that has become invalid on the device. This code proves that
the current license file is invalid and is used to apply for a new license.
Precautions
This command displays information only when the license file in current device
system is invalid. Otherwise, no command output is displayed.
Example
# Display the revocation code of the current invalid license file.
<Huawei> display license revoke-ticket
Info: The revoke ticket is: LIC20091103006100:27C1B773ED11D9F877855CDAEE74ABFE60E07126.
4.13.7 display license state
Function
The display license state command displays the license status on the SRU.
Format
display license state
Parameters
None
Views
All views
Default Level
3: Management level
Usage Guidelines
Usage Scenario
To check the status of the running license, run this command. The command
displays the current status of the license and the number of days before the
license in this status will expire.
The system supports the following license states:
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 452
NetEngine AR
Command Reference 4 Basic Configurations Commands
● Normal: normal license
● Demo: demonstration license
● Trial: trial license that has expired but is still valid during the trial period
● Emergency: emergency license
● Default: default license
This command helps you locate license problems and verify the license status on
the device.
Prerequisites
A license file has been stored on the SRU of the device and has been activated.
This ensures that valid entries are displayed after the execution of the command.
If the license file is not activated, no command output is displayed.
Example
# Display the status of the license on the SRU.
<Huawei> display license state
Info: Master board license state: Trial. The remain days is 44.
4.13.8 display paf
Function
The display paf command displays information about the product adaptive file
(PAF) in the system.
Format
display paf { all | { resource | service } item-name }
Parameters
Parameter Description Value
all Displays all information -
about the PAF file.
resource Specifies the value set for a -
resource item in the PAF
file.
service Specifies the value set for a -
service item in the PAF file.
item-name Specifies the name of a The value is a string of 1 to
resource item or a service 64 characters.
item.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 453
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
A PAF file provides only required resources and features. This command can
display all the specification information about the PAF file.
Example
# Display the value set for a resource item in the PAF file.
<Huawei> display paf resource PAF_LCS_NQA_SPECS_NUM_ENTRY
PAF_LCS_NQA_SPECS_NUM_ENTRY = 0, 128, 128, 0
# Display the value set for a service item in the PAF file.
<Huawei> display paf service PAF_LCS_BFD_BASIC_SPECS_ENABLED
PAF_LCS_BFD_BASIC_SPECS_ENABLED = 0, 1
Table 4-65 Description of the display paf resource command output
Item Description
PAF_LCS_NQA_SPECS_NUM_ENTRY Resource item name in the PAF file.
0 Whether a resource item is controlled
by a license.
● 1: yes
● 0: no
128 Default value of the resource item in
the PAF file.
128 Maximum value of the resource item
in the PAF file.
0 Minimum value of the resource item in
the PAF file.
Table 4-66 Description of the display paf service command output
Item Description
PAF_LCS_BFD_BASIC_SPECS_ENABLED Service item name in the PAF file.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 454
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
0 Whether a service item is controlled by
a license.
● 1: yes
● 0: no
1 Service status.
● 1: enabled
● 0: disabled
4.13.9 display patch-information
Function
The display patch-information command displays information about the patch in
the current system.
Format
display patch-information
Parameters
None
Views
All views
Default Level
1: Monitoring level
Usage Guidelines
After a patch is loaded or deleted, run this command to view information about
the patch, including its version, name.
Example
# Display information about the patch in the current system.
<Huawei> display patch-information
Patch version :ARV300R009C10
Patch package name :flash:/patch_arxx0.pat
The state of the patch state file is:Running
The current state is:Running
******************************************************************
* The patch information,as follows *
******************************************************************
Type State Count Time(YYYY-MM-DD HH:MM:SS)
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 455
NetEngine AR
Command Reference 4 Basic Configurations Commands
------------------------------------------------------------------
exe Running 1 2017-12-31 09:23:46+00:00
Table 4-67 Description of the display patch-information command output
Item Description
Patch version Version of the patch.
Patch package name Name of the patch file.
The state of the patch state file is Status of the patch file.
The current state is Current status of the patch.
Type Patch type.
● VRP: VRP patch for the SRU.
● CAP: CAP patch for the SRU.
● Kernel: Patch for the kernel.
● LPU: Patch for the LPU.
● soft: Patch for the software.
● exe: Patch for the file.
● driver: Patch for drive.
State Running status of the patch. (Running: The
patch is running.)
Count Number of patch units.
Time(YYYY-MM-DD HH:MM:SS) Time when the patch takes effect.
4.13.10 display rollback state
Function
The display rollback state command displays the rollback status of the system.
Format
display rollback state
Parameters
None
Views
All views
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 456
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
1: Monitoring level
Usage Guidelines
This command enables you to:
● Check whether the rollback function is enabled.
● Preview the files used after a version rollback to avoid an unexpected
rollback.
● The rollback status can be displayed only if the rollback command can be
used. Therefore, the display rollback state command can display the rollback
status only when the following conditions are met: the system software for
rollback exists, the current software package is different from the previous
system software package, and no new package is specified for next startup
using the startup system-software command.
● If no rollback system software exists, a message "Rollback function is disabled
in current state" will be displayed when you run the display rollback state
command.
Example
# Preview the files used after a version rollback. The names and paths of various
startup files used in the rollback version are displayed if the rollback function is
enabled in the system.
<Huawei> display rollback state
Info: Rollback function is enabled in current state
The booting parameters for rollback are as follows:
Rollback system software: flash:/software.cc
Rollback saved-configuration file: flash:/iascf_autobackup.zip
Rollback license file: null
Rollback patch package: null
Rollback voice-files: null
Table 4-68 Description of the display rollback state command output
Item Description
Rollback system software System software package used after the
rollback.
Rollback saved-configuration file Configuration file used after the rollback.
Rollback license file License file used after the rollback.
Rollback patch package Patch file used after the rollback.
Rollback voice-files Voice file used after the rollback.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 457
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.13.11 license active
Function
The license active command activates the license file saved in the storage of the
device.
Format
license active file-name
Parameters
Parameter Description Value
file-name Specifies the name of a The value is a string of 1
license file. to 64 characters without
spaces.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
Change or upgrade the license file when the current license file is outdated or
needs higher specifications and more features. The initial state of a license file is
inactive and the license file does not take effect in the system. Run this command
to activate the new or updated license file.
The license active command can be used to activate a license file in the following
situations:
● The license needs to be activated for the first time.
You can directly run this command to activate a license.
● The current license file needs to be updated.
If the specifications of the new license file are lower than those of the current
license file, the system displays a message asking you whether to continue. If
you choose No, the system retains the current license file. If you choose Yes,
the master MPU activates the current license file and the system uses the new
license file.
Prerequisites
The new license file has been uploaded to the device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 458
NetEngine AR
Command Reference 4 Basic Configurations Commands
Follow-up Procedure
When the system restarts, the system activates the license file that was activated
last time to ensure the license files are the same before and after restart.
Precautions
● The license file must use .dat as file name extension and be saved to the
default root directory in the storage of the device.
● If no path is specified, the license file in the working path is activated by
default.
● If the specifications of the new license file are lower than those of the current
license file (some functions are authorized in the current license file, but not
in the new license file, or the new license file allows fewer resources than the
current one), the system displays a message asking you whether to continue.
● When applying for a license, ensure that the ESN is case sensitive. If the case
of the device ESN is different from that of the ESN in the license file, the
license file cannot be activated.
Example
# Activate license.dat in the storage of the device.
<Huawei> license active license.dat
4.13.12 license active accept agreement
Function
The license active accept agreement command activates the ETU license.
The undo license active accept agreement command deactivates the ETU
license.
By default, the ETU license is deactivated.
Format
license active accept agreement
undo license active accept agreement
Parameters
None
Views
User view
Default Level
3: Management level
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 459
NetEngine AR
Command Reference 4 Basic Configurations Commands
Usage Guidelines
After the license active accept agreement command is executed, the system asks
you whether to sign the agreement:
● If you enter yes, the agreement is signed and this event is logged.
● If you enter no, the ETU license is deactivated.
Example
# Activate the ETU license.
<Huawei> license active accept agreement
Dear Customer,
You will active the interim ETU (Easy to Use) license for featured functions of the AR, please read the
followings carefully.
After the activation of the interim ETU license for featured functions of the AR, you can conduct evaluation
of the featured functio
ns for a period of sixty (60) days.After the sixty (60) days evaluation period, the interim license will
automatically convert to th
e perpetual license. Continuing use of the featured functions of the product after the evaluation period
requires the perpetual lice
nse, together with the additional payment. Otherwise please close the ETU license for featured functions,
and stop using the feature
d functions.
Without purchasing the perpetual license from Huawei, the continuing use of the product will constitute
the inappropriate use beyond
the interim license and infringement of rights of Huawei. The activation of the software command line
interface will be evidence of
your acceptance of the perpetual license. Huawei will reserve all necessary rights to prosecute and to seek
all remedies at law and
in equity.
ACCEPT? Yes or No[y/n]:y
INFO: Succeeded in activating the ETU license.
# Deactivate the ETU license.
<Huawei> undo license active accept agreement
INFO: Succeeded in inactivating the ETU license.
4.13.13 license emergency
Function
The license emergency command enables the emergency state for the license.
Format
license emergency
Parameters
None
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 460
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The system configuration is classified into maximum configuration, authorized
configuration, and minimum configuration.
● In maximum configuration, the maximum number of dynamic resource items
are configured. Static resource items and function items are configured
according to license configuration.
● Authorization configuration means the functions and resources of the
software configured on the basis of contract or special authorization.
Authorized configuration depends on feature authorization of license files.
● The minimum configuration is the default configuration when no activated
license file exists in the system. The minimum configuration varies according
to products.
Configurations are classified to limit the bearer capability of the system in
different running status.
When you run the license emergency command to enable the emergency state
for the license, the system is free from license control. In this case, the system can
run with the maximum configuration of dynamic resources and the license-
defined configuration of static resources and functions. When the validity period
of the emergency state expires, dynamic resources are controlled by the license
again. One version is provided with three validity periods of emergency state, each
lasting for seven days.
The purpose for enabling the emergency state for the GTL license is disaster
tolerance. If an earthquake takes place, for example, this mechanism protects
users' services from being affected.
Precautions
● The emergency state cannot be disabled manually.
● The emergency state can only be enabled three times for each license, and
the license can keep in emergency state for 7 days each time.
● The next emergency state can be enabled only on the last day when the last
emergency state expires.
Example
# Enable the license emergency state.
<Huawei> license emergency
Warning: This operation will cause LCS into the EMERGENCY state. Continue? [Y/N]:y
Info: Emergency started cannot be stopped.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 461
NetEngine AR
Command Reference 4 Basic Configurations Commands
4.13.14 license function
Function
The license function command activates the ETU license of a function item.
The undo license function command deactivates the ETU license of a function
item.
By default, the ETU license of a function item is deactivated.
Format
license function name
undo license function name
Parameters
Parameter Description Value
name Specifies the name of Enumeration value. The options
the activated ETU are as follows:
license function item. ● ac: WLAN AC Express
● datae: data service
● sece: security service
● voicee: voice service
● perfe: QoS forwarding
performance license
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The license function command activates the license of a function item through
the ETU license.
Prerequisites
The ETU license has been activated using the license active accept agreement
command.
Precautions
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 462
NetEngine AR
Command Reference 4 Basic Configurations Commands
● If the license active accept agreement command is not executed, an error
message is displayed.
● You do not need to activate the license that has been activated.
● After the license is activated, there is a trial period of 60 days. After the trial
period of 60 days, you use of the controlled function will be governed by
Huawei license agreement. You must purchase the license or stop using the
activated function after the trial period.
Example
# Activate the data service.
<Huawei> license function datae
INFO: Succeeded in activating the feature.
4.13.15 license resource
Function
The license resource command activates the ETU license of a resource item.
The undo license resource command deactivates the ETU license of a resource
item.
By default, the ETU license of a resource item is deactivated.
Format
license resource name value
undo license resource name
Parameters
Parameter Description Value
name Specifies the name of Enumeration value. The
the activated ETU license options are as follows:
resource item. ● cm: number of
phones that are
calling
● ips: upgrade service
time of the Intrusion
Prevention System
(IPS).
● av: Antivirus
System(AV).
● urlf: URL
RemoteQuery System.
value Specifies the value of an The value is an integer.
ETU resource item. The value range depends
on the resource license.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 463
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
The license resource command activates the license of a resource item.
Prerequisites
The ETU license has been activated using the license active accept agreement
command.
Precautions
● If the license active accept agreement command is not executed, an error
message is displayed.
● You do not need to activate the license that has been activated.
● After the license is activated, there is a trial period of 60 days. After the trial
period of 60 days, your use of the controlled function will be governed by
Huawei license agreement. You must purchase the license or stop using the
activated function after the trial period.
Example
# Activate the license of a resource item.
<Huawei> license resource cm 10
INFO: Succeeded in activating the feature.
<Huawei> license resource ips 1
INFO: Succeeded in activating the feature.
4.13.16 license revoke
Function
The license revoke command revokes a license file.
Format
license revoke
Parameters
None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 464
NetEngine AR
Command Reference 4 Basic Configurations Commands
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
License is an authorization file. You can apply for, upgrade, or activate the license
file to get corresponding user rights.
If new devices are deployed, you can purchase new licenses as needed to enable
license-controlled features and functions on the devices. This reduces purchase
costs. If the capacities of the existing devices need to be expanded, you can
update the licenses used on the devices to enable more license-controlled features
and functions.
You can upgrade a license file to:
● Add new features.
● Optimizes device performance.
● Fix bugs in the current version.
Before updating a license file, run the license revoke command to revoke the
existing license. The system then returns a license revocation code. This code is the
evidence for license invalidation and is used to apply for a new license.
NOTE
A license revocation code is a character string generated after a license file becomes invalid.
You can determine that a license file is invalid based on the corresponding revocation code.
Precautions
● When the existing license is going to expire, apply for a new license, upgrade,
and activate the license. If the license has expired, the service modules are
disabled and services are interrupted.
● After you run the license revoke command, the license file enters the Trial
state and cannot be activated again regardless of how long the license file
will expire.
Example
# Revoke the current license file.
<Huawei> license revoke
4.13.17 patch delete all
Function
The patch delete all command deletes patches on the current system.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 465
NetEngine AR
Command Reference 4 Basic Configurations Commands
Format
patch delete all
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
● If you find errors in patches that have been loaded to the system, run this
command to delete the patches to prevent patch errors from affecting system
operating.
● Before loading a non-incremental patch, run this command to delete the
existing patches (if any). Otherwise, the non-incremental patch cannot be
loaded.
Example
# Delete all patches.
<Huawei> patch delete all
4.13.18 patch load
Function
The patch load command loads the patches to the patch areas in the system.
Format
patch load filename all run
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 466
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
filename Specifies the path and The value is a string of 5
file name of a patch to 64 case-insensitive
package. The path can characters without
be an absolute path or a spaces. The file name
relative path. must have an extension
of .pat. If the path is a
relative path, the
maximum length of
filename is 64 minus the
length of the default
storage device name.
NOTE
If the length of filename is
greater than or equal to
58, patches will fail to be
loaded and the system will
display the following error
message:
Error: Path of the patch is too
long. Patch operation failed.
all Loads the patches of all -
boards.
run Runs loaded patches of -
all boards.
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
When you load a patch to the current system, the system searches the patch
package for a matching patch file according to the attributes of the patch file.
● If a matching patch file is found in the patch package, the system loads the
patch.
● If no matching patch file is found in the patch package, the system does not
load any patch.
Prerequisites
The patch package has been uploaded to the root directory of the storage device.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 467
NetEngine AR
Command Reference 4 Basic Configurations Commands
Before loading a patch, the system must resolve the patch package, check the
validity of the patch files in the patch package, and obtain the attributes such as
the patch type and version of the patch file.
Precautions
The patch file cannot be reloaded. When you reload a patch, the system displays
an error message.
Example
# Load the patches to the patch area of the device and run the patches directly.
<Huawei> patch load patch.pat all run
4.13.19 rollback
Function
The rollback command rolls back the system to the previous version.
Format
rollback
Parameters
None
Views
User view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
If an error occurs during an upgrade, cancel the current upgrade and run the
rollback command to roll back the system to the previous version. After the
rollback, the configuration of the device is the same as the previous configuration
before upgrading.
You can delete the rollback software using the delete (user view) command.
After the rollback software is deleted, a message will be displayed saying that the
rollback function is unavailable if you run the rollback and display rollback state
commands.
Prerequisites
The device has the rollback software. The current software package is different
from the previous software package, and no new package is configured for next
startup using the startup system-software system-file command.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 468
NetEngine AR
Command Reference 4 Basic Configurations Commands
Example
# Roll back the system to the previous version. After you run the command, a
message will be displayed ask you whether to continue. If you choose y, the
system rolls back to its previous version. If you choose n, no operation will be
performed.
<Huawei> rollback
Warning: One or multiple of the following files do not exist: configuration file
flash:/aaa.cfg
Check whether you have deleted the file(s). Are you sure you want to continue? (
y/n):y
After rollback, active board will reboot automatically. Please check if data has
been saved
Are you sure to rollback? (y/n)[n]:y
4.13.20 upgrade slot startup bootrom (User view)
Function
The upgrade slot startup bootrom command updates the BootROM of a board
to the BootROM version of the system software.
Format
upgrade slot slot-id startup bootrom
Parameters
Parameter Description Value
slot-id Specifies the slot ID of a The value varies with the
registered LPU. device configuration.
Views
User view
Default Level
2: Configuration level
Usage Guidelines
Usage Scenario
Boards do not support automatic loading of the corresponding BootROM.
Generally, the BootROM does not need to be upgraded. However, if an exception
occurs due to a fault in the BootROM, you need to run this command to manually
upgrade the BootROM.
If the main control board cannot automatically upgrade the BootROM during a
system software upgrade, you need to run this command to manually upgrade the
BootROM.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 469
NetEngine AR
Command Reference 4 Basic Configurations Commands
Precautions
The 9ES2, 4ES2G-S, 1GEC, 4GECS, 2X10GL, 3G-HSPA+7, 1LTE-L, 1LTE-Lo, 1LTE-Lc,
1STM1, 4STM1, 16FXS, 32FXS, 1GBIS4W, 1NDE, and DGP cards do not support this
command.
NOTICE
Ensure normal power supply to the device when you are manually upgrading the
BootROM. The component whose BootROM is upgraded may be permanently
damaged once the device is powered off during manual upgrade of the BootROM.
Example
# Upgrade the BootROM in slot 1 using the current system software package.
<Huawei> upgrade slot 1 startup bootrom
Info:You can not reset, remove, or power off the board when upgrade is being per
formed.
Info: Prepare to upgrade slot <1>, item <BootRom>, mode:online. waiting......
Info: Online upgrade slot <1>, item <BootRom>, ok.
Info: Please reset to take effect.
4.14 Smart Upgrade Commands
4.14.1 Support for Smart Upgrade
Hardware Requirements
This section is applicable to all models. For details about differences for specific
models, see the description in the corresponding section.
4.14.2 display smart-upgrade information
Function
The display smart-upgrade information command displays details about smart
upgrade.
Format
display smart-upgrade information
Parameters
None
Views
User view
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 470
NetEngine AR
Command Reference 4 Basic Configurations Commands
Default Level
3: Management level
Usage Guidelines
Usage Scenario
After smart upgrade is enabled, you can run the display smart-upgrade
information command to check details about smart upgrade. When smart
upgrade is enabled on the device, the device is not in the progress of requesting
for the latest version information from the HOUP, and this command is run on the
device, then the device proactively requests for the latest version information.
Prerequisites
Smart upgrade has been enabled using the smart-upgrade enable command.
Precautions
After this command is run, the device is triggered to exchange information with
the HOUP. If this command is run frequently to query upgrade information, smart
upgrade will be affected.
Example
# Display details about smart upgrade.
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] quit
<Huawei> display smart-upgrade information
Info:Loading the information.Please wait for a few minutes.
Scheduled upgrade: Enable
Next upgrade time: 2019-07-17 23:00:00
Check for new version: Upgrade required
URL: houp.huawei.cn
Recommended software version: V300R021C00SPC200
Recommended patch version: None
Upgrade description:
Firmware and Patch Description in English:1)description:2)description:
Info update time: 2019-07-11 14:17:06
Cancellation status: Initial
Upgrade status: Initial
Software package size(B): 155945856
Patch package size(B): 0
Download progress(%): 0
Download speed(KB/s): 0.00
Download status: notStart
Software package name: AR651-V300R021C00SPC200.cc
Patch package name: None
Patch type: None
Last upgrade type: now
Last upgrade time: 2019-06-29 15:49
Last upgrade result: None
Device name: AR651
ESN: 21500102123456789123
SoftWare version: V300R021C00SPC100
Patch version: None
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 471
NetEngine AR
Command Reference 4 Basic Configurations Commands
Last startup software:: flash:/ar651_spc200.cc
Last startup patch: None
Backup configuration file: vrpcfg_auto_backup.zip
Last startup voice package: None
Last startup license: None
Table 4-69 Description of the display smart-upgrade information command
output
Item Description
Scheduled upgrade Status of the scheduled upgrade
policy:
● Enable: This function is enabled.
● Disable: This function is disabled.
Next upgrade time Next upgrade time. This item is
displayed only when scheduled
upgrade is enabled.
Check for new version Checked new version information:
● Upgrade required: An upgrade is
required.
● Network error: A network error
occurs.
● System error: A system error occurs.
● Querying: Version information is
being queried.
● Initial: Version information check is
initialized.
● Lastest version installed: The
version is the latest.
URL Proxy server URL.
Recommended software version Recommended system software
version.
Recommended patch version Recommended patch version.
Firmware and Patch Description in Hardware and patch description in
English English.
Info update time Information update time.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 472
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Cancellation status Upgrade cancellation status:
● Initial: Upgrade cancellation is
initialized.
● Cancelling: The upgrade is being
canceled.
● Failed: The upgrade fails to be
canceled.
● Successful: The upgrade is
successfully canceled.
● None
Upgrade status Upgrade status:
● Initial: The upgrade is initialized.
● Upgrading: The device is being
upgraded.
● Failed: The upgrade fails.
● Cancelled: The upgrade has been
canceled.
● Successful: The upgrade is
successful.
Software package size(B) Software package size.
Patch package size(B) Patch package size.
Download progress(%) File download progress, in percentage.
Download speed(KB/s) File download speed.
Download status File download status:
● Initial: File download is initialized.
● downloadFailed: File download fails.
● downloadCancelled: File download
is canceled.
● notStart: File download has not
started.
● downloadSucc: File download is
successful.
● downloading:%d: File download
progress.
Software package name Software package name.
Patch package name Patch package name.
Patch type Patch type.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 473
NetEngine AR
Command Reference 4 Basic Configurations Commands
Item Description
Last upgrade type Last upgrade mode:
● timing: Scheduled upgrade
● now: Immediate upgrade
● None
Last upgrade time Last upgrade time.
Last upgrade result Last upgrade result:
● cfgfailed: The configuration fails.
● rollback: The version is rolled back.
● successed: The upgrade is
successful.
● netError: A network error occurs.
● updating: The device is being
upgraded.
● None
Device name Device name.
ESN Device ESN.
SoftWare version Software version.
Patch version Patch version.
Last startup software Software version for the last startup.
Last startup patch Patch version for the last startup.
Backup configuration file Backup configuration file.
Last startup voice package Voice package for the last startup.
Last startup license License information for the last
startup.
4.14.3 smart-upgrade enable
Function
The smart-upgrade enable command enables smart upgrade.
The undo smart-upgrade enable command disables smart upgrade.
By default, smart upgrade is disabled.
Format
smart-upgrade enable
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 474
NetEngine AR
Command Reference 4 Basic Configurations Commands
undo smart-upgrade enable
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
To facilitate software upgrade management and reduce manual maintenance
costs of the device, you can run the smart-upgrade enable command to enable
smart upgrade. Smart upgrade achieves automatic new version detection, system
file download, and device upgrade by connecting devices to the HOUP through
the Internet.
The smart upgrade function is not supported in active/standby scenarios.
Example
# Enable smart upgrade.
<Huawei> system-view
[Huawei] smart-upgrade enable
4.14.4 smart-upgrade information
Function
The smart-upgrade information command sets the contact phone number and
email address for smart upgrade.
The undo smart-upgrade information command cancels the contact number and
email address configured for smart upgrade.
By default, no contact number or email address is configured for smart upgrade.
Format
smart-upgrade information telephone telephonenum email emailaddress
undo smart-upgrade information telephone
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 475
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
telephone Specifies the contact The value is a string of 1
telephonenum number. to 21 characters. The
value can contain the
plus sign (+) and digits
(0 to 9), and cannot
contain spaces. The plus
sign (+) can be used only
at the beginning of a
character string. If a
character string starts
with a plus sign (+), the
maximum string length
is 21. If a character string
starts with a digit, the
maximum string length
is 20.
email emailaddress Specifies the email The value is a string of 1
address. to 128 case-sensitive
characters. The following
characters are supported:
letters, digits,
apostrophes ('), equal
signs (=), parentheses (),
plus signs (+), minus
signs (-), periods (.),
slashes (/), colons (:), at
signs (@), and
underscore (_).
Views
System view
Default Level
3: Management level
Usage Guidelines
You can run the smart-upgrade information command to configure the contact
number and email address for smart upgrade. If a smart upgrade-enabled device
fails to be upgraded, the device can notify the user of the upgrade result based on
the configured contact number and email address.
NOTE
The contact number and email address are used only for emergency contact upon an
upgrade failure.
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 476
NetEngine AR
Command Reference 4 Basic Configurations Commands
Prerequisites
Smart upgrade has been enabled using the smart-upgrade enable command.
Example
# Configure the contact number and email address for smart upgrade.
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] smart-upgrade information telephone 111111111 email [email protected]
Privacy Policy
Your privacy is important to us.
When enabling the automatic upgrade function for Huawei devices, you may, at your discretion, provide
your personal information such as the telephone number,
mobile number, and email address on the Command Line Interface (CLI).
This information will be used to notify you immediately of the upgrade result after the automatic upgrade
function is enabled.
By agreeing to these terms and conditions, you are authorizing Huawei to collect and process the
aforementioned personal information provided by you for the stated purpose.
Your information may be transferred to a third party of Huawei or affiliated company of Huawei for the
purpose of providing the aforementioned service for you.
The information you provide will be stored on the servers of Huawei and its affiliates.
The information may be transmitted outside your country or region and accessed, stored, and processed in
another country or region, including China.
Huawei is committed to protecting your personal information and preventing the information from being
used without authorization.
For more details, please refer to the full privacy policy at https://www.huawei.com/en/privacy-policy.
Do you agree to these terms and conditions? (Y/N)[N]:y
Info: Operation succeeded.
4.14.5 smart-upgrade right-now
Function
The smart-upgrade right-now command performs smart upgrade on a device
immediately.
Format
smart-upgrade right-now
Parameters
None
Views
System view
Default Level
3: Management level
Usage Guidelines
When a device figures out that there is a new version available for upgrade on the
HOUP, that is, the Check for new version field displays Upgrade required in the
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 477
NetEngine AR
Command Reference 4 Basic Configurations Commands
display smart-upgrade information command output, you can run the smart-
upgrade right-now command to perform smart upgrade on the device
immediately. The device then obtains the new version file from the HOUP and
starts an upgrade.
Prerequisites
Smart upgrade has been enabled using the smart-upgrade enable command.
Precautions
● After this command is run, the device automatically obtains the version file
from the HOUP and starts an upgrade immediately. During the upgrade,
original upgrade configurations will be deleted, and the current upgrade
configurations are used. In addition, when the device restarts, it automatically
saves and backs up configurations to the file named vrpcfg_auto_backup.zip
or vrpcfg_auto_backup.cfg. However, to avoid unexpected configuration loss,
you are advised to save the current configuration and export the
configuration file in advance.
● After the device obtains the version file, the system prompts the user whether
to restart the device. By default, if the user does not perform any operation
within 30 seconds, the device is automatically restarted.
Example
# Perform smart upgrade immediately.
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] smart-upgrade right-now
Info: Connecting to the smart upgrade platform...Please wait for a few minutes.
Info: Starting to download file AR6000-V300R021C10SPC100.cc
100%
Info: Downloading file AR6000-V300R021C10SPC100.cc succeeded.
smart-upgrade: 155944876 byte(s) received in 433 second(s) 355.71Kbyte(s)/sec.
Info: Starting to download file AR6000-V300R021C10SPC100.cc.asc
Info: Verifying the system software package using the signature file ....................
........
Info: Verification succeeded.
Info: The device needs to be reboot to proceed with the upgrade. Continue? (Y will be selected by default
30 seconds later)(Y/N)[Y]:Y
4.14.6 smart-upgrade time
Function
The smart-upgrade time command configures a scheduled smart upgrade policy.
The undo smart-upgrade time command cancels a scheduled smart upgrade
policy.
By default, no scheduled smart upgrade policy is configured.
Format
smart-upgrade time HH:MM:SS { weekly | monthly | yearly }
undo smart-upgrade time
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 478
NetEngine AR
Command Reference 4 Basic Configurations Commands
Parameters
Parameter Description Value
HH:MM:SS Specifies the upgrade In the parameter:
start time. ● HH specifies the hour.
The value is an
integer in the range
from 0 to 23.
● MM specifies the
minute. The value is
an integer in the
range from 0 to 59.
● SS specifies the
second. The value is
an integer in the
range from 0 to 59.
weekly Upgrades the device at -
an interval of seven days.
The interval starts from
the upgrade time
specified by HH:MM:SS.
monthly Upgrades the device at -
an interval of 30 days.
The interval starts from
the upgrade time
specified by HH:MM:SS.
yearly Upgrades the device at -
an interval of 365 days.
The interval starts from
the upgrade time
specified by HH:MM:SS.
Views
System view
Default Level
2: Configuration level
Usage Guidelines
When a device figures out that there is a new version available for upgrade on the
HOUP, that is, the Check for new version field displays Upgrade required in the
display smart-upgrade information command output, you can run the smart-
upgrade time command to configure a scheduled smart upgrade policy. After the
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 479
NetEngine AR
Command Reference 4 Basic Configurations Commands
configuration is completed, once the specified time arrives, the device is triggered
to obtain the new version file from the HOUP and starts an upgrade.
Prerequisites
Smart upgrade has been enabled using the smart-upgrade enable command.
Precautions
● The HH:MM:SS parameter must be in 24-hour format. If you do not specify
MM:SS, their values are 0. You must enter at least one digit to specify HH. For
example, when you enter 0, the time is 00:00:00.
● After this operation is performed, once the specified time arrives, the device is
triggered to obtain the new version file and starts an upgrade. During the
upgrade, original upgrade configurations will be deleted, and the current
upgrade configurations are used. In addition, when the device restarts, it
automatically saves and backs up configurations to the file named
vrpcfg_auto_backup.zip or vrpcfg_auto_backup.cfg. However, to avoid
unexpected configuration loss, you are advised to save the current
configuration and export the configuration file in advance.
● When an upgrade policy is configured, the time for triggering smart upgrade
depends on the device time. If the configuration is completed, and the device
time is changed and is later than the next automatic upgrade time, smart
upgrade is triggered immediately on the device. During the upgrade, the
device may be automatically restarted multiple times. Exercise caution when
deciding to change the device time. In addition, remember to save the device
configuration in a timely manner.
Example
# Configure the device to be upgraded at an interval of seven days after an
upgrade is triggered at 23:00:00.
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] smart-upgrade time 23:00:00 weekly
Info: Operation succeeded.
4.14.7 smart-upgrade url
Function
The smart-upgrade url command configures the proxy server URL.
The undo smart-upgrade url command cancels the configuration.
By default, the proxy server URL is houp.huawei.com in versions earlier than
V300R021C10SPC100.
By default, the proxy server URL is houp.huawei.cn in V300R021C10SPC100 and
later versions.
Format
smart-upgrade url host
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 480
NetEngine AR
Command Reference 4 Basic Configurations Commands
undo smart-upgrade url
Parameters
Parameter Description Value
host Specifies the proxy server The value is a string of 1
URL. to 128 characters.
Views
System view
Default Level
3: Management level
Usage Guidelines
Usage Scenario
In versions earlier than V300R021C10SPC100:
If the device resides on the intranet and cannot directly connect to the HOUP at
houp.huawei.com, you can run this command to configure the URL of the proxy
server so that the device can connect to the HOUP through the proxy server.
In V300R021C10SPC100 and later versions:
If the device resides on the intranet and cannot directly connect to the HOUP at
houp.huawei.cn, you can run this command to configure the URL of the proxy
server so that the device can connect to the HOUP through the proxy server.
Prerequisites
Smart upgrade has been enabled using the smart-upgrade enable command.
Example
# Configure the proxy server URL.
In versions earlier than V300R021C10SPC100:
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] smart-upgrade url houp.huawei.com
In V300R021C10SPC100 and later versions:
<Huawei> system-view
[Huawei] smart-upgrade enable
Info: Operation succeeded.
[Huawei] smart-upgrade url houp.huawei.cn
Issue 05 (2022-04-22) Copyright © Huawei Technologies Co., Ltd. 481
You might also like
- PowerShell SysAdmin Crash Course: Unlock the Full Potential of PowerShell with Advanced Techniques, Automation, Configuration Management and IntegrationFrom EverandPowerShell SysAdmin Crash Course: Unlock the Full Potential of PowerShell with Advanced Techniques, Automation, Configuration Management and IntegrationNo ratings yet
- Navigator Huawei Optix Osn Equipment Command Line Introduction 20080628 ANo ratings yetNavigator Huawei Optix Osn Equipment Command Line Introduction 20080628 A48 pages
- Navigator Huawei Optix Osn Equipment Command Line Introduction 20080628 A50% (2)Navigator Huawei Optix Osn Equipment Command Line Introduction 20080628 A48 pages
- 01-03 Basic Configurations Commands PDFNo ratings yet01-03 Basic Configurations Commands PDF286 pages
- Navigating The CLI: Huawei Technologies Co., LTDNo ratings yetNavigating The CLI: Huawei Technologies Co., LTD18 pages
- HUAWEI USG6000 Series & NGFW Module V100R001 Administrator Guide 04No ratings yetHUAWEI USG6000 Series & NGFW Module V100R001 Administrator Guide 044,895 pages
- Configuration Guide - Device Management (V200R001C01 - 01) PDFNo ratings yetConfiguration Guide - Device Management (V200R001C01 - 01) PDF99 pages
- Navigating The CLI: Huawei Technologies Co., LTDNo ratings yetNavigating The CLI: Huawei Technologies Co., LTD18 pages
- Configuration Guide - Interface Management (V200R002C00 - 01) PDFNo ratings yetConfiguration Guide - Interface Management (V200R002C00 - 01) PDF70 pages
- Huawei AR200 Series Basic Configuration GuideNo ratings yetHuawei AR200 Series Basic Configuration Guide219 pages
- Huawei Opti OSN Equipment Command Line Introduction: Internal100% (1)Huawei Opti OSN Equipment Command Line Introduction: Internal48 pages
- Training On UNIX Fundamentals V1 (1) .0-20050405-BNo ratings yetTraining On UNIX Fundamentals V1 (1) .0-20050405-B70 pages
- AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 CLI-based Typical Configuration ExamplesNo ratings yetAR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 CLI-based Typical Configuration Examples847 pages
- Configuration Guide - Interface and Data Link (V800R002C01 - 01)No ratings yetConfiguration Guide - Interface and Data Link (V800R002C01 - 01)176 pages
- Nodeb Operation and Mai Ntenance: InternalNo ratings yetNodeb Operation and Mai Ntenance: Internal44 pages
- NE9000 V800R022C00 Configuration Guide 01 Basic ConfigurationNo ratings yetNE9000 V800R022C00 Configuration Guide 01 Basic Configuration408 pages
- Huawei AR Series Access Routers - V200R009 - CLI-based Configuration Guide - Basic ConfigurationNo ratings yetHuawei AR Series Access Routers - V200R009 - CLI-based Configuration Guide - Basic Configuration464 pages
- HP Storageworks: Modular Smart Array 1000 (Msa1000) Command Line InterfaceNo ratings yetHP Storageworks: Modular Smart Array 1000 (Msa1000) Command Line Interface64 pages
- Huawei AR1200 S Series Enterprise RouterNo ratings yetHuawei AR1200 S Series Enterprise Router208 pages
- NE9000 V800R023C00SPC500 Configuration Guide 01 Basic ConfigurationNo ratings yetNE9000 V800R023C00SPC500 Configuration Guide 01 Basic Configuration400 pages
- Huawei Firewall USG5300 Configuring System Parameters100% (1)Huawei Firewall USG5300 Configuring System Parameters4 pages
- Ma5600 Multi Service Access Module Operation and MaintenanceNo ratings yetMa5600 Multi Service Access Module Operation and Maintenance48 pages
- HSS9860 V900R008C20 Data Configuration (IMS-HSS)No ratings yetHSS9860 V900R008C20 Data Configuration (IMS-HSS)69 pages
- RRU5904&RRU5904w&RRU5304&RRU5304w Hardware Description (04) (PDF) - enNo ratings yetRRU5904&RRU5904w&RRU5304&RRU5304w Hardware Description (04) (PDF) - en43 pages
- AR150&160&200&1200&2200&3200 V200R005C00 Configuration Guide - Reliability 01 PDFNo ratings yetAR150&160&200&1200&2200&3200 V200R005C00 Configuration Guide - Reliability 01 PDF276 pages
- Administration Commands: Hscserver /startNo ratings yetAdministration Commands: Hscserver /start36 pages
- Middleware Management with Oracle Enterprise Manager Grid Control 10g R5From EverandMiddleware Management with Oracle Enterprise Manager Grid Control 10g R53/5 (1)
- Mastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeterFrom EverandMastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeterNo ratings yet
- CLP 02.2 Course Title: Microprocessors & Microcontrollers LabNo ratings yetCLP 02.2 Course Title: Microprocessors & Microcontrollers Lab6 pages
- EBU6304 - W2 - Live - Summary - Exercises - Case StudyNo ratings yetEBU6304 - W2 - Live - Summary - Exercises - Case Study17 pages
- PSG Tech PSG tECH, Pythonist 2 pYTHONIST 2No ratings yetPSG Tech PSG tECH, Pythonist 2 pYTHONIST 22 pages
- Hotel Management System: Mini Project ONNo ratings yetHotel Management System: Mini Project ON41 pages
- Fujitsu Lifebook U757 - U747 - U727 User Manual enNo ratings yetFujitsu Lifebook U757 - U747 - U727 User Manual en46 pages
- Cost-Effective and Weight Light Receipt/Label Printer: Key FeaturesNo ratings yetCost-Effective and Weight Light Receipt/Label Printer: Key Features2 pages
- Presented By:: Sartaj Ahmad (207) Zubair KasgarNo ratings yetPresented By:: Sartaj Ahmad (207) Zubair Kasgar12 pages
- PowerShell SysAdmin Crash Course: Unlock the Full Potential of PowerShell with Advanced Techniques, Automation, Configuration Management and IntegrationFrom EverandPowerShell SysAdmin Crash Course: Unlock the Full Potential of PowerShell with Advanced Techniques, Automation, Configuration Management and Integration
- Navigator Huawei Optix Osn Equipment Command Line Introduction 20080628 ANavigator Huawei Optix Osn Equipment Command Line Introduction 20080628 A
- Navigator Huawei Optix Osn Equipment Command Line Introduction 20080628 ANavigator Huawei Optix Osn Equipment Command Line Introduction 20080628 A
- HUAWEI USG6000 Series & NGFW Module V100R001 Administrator Guide 04HUAWEI USG6000 Series & NGFW Module V100R001 Administrator Guide 04
- Configuration Guide - Device Management (V200R001C01 - 01) PDFConfiguration Guide - Device Management (V200R001C01 - 01) PDF
- Configuration Guide - Interface Management (V200R002C00 - 01) PDFConfiguration Guide - Interface Management (V200R002C00 - 01) PDF
- Huawei Opti OSN Equipment Command Line Introduction: InternalHuawei Opti OSN Equipment Command Line Introduction: Internal
- Training On UNIX Fundamentals V1 (1) .0-20050405-BTraining On UNIX Fundamentals V1 (1) .0-20050405-B
- AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 CLI-based Typical Configuration ExamplesAR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 CLI-based Typical Configuration Examples
- Configuration Guide - Interface and Data Link (V800R002C01 - 01)Configuration Guide - Interface and Data Link (V800R002C01 - 01)
- NE9000 V800R022C00 Configuration Guide 01 Basic ConfigurationNE9000 V800R022C00 Configuration Guide 01 Basic Configuration
- Huawei AR Series Access Routers - V200R009 - CLI-based Configuration Guide - Basic ConfigurationHuawei AR Series Access Routers - V200R009 - CLI-based Configuration Guide - Basic Configuration
- HP Storageworks: Modular Smart Array 1000 (Msa1000) Command Line InterfaceHP Storageworks: Modular Smart Array 1000 (Msa1000) Command Line Interface
- Oracle SOA Suite 11g Administrator's HandbookFrom EverandOracle SOA Suite 11g Administrator's Handbook
- NE9000 V800R023C00SPC500 Configuration Guide 01 Basic ConfigurationNE9000 V800R023C00SPC500 Configuration Guide 01 Basic Configuration
- Huawei Firewall USG5300 Configuring System ParametersHuawei Firewall USG5300 Configuring System Parameters
- Ma5600 Multi Service Access Module Operation and MaintenanceMa5600 Multi Service Access Module Operation and Maintenance
- RRU5904&RRU5904w&RRU5304&RRU5304w Hardware Description (04) (PDF) - enRRU5904&RRU5904w&RRU5304&RRU5304w Hardware Description (04) (PDF) - en
- AR150&160&200&1200&2200&3200 V200R005C00 Configuration Guide - Reliability 01 PDFAR150&160&200&1200&2200&3200 V200R005C00 Configuration Guide - Reliability 01 PDF
- Middleware Management with Oracle Enterprise Manager Grid Control 10g R5From EverandMiddleware Management with Oracle Enterprise Manager Grid Control 10g R5
- Mastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeterFrom EverandMastering Go Network Automation: Automating Networks, Container Orchestration, Kubernetes with Puppet, Vegeta and Apache JMeter
- CLP 02.2 Course Title: Microprocessors & Microcontrollers LabCLP 02.2 Course Title: Microprocessors & Microcontrollers Lab
- EBU6304 - W2 - Live - Summary - Exercises - Case StudyEBU6304 - W2 - Live - Summary - Exercises - Case Study
- Fujitsu Lifebook U757 - U747 - U727 User Manual enFujitsu Lifebook U757 - U747 - U727 User Manual en
- Cost-Effective and Weight Light Receipt/Label Printer: Key FeaturesCost-Effective and Weight Light Receipt/Label Printer: Key Features